hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,684 Commits 1,671 Branches 157 Tags
dd31be43e07d901bafb543c8f65be8e9b5abb364
Commit Graph

8731 Commits

Author SHA1 Message Date
Geoffrey White
2756c0e7af C++: Don't report results in files with compilation errors. 2022-09-21 10:45:28 +01:00
Tom Hvitved
db8b6ac69a Data flow: Sync files 2022-09-21 11:02:24 +02:00
Andrew Eisenberg
58e4861b45 Merge branch 'main' into rc/3.7 2022-09-20 12:43:20 -07:00
Geoffrey White
9ddb485405 Merge branch 'main' into cleartext-perf 2022-09-20 17:56:18 +01:00
Geoffrey White
c599b02e98 C++: Add test case. 2022-09-20 15:23:13 +01:00
Mathias Vorreiter Pedersen
74ccec75c8 C++: Sync identical files. 2022-09-20 13:37:54 +01:00
Mathias Vorreiter Pedersen
79654d978d C++: Sync identical files. 2022-09-20 12:57:21 +01:00
Mathias Vorreiter Pedersen
7c41219376 Merge pull request #10438 from MathiasVP/invalid-pointer-deref-query 
C++: Add a `cpp/invalid-pointer-deref` query to experimental
 2022-09-20 10:41:31 +01:00
Erik Krogh Kristensen
a4cd913aea Merge pull request #10312 from erik-krogh/fix-caseDiff 
ensure consistent casing of names
 2022-09-19 10:43:12 +02:00
Mathias Vorreiter Pedersen
02076074ff C++: Add more comments. 2022-09-18 12:48:13 +01:00
Mathias Vorreiter Pedersen
3e6576bfaf C++: Add example of missing result. 2022-09-18 12:18:04 +01:00
Mathias Vorreiter Pedersen
d1cf688abf C++: Fix test function naming. 2022-09-18 12:17:46 +01:00
Mathias Vorreiter Pedersen
78535dc70b C++: Autoformat. 2022-09-18 12:02:32 +01:00
Mathias Vorreiter Pedersen
dc00643ad1 C++: More QLDoc. 2022-09-16 17:14:29 +01:00
Mathias Vorreiter Pedersen
031f20a0eb C++: Respond to review comments. 2022-09-16 16:19:06 +01:00
github-actions[bot]
67ce442674 Post-release preparation for codeql-cli-2.10.5 2022-09-16 14:23:44 +00:00
Mathias Vorreiter Pedersen
4482669d7e C++: Add a new 'InvalidPointerDeref' query to experimental. 2022-09-15 17:47:15 +01:00
Mathias Vorreiter Pedersen
b8a5aa5d85 C++: Fix a couple of range analysis issues: 
1. The new query is expecting pointer arithmetic operations to generate
range-analysis bounds, but this wasn't true on main.
2. The bounds generated by `boundFlowCond` was incorrectly inferred as
non-strict when comparing a pointers (unlike when comparing values of
integral types). This gave FPs in the new query.

This also fixes a couple of missing results in existing queries that
use the new range-analysis library.
 2022-09-15 17:46:52 +01:00
Mathias Vorreiter Pedersen
d981f898e4 C++: Add flow states to the product dataflow library. 2022-09-15 15:54:09 +01:00
Philip Ginsbach
26099d6ab7 remove more upper-case variable names 2022-09-15 14:36:02 +01:00
Geoffrey White
6b21563018 C++: Update change note. 2022-09-15 13:37:20 +01:00
Philip Ginsbach
c5703898b0 remove upper-case NamedExpression variable names 2022-09-14 16:35:24 +01:00
Philip Ginsbach
8f7f631211 upper-case variable names are deprecated 2022-09-14 14:50:26 +01:00
Mathias Vorreiter Pedersen
c7ccff2e20 C++: Accept test changes. 2022-09-13 12:11:22 +01:00
Mathias Vorreiter Pedersen
4130616ab1 C++: Use experimental dataflow for the product flow library. 2022-09-13 09:41:03 +01:00
Robert Marsh
ededfaa40b C++: use-use flow in ArrayAccessProductFlow 2022-09-13 09:39:39 +01:00
Robert Marsh
0fcfe5772f C++: query-specific model for ffmpeg allocator 2022-09-13 09:39:31 +01:00
Robert Marsh
61017a7997 C++: prevent a bad join order 2022-09-13 09:39:11 +01:00
Mathias Vorreiter Pedersen
7f6b400b78 Merge pull request #10366 from MathiasVP/use-use-flow-in-experimental 
C++: Use-use flow in `experimental`
 2022-09-13 09:30:48 +01:00
intrigus
894a0f1c3b Add string to int sanitizer. 2022-09-12 21:02:18 +02:00
Mathias Vorreiter Pedersen
6e4b3c242f Merge pull request #10377 from geoffw0/deprecate-pointsto 
C++: Put a warning on the PointsTo library.
 2022-09-12 16:25:40 +01:00
Mathias Vorreiter Pedersen
d2b150eaf5 C++: Fix QLDoc on the model predicates used by the new experimental use-use code. 2022-09-12 16:00:49 +01:00
Mathias Vorreiter Pedersen
bb1c088fe0 C++: Undo changes to iterator models. 2022-09-12 15:58:49 +01:00
Geoffrey White
842af4bf74 C++: Specifically suggest DataFlow as an alternative. 2022-09-12 14:25:45 +01:00
erik-krogh
bae4490620 add change-note 2022-09-12 12:12:18 +02:00
Mathias Vorreiter Pedersen
c988547e9c C++: Accept test changes. 2022-09-11 18:31:53 +01:00
Geoffrey White
8ac3e10896 C++: Put a warning on the PointsTo library. 2022-09-09 18:03:23 +01:00
Mathias Vorreiter Pedersen
6dcfe0348b C++: Copy over the required changes to non-experimental libraries. 2022-09-09 17:26:58 +01:00
Mathias Vorreiter Pedersen
5509562fe6 C++: Repair a few broken models that were incorrectly a pointer 
as tainted (instead of the pointee), or vice versa. Because of
existing dataflow pointer/pointee conflation we never noticed that,
but since this PR removes those imprecisions we now need to update
these models.
 2022-09-09 17:04:36 +01:00
Mathias Vorreiter Pedersen
6d313ace2d C++: Copy the new use-use flow code to experimental. 2022-09-09 14:20:10 +01:00
Tony Torralba
569fad667a Merge pull request #10360 from atorralba/atorralba/fix-taint-implicit-reads 
Dataflow: Fix implicit reads in taint tracking when FlowStates are used
 2022-09-09 14:28:39 +02:00
Geoffrey White
6011ae9ecc Merge branch 'main' into cleartext-perf 2022-09-09 11:40:47 +01:00
Geoffrey White
edefda9213 C++: Make QL-for-QL happy. 2022-09-09 11:26:42 +01:00
Geoffrey White
813d166ad7 C++: Restore results in cpp/cleartext-storage-database using . 2022-09-09 11:03:29 +01:00
erik-krogh
26d8553f6e ensure consistent casing of names 2022-09-09 10:34:14 +02:00
Tony Torralba
1078cf091e Add change notes for all languages 2022-09-09 10:28:36 +02:00
Tony Torralba
7db1eb98f5 Sync files 2022-09-08 17:32:03 +02:00
Robert Marsh
0feeafd0ac Merge pull request #10339 from MathiasVP/dont-use-get-unique-id-in-range-analysis 
C++: Don't use `getUniqueId` in range analysis
 2022-09-08 11:13:43 -04:00
Mathias Vorreiter Pedersen
594c40a375 Merge pull request #10355 from MathiasVP/fix-unequalIntegralSsa-standard-order 
C++: Avoid bad standard order in range analysis
 2022-09-08 14:58:44 +01:00
Tom Hvitved
b3653cc3d0 Merge pull request #10216 from hvitved/ssa/shared-lib 
SSA: Create a new `codeql/shared-ssa` library pack and move implementation there
 2022-09-08 15:39:29 +02:00