76 Commits

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	98dc73c6dd	Merge pull request #12611 from MathiasVP/buffer-access-should-be-evaluated ... C++: Exclude unevaluated accesses in `BufferAccess`	2023-03-21 12:10:37 +00:00
Mathias Vorreiter Pedersen	8623d8eb8e	C++: Exclude unevaluated expressions from BufferAccess.	2023-03-21 09:48:09 +00:00
Jeroen Ketema	bbe95367d6	C++: Simplify SslContextCallMake	2023-03-20 14:00:03 +01:00
Jeroen Ketema	9997326804	C++: Refactor BoostorgAsio to use DataFlow::ConfigSig	2023-03-20 13:37:18 +01:00
Mathias Vorreiter Pedersen	00450d10bb	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2023-03-13 14:50:17 +01:00
Anders Schack-Mulligen	ef97e539ec	C/C++: Autoformat	2023-03-10 09:39:41 +01:00
Jeroen Ketema	ecdeb9a970	C++: Revert semmle.code.cpp.dataflow to its old state ... While here make sure all queries and tests use IR dataflow when appropriate.	2023-02-10 14:21:44 +01:00
Mathias Vorreiter Pedersen	e1aef3127c	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2023-02-10 09:23:37 +00:00
Mathias Vorreiter Pedersen	746f04bafc	C++: Construct fewer strings.	2023-02-07 11:44:32 +00:00
Mathias Vorreiter Pedersen	4016299aa8	Update cpp/ql/lib/semmle/code/cpp/security/Encryption.qll ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2023-02-06 15:55:15 +00:00
Mathias Vorreiter Pedersen	1c9a526afa	C++: Construct fewer strings.	2023-02-06 15:18:15 +00:00
Mathias Vorreiter Pedersen	8b01dfe696	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2023-01-10 17:30:29 +00:00
Tony Torralba	3fcc99e5cb	C++: Remove omittable exists variables	2023-01-10 13:36:01 +01:00
Jeroen Ketema	0addae81cd	Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-12-20 11:34:41 +01:00
Jeroen Ketema	a73bd050f7	C++: Define the argv flow source in terms the input parameter	2022-12-19 12:13:39 +01:00
Jeroen Ketema	3be0b3e6c7	C++: Recognize indirect argv accesses as flow sources for use-use dataflow ... This fixes the test regression on `cpp/command-line-injection`.	2022-12-13 16:18:17 +01:00
Jeroen Ketema	b2091e8632	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-12-12 11:40:36 +01:00
Jeroen Ketema	331fab5ac0	C++: Generalize the ArgvSource flow source ... This matches `isUserInput` and handles cases where `argv` has a different name, which is allowed.	2022-12-09 23:12:31 +01:00
Mathias Vorreiter Pedersen	4fd6ac5657	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-12-08 13:10:18 +00:00
Jeroen Ketema	b5147bbfb0	C++: Deprecate DefaultTaintTracking and TaintTrackingImpl	2022-12-06 17:45:16 +01:00
Jeroen Ketema	2ef13d1df7	Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-11-29 10:43:01 +01:00
erik-krogh	20c4699478	CPP: convert some block-comments that could be QLDoc to QLDoc	2022-11-16 13:39:22 +01:00
Mathias Vorreiter Pedersen	b85d3bc829	Merge branch 'main' into replace-ast-with-ir-use-usedataflow	2022-10-25 12:51:30 +02:00
Josh Soref	0c3eb53602	spelling: library ... Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	2022-10-14 15:08:44 -04:00
Josh Soref	bf86e53af1	spelling: encryption ... Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	2022-10-14 15:08:43 -04:00
Mathias Vorreiter Pedersen	01a81a9c56	C++: Repair the 'FlowSources' library in preparation for IR-based use-use dataflow.	2022-10-14 14:52:29 +02:00
Erik Krogh Kristensen	887f6557ed	fix common misspellings throughout github/codeql	2022-08-10 23:21:41 +02:00
Nick Rolfe	76cf8d1659	C++: fix typos in comments	2022-05-12 14:28:26 +01:00
Nick Rolfe	12a43b6fae	C++: fix another use of AnalysedString	2022-05-12 10:38:13 +01:00
Nick Rolfe	e1b277386a	Fix non-US spellings: s/analyse/analyze	2022-05-11 17:48:27 +01:00
Jonas Jensen	f1fa7cba5a	C++: Remove import order workarounds ... These workarounds are no longer needed from CodeQL CLI 2.9.0.	2022-04-28 14:40:57 +02:00
Erik Krogh Kristensen	ff73dbc35c	delete redundant imports	2022-04-22 12:55:28 +02:00
Edoardo Pirovano	ce82c54b94	Merge branch 'main' into edoardo/3.5-mergeback	2022-04-08 15:30:58 +01:00
Geoffrey White	04b8306f06	C++: Add some more patterns.	2022-04-04 16:57:00 +01:00
Geoffrey White	d2e7f22d1b	C++: Group all phone number related exprs together.	2022-04-04 16:48:03 +01:00
Geoffrey White	fbd71cd050	C++: Update to regexpMatch.	2022-03-31 11:27:20 +01:00
Mathias Vorreiter Pedersen	da39c9f5ef	C++: Fix bad magic.	2022-03-31 10:35:29 +01:00
Geoffrey White	b296b0150a	C++: Some enhancements to SensitiveExprs.qll as well, inspired by csharp.	2022-03-31 10:24:17 +01:00
Geoffrey White	b94ade3bdd	C++: Improve the regexps.	2022-03-29 10:03:58 +01:00
Geoffrey White	393819837c	C++: Convert to regexp.	2022-03-29 09:33:16 +01:00
Geoffrey White	18f80eb3e3	C++: Loosen a few constraints slightly.	2022-03-28 11:16:57 +01:00
Geoffrey White	202b6d44a5	C++: Update SensitiveExprs.qll to clarify the relationship.	2022-03-28 10:54:56 +01:00
Geoffrey White	0453c0f0a1	C++: Convert to C++ and make it look more like SensitiveExprs.qll.	2022-03-28 10:54:55 +01:00
Geoffrey White	ec98269a24	C++: Copy PrivateData.qll from csharp.	2022-03-28 10:54:54 +01:00
Erik Krogh Kristensen	a86f0afb3c	delete all deprecations that are over 14 months old	2022-03-09 18:28:07 +01:00
Geoffrey White	f090a3b440	C++: Add to and clarify some taint library QLDoc.	2022-01-27 11:26:00 +00:00
Erik Krogh Kristensen	f500bccbe4	add explicit this to member call	2022-01-21 11:46:33 +01:00
Erik Krogh Kristensen	4e8e3a7420	simplify expressions that could be type-casts	2022-01-20 10:41:35 +01:00
Paolo Tranquilli	8ac34f3db5	C++: NoSpecifiedEstimateReason→Unspecified...	2022-01-13 11:59:47 +00:00
Robert Marsh	4322a39807	C++: fix typo in Overflow.qll abs handling	2022-01-07 14:09:47 -05:00