120 Commits

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	82b9f1b31c	C++: Accept test changes.	2023-12-15 14:57:31 +00:00
Mathias Vorreiter Pedersen	0c100eb122	C++: Accept test changes.	2023-12-14 14:44:58 +00:00
Mathias Vorreiter Pedersen	3dea467dcc	Merge pull request #15047 from MathiasVP/add-puns-for-addresses-of-arguments ... C++: Add `PostUpdateNode`s for addresses of outgoing arguments	2023-12-12 13:55:13 +00:00
Alexander Eyers-Taylor	e87b3911dc	Merge pull request #14910 from alexet/incorrect-scanf ... CPP: Add query for detecteing incorrect error checking for scanf	2023-12-12 11:57:17 +00:00
Mathias Vorreiter Pedersen	a6104ad878	C++: Fix test annotations.	2023-12-12 11:06:18 +00:00
Mathias Vorreiter Pedersen	90b06c2046	C++: Switch the source of use-after-free and double-free to be post-update nodes.	2023-12-08 14:41:29 +00:00
Mathias Vorreiter Pedersen	e648058d30	C++: Accept test changes.	2023-12-07 23:11:28 +00:00
Alex Eyers-Taylor	3e9aeac004	CPP: Fix sscanf false positives in older linux repos	2023-11-28 12:07:05 +00:00
Alex Eyers-Taylor	1c012548d4	CPP: Add tests for incorrect check scanf	2023-11-24 16:58:11 +00:00
Alex Eyers-Taylor	12e24a2b44	CPP: Exclude incorrect scanf checks from missing scanf checks	2023-11-24 16:57:59 +00:00
Alex Eyers-Taylor	f48e8b6062	CPP: Add query for detecteing incorrect error checking for scanf	2023-11-24 14:53:10 +00:00
Alex Eyers-Taylor	26b0363707	CPP: Add test demonstrating use-after-free false negatives.	2023-10-23 17:01:52 +01:00
Alex Eyers-Taylor	2860c0c0d4	CPP: Move test into correct file.	2023-09-27 18:42:26 +01:00
Alex Eyers-Taylor	d0849311a6	CPP: Fix use after free FPs by elimnatiing freeing nodes rather than freeing expressions.	2023-09-20 18:47:57 +01:00
Alex Eyers-Taylor	9de6230bbf	CPP: Add use after free false positive example.	2023-09-20 18:34:47 +01:00
Mathias Vorreiter Pedersen	b03054b1ed	C++: Make sure some instruction also gives back the 'ParenthesisExpr's.	2023-09-12 19:46:42 +01:00
Mathias Vorreiter Pedersen	71fe6f5d4b	C++: Use fully converted expressions in 'cpp/use-after-free' and 'cpp/double-free'.	2023-09-12 19:28:57 +01:00
Mathias Vorreiter Pedersen	f1c4fa2345	C++: When we generate a string for the node we avoid multiple results by only using the 0'th result from the 'asExpr' predicate. However, when we want to convert between nodes and expressions we don't care about which one we get.	2023-09-01 14:04:52 +01:00
Mathias Vorreiter Pedersen	16d62186c0	C++: Use this new predicate everywhere we need to convert an instruction to an expression.	2023-09-01 13:32:25 +01:00
Alex Eyers-Taylor	8b1b1618c4	CPP: Add tests for false positive in memory vulnerability queries.	2023-08-29 11:17:44 +01:00
Alex Eyers-Taylor	689fda43ed	CPP: Add delete/delete[] calls to the IR.	2023-08-29 11:17:43 +01:00
Mathias Vorreiter Pedersen	b32d55a21d	C++: Accept test changes.	2023-05-22 18:26:29 -07:00
Mathias Vorreiter Pedersen	533e1d818b	C++: Add some use-after-free FPs.	2023-04-19 17:01:55 +01:00
Mathias Vorreiter Pedersen	d975ceb648	Merge pull request #12818 from MathiasVP/dataflow-for-missing-scanf-qery ... C++: Use the new dataflow library in `cpp/missing-check-scanf`	2023-04-17 14:34:11 +01:00
Mathias Vorreiter Pedersen	0db05fe4fa	C++: Use the new dataflow library in the 'missing scanf' query.	2023-04-13 14:51:08 +01:00
Mathias Vorreiter Pedersen	b2d4a82932	C++: Fix annotations.	2023-04-13 11:13:15 +01:00
Mathias Vorreiter Pedersen	1ac5db3a98	C++: Fix annotations.	2023-04-13 11:07:12 +01:00
Mathias Vorreiter Pedersen	31b71ea163	C++: Fix annotations.	2023-04-13 11:04:51 +01:00
Mathias Vorreiter Pedersen	40dde93beb	C++: Fix FP and accept test changes.	2023-04-13 11:00:08 +01:00
Mathias Vorreiter Pedersen	23a7cd943f	C++: Fix missing result and accept test changes.	2023-04-13 10:50:46 +01:00
Mathias Vorreiter Pedersen	416f8d5ac9	C++: Fix test annotations.	2023-04-13 10:47:17 +01:00
Mathias Vorreiter Pedersen	c76dbebd9b	C++: Ensure that the 'use-after-free' query is run on 'test_free.cpp'.	2023-04-13 10:47:07 +01:00
Mathias Vorreiter Pedersen	3c88590df2	C++: Accept test changes for the new use-after-query.	2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen	a8151b4ee4	C++: Add double-free tests.	2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen	40cc2e7891	C++: Also exclude unevaluated buffers in 'OverflowStatic'.	2023-03-21 09:53:39 +00:00
Mathias Vorreiter Pedersen	4d2a1ea149	C++: Also add a FP test to 'OverflowStatic'.	2023-03-21 09:50:47 +00:00
Mathias Vorreiter Pedersen	b37bb660c5	C++: Add FP caused by a BufferAccess inside an unevalauted context.	2023-03-21 09:37:18 +00:00
Paolo Tranquilli	429518bcea	C++: add further FP to test	2023-03-07 12:03:34 +01:00
Paolo Tranquilli	311cf4e7fd	C++: add false positives to MissingCheckScanf test ... See https://github.com/github/codeql/issues/12412 for the initial report.	2023-03-07 11:56:05 +01:00
Geoffrey White	823c767aac	C++: Undo changes to SizeCheck.ql, SizeCheck2.ql.	2023-01-05 12:34:12 +00:00
Geoffrey White	2023abdc60	C++: Update the queries.	2023-01-05 11:33:58 +00:00
Geoffrey White	a9aa67177b	C++: Add test cases for HeuristicAllocationExpr in queries.	2023-01-05 11:30:21 +00:00
Jeroen Ketema	4fb43d56b3	C++: Exclude deallocation functions as scanf result accesses	2022-12-15 09:39:16 +01:00
Mathias Vorreiter Pedersen	ef6b85fa77	C++: Accept test changes.	2022-11-18 16:43:30 +00:00
erik-krogh	9e4843d53e	update the alert-message of cpp/file-may-not-be-closed based on feedback	2022-09-23 14:46:00 +02:00
erik-krogh	2351884352	update some alert-messages based on review feedback	2022-09-23 14:45:59 +02:00
erik-krogh	40bea78186	remove more instances of the alert-loc being repeated as a link	2022-09-23 14:45:59 +02:00
erik-krogh	33165f4f55	CPP: update expected output	2022-09-23 14:45:59 +02:00
Nora Dimitrijević	02772ed20c	Revert changes to .gitignore and .clang-format ... because they are potentially too global, belong in a separate PR.	2022-08-25 16:37:39 +02:00
Nora Dimitrijević	ad56274a73	C++: Small improvements to query qldoc and message	2022-08-25 15:22:41 +02:00