hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-16 23:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,068 Commits 1,692 Branches 160 Tags
c19085e56e6830c190efd307c271f44851ed06df
Commit Graph

50 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
58832a546a C++: Accept test changes. 2024-04-18 12:33:27 +01:00
Mathias Vorreiter Pedersen
fb9fc14f3d C++: Accept test changes in paths. 2024-04-16 11:09:22 +01:00
Mathias Vorreiter Pedersen
f3a5ce5efc C++: Accept more test changes. 2024-04-13 11:03:15 +01:00
Anders Schack-Mulligen
c355737d30 C++: Update expected output. 2024-04-12 09:20:16 +02:00
Mathias Vorreiter Pedersen
d1c253b519 C++: Accept test changes. 2024-03-13 22:41:32 +00:00
Mathias Vorreiter Pedersen
ab6e2f9364 C++: Accept test regression. 2024-03-12 15:04:49 +00:00
Mathias Vorreiter Pedersen
f97b6e2848 C++: Stop conflating pointers and indirections in the query. 2024-03-11 18:48:19 +00:00
Mathias Vorreiter Pedersen
2eb8d13439 C++: Accept test changes. 2024-03-01 09:25:25 +00:00
Benjamin Rodes
d6b0746b30 The non-constant format query is now a path query. Minor changes to the output alert to be more precise on what is being alerted. Minor changes to the query itself to avoid redundancies with argv. 2024-02-15 12:14:52 -05:00
Benjamin Rodes
9e50fc6893 Updating tests to account for removing const char* heuristic. 2024-02-15 09:54:03 -05:00
Benjamin Rodes
caf2ee27fa Adding false negative tests for future work. 2024-02-15 09:43:26 -05:00
Benjamin Rodes
9fc2405681 Updating non-const source logic and associated tests and expected files. 2024-02-07 13:54:56 -05:00
Benjamin Rodes
80bf38d8cc Initial working draft of non-const source refactor. 2024-02-06 14:20:01 -05:00
Benjamin Rodes
9577c35d85 Incremental update to NonConstantFormat.ql 2024-02-02 16:06:59 -05:00
Jeroen Ketema
6566b91355 C++: Add indication that the test result is good 2023-08-22 16:38:46 +02:00
Jeroen Ketema
1e8daff02a C++: Add cpp/non-constant-format test 2023-08-22 16:23:47 +02:00
Mathias Vorreiter Pedersen
fd2f0257b6 C++: Accept query changes. 2023-04-28 10:25:12 +01:00
Jeroen Ketema
9e462866a0 C++: Update test annotations for use-use dataflow 2023-02-14 14:48:08 +01:00
Mathias Vorreiter Pedersen
45f69be94c C++: Accept test changes 2022-12-16 14:14:58 +00:00
Jeroen Ketema
80ef3b39ff Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-10-31 18:26:34 +01:00
Jeroen Ketema
b43cbf7f95 Update cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/test.cpp 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-10-31 17:03:29 +01:00
Jeroen Ketema
abe9258943 C++: Add strcpy test for cpp/non-constant-format 2022-10-31 15:29:17 +01:00
Jeroen Ketema
83afc2a0ad C++: Add strcpy prototype to test 2022-10-31 15:25:35 +01:00
Mathias Vorreiter Pedersen
e7b0536896 C++: Repair 'cpp/non-constant-format' in preparation for IR-based use-use dataflow. 2022-10-14 15:26:25 +02:00
Mathias Vorreiter Pedersen
4c5953fce0 C++: Accept query-test changes. 2022-10-14 10:14:52 +02:00
Geoffrey White
8198b96eb2 C++: Add test cases. 2020-10-20 15:33:57 +01:00
Geoffrey White
540af7866c C++: Test spacing. 2020-10-20 15:23:15 +01:00
Geoffrey White
b4fb98dc7c CPP: Fix comments. 2019-11-08 15:10:13 +00:00
Geoffrey White
cd3bccf73a CPP: Fix FPs. 2019-11-08 15:09:46 +00:00
Geoffrey White
1cf4449314 CPP: Test for NonConstantFormat with multiple definitons. 2019-11-08 15:09:45 +00:00
Jonas Jensen
cace411974 C++: NonConstantFormat taint only for string types 
To speed up the taint analysis in `NonConstantFormat.ql` and to remove
FPs that were due to taint spreading from `i` to `a[i]`, this commit
stops the taint tracking in `NonConstantFormat.ql` at every node that
could not possibly contain a string.

I tested performance on Wireshark, and it's fine. Pulling out the
`isSanitizerNode` prevented `isSanitizer` from turning into four
half-slow RA predicates due to both CPE and `#antijoin_rhs`
transformations happening.
 2019-06-20 15:39:47 +02:00
Jonas Jensen
e99c68885c C++: Demonstrate ArrayExpr FP 2019-06-20 14:00:42 +02:00
Ziemowit Laski
88a39d9454 [CPP-370] Fix up // GOOD and // BAD test annotations so that they're consistent. 2019-06-12 12:56:11 -07:00
Ziemowit Laski
0f5a4a7089 [CPP-370] Improve handling of _ macros by using taint sanitizers. 2019-06-10 15:50:53 -07:00
Ziemowit Laski
8f79cdb1fb [CPP-370] Add an additional test case. 2019-06-04 16:19:01 -07:00
Ziemowit Laski
46b6eac955 [CPP-370] An .expected file is mismatched again. Not sure why 
this is happening.
 2019-05-22 09:08:44 -07:00
Ziemowit Laski
ae55b7b643 [CPP-370] Add new test file for testing procedurally nested format 
argument violations.
 2019-05-21 07:08:13 -07:00
Ziemowit Laski
92054e2481 [CPP-370] Reformat test cases so that the .expect files line up with what was 
checked in initially.  Check for DataFlow::DefinitionByReferenceNode
          when computing isSource() for our taint analysis.
 2019-05-21 06:54:41 -07:00
Ziemowit Laski
098b6543f5 [CPP-370] Rewrite of NonConstantFormat.ql using the taint tracking library. 2019-05-21 06:51:47 -07:00
Ziemowit Laski
d8b8dda439 [CPP-370] First attempt at isAdditionalFlowStep(). 2019-05-21 06:45:52 -07:00
Ziemowit Laski
dbec17f85b [CPP-370] Tentative implementation of NonConstantFormat.ql using the global 
DataFlow library.  This is intended solely for further discussion.
 2019-05-21 06:23:51 -07:00
Ziemowit Laski
6025c03857 [CPP-370] Add nested.cpp test case, for nested calls to ...printf functions. 2019-05-21 06:21:12 -07:00
Ziemowit Laski
b205951e6d [CPP-370] Reformat test cases so that the .expect files line up with what was 
checked in initially.  Check for DataFlow::DefinitionByReferenceNode
          when computing isSource() for our taint analysis.
 2019-05-21 06:18:31 -07:00
Ziemowit Laski
ed67c9fd5a [CPP-370] Rewrite of NonConstantFormat.ql using the taint tracking library. 2019-05-21 06:18:31 -07:00
Ziemowit Laski
fae55d5493 [CPP-370] First attempt at isAdditionalFlowStep(). 2019-05-21 06:18:30 -07:00
Ziemowit Laski
775861c386 [CPP-370] Minor textual tweaks. 2019-05-21 06:18:30 -07:00
Ziemowit Laski
de10598dd6 [CPP-370] NonConstantFormat.expected changed for some reason. 2019-05-21 06:18:30 -07:00
Ziemowit Laski
ffddc5bff6 [CPP-370] Update the NonConstantFormat.expected result template. 2019-05-21 06:18:30 -07:00
Ziemowit Laski
0c86d4c112 [CPP-370] Tentative implementation of NonConstantFormat.ql using the global 
DataFlow library.  This is intended solely for further discussion.
 2019-05-21 06:18:30 -07:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00