256 Commits

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	8765c33847	C++: Also check the number of parameters to keep the tests happy.	2021-06-01 10:17:57 +02:00
Mathias Vorreiter Pedersen	615c805b2c	C++: Only use std::rand as a source of randomness.	2021-06-01 09:28:06 +02:00
Mathias Vorreiter Pedersen	41c93d92d7	C++: Remove FPs from right shifts and explicitly bounded random functions.	2021-05-31 15:40:02 +02:00
Mathias Vorreiter Pedersen	175fdbb105	C++: Replace exists(not ...) with not exists(...).	2021-05-31 09:54:24 +02:00
Mathias Vorreiter Pedersen	4107e350cb	C++: Add qldoc to NoThrowType.	2021-05-27 11:39:03 +02:00
Mathias Vorreiter Pedersen	71a860a356	C++: Exclude custom operator new allocators from the ThrowingAllocator class.	2021-05-27 11:23:11 +02:00
Mathias Vorreiter Pedersen	eb244c0eb2	C++: Fix documentation.	2021-05-25 10:16:22 +02:00
Mathias Vorreiter Pedersen	152c0161a2	C++: Fix formatting.	2021-05-20 09:48:32 +02:00
Mathias Vorreiter Pedersen	9504592909	C++: Promote cpp/incorrect-allocation-error-handling out of experimental.	2021-05-20 09:47:45 +02:00
Geoffrey White	aaae717328	Merge branch 'main' into weak_crypto	2021-05-19 11:19:08 +01:00
Geoffrey White	cdf261b54b	C++: In fact it's just not good enough to get additional evidence from the declaring type.	2021-05-18 14:31:19 +01:00
Geoffrey White	88dc0861ac	C++: Fix copy-paste error.	2021-05-18 14:27:31 +01:00
Geoffrey White	c7382ee06d	C++: Repair for function call macros.	2021-05-18 14:27:08 +01:00
Geoffrey White	da83e9142b	C++: Replace getAnExpandedElement with getAGeneratedElement as it's all we really need.	2021-05-18 13:23:49 +01:00
Geoffrey White	3b29920255	C++: Replace getAChild with getAnArgument().	2021-05-17 16:10:39 +01:00
Mathias Vorreiter Pedersen	d46452e8de	Merge pull request #5903 from MathiasVP/tainted-allocation-size-barrier ... C++: Add barriers to `cpp/uncontrolled-allocation-size`	2021-05-17 15:24:45 +02:00
Mathias Vorreiter Pedersen	2d0a56128d	C++: Prevent flow out of pointer-difference expressions.	2021-05-14 13:49:48 +02:00
Mathias Vorreiter Pedersen	5031b73f35	C++: Add barrier to cpp/uncontrolled-allocation-size that blocks flow when overflow isn't possible.	2021-05-14 13:43:20 +02:00
Geoffrey White	9cdf838981	C++: Bug fix.	2021-05-13 16:20:52 +01:00
Geoffrey White	a9d57450c8	C++: Autoformat.	2021-05-13 16:19:09 +01:00
Geoffrey White	3a83ff54e6	C++: Add support for class methods.	2021-05-13 16:02:00 +01:00
Geoffrey White	2576075b98	C++: Repair result message.	2021-05-13 15:52:28 +01:00
Geoffrey White	5d1ef49f8f	C++: Add support for enum constants.	2021-05-13 15:42:42 +01:00
Geoffrey White	e4d2c7cfc4	C++: Rewrite so that we look for additional evidence.	2021-05-13 13:19:39 +01:00
Geoffrey White	40cf29b625	C++: Rearrange the library.	2021-05-13 08:39:37 +01:00
Geoffrey White	0450caa73d	C++: Exclude array initializers.	2021-05-12 19:39:30 +01:00
Geoffrey White	52a88af6c1	C++: Exclude macro invocations in switch case expressions.	2021-05-12 19:33:18 +01:00
Geoffrey White	9404d0676d	C++: Exclude macros that don't generate anything.	2021-05-12 19:28:08 +01:00
Mathias Vorreiter Pedersen	e94dab70b5	C++: Add sanitizers to cpp/uncontrolled-arithmetic.	2021-05-12 15:44:09 +02:00
Mathias Vorreiter Pedersen	5016c6436a	Merge pull request #5859 from MathiasVP/fix-fp-in-comparison-with-wider-type ... C++: Fix false positive in `cpp/comparison-with-wider-type`	2021-05-10 17:58:31 +02:00
Mathias Vorreiter Pedersen	d55db836cb	C++: Remove implied conjunct.	2021-05-10 16:13:54 +02:00
Mathias Vorreiter Pedersen	c0b65314be	C++: Fix false positive by restricting _both_ the old (unconverted) expression _and_ all of the conversions.	2021-05-10 15:18:42 +02:00
Mathias Vorreiter Pedersen	c91ed80e6c	C++: Fix false positive by computing range of the converted expression.	2021-05-10 10:12:43 +02:00
Geoffrey White	75edcf0b4f	Merge branch 'main' into unsigneddiff2	2021-05-07 16:35:16 +01:00
Geoffrey White	69468514f0	Update cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql ... Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2021-05-07 16:26:42 +01:00
Geoffrey White	91be483c57	Update cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql ... Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2021-05-07 16:26:36 +01:00
Geoffrey White	fc96c1c400	Update cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql ... Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2021-05-07 16:26:23 +01:00
Geoffrey White	5db6abe2f4	Update cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql ... Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2021-05-07 16:22:48 +01:00
Geoffrey White	894f5d523c	Update cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql ... Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2021-05-07 16:19:48 +01:00
Mathias Vorreiter Pedersen	86822f6c61	C++: Exclude pointer results from cpp/integer-overflow-tainted.	2021-04-23 16:01:53 +02:00
Geoffrey White	8daca01c87	C++: Cleaner use of DataFlow::Node in exprIsSubLeftOrLess.	2021-04-13 15:13:11 +01:00
Geoffrey White	4879104568	C++: Add more dataflow cases to replace the loss.	2021-04-13 15:09:12 +01:00
Geoffrey White	b0ad927fdd	C++: Remove useUsePair.	2021-04-13 15:03:06 +01:00
Geoffrey White	0818c1d703	C++: Update QLDoc.	2021-04-09 18:11:48 +01:00
Geoffrey White	3b437fe6cf	C++: Replace GVN with some other libraries.	2021-04-09 15:21:42 +01:00
Robert Marsh	e22ec50dee	Merge pull request #5613 from github/hmakholm/pr/fix-redos ... Fix ReDOS in cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql	2021-04-06 15:54:27 -07:00
Geoffrey White	a8193dac08	C++: Reintroduce the exprMightOverflowNegatively bit.	2021-04-06 22:36:59 +01:00
Geoffrey White	60e4faba4c	C++: Add linear expression logic.	2021-04-06 22:28:36 +01:00
Geoffrey White	48ff8e237c	C++: Rewrite the range analysis exclusion to be recursive and more robust.	2021-04-06 22:26:55 +01:00
Geoffrey White	3ecd13531f	C++: Improve isGuarded.	2021-04-06 22:21:59 +01:00