Mathias Vorreiter Pedersen
05389bb9d4
Merge pull request #6099 from geoffw0/weak-crypto3
...
Further improvements to cpp/weak-cryptographic-algorithm
2021-06-21 15:46:50 +02:00
Geoffrey White
79198974dc
Merge branch 'main' into weak-crypto3
2021-06-21 11:55:29 +01:00
Anders Schack-Mulligen
9110dfaeb3
Merge pull request #6095 from hvitved/dataflow/local-cc-join
...
Data flow: Fix `getLocalCallContext` join-order
2021-06-21 12:53:38 +02:00
Calum Grant
32f6a465b0
Merge pull request #6080 from github/calumgrant/security-severities
...
Update security-severity scores
2021-06-18 09:40:40 +01:00
Tom Hvitved
eb86bceb4d
Address review comments
2021-06-18 10:18:47 +02:00
Geoffrey White
b4cbe6dce8
C++: Increase query precision to high.
2021-06-17 14:33:17 +01:00
Geoffrey White
b5c71fd1d7
C++: Repair funcion call in a function call.
2021-06-17 14:33:16 +01:00
Geoffrey White
e5147c2a1f
C++: Exclude functions that don't involve buffers.
2021-06-17 14:33:16 +01:00
Geoffrey White
a481e5c292
C++: Exclude template code.
2021-06-17 12:36:14 +01:00
Geoffrey White
8efdf359dc
C++: Fix some incorrect uses of 'const' in the tests.
2021-06-17 12:36:13 +01:00
Geoffrey White
3641cdcc1f
C++: Add a test case involving an array.
2021-06-17 12:36:09 +01:00
Geoffrey White
23db21cd90
C++: Test spacing.
2021-06-17 12:33:31 +01:00
Geoffrey White
d590952aaa
C++: Add a test case involving nested function calls.
2021-06-17 12:23:18 +01:00
Geoffrey White
7632c9edb5
C++: Add test cases involving strings and comparisons.
2021-06-17 12:23:17 +01:00
Geoffrey White
2e236dd2a9
C++: Add a test case involving a harmless assert.
2021-06-17 12:23:17 +01:00
Geoffrey White
dca397dfb1
C++: Add a test case with a template class.
2021-06-17 12:23:16 +01:00
Anders Schack-Mulligen
b173b4141d
Merge pull request #6096 from smowton/smowton/fix/inline-expectations-missing-prefix
...
Inline expectation tests: accept // $MISSING: and // $SPURIOUS:
2021-06-17 11:41:15 +02:00
Chris Smowton
558813acf7
Inline expectation tests: accept // $MISSING: and // $SPURIOUS:
...
Previously there had to be a space after the $ token, unlike ordinary expectations (i.e., // $xss was already accepted)
2021-06-17 09:44:39 +01:00
Tom Hvitved
ffb2350a54
Data flow: Fix getLocalCallContext join-order
2021-06-17 10:02:31 +02:00
Tom Hvitved
cc383e0f6a
Data flow: Workaround for too clever compiler in consistency queries
2021-06-17 09:43:36 +02:00
Calum Grant
771e686946
Update security-severity scores
2021-06-15 13:25:17 +01:00
Cornelius Riemenschneider
0ebf53b9df
Merge pull request #6073 from geoffw0/loc
...
C++: Add lines of user code query
2021-06-15 09:18:46 +02:00
Geoffrey White
d7db18213d
C++: Add a generated file to the test.
2021-06-14 16:21:30 +01:00
Geoffrey White
1e1ae27974
C++: Test the new query.
2021-06-14 16:06:20 +01:00
Geoffrey White
e71264d1d2
C++: Lines of user code query.
2021-06-14 16:03:16 +01:00
Jonas Jensen
e23b88b7f1
Merge pull request #6052 from jsinglet/jsinglet/stdtypes
...
Implementation of standard C/C++ fixed width, minimum width, and maximum width types
2021-06-11 17:03:01 +02:00
John L. Singleton
8c6c011be2
Formatting fixes, comment moving.
2021-06-11 10:17:05 -04:00
John L. Singleton
cd61fb4753
this should be abstract
2021-06-10 19:54:58 -04:00
John L. Singleton
2a01324172
more maintainable pattern for class abstractions
2021-06-10 17:09:32 -04:00
Calum Grant
a594afb828
Add security-severity metadata
2021-06-10 20:11:08 +01:00
John L. Singleton
bd7c416356
comment change
2021-06-10 11:21:11 -04:00
John L. Singleton
0d3f53b013
Changes to structure per feedback of @jbj
2021-06-10 11:16:58 -04:00
John L. Singleton
f174d7a0e0
Comment changes
2021-06-10 09:52:22 -04:00
John L. Singleton
14c419a75f
autoformatting
2021-06-10 09:39:43 -04:00
John L. Singleton
01cac13a48
format ql test files.
2021-06-09 17:16:26 -04:00
John L. Singleton
b91a0dbe16
removed accidental modification.
2021-06-09 17:12:59 -04:00
John L. Singleton
1fe3c9d093
removed accidental modification.
2021-06-09 17:11:39 -04:00
John L. Singleton
28e2cdb54e
adding standard C/C++ fixed width, minimum width, and maximum width types
2021-06-09 16:12:58 -04:00
Mathias Vorreiter Pedersen
879bfbbd4e
C++: Match the join order from before #5522 .
2021-06-09 15:02:31 +02:00
Mathias Vorreiter Pedersen
8fb15666ee
Merge pull request #6041 from geoffw0/uncontrolled-allocation-size
...
C++: Add CWE-789 tag to cpp/uncontrolled-allocation-size.
2021-06-08 17:44:02 +02:00
Geoffrey White
32545a1346
C++: Add CWE-789 tag to cpp/uncontrolled-allocation-size.
2021-06-08 10:59:03 +01:00
Mathias Vorreiter Pedersen
025043afca
Merge pull request #6010 from geoffw0/charloc
...
C++: Test and fix maxCols / charLoc
2021-06-08 11:15:04 +02:00
Alex Denisov
a12954a403
C++: Remove outdated comment
2021-06-07 17:15:21 +02:00
AlexDenisov
d254524f3f
Merge pull request #6027 from AlexDenisov/alexdenisov/fix-string-literal-expectation
...
C++: Fix string literal expectation
2021-06-07 17:13:12 +02:00
Geoffrey White
6f05fd4839
C++: Autoformat.
2021-06-07 11:01:00 +01:00
Mathias Vorreiter Pedersen
3923acb5e0
Merge pull request #6017 from github/dbartol/pack/extra-queries-xml
...
C++: Replace an odd `queries.xml` with `qlpack.yml`
2021-06-07 10:58:19 +02:00
Alex Denisov
17be6e1271
C++: Fix string literal expectation
2021-06-07 09:47:26 +02:00
Dave Bartolomeo
ac3ded7d5a
Replace an odd queries.xml with qlpack.yml
...
This one C++ test has its own `queries.xml` to make "outside-of-source" path filtering work, as detailed in commit 2550788598
2021-06-06 09:04:18 -04:00
Dave Bartolomeo
e276e2684e
Merge pull request #5986 from MathiasVP/side-effects-for-nonconst-smart-pointers
...
C++: Fix `hasDefaultSideEffect` for non-const smart pointers
2021-06-04 13:57:44 -04:00
Mathias Vorreiter Pedersen
8e8c2e677a
C++: Accept test changes.
2021-06-04 18:49:20 +02:00
