hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 09:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,989 Commits 1,741 Branches 165 Tags
d476459727ba1fe8072ce77b98afa6aad8bc6fcc
Commit Graph

256 Commits

Author SHA1 Message Date
Geoffrey White
6088ca5d5b CPP: Update our uses of MacroInvocationExpr. 2019-01-09 12:17:29 +00:00
Geoffrey White
e443eb8889 CPP: Fix type logic. 2018-12-13 09:49:32 +00:00
Aditya Sharad
f92456fcad Merge master into next. 
Conflict in `cpp/ql/test/library-tests/sideEffects/functions/sideEffects.expected`,
resolved by accepting test output (combining changes).
 2018-12-12 17:26:18 +00:00
Geoffrey White
9857a85817 CPP: Fix similar queries. 2018-12-07 18:43:28 +00:00
Geoffrey White
0f268cac40 CPP: Fix the issue. 2018-12-07 18:43:27 +00:00
Geoffrey White
453529e3bf Merge pull request #575 from jbj/UnsafeCreateProcessCall-nullValue 
C++: Avoid using nullValue predicate (rc/1.19)
 2018-11-30 09:54:17 +00:00
Jonas Jensen
8654ebcbbd C++: Avoid using nullValue predicate 
The `nullValue` predicate performs a slow custom data-flow analysis to
find possible null values. It's so slow that it timed out after 1200s on
Wireshark.

In `UnsafeCreateProcessCall.ql`, the values found with `nullValue` were
used as sources in another data-flow analysis. By using the `NullValue`
class as sink instead of `nullValue`, we avoid the slow-down of doing
data flow twice. The `NullValue` class is essentially the base case of
`nullValue`. Confusing names, yes.
 2018-11-29 13:33:45 +01:00
Pavel Avgustinov
d4b2c01634 Lift out intermediate helper predicate. 2018-11-23 14:22:44 +00:00
Geoffrey White
e9499b59e4 CPP: Exclude switch statements. 2018-10-19 10:24:29 +01:00
Raul Garcia
7ab723ae79 Fixing typos & incorporating feedback. 
(MSFT feedback) Adding a new tag in the header @msrc.severity important
 2018-10-16 10:00:51 -07:00
Raul Garcia
22d54801e5 Removed one false-positive scenario (no space on lpCommandLine) 
Improved the query to avoid multiple calls to hasGlobalName
Fixed typos
Simplified the test case file
 2018-10-15 15:53:02 -07:00
Raul Garcia
cd5e788aa7 Update UnsafeCreateProcessCall.ql 2018-10-15 13:41:21 -07:00
Raul Garcia
1d853691eb Update UnsafeCreateProcessCall.qhelp 2018-10-15 13:40:40 -07:00
Raul Garcia
b8f8c99529 Update UnsafeCreateProcessCall.qhelp 2018-10-15 13:39:46 -07:00
Raul Garcia
242d40369b Merge branch 'master' into users/raulga/c6277 2018-10-12 15:59:54 -07:00
Raul Garcia
85283d63ce C++ : NULL application name with an unquoted path in call to CreateProcess 
Calling a function of the CreatePorcess* family of functions, which may result in a security vulnerability if the path contains spaces.
 2018-10-12 15:57:01 -07:00
Jonas Jensen
4b59c0cb80 Merge branch 'master' into hresult-boolean-qhelp 2018-10-09 14:56:58 +02:00
Geoffrey White
e0140f9112 CPP: Change some uses of WideCharType to Wchar_t. 2018-10-05 22:03:47 +01:00
Raul Garcia
3873cbdde0 Chnaging the @name & @description. 2018-10-03 15:32:34 -07:00
Raul Garcia
492b511cdf Merge operation 2018-10-02 11:27:39 -07:00
Raul Garcia
230724c085 Updates based on feedback 2018-10-02 11:17:23 -07:00
Raul Garcia
99e6708b2b Merge branch 'master' into users/raulga/c6276 2018-10-01 10:28:54 -07:00
Raul Garcia
253b8d1287 C++ : cpp/incorrect-string-type-conversion 
Cast between semantically different string types: char* from/to wchar_t*
NOTE: Please let me know if you want to use a different CWE than CWE-704
 2018-10-01 10:25:49 -07:00
Jonas Jensen
532a64f211 C++: Name/description of HResultBooleanConversion 
This commit changes the name and description of the new
`HResultBooleanConversion` query to follow our internal guidelines.
 2018-10-01 12:12:00 +02:00
Jonas Jensen
d813cb63e7 C++: Upper-case Boolean and <code> around HRESULT 2018-09-26 15:29:07 +02:00
Jonas Jensen
397c8b5750 Merge pull request #212 from raulgarciamsft/master 
Setting a SECURITY_DESCRIPTOR’s DACL to NULL
 2018-09-26 09:32:29 +02:00
Geoffrey White
9c219b958c Merge pull request #225 from sauyon/sizeofcheck 
Allow void* pointer arithmetic with sizeof
 2018-09-25 22:53:07 +01:00
Raul Garcia
54493eb990 Merge branch 'master' into master 2018-09-25 10:58:51 -07:00
Raul Garcia
d6d27df27b Removing all usage of single quotes 2018-09-25 10:50:34 -07:00
Jonas Jensen
8f19efe2e8 Merge pull request #211 from raulgarciamsft/users/raulga/HESULT 
Cast between semantically different integer types: HRESULT to/from bool
 2018-09-25 09:01:35 +02:00
Sauyon Lee
614a8ef091 Allow void* pointer arithmetic with sizeof 
Technically this isn't allowed by the C spec, but it's been seen in the wild:
see 3763c7b338/files/src/csp_buffer.c\#x1d04047d2bb68c21:1
 2018-09-24 11:05:40 -07:00
Raul Garcia
c75019726c Removing tabs & reformatting 2018-09-24 10:10:58 -07:00
Raul Garcia
c3b523cdc4 Fixing a missed reference to renamed file. 2018-09-24 10:02:52 -07:00
Dave Bartolomeo
aa267c8302 C++: Force LF for .c,.cpp,.h,.hpp 2018-09-23 16:23:52 -07:00
Raul Garcia
242ee10806 Major change in order to support the rule for C as well as cpp 2018-09-21 16:47:31 -07:00
Raul Garcia
8519f1a9e1 Fixing tabs replaced to spaces 2018-09-21 13:07:39 -07:00
Raul Garcia
75ef377ac1 Replace Unicode apostrophe with ANSI single quote 2018-09-21 11:34:22 -07:00
Raul Garcia
94f752c59c Merge branch 'users/raulga/HESULT' of https://github.com/raulgarciamsft/ql into users/raulga/HESULT 2018-09-21 11:14:49 -07:00
Raul Garcia
783be15a45 Fixing typos & ID. 
NOTE: There is an ongoing discussion on the proper CWE we should use
 2018-09-21 11:14:14 -07:00
Raul Garcia
5ccc1a32aa Merge branch 'master' into master 2018-09-20 16:30:48 -07:00
Raul Garcia
48c99fb1d1 Setting a SECURITY_DESCRIPTOR’s DACL to NULL 
Closing the gap between Semmle & PreFAST
This rule is equivalent to C6248
 2018-09-20 16:28:37 -07:00
Raul Garcia
64b8a5ba01 Merge branch 'master' into users/raulga/HESULT 2018-09-20 16:20:26 -07:00
Raul Garcia
b0ec929aad Cast between semantically different integer types: HRESULT to/from a Boolean type. 
Closing the gap between Semmle and PreFast.
Covers C6214, C6215, C6216, C6217, C6230
 2018-09-20 16:16:32 -07:00
Raul Garcia
28050e1415 Change to cpp/overflow-buffer to detect access to an array using a negative index (static, out of range access, lower bound). 2018-09-13 15:44:32 -07:00
Geoffrey White
074894298c CPP: Adjust precisions for the CWE-190 queries. 2018-08-31 16:15:53 +01:00
Kevin Backhouse
6c5009225c Merge pull request #111 from olehermanse/gmtime 
Fixed error in gmtime example
 2018-08-29 15:55:52 -04:00
semmle-qlci
d957c151a6 Merge pull request #110 from jbj/fewer-dbtypes 
Approved by ian-semmle
 2018-08-29 17:26:06 +01:00
Jonas Jensen
418a16772b Merge pull request #105 from geoffw0/samate-crement 
CPP: Support crement operations in CWE-190
 2018-08-29 09:03:29 +02:00
Ole Herman Schumacher Elgesem
00c552fe2f Fixed error in gmtime example 
gmtime and gmtime_r take a time_t pointer, so have to store the value
of time(NULL) on the stack.

Signed-off-by: Ole Herman Schumacher Elgesem <oleherman93@gmail.com>
 2018-08-28 11:10:11 -07:00
Geoffrey White
0d6373924c CPP: De-conflate cause and effect strings. 2018-08-28 16:39:10 +01:00