hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 04:39:29 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,595 Commits 1,741 Branches 166 Tags
dab6691eb01b9629ec7a05f76f8ceab5ad6dd541
Commit Graph

3249 Commits

Author SHA1 Message Date
Jonas Jensen
dab6691eb0 Merge pull request #2900 from dbartol/dbartol/void-buffer 
C++: Better fix for `void` type on buffer access
 2020-03-02 09:00:15 +01:00
Jonas Jensen
ec85f9f1a1 Merge pull request #2797 from rdmarsh2/rdmarsh/cpp/malloc-alias-locations 
C++: Support dynamic memory allocations in IR alias analysis
 2020-03-02 08:49:59 +01:00
Robert Marsh
28ee756c6a Merge pull request #2934 from geoffw0/add_tests 
C++: Test and typos.
 2020-02-28 15:12:32 -08:00
Geoffrey White
82191102d9 Merge pull request #2930 from jbj/getUnconverted 
C++: Add Expr.getUnconverted predicate
 2020-02-28 14:25:36 +00:00
Geoffrey White
4ca57db553 Merge pull request #2929 from Semmle/rc/1.23 
Merge rc/1.23 into master
 2020-02-28 09:30:20 +00:00
semmle-qlci
ec90627a64 Merge pull request #2909 from yo-h/experimental 
Approved by aschackmull, jbj, max-schaefer, tausbn
 2020-02-28 03:15:58 +00:00
Dave Bartolomeo
b0fb16c068 C++/C#: Fix formatting 2020-02-27 13:44:02 -05:00
Geoffrey White
729c310eb9 C++: More typos. 2020-02-27 15:49:59 +00:00
Geoffrey White
f8a61ffc4c C++: Expand the test as described in ODASA-640. 2020-02-27 15:26:53 +00:00
Geoffrey White
0a7d9db335 C++: Add example described in ODASA-640. 2020-02-27 15:23:16 +00:00
Geoffrey White
e6d35d314d C++: Fix typo. 2020-02-27 15:23:10 +00:00
Jonas Jensen
c9e56d13f7 C++: Add Expr.getUnconverted predicate 
This gets rid of the expensive predicate
`#Cast::Conversion::getExpr_dispred#ffPlus`, I've observed to cause
memory pressure on large databases.
 2020-02-27 14:52:42 +01:00
Robert Marsh
95a762c987 Merge master for submodule update 2020-02-26 13:44:26 -08:00
Jonas Jensen
5f6d07dd57 C++: Fix performance of UnsignedGEZero.ql 
This query used two fastTC operations that were already somewhat
inefficient on their own but could send the evaluator into an OOM loop
when run in parallel without enough RAM.

The fix is to recurse manually, starting just from the expressions that
are potential candidates for alerts.
 2020-02-26 11:32:41 +01:00
Jonas Jensen
db33c360bc Merge pull request #2910 from aschackmull/dataflow/cleanup 
Java/C++: Minor dataflow cleanup.
 2020-02-25 12:47:10 +01:00
Mathias Vorreiter Pedersen
b9bb2ec0ac Merge pull request #2864 from jbj/DefaultTaintTracking-cached 
C++: Cache DefaultTaintTracking
 2020-02-25 10:15:43 +01:00
Anders Schack-Mulligen
fba8772411 Java/C++: Minor dataflow cleanup. 2020-02-25 09:40:25 +01:00
yo-h
43bcd5b26c Add guidelines for experimental CodeQL queries and libraries 2020-02-24 15:08:31 -05:00
Robert Marsh
ea4ca31fb3 Merge pull request #2907 from geoffw0/argvlocal 
C++: Modify the argvlocal tests
 2020-02-24 10:55:21 -08:00
Geoffrey White
4af0193c98 C++: Modify the argvlocal tests. 2020-02-24 16:51:47 +00:00
Geoffrey White
9f271949d5 C++: Adjust layout of the argvlocal test. 2020-02-24 15:52:31 +00:00
Jonas Jensen
2d9df70abc Merge pull request #2887 from MathiasVP/fix-ir-gen-switch 
C++: Fix IR generation for switch statements
 2020-02-24 13:29:27 +01:00
Jonas Jensen
ae68878476 C++: Cache DefaultTaintTracking 
This should speed up the overall suite, where `DefaultTaintTracking` is
used in several queries.
 2020-02-24 13:03:34 +01:00
Mathias Vorreiter Pedersen
ed430ce855 C++/C#: Bind parameter in new case. 2020-02-24 09:12:14 +01:00
Mathias Vorreiter Pedersen
af364e66fc C++/C#: Move sanity check inside InstructionSanity module and accept tests 2020-02-23 20:53:49 +01:00
Dave Bartolomeo
170331b105 C++: Better fix for void type on buffer access 
Fixes issue https://github.com/github/codeql-c-analysis-team/issues/20

This change undoes the workaround in https://github.com/Semmle/ql/pull/2736, and replaces it with a fix for the underlying cause. The problem was that the IR construction code for side effects incorrectly assumed that `BufferAccessOpcode` included `SizedBufferAccessOpcode`. I think that was actually a perfectly reasonable assumption to make, so I changed the `Opcode` hierarchy to make it true.
 2020-02-21 18:46:32 -07:00
Mathias Vorreiter Pedersen
d9753b0ca5 C++/C#: Accept test output after adding sanity check to Instruction.qll 2020-02-21 15:09:53 +01:00
Geoffrey White
ad45a4b079 Merge pull request #2890 from nickrolfe/range_based_for 
C++: add more extensive test for desugaring of range-based-for loops
 2020-02-21 09:31:34 +00:00
Anders Schack-Mulligen
771cb754c2 Merge pull request #2822 from hvitved/dataflow/node-cand-simple-call-context 
Data flow: Track simple call contexts in `nodeCand[Fwd]1`
 2020-02-21 10:02:06 +01:00
Tom Hvitved
0cc3218115 Merge pull request #2872 from aschackmull/dataflow/pathstep-localflow-join 
Java/C++/C#: Improve join-order in pathStep predicate
 2020-02-21 09:39:17 +01:00
Mathias Vorreiter Pedersen
780010d8f9 C++/C#: Sync identical files 2020-02-20 22:15:06 +01:00
Mathias Vorreiter Pedersen
6c08783158 C++: Accept output 2020-02-20 22:13:37 +01:00
Mathias Vorreiter Pedersen
4545ad0f93 C++: Add sanity check to Instruction.qll 2020-02-20 22:09:02 +01:00
Mathias Vorreiter Pedersen
76e5bd59df C++: Change edge to DefaultEdge 2020-02-20 22:08:16 +01:00
Tom Hvitved
a772b82fea Address review comments 2020-02-20 19:48:49 +01:00
Nick Rolfe
46b226e0c5 C++: add more extensive test for desugaring of range-based-for loops 2020-02-20 16:15:22 +00:00
Mathias Vorreiter Pedersen
c5f38eecfe C++: Fix IR generation and accept output 2020-02-20 15:37:02 +01:00
Mathias Vorreiter Pedersen
051d574ffd C++: Add switch testcases demonstrating incorrect IR 2020-02-20 15:31:44 +01:00
Jonas Jensen
97035aeb63 Merge pull request #2848 from geoffw0/model-sideeffects 
C++: Disambiguate SideEffectFunction QLDoc.
 2020-02-20 10:30:53 +01:00
Robert Marsh
bed6d2b225 Merge branch 'master' into rdmarsh/cpp/malloc-alias-locations 2020-02-19 16:44:13 -08:00
Dave Bartolomeo
4f1a23e248 "Fix" spelling 2020-02-19 15:57:31 -07:00
Dave Bartolomeo
5263222dc2 "Fix" spelling 2020-02-19 15:57:19 -07:00
Robert Marsh
de66841263 Merge pull request #2873 from geoffw0/fixasttest2 
C++: Fix another test that should be working on the AST dataflow.
 2020-02-19 14:13:44 -08:00
Robert Marsh
82f2540dde Merge pull request #2871 from geoffw0/fixasttest 
C++: Fix a test that should be working on the AST dataflow.
 2020-02-19 10:55:13 -08:00
Anders Schack-Mulligen
91166431d2 Java/C++/C#: s/Callable/DataFlowCallable/ 2020-02-19 17:23:01 +01:00
Jonas Jensen
1d2d8729b8 Merge pull request #2839 from MathiasVP/sync-ir-valuenumbering-internals 
C++/C#: Fix sync config file for value numbering sharing
 2020-02-19 16:57:16 +01:00
Geoffrey White
89bbb975f9 C++: Effects on tests. 2020-02-19 14:52:49 +00:00
Geoffrey White
4e2a45cd3e C++: Correct SideEffectFunction model for PureStrFunction. 2020-02-19 14:38:43 +00:00
Geoffrey White
22cba0f26e C++: Delete TODO. 2020-02-19 14:38:43 +00:00
Geoffrey White
5f7085937e C++: Improve the SideEffect library QLDoc. 2020-02-19 14:38:43 +00:00