4175 Commits

Author	SHA1	Message	Date
Jonas Jensen	24947f27b4	Merge pull request #4750 from geoffw0/modelclasses ... C++: Model classes in StdString.qll.	2021-01-19 12:51:30 +01:00
Geoffrey White	cff56350e0	C++: Fix getClassAndName parameter name.	2021-01-19 10:34:25 +00:00
Geoffrey White	b4a5346dc3	C++: It turns out .getTemplate() is not necessary.	2021-01-19 08:46:53 +00:00
Geoffrey White	f8a1fb1c35	C++: Apply the new pattern where it doesn't matter for performance as well, for consistency.	2021-01-19 08:46:53 +00:00
Geoffrey White	bfef1a200e	C++: Apply the new pattern in other parts of StdString.qll where it matters.	2021-01-19 08:46:53 +00:00
Geoffrey White	b8e6ad8922	C++: Introduce new predicate for better performance in models.	2021-01-19 08:46:52 +00:00
Geoffrey White	a5632b272e	C++: Fix performance issue in hasTaintFlow / hasDataFlow.	2021-01-19 08:46:52 +00:00
Geoffrey White	15089c4117	Merge branch 'main' into modelclasses	2021-01-14 15:57:02 +00:00
Geoffrey White	7012bc05a2	C++: Simplification.	2021-01-14 15:21:26 +00:00
Geoffrey White	54bd36def2	C++: Correct QLDoc comments.	2021-01-14 15:20:29 +00:00
Geoffrey White	13d0efe96d	C++: Change to more natural expressions without use of weird predicates or 'any'. The classes for string objects now match instantiations directly rather than the template.	2021-01-14 15:02:51 +00:00
Mathias Vorreiter Pedersen	3468593d3a	Merge pull request #4915 from geoffw0/sqltaint ... C++: Fix FPs in cpp/sql-injection	2021-01-14 11:20:08 +01:00
Geoffrey White	69664535b0	Merge pull request #4881 from ihsinme/main ... CPP: Add query for CWE-401 memory leak on unsuccessful call to realloc function	2021-01-13 10:58:09 +00:00
ihsinme	d7a5e61f8e	Delete CompilerRemovalOfCodeToClearBuffers.qhelp ... sorry i was in a hurry	2021-01-11 23:50:47 +03:00
ihsinme	c38cfcb735	Delete CompilerRemovalOfCodeToClearBuffers.ql ... sorry i was in a hurry	2021-01-11 23:50:19 +03:00
ihsinme	65ff526eef	Delete CompilerRemovalOfCodeToClearBuffers.c ... sorry i was in a hurry	2021-01-11 23:49:53 +03:00
ihsinme	b185a33157	Add files via upload	2021-01-11 23:39:02 +03:00
Geoffrey White	7409dd015e	C++: Autoformat.	2021-01-11 18:58:32 +00:00
ihsinme	b28444b55c	Update MemoryLeakOnFailedCallToRealloc.ql ... I thought since there is no work on this PR, I will delete the residual import.	2021-01-11 21:17:49 +03:00
Geoffrey White	cf1d1dc5c0	C++: Remove old tags.	2021-01-11 09:31:06 +00:00
Geoffrey White	70ce5fde75	C++: Improve metadata for GlobalNamespaceClasses.ql.	2021-01-08 18:27:06 +00:00
Geoffrey White	a6937beee3	Merge branch 'main' into sqltaint	2021-01-08 17:27:43 +00:00
Geoffrey White	7f0209f72e	Merge branch 'main' into modelclasses	2021-01-08 17:11:25 +00:00
Mathias Vorreiter Pedersen	13a67c906e	Merge pull request #4810 from geoffw0/multtoalloc ... C++: Query for multiplications used in allocations.	2021-01-07 13:48:58 +01:00
ihsinme	2d6dafc6be	Update MemoryLeakOnFailedCallToRealloc.ql	2021-01-07 15:44:50 +03:00
ihsinme	abdeaabd77	Update MemoryLeakOnFailedCallToRealloc.ql	2021-01-06 22:46:03 +03:00
ihsinme	2b8227e04d	Update cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2021-01-06 22:23:46 +03:00
ihsinme	f7eb328f76	Update cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.qhelp ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2021-01-06 22:18:14 +03:00
ihsinme	d7f31ca1a0	Update cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.qhelp ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2021-01-06 22:17:26 +03:00
Geoffrey White	b5bcbd303e	C++: Cleaner solution.	2021-01-06 18:22:31 +00:00
Geoffrey White	18890c4a77	C++: Use isAdditionalBarrier in the SqlTainted query.	2021-01-05 11:33:39 +00:00
Geoffrey White	69efe7a72a	C++: Add isAdditionalBarrier to DefaultTaintTracking.	2021-01-05 11:32:43 +00:00
Mathias Vorreiter Pedersen	134982c5a9	C++: Respond to review comments.	2021-01-04 09:06:58 +01:00
Mathias Vorreiter Pedersen	454605b7b1	C++: Fix join order in getAnOverload.	2020-12-30 10:34:26 +01:00
ihsinme	cd7c47ea39	Add files via upload	2020-12-26 20:43:25 +03:00
Mathias Vorreiter Pedersen	4f07474b62	C++: Also allow custom sources in taintedWithoutGlobals	2020-12-21 19:55:47 +01:00
Mathias Vorreiter Pedersen	f4f96fe257	C++: Use isSource in queries. These were the only queries that restrict the source after dataflow terminates.	2020-12-21 16:35:35 +01:00
Mathias Vorreiter Pedersen	0e84c638b6	C++: Add isSource to AdjustedConfiguration	2020-12-21 16:34:22 +01:00
Mathias Vorreiter Pedersen	b5102043b1	Fix comments.	2020-12-18 14:19:02 +01:00
Mathias Vorreiter Pedersen	f5e4725642	C++: Propagate flow from instruction's to non-exact operands for arrays and unions, and accept test changes.	2020-12-18 13:54:34 +01:00
Mathias Vorreiter Pedersen	2bf8e47932	Merge branch 'main' into default-taint-tracking-operand-instruction-interleaving	2020-12-18 11:59:10 +01:00
Mathias Vorreiter Pedersen	7ccd48e53c	Make DefaultTaintTracking do operand->instruction->operand interleaving like DataFlowUtil.	2020-12-18 11:57:16 +01:00
Geoffrey White	dc4ca9b1b9	C++: Add qhelp and example.	2020-12-18 10:10:05 +00:00
Jonas Jensen	fd7dec7f20	Merge pull request #4824 from geoffw0/modelchanges5 ... C++: Add cases in the Allocation model.	2020-12-18 09:16:01 +01:00
Geoffrey White	fda531da49	C++: Add query precision.	2020-12-17 14:31:43 +00:00
Geoffrey White	136fa01b87	C++: Query headers (apart from precison - needs more research).	2020-12-16 16:24:10 +00:00
Geoffrey White	1e3535754b	C++: Violation message.	2020-12-16 16:13:02 +00:00
Geoffrey White	c89f7d824b	C++: Back out support for SysAllocString. It turns out supporting all of the SysAlloc stuff is beyond our current models, supporting just SysFreeString as we do is OK.	2020-12-16 15:08:53 +00:00
Jonas Jensen	406cc64dcc	Merge pull request #4831 from geoffw0/printfunknown ... C++: Fix Printf.qll specsAreKnown	2020-12-16 10:56:56 +01:00
Geoffrey White	93dfeac3c8	C++: Make specsAreKnown more accurate.	2020-12-15 17:43:28 +00:00