hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-18 00:44:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,825 Commits 1,679 Branches 158 Tags
c883ce8a5e0be00fdd591fda07f552462294868d
Commit Graph

189 Commits

Author SHA1 Message Date
Alexander Eyers-Taylor
c883ce8a5e Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-12-11 13:50:35 +00:00
Alex Eyers-Taylor
da5c2d9bad CPP: Use guard libraries to find equalities with zero. 2023-12-08 13:30:30 +00:00
Alexander Eyers-Taylor
2e92689810 CPP: Apply suggestions from code review of incorrect scanf check 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-04 18:32:03 +00:00
Alex Eyers-Taylor
f3f53570a4 CPP: Fix metadata and add a change-note. 2023-12-04 12:19:31 +00:00
Alex Eyers-Taylor
3e9aeac004 CPP: Fix sscanf false positives in older linux repos 2023-11-28 12:07:05 +00:00
Alex Eyers-Taylor
9eb5b23f54 CPP: Fix query formatting 2023-11-27 15:55:44 +00:00
Alex Eyers-Taylor
12e24a2b44 CPP: Exclude incorrect scanf checks from missing scanf checks 2023-11-24 16:57:59 +00:00
Alex Eyers-Taylor
f48e8b6062 CPP: Add query for detecteing incorrect error checking for scanf 2023-11-24 14:53:10 +00:00
Mathias Vorreiter Pedersen
7084dc1a88 C++: Promote 'cpp/use-after-free' and 'cpp/double-free' to Code Scanning. 2023-10-03 09:22:47 +02:00
Alex Eyers-Taylor
6b0ae0f312 CPP: Remove unned argument from use-after-free 2023-09-28 17:53:32 +01:00
Alex Eyers-Taylor
d0849311a6 CPP: Fix use after free FPs by elimnatiing freeing nodes rather than freeing expressions. 2023-09-20 18:47:57 +01:00
Mathias Vorreiter Pedersen
71fe6f5d4b C++: Use fully converted expressions in 'cpp/use-after-free' and 'cpp/double-free'. 2023-09-12 19:28:57 +01:00
Jeroen Ketema
0c0720a962 C++: Improve use-after-free example code 
* Remove the mismatch between `new` and `free` and use `delete` instead
* Make the function `void`, so people copying the code will not forget
  to add a `return`.
* Balance out the `...` for omitted code.
 2023-08-03 11:06:15 +02:00
Jeroen Ketema
52ab215560 C++/Swift: Remove none() dataflow configuration predicates 
These now have default implementations that are also `none()`
 2023-07-12 23:49:29 +02:00
Mathias Vorreiter Pedersen
93f1a3bdb9 C++: Fix join in 'isUse'. 2023-07-05 15:24:40 +01:00
Kasper Svendsen
c46898cb75 C++: Make implicit this receivers explicit 2023-05-09 15:35:54 +02:00
Mathias Vorreiter Pedersen
61aba4683f C++: Fix bad self-join in 'cpp/use-after-free'. 
Before:
```ql
[2023-04-18 09:17:24] Evaluated non-recursive predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs_project#Instruction#577b6a83::Initia__#loop_invariant_prefix@ae046923 in 3903ms (size: 130544).
Evaluated relational algebra for predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs_project#Instruction#577b6a83::Initia__#loop_invariant_prefix@ae046923 with tuple counts:
        533787724  ~0%    {2} r1 = JOIN ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs WITH ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
           130544  ~0%    {2} r2 = JOIN r1 WITH project#Instruction#577b6a83::InitializeParameterInstruction#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.0
                          return r2
```

After:
```ql
[2023-04-18 10:09:34] Evaluated non-recursive predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_project#Instruction#577b6a83::InitializeParamete__#loop_invariant_prefix@eb90a6fk in 2ms (size: 18380).
Evaluated relational algebra for predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_project#Instruction#577b6a83::InitializeParamete__#loop_invariant_prefix@eb90a6fk with tuple counts:
        18380  ~0%    {2} r1 = JOIN ValueNumberingInternal#c9f42560::tvalueNumber#1#ff WITH project#Instruction#577b6a83::InitializeParameterInstruction#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.0
                      return r1
```
 2023-04-18 10:14:45 +01:00
Mathias Vorreiter Pedersen
d975ceb648 Merge pull request #12818 from MathiasVP/dataflow-for-missing-scanf-qery 
C++: Use the new dataflow library in `cpp/missing-check-scanf`
 2023-04-17 14:34:11 +01:00
Mathias Vorreiter Pedersen
fa5ed04286 Update cpp/ql/src/Critical/DoubleFree.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-04-17 07:40:01 +01:00
Mathias Vorreiter Pedersen
dba46bd324 Update cpp/ql/src/Critical/DoubleFree.ql 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-04-17 07:38:30 +01:00
Mathias Vorreiter Pedersen
0db05fe4fa C++: Use the new dataflow library in the 'missing scanf' query. 2023-04-13 14:51:08 +01:00
Mathias Vorreiter Pedersen
40dde93beb C++: Fix FP and accept test changes. 2023-04-13 11:00:08 +01:00
Mathias Vorreiter Pedersen
23a7cd943f C++: Fix missing result and accept test changes. 2023-04-13 10:50:46 +01:00
Mathias Vorreiter Pedersen
d304022685 C++: Add QLDoc to 'isExcludeFreePair'. 2023-04-13 10:15:23 +01:00
Mathias Vorreiter Pedersen
e0aeea058e C++: Fix qhelp for double-free. 2023-04-13 10:10:42 +01:00
Mathias Vorreiter Pedersen
ba4e3ae949 Update cpp/ql/src/Critical/FlowAfterFree.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-04-12 16:50:57 +01:00
Mathias Vorreiter Pedersen
49cceb2901 C++: Fix joins. 2023-04-12 09:58:24 +01:00
Mathias Vorreiter Pedersen
725004a6fe C++: Modernize use-after-free query using dataflow. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
fb2ec15dad C++: Add double-free query documentation. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
cc12e74c23 C++: Add double-free query. 2023-04-11 14:44:15 +01:00
Mathias Vorreiter Pedersen
dfe00ffe4b C++: Add a flow-after-free library. 2023-04-11 14:40:17 +01:00
Anders Schack-Mulligen
72415c7c2c C++: Rename references. 2023-03-23 13:06:19 +01:00
Mathias Vorreiter Pedersen
40cc2e7891 C++: Also exclude unevaluated buffers in 'OverflowStatic'. 2023-03-21 09:53:39 +00:00
Jeroen Ketema
fb57914751 C++: Convert a number of data flow based queries to use ConfigSig 2023-03-07 18:21:52 +01:00
Mathias Vorreiter Pedersen
354a12c906 C++: Fix queries. Since there's no longer indirect -> direct flow in 
taint-tracking we need to make sure the affected sink definitions also
handle indirect flow.
 2023-02-27 14:57:36 +00:00
Jeroen Ketema
ecdeb9a970 C++: Revert semmle.code.cpp.dataflow to its old state 
While here make sure all queries and tests use IR dataflow when appropriate.
 2023-02-10 14:21:44 +01:00
Nora Dimitrijević
1df0be3ca2 C++: Fix join order in cpp/missing-check-scanf 
The issues were:
* `revFlow`: `revFlow` joins `fwdFlow` on `vn`.
* `Node.getASuccessor()`: `MkNode` self-join on `vn`.
* `hasFlow/5`: `MkNode` self-join on `vn`.
 2023-02-01 16:29:43 +01:00
Mathias Vorreiter Pedersen
6e6f2115c0 Merge pull request #11857 from MathiasVP/speedup-missing-check-scanf 
C++: Speedup `cpp/missing-check-scanf`
 2023-01-13 16:11:16 +00:00
Mathias Vorreiter Pedersen
59072f9e81 C++: Improve QLDoc. 2023-01-13 11:01:23 +00:00
Mathias Vorreiter Pedersen
dd8bead21a C++: Fix spurious backticks. 2023-01-13 10:57:44 +00:00
Mathias Vorreiter Pedersen
1ae52b6c7e C++: Speedup 'MissingCheckScanf'. 2023-01-12 10:13:02 +00:00
Tony Torralba
3fcc99e5cb C++: Remove omittable exists variables 2023-01-10 13:36:01 +01:00
Jeroen Ketema
0b4c4fd580 C++: Simplify deallocation check 2022-12-15 12:46:32 +01:00
Jeroen Ketema
4fb43d56b3 C++: Exclude deallocation functions as scanf result accesses 2022-12-15 09:39:16 +01:00
Josh Soref
be1753264e spelling: discriminate 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-14 15:08:43 -04:00
Josh Soref
c92ce69f48 spelling: when 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
erik-krogh
9e4843d53e update the alert-message of cpp/file-may-not-be-closed based on feedback 2022-09-23 14:46:00 +02:00
erik-krogh
2351884352 update some alert-messages based on review feedback 2022-09-23 14:45:59 +02:00
erik-krogh
40bea78186 remove more instances of the alert-loc being repeated as a link 2022-09-23 14:45:59 +02:00
erik-krogh
a30c38f38c CPP: make more alert messages follow the style-guide 2022-09-23 14:45:59 +02:00