hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

3350 Commits

Author SHA1 Message Date
Jonas Jensen
984405be2e C++ IR: Change many uses of getAnyDef to getDef 
This changes all the getters on `Instruction` to use `getDef` instead of
`getAnyDef`, with the result that these getters now only have a result
if the definition is exact.

This is a backwards-INCOMPATIBLE change.
 2019-07-03 11:04:57 +02:00
Jonas Jensen
206a96df94 C++ IR: Rename getters for def/use on Operand 
This renames `getDefinitionInstruction` to `getAnyDef`, reflecting that
it includes definitions without exact overlap. It renames
`getUseInstruction` to `getUse` for consistency.

    perl -p -i -e 's/\bgetUseInstruction\b/getUse/g; s/\bgetDefinitionInstruction\b/getAnyDef/g' \
      cpp/ql/src/semmle/code/cpp/ir/**/*.ql* \
      cpp/ql/test/**/*.ql* \
      cpp/ql/src/semmle/code/cpp/rangeanalysis/**/*.ql*
 2019-07-03 10:06:48 +02:00
Jonas Jensen
757ec97e7a Merge pull request #1251 from zlaski-semmle/zlaski/cpp370 
[CPP-370] Non-constant `format` arguments to `printf` and friends
 2019-07-01 14:43:19 +02:00
Geoffrey White
95ab8cc706 CPP: Add a test of More64BitWaste.ql. 2019-06-27 17:14:46 +01:00
Geoffrey White
5e328908a0 CPP: Modify violation message of NonPortablePrintf.ql for consistency with WrongTypeFormatArguments.ql. 2019-06-27 17:11:37 +01:00
Geoffrey White
5cef0e21c6 CPP: Add a test of NonPortablePrintf.ql. 2019-06-27 16:51:07 +01:00
Geoffrey White
a7fb2e1261 CPP: More test cases for ArithmeticWithExtremeValues. 2019-06-26 15:38:23 +01:00
Geoffrey White
f8655b1664 CPP: Add a test that uses Function.getAThrownType() and Function.isNoThrow(). 2019-06-26 15:20:46 +01:00
Geoffrey White
e237507208 CPP: Add a reference to the ReturnConstType tests. 2019-06-26 15:20:46 +01:00
Geoffrey White
627fba81ce CPP: Improve wording of UnsafeArrayForDAysOfYear.ql. 2019-06-25 14:42:18 +01:00
Jonas Jensen
d2f8029625 Merge pull request #1492 from geoffw0/exprnoeffectweak 
CPP: Fix for 'Expression has no effect' on calls to weak functions
 2019-06-25 10:58:28 +02:00
Jonas Jensen
de65dc5501 Merge pull request #1490 from geoffw0/leapyeararith 
CPP: Improvements to LeapYear.qll
 2019-06-25 10:46:12 +02:00
Geoffrey White
9a0645ac0b CPP: Calls to weak functions should be considered impure. 2019-06-24 22:04:12 +01:00
Geoffrey White
aee2af7ca1 CPP: Add a test of ExprHasNoEffect.ql with a call to a 'weak' function. 2019-06-24 22:01:46 +01:00
Geoffrey White
69533a7fd3 CPP: Clean up duplication in Adding365DaysPerYear.ql. 2019-06-24 15:18:29 +01:00
Geoffrey White
7fca220eda CPP: Fix UncheckedLeapYearAfterYearModification FPs. 2019-06-24 11:21:48 +01:00
Geoffrey White
cff3f9bdaf CPP: Add another test case based on a real world case. 2019-06-21 17:43:17 +01:00
Geoffrey White
b1f6294083 CPP: Add a test case where a date is created. 2019-06-21 14:32:44 +01:00
Geoffrey White
09b33bc1a7 CPP: Adjust file name case for consistency. 2019-06-21 12:53:04 +01:00
Geoffrey White
1a7269b206 CPP: Rename the test subdirectories. 2019-06-21 12:51:25 +01:00
Jonas Jensen
cace411974 C++: NonConstantFormat taint only for string types 
To speed up the taint analysis in `NonConstantFormat.ql` and to remove
FPs that were due to taint spreading from `i` to `a[i]`, this commit
stops the taint tracking in `NonConstantFormat.ql` at every node that
could not possibly contain a string.

I tested performance on Wireshark, and it's fine. Pulling out the
`isSanitizerNode` prevented `isSanitizer` from turning into four
half-slow RA predicates due to both CPE and `#antijoin_rhs`
transformations happening.
 2019-06-20 15:39:47 +02:00
Jonas Jensen
e99c68885c C++: Demonstrate ArrayExpr FP 2019-06-20 14:00:42 +02:00
Jonas Jensen
ad337de6ce Merge branch 'master' into taintedallocfp 2019-06-19 15:35:09 +02:00
Jonas Jensen
53d4b2dfc9 Merge pull request #1365 from geoffw0/uninit 
CPP: Fix for the 'LoopConditionAlwaysTrueUponEntry' logic
 2019-06-19 11:01:57 +02:00
Geoffrey White
ef3ceb5910 CPP: Don't use getFollowingStmt. 2019-06-18 15:56:22 +01:00
Geoffrey White
536adaae7f CPP: Additional test cases. 2019-06-18 15:56:22 +01:00
Geoffrey White
52b68a77bd CPP: Remove commented out code. 2019-06-18 15:56:22 +01:00
Geoffrey White
56adcff2c9 CPP: Fix for LocalScopeReachability. 2019-06-18 15:56:22 +01:00
Geoffrey White
f4b4ddbdaf CPP: Add a test examining the LoopEntryConditionEvaluator on this code. 2019-06-18 15:56:22 +01:00
Geoffrey White
12bbb0755f CPP: Additional test cases. 2019-06-18 15:56:22 +01:00
Geoffrey White
83ec5f1ae9 Merge pull request #1354 from denislevin/denisl/cpp/MishandlingJapaneseDatesAndLeapYear 
C++: Mishandling Japanese Era and Leap Year in calculations
 2019-06-18 09:26:35 +01:00
Denis Levin
7ff8fcd50e Some more typo fixes and a fix to test files 2019-06-13 17:16:30 -07:00
Ziemowit Laski
88a39d9454 [CPP-370] Fix up // GOOD and // BAD test annotations so that they're consistent. 2019-06-12 12:56:11 -07:00
Ziemowit Laski
0f5a4a7089 [CPP-370] Improve handling of _ macros by using taint sanitizers. 2019-06-10 15:50:53 -07:00
Geoffrey White
a842ed56cf CPP: Integrate and produce full results. 2019-06-10 15:33:12 +01:00
Geoffrey White
e143870b65 CPP: Pavel's sketch implementation. 2019-06-10 15:33:12 +01:00
Geoffrey White
2f36d81137 CPP: Add cases for fields. 2019-06-10 15:07:52 +01:00
Geoffrey White
d3f98a5a74 CPP: Create a direct test of Variable.getAnAssignedValue(). 2019-06-10 14:33:14 +01:00
Geoffrey White
3deff9c578 CPP: Fix in dataflow. 2019-06-10 12:01:14 +01:00
Geoffrey White
d51f870053 CPP: Add test cases. 2019-06-10 12:01:13 +01:00
Ian Lynagh
03f555dda5 C++: Update test output following QLCFG changes 2019-06-07 14:00:52 +01:00
Ziemowit Laski
8f79cdb1fb [CPP-370] Add an additional test case. 2019-06-04 16:19:01 -07:00
Ziemowit Laski
d86557cfcb Adjust .expected output. 2019-06-04 12:57:43 -07:00
zlaski-semmle
51e543a41d Merge branch 'master' into zlaski/cpp370 2019-06-04 09:47:30 -07:00
semmle-qlci
79406f8387 Merge pull request #987 from rdmarsh2/rdmarsh/cpp/ir-asm-stmt 
Approved by dave-bartolomeo
 2019-06-03 07:03:28 +01:00
Robert Marsh
4371d02a1f C++: accept SignAnalysis.expected 2019-05-31 13:35:05 -07:00
Robert Marsh
5dd8c9cd4e C++: revert InlineAsm subclassing SideEffectOpcode 2019-05-31 13:28:26 -07:00
Robert Marsh
2770b2a9b9 C++: respond to PR comments 2019-05-31 13:19:40 -07:00
Robert Marsh
98d6f5919f C++: Treat asmStmt operands as input/output in IR 2019-05-31 12:51:44 -07:00
Robert Marsh
66d1efdb97 C++: respond to PR comments 2019-05-31 12:42:04 -07:00