hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-19 05:54:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,612 Commits 1,740 Branches 165 Tags
ded6968558c8f69b5127ca00a0b68239c186e44d
Commit Graph

40 Commits

Author SHA1 Message Date
Nora Dimitrijević
0c636dd400 [DIFF-INFORMED] C++: UnsafeDaclSecurityDescriptor 2025-08-15 12:01:25 +02:00
Jeroen Ketema
06f6bac169 C++: Silence alerts coming from CMake test compilation files 2025-01-07 14:12:55 +01:00
Geoffrey White
8818f63ca7 C++: Add some practical details to the examples. 2024-07-08 14:32:05 +01:00
Geoffrey White
80af5b7725 C++: Add a third example for cpp/world-writable-file-creation. 2024-07-08 14:32:04 +01:00
Anders Schack-Mulligen
72415c7c2c C++: Rename references. 2023-03-23 13:06:19 +01:00
Jeroen Ketema
8253f2d343 C++: Update UnsafeDaclSecurityDescriptor with DataFlow::ConfigSig 2023-03-08 15:04:53 +01:00
Mathias Vorreiter Pedersen
a247a8b3ea Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-03-08 13:35:35 +00:00
Paolo Tranquilli
c4fd39ec3f C++: fix example code for FilePermissions.qll 2023-03-07 13:50:20 +01:00
Jeroen Ketema
ecdeb9a970 C++: Revert semmle.code.cpp.dataflow to its old state 
While here make sure all queries and tests use IR dataflow when appropriate.
 2023-02-10 14:21:44 +01:00
Tony Torralba
3fcc99e5cb C++: Remove omittable exists variables 2023-01-10 13:36:01 +01:00
Josh Soref
061d1ee9fe spelling: presence 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
erik-krogh
a30c38f38c CPP: make more alert messages follow the style-guide 2022-09-23 14:45:59 +02:00
Mathias Vorreiter Pedersen
e3cb7cf9fe C++: Remove internal 'microsoft' tags from queries. 2022-08-01 17:30:23 +01:00
Jeroen Ketema
b967eaf25d Add documentation for parseHex 2022-02-04 12:35:13 +01:00
Jeroen Ketema
9f4e261625 Set precision of cpp/open-call-with-mode-argument to high 2022-02-04 10:01:25 +01:00
Jeroen Ketema
ef2a70e00c Limit open/openat target to global/std scope 2022-02-04 09:51:10 +01:00
Jeroen Ketema
0b9b6d7b98 Address review comments 2022-02-03 12:09:18 +01:00
Jeroen Ketema
4d03082f16 Ensure that O_CREAT and O_TMPFILE are unique 2022-02-03 11:24:20 +01:00
Jeroen Ketema
5a2ce225f4 Check that all bits are set when checking for a flag 
The `O_...` macro definitions somtimes set multiple bits, while
the bits individually represent the values of different `O_...`
macros. This lead to false postives on codebases built against
Musl libc, which defines `O_TMPFILE` as `020200000` and
`O_DIRECTORY` as `0200000`.
 2022-02-03 10:29:13 +01:00
Jeroen Ketema
aa4651312e Fix naming conflicts in cpp/world-writable-file-creation 2022-02-02 17:36:14 +01:00
Jeroen Ketema
f32500306a Address review comments 2022-02-02 17:24:55 +01:00
Jeroen Ketema
0773ab37a5 Use matches to check for 0x prefix 2022-02-02 15:26:46 +01:00
Jeroen Ketema
92d9e51d2a Extract the value of O_CREAT and O_TMPFILE from the defining macro 
There are operating systems that define `O_CREAT` with a different
value than Linux, which uses `0x40`. For example, OpenBSD uses `0x0200`.
Hence, we cannot use a hardcoded value.

Also handle `O_TMPFILE` while here.
 2022-02-02 15:16:26 +01:00
Jeroen Ketema
bd859d99bf Address review comments 2022-02-02 10:09:47 +01:00
Jeroen Ketema
ff1c971100 Add query for missing mode argument in open/openat calls 2022-02-01 14:52:22 +01:00
Jeroen Ketema
dbac927721 Take into account that the 4th argument of openat may be omitted 
This matches what is done for `open`.
 2022-02-01 11:41:07 +01:00
Erik Krogh Kristensen
4e8e3a7420 simplify expressions that could be type-casts 2022-01-20 10:41:35 +01:00
Calum Grant
771e686946 Update security-severity scores 2021-06-15 13:25:17 +01:00
Calum Grant
a594afb828 Add security-severity metadata 2021-06-10 20:11:08 +01:00
Geoffrey White
13d9d5dc45 C++: Use [,] more in general. 2020-12-03 18:50:43 +00:00
Geoffrey White
3536d84bdf C++: Use [, ...] syntax more widely. 2020-10-02 18:04:03 +01:00
Anders Schack-Mulligen
96e4a57edd C++: Autoformat. 2020-01-29 13:11:50 +01:00
Jonas Jensen
4ef5c9af62 C++: Autoformat everything 
Some files that will change in #1736 have been spared.

    ./build -j4 target/jars/qlformat
    find ql/cpp/ql -name "*.ql"  -print0 | xargs -0 target/jars/qlformat --input
    find ql/cpp/ql -name "*.qll" -print0 | xargs -0 target/jars/qlformat --input
    (cd ql && git checkout 'cpp/ql/src/semmle/code/cpp/ir/implementation/**/*SSA*.qll')
    buildutils-internal/scripts/pr-checks/sync-identical-files.py --latest
 2019-09-09 11:25:53 +02:00
Jonas Jensen
842aafc888 C++: Fix new UnsafeDaclSecurityDescriptor FP 
This query uses data flow for nullness analysis, which is always going
to be a large overapproximation. The overapproximation became too big
for one of the test cases after the recent change to make data flow go
across assignment by reference.

To make this query more conservative, it will now only report that the
`pDacl` argument can be null if there isn't also evidence that it can be
non-null.
 2019-04-02 11:31:12 +02:00
Raul Garcia
d6d27df27b Removing all usage of single quotes 2018-09-25 10:50:34 -07:00
Raul Garcia
c75019726c Removing tabs & reformatting 2018-09-24 10:10:58 -07:00
Raul Garcia
8519f1a9e1 Fixing tabs replaced to spaces 2018-09-21 13:07:39 -07:00
Raul Garcia
75ef377ac1 Replace Unicode apostrophe with ANSI single quote 2018-09-21 11:34:22 -07:00
Raul Garcia
48c99fb1d1 Setting a SECURITY_DESCRIPTOR’s DACL to NULL 
Closing the gap between Semmle & PreFAST
This rule is equivalent to C6248
 2018-09-20 16:28:37 -07:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00