hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,684 Commits 1,671 Branches 157 Tags
dd31be43e07d901bafb543c8f65be8e9b5abb364
Commit Graph

8731 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
f119b50c2f C++: Predicate factoring to prevent a bad standard order. 2022-09-08 13:55:27 +01:00
github-actions[bot]
a9d80a5a48 Release preparation for version 2.10.5 2022-09-08 11:35:54 +00:00
Jeroen Ketema
6330be3902 C++: Update DB scheme stats file 2022-09-08 10:06:57 +02:00
Jeroen Ketema
04000be050 C++: Add DB scheme upgrade and downgrade scripts 2022-09-08 10:06:57 +02:00
Jeroen Ketema
1140d27bda C++: Add tests for newly supported builtin operations 2022-09-08 10:06:57 +02:00
Jeroen Ketema
2410321acf C++: Add change note for newly supported builtin operations 2022-09-08 10:06:57 +02:00
Jeroen Ketema
23b9b07f28 C++: Support more builtin operations 2022-09-08 10:06:57 +02:00
Mathias Vorreiter Pedersen
7062263885 C++: Accept test changes. 2022-09-07 21:11:52 +01:00
Mathias Vorreiter Pedersen
a052614dbf C++: Two fixes to ensure we don't use getUniqueId in the new range analysis library. (1) don't use it to rank basic blocks, and (2) don't use it in 'toString' on bounds. 2022-09-07 18:45:43 +01:00
Mathias Vorreiter Pedersen
e37848ec6d C++: Remove 'IRConfiguration' since we no longer generate bad IR for range analysis. 2022-09-07 16:39:45 +01:00
Mathias Vorreiter Pedersen
86259ced97 Merge branch 'main' into rdmarsh2/cpp/product-flow 2022-09-07 16:38:42 +01:00
Robert Marsh
55a10d99b4 Merge pull request #10305 from MathiasVP/ql-workaround-for-missing-decl-entries 
C++: Synthesize `DeclarationEntry`s for IR construction
 2022-09-07 11:34:28 -04:00
Mathias Vorreiter Pedersen
7833de19b5 Merge branch 'main' into rdmarsh2/cpp/product-flow 2022-09-07 16:00:43 +01:00
Mathias Vorreiter Pedersen
ddeae090a3 C++: Remove CP. 2022-09-07 15:11:16 +01:00
Mathias Vorreiter Pedersen
011d15aca3 C++: Accept test changes. 2022-09-07 14:56:08 +01:00
Mathias Vorreiter Pedersen
e0a5d18d7d C++: Respond to Schack feedback. 2022-09-07 11:16:35 +01:00
Mathias Vorreiter Pedersen
5ce47d97b2 Merge branch 'main' into rdmarsh2/cpp/product-flow 2022-09-07 11:14:42 +01:00
Mathias Vorreiter Pedersen
d6b8f25312 C++: Add more tests. 2022-09-06 15:22:10 +01:00
Mathias Vorreiter Pedersen
9745073024 C++: Speedup 'cpp/using-expired-stack-address' by avoiding a large negation. 2022-09-06 14:33:33 +01:00
Mathias Vorreiter Pedersen
02c18e714b C++: Mention 'range-based for-loops' in the QLDoc for 'IRDeclarationEntry'. 2022-09-06 10:40:13 +01:00
Mathias Vorreiter Pedersen
10f962f341 C++: Rename 'PseudoDeclarationEntry' to 'IRDeclarationEntry'. 2022-09-06 10:36:38 +01:00
Mathias Vorreiter Pedersen
ed3fff0eba Update cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-09-06 10:32:16 +01:00
Tom Hvitved
eff3747eb9 Docs: No longer mention required /p:UseSharedCompilation=false 2022-09-06 10:13:29 +02:00
Mathias Vorreiter Pedersen
885bf427bd C++: Accept test changes. 2022-09-05 23:26:03 +01:00
Mathias Vorreiter Pedersen
f6654e3d69 C++: As a bonus we now no longer need the 'TTranslatedRangeBasedForVariableDeclaration' IPA branch. This previously existed only to account for the missing 'DeclarationEntry's happening in range-based for loops. But these are now also handled by 'PseudoDeclarationEntry's. 2022-09-05 22:18:41 +01:00
Mathias Vorreiter Pedersen
fc85ef76ed C++: Introduce 'PseudoDeclarationEntry's to handle missing 'DeclarationEntry's during IR construction. 2022-09-05 22:17:14 +01:00
Mathias Vorreiter Pedersen
2da46ad691 C++: Add two testcases demonstrating malformed IR from missing declaration entries from decl stmts. 2022-09-05 17:49:20 +01:00
Geoffrey White
b6d5b6731a C++: Make QLDoc meet style guide. 2022-09-05 17:17:57 +01:00
Geoffrey White
234da636a4 C++: Change note. 2022-09-05 17:01:25 +01:00
Geoffrey White
008d583da8 C++: Modernize cpp/cleartext-storage-database. 2022-09-05 16:47:14 +01:00
Geoffrey White
946456acc2 C++: Apply the sanitizer improvement from cpp/cleartext-storage-buffer in cpp/cleartext-storage-file and cpp/cleartext-transmission. 2022-09-05 14:44:33 +01:00
Tom Hvitved
9ebabd1e1f SSA: Strip shared from namespace and qlpack name 2022-09-05 11:17:30 +02:00
Tom Hvitved
ba62b9e822 Address review comments 2022-09-02 13:07:27 +02:00
Nora Dimitrijević
7584434b80 Merge pull request #10163 from d10c/missing-check-scanf-squashed 
C++: New Query: missing return-value check for scanf-like functions
 2022-09-01 23:43:21 +02:00
Robert Marsh
ca2694ae1d C++: exclude end pointers in iterator-style loops 2022-09-01 17:42:19 -04:00
Tom Hvitved
6b728acd9e Use specific codeql/shared-ssa pack for the SSA library 2022-09-01 21:23:33 +02:00
Mathias Vorreiter Pedersen
2223bc3d1f Merge pull request #10261 from MathiasVP/fix-join-in-sign-analysis 
C++: Fix join in sign analysis
 2022-09-01 16:49:05 +01:00
Robert Marsh
35701373ee C++: more semantic range analysis perf tweaks 2022-09-01 10:49:54 -04:00
Robert Marsh
b1de54e9aa C++: rewrite ProductFlow recursion for performance 2022-09-01 10:49:12 -04:00
Edoardo Pirovano
8f332714f4 Merge pull request #10260 from github/edoardo/3.7-mergeback 
Merge `rc/3.7` into `main`
 2022-09-01 15:44:17 +01:00
Mathias Vorreiter Pedersen
a65e585db1 C++: 'nomagic' on 'binaryExprOperands'. 2022-09-01 15:34:59 +01:00
Nora Dimitrijević
f956999891 Merge branch 'main' into missing-check-scanf-squashed 2022-09-01 12:08:50 +02:00
Tom Hvitved
8e5d6ba4f9 SSA: Create a new shared library pack and move implementation there 2022-09-01 09:36:49 +02:00
Nora Dimitrijević
f5a30c7bbe C++: Add correctness tag 
As that seems to be appropriate for this query.
 2022-08-31 16:59:57 +02:00
Nora Dimitrijević
38f185bee4 C++: Correct CWE tags in metadata 2022-08-31 16:58:05 +02:00
Nora Dimitrijević
0729e42536 C++: Update metadata based on cwe-scores 
Though the codeql/cwe-scores update-queries.py script did not make any changes on its own,
I looked up the score of the CWEs that @geoffw0 suggested using the explain.py script.

As discussed elsewhere, this should be more of a warning than a recommendation.
 2022-08-31 15:50:37 +02:00
Tom Hvitved
7a2d43432e C++: Adapt to parameterized SSA implementation 2022-08-31 11:56:24 +02:00
Tom Hvitved
760c7beb94 SSA: Sync files 2022-08-31 11:45:15 +02:00
Nora Dimitrijević
ce1e4ad422 Merge branch 'main' into missing-check-scanf-squashed 2022-08-30 11:34:00 +02:00
Nora Dimitrijević
e10042be7d C++: Improve docs based on doc-review 
Thanks to @mchammer01 and @geoffw0 for the suggestions latest.
 2022-08-30 11:14:57 +02:00