hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

7750 Commits

Author SHA1 Message Date
Geoffrey White
97fef4b3a5 C++: Switch strategy to nomagic. 2022-03-21 12:58:06 +00:00
Geoffrey White
7f825c12eb C++: Make getUnderlyingType 'nomagic'. 2022-03-21 11:12:18 +00:00
Jeroen Ketema
e05227d3fe C++: Add change note for the cpp/command-line-injection changes 2022-03-21 11:30:39 +01:00
Jeroen Ketema
8b4c42dd07 C++: Add cpp/command-line-injection test using a wrapper macro 2022-03-21 11:19:54 +01:00
ihsinme
151c93f502 Update DangerousUseOfExceptionBlocks.cpp 2022-03-21 09:52:14 +03:00
ihsinme
22cf3f7b20 Update test.cpp 2022-03-21 09:50:30 +03:00
Jeroen Ketema
f8198c3123 C++: Use flow states in cpp/command-line-injection 2022-03-18 20:06:45 +01:00
Jeroen Ketema
d37ef1b5ca C++: Add command line injection test that currently results in a false positive 2022-03-18 16:12:09 +01:00
Jeroen Ketema
459870ac1e C++: Add additional command line injection tests 2022-03-18 13:42:27 +01:00
Geoffrey White
ff3bedcab9 C++: Fix expensive getWideCharType(). 2022-03-17 14:41:57 +00:00
Tom Hvitved
79ea2a3a9c Data flow: Sync files 2022-03-17 14:03:58 +01:00
4B5F5F4B
d4c7314484 Delete cve-2016-6480.ql 
commit by mistake
 2022-03-17 09:49:28 +08:00
Dave Bartolomeo
606e015afb Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 13:07:35 -04:00
Dave Bartolomeo
e275ab3951 Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 13:07:15 -04:00
Dave Bartolomeo
6adc11b10e Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 13:07:08 -04:00
Dave Bartolomeo
b36281dd8c Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 13:07:02 -04:00
Dave Bartolomeo
db4963ada0 Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 13:06:54 -04:00
Jeroen Ketema
7a9a9d833a Merge pull request #8435 from jketema/all-the-barriers 
Add flow state versions of isBarrierIn, isBarrierOut, and isBarrierGuard
 2022-03-16 15:50:19 +01:00
Dave Bartolomeo
571c034549 Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 10:14:45 -04:00
Dave Bartolomeo
e669ffa22e Merge pull request #8320 from jketema/structured-binding-array 
C++: Handle initialization of structured bindings via bitwise copy in extractor
 2022-03-16 09:41:31 -04:00
Geoffrey White
95a63a69a5 Merge branch 'main' into cwe497b 2022-03-16 11:09:46 +00:00
Paul1nh0
85b22647ac Add query for double-fetch vulnerability 2022-03-16 18:16:49 +08:00
4B5F5F4B
2a29c201ff Merge branch 'github:main' into main 2022-03-16 18:06:16 +08:00
4B5F5F4B
baf1c8d76b Create cve-2016-6480.ql 2022-03-16 17:49:05 +08:00
ihsinme
ccbb4434de Update DangerousUseOfExceptionBlocks.expected 2022-03-16 09:54:35 +03:00
ihsinme
cd561dd19c Update test.cpp 2022-03-16 09:53:45 +03:00
ihsinme
2959150198 Update DangerousUseOfExceptionBlocks.ql 2022-03-16 09:30:38 +03:00
Jeroen Ketema
d51cbe2525 C++: Update IR tests for handling of bitwise copy with explicit source 2022-03-15 23:22:37 +01:00
Jeroen Ketema
8be02b164c C++: Add IR tests exposing incorrect translation due to unhandled bitwise copy 
These tests are in addition to exisiting tests involving default copy
constructors, which suffer from the same problem, i.e., the extractor not
handling bitwise copies.
 2022-03-15 23:22:37 +01:00
Jeroen Ketema
2894bb0933 C++: Use correct change note file name format 2022-03-15 23:21:14 +01:00
Jeroen Ketema
638b2cac04 C++: Add change note on _Noreturn/noreturn in C11 2022-03-15 23:21:14 +01:00
Jeroen Ketema
1a1c34e1be C++: Handle C11 _Noreturn in DefaultOptions 2022-03-15 23:21:14 +01:00
Geoffrey White
92d748e006 C++: Fix ODR/dbcheck issue in test. 2022-03-15 20:00:19 +00:00
Dave Bartolomeo
7359e3253d Fix reference to deprecated predicate 2022-03-15 15:59:35 -04:00
Dave Bartolomeo
62553ab089 Merge remote-tracking branch 'upstream/main' into semantic-scratch 2022-03-15 15:53:50 -04:00
Erik Krogh Kristensen
b45f56ac08 Merge pull request #8431 from erik-krogh/deadCode 
Delete dead code
 2022-03-15 20:09:06 +01:00
Dave Bartolomeo
f22c91b762 Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-15 15:01:32 -04:00
Dave Bartolomeo
c8a0a86354 Fix Code Scanning warning 2022-03-15 14:53:43 -04:00
Dave Bartolomeo
7623b3d04d Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/SemanticType.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-15 14:49:20 -04:00
Dave Bartolomeo
ea9a5b782c Don't bother hiding toString() and getLocation() 2022-03-15 14:47:26 -04:00
Mathias Vorreiter Pedersen
57922f56ee Merge pull request #8424 from ihsinme/ihsinme-patch-fix077 
Detection reduction on request
 2022-03-15 16:17:47 +00:00
Mathias Vorreiter Pedersen
05758181bb Merge pull request #7884 from rdmarsh2/rdmarsh2/template-implicit-copy-constructor 
C++: fix hasImplicitCopyConstructor for templates
 2022-03-15 15:32:05 +00:00
Geoffrey White
46f3f28a11 C++: Fix broken merge. 2022-03-15 14:53:25 +00:00
Geoffrey White
71e0da738d Merge branch 'main' into cwe497b 2022-03-15 13:29:32 +00:00
Mathias Vorreiter Pedersen
9f014be7c7 Merge pull request #8447 from MathiasVP/add-missing-security-severity 
C++: Add missing `security-severity` tags
 2022-03-15 11:29:28 +00:00
Geoffrey White
28315df405 Merge branch 'main' into cwe497b 2022-03-15 11:23:00 +00:00
Jeroen Ketema
157a36bc4f Use node variable in all disjuncts 2022-03-15 11:55:35 +01:00
Jeroen Ketema
9a0e94f389 Add flow state versions of isBarrierIn, isBarrierOut, and isBarrierGuard 2022-03-15 11:55:34 +01:00
Mathias Vorreiter Pedersen
7337ebd569 C++: Add missing 'security-severity' tags. 2022-03-15 10:54:36 +00:00
Dave Bartolomeo
c9fbf83c1c Working range analysis for C++ 2022-03-15 06:02:54 -04:00