hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

7750 Commits

Author SHA1 Message Date
Paolo Tranquilli
28806fe5f4 update test results after operand location changes 2021-11-23 15:28:15 +00:00
Paolo Tranquilli
6072ccd81d auto-format 2021-11-23 15:28:15 +00:00
Paolo Tranquilli
0ff9520575 ...and syncing files again 2021-11-23 15:28:15 +00:00
Paolo Tranquilli
b5165e3692 C++: more fine-grained Operand location change 
Only RegisterOperands need the change, with the notable exception of
ThisArgumentOperand.
 2021-11-23 15:28:15 +00:00
Paolo Tranquilli
5202f963dd C++: sync Operand source 2021-11-23 15:28:15 +00:00
Paolo Tranquilli
74c0197544 C++: take IR Operand locations from definitions 
Previously Operand's getLocation would take it from the Operand use.
This lead to slightly confusing query results, where for example an
issue related to a call argument would highlight the function part of
the call instead of the parameter.
 2021-11-23 15:28:15 +00:00
Tom Hvitved
83d204d7a8 Merge pull request #7218 from hvitved/ssa/fix-consistency-tests 
Ruby: Fix SSA consistency tests + CFG bug
 2021-11-23 16:24:41 +01:00
Tom Hvitved
0bd587b395 Shared SSA: Sync files 2021-11-23 13:30:37 +01:00
Mathias Vorreiter Pedersen
672485ae38 Merge branch 'main' into remove-reference-to-as-load 2021-11-23 10:24:17 +00:00
ihsinme
88634b81bf Update IncorrectPrivilegeAssignment.expected 2021-11-23 10:23:20 +03:00
ihsinme
6e8d56f044 Update IncorrectPrivilegeAssignment.ql 2021-11-23 10:22:26 +03:00
ihsinme
70081defdc Update FindIncorrectlyUsedExceptions.expected 2021-11-23 09:56:02 +03:00
ihsinme
62ae702e07 Update FindIncorrectlyUsedExceptions.ql 2021-11-23 09:55:43 +03:00
Mathias Vorreiter Pedersen
21167f4b67 C++: Accept test changes. 2021-11-22 13:04:23 +00:00
Mathias Vorreiter Pedersen
f308be7382 C++: Restore the missing flow. This has a couple of side-effects: First, it gives us some new good flow (yay). Second, it causes some duplication of results that uses 'argv' as a taint source. The duplication isn't very bad, though. And since it is only for paths that start at 'argv', I think we can live with it for now. 2021-11-22 13:04:07 +00:00
Mathias Vorreiter Pedersen
74221f4aba Merge pull request #7209 from geoffw0/experimental-tests 
C++: Move experimental test.
 2021-11-22 13:01:52 +00:00
Geoffrey White
6f2b528a32 C++: Move experimental test. 2021-11-22 11:02:06 +00:00
ihsinme
6d27585b92 Update FindIncorrectlyUsedExceptions.ql 2021-11-19 16:59:00 +03:00
ihsinme
418adb824c Update FindIncorrectlyUsedExceptions.ql 2021-11-19 16:04:04 +03:00
Tom Hvitved
2b2ff7717e Merge pull request #7179 from hvitved/ruby/shared-ssa-consistency 
Ruby: Move SSA consistency queries into shared SSA library
 2021-11-19 13:49:25 +01:00
Tom Hvitved
4068cc9c3a Shared SSA: Sync files 2021-11-19 11:31:28 +01:00
ihsinme
21ab8b0f63 Update IncorrectPrivilegeAssignment.ql 2021-11-19 13:06:08 +03:00
ihsinme
fd73f4094f Update FindIncorrectlyUsedExceptions.ql 2021-11-19 10:54:02 +03:00
ihsinme
6168b15bbc Update cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-11-19 08:56:21 +03:00
Erik Krogh Kristensen
011fc20963 use matches instead of regexpMatch 2021-11-18 15:41:25 +01:00
Mathias Vorreiter Pedersen
c998370c84 C++: Accept more test changes. 2021-11-17 15:22:17 +00:00
Mathias Vorreiter Pedersen
36585a7469 C++: Accept test changes. 2021-11-17 14:41:30 +00:00
Mathias Vorreiter Pedersen
6dc6a78293 C++: Add a 'IteratorByPointer' class so pointers are always iterators. 2021-11-17 14:41:19 +00:00
Geoffrey White
d232283647 Merge pull request #7149 from geoffw0/non-https-url2 
C++: Minor improvements to 'Failure to use HTTPS URLs' query
 2021-11-17 10:05:30 +00:00
Paolo Tranquilli
2ce5b85db4 Merge pull request #7112 from github/redsun82/frontend-update 
c++: update ir tests after frontend update
 2021-11-16 16:30:34 +01:00
Geoffrey White
ea9640a39d C++: Autoformat. 2021-11-16 14:26:42 +00:00
Anders Schack-Mulligen
c70d384d28 Merge pull request #7045 from aschackmull/dataflow/hidden-ret-subpaths 
Data flow: Support hidden return nodes in subpaths predicate
 2021-11-16 15:04:51 +01:00
Paolo Tranquilli
8d3cf7f5aa C++: update ir tests after frontend update 
After updating the frontend new intermediate objects appear in the AST
and raw dumps.
 2021-11-16 13:25:32 +00:00
Geoffrey White
5ef71e6ef3 C++: Add a few more sinks. 2021-11-16 13:02:56 +00:00
Geoffrey White
aafa5762ad C++: Add a CWE tag associated with OWASP A8. 2021-11-16 11:21:25 +00:00
Mathias Vorreiter Pedersen
71c279f537 Merge branch 'main' into use-range-analysis-in-buffer-write 2021-11-16 09:14:02 +00:00
ihsinme
7f0a7bbec9 Update IncorrectPrivilegeAssignment.ql 2021-11-16 10:12:50 +03:00
ihsinme
7832e8572b Update cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.cpp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-11-15 21:08:20 +03:00
ihsinme
0359c381e1 Update cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.cpp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-11-15 21:08:11 +03:00
Mathias Vorreiter Pedersen
3f0bfe1d75 C++: Remove the implicit assumption about the existence of a lower bound implying the existence of an upper bound (and vice veraa). 2021-11-15 13:39:15 +00:00
Mathias Vorreiter Pedersen
63f50a9eb7 C++: Cleanup the case for possibly-negative unsigned values. 2021-11-15 13:31:51 +00:00
ihsinme
c916bed853 Update test1.cpp 2021-11-15 16:29:51 +03:00
Mathias Vorreiter Pedersen
9a9f7943aa C++: Fix bug for exact powers of 10 and accept test changes. 2021-11-15 13:20:45 +00:00
Mathias Vorreiter Pedersen
53884915a5 C++: Add more tests (which demonstrate a couple of bugs in the implementation). 2021-11-15 13:18:30 +00:00
Mathias Vorreiter Pedersen
c2e057def9 Merge pull request #7094 from geoffw0/non-https-url 
C++: New query 'Failure to use HTTPS URLs'
 2021-11-15 10:00:19 +00:00
ihsinme
f102fa1d33 Update IncorrectPrivilegeAssignment.ql 2021-11-14 12:17:01 +03:00
ihsinme
e383e44d36 Update IncorrectPrivilegeAssignment.ql 2021-11-14 11:57:40 +03:00
ihsinme
ea1d18ed60 Update IncorrectPrivilegeAssignment.cpp 2021-11-14 11:36:06 +03:00
ihsinme
99740876cb Add files via upload 2021-11-14 11:28:27 +03:00
Mathias Vorreiter Pedersen
982de28b89 Update cpp/ql/lib/semmle/code/cpp/commons/Printf.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-11-11 13:19:13 +00:00