81 Commits

Author	SHA1	Message	Date
Remco Vermeulen	c0884432e8	Format query	2023-06-20 10:38:08 -07:00
Remco Vermeulen	32d7faa3b8	Account for the signedness of the lesser operand	2023-06-19 16:57:36 -07:00
Mathias Vorreiter Pedersen	8fef101432	C++: Fix missing result and accept test changes.	2023-04-06 10:41:08 +01:00
Anders Schack-Mulligen	72415c7c2c	C++: Rename references.	2023-03-23 13:06:19 +01:00
Ed Minnix	2d5944fb0e	Refactor DataFlow configurations to use "Config" naming convention	2023-03-19 17:44:07 -04:00
Jeroen Ketema	fb57914751	C++: Convert a number of data flow based queries to use ConfigSig	2023-03-07 18:21:52 +01:00
Jeroen Ketema	9ec479a2a0	C++: Update queries to use DataFlow::ConfigSig	2023-03-07 10:15:11 +01:00
Jeroen Ketema	a892ae8764	C++: Fix spurious results in default taint tracking	2023-01-16 19:10:10 +01:00
Mathias Vorreiter Pedersen	8b01dfe696	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2023-01-10 17:30:29 +00:00
Geoffrey White	bb451f3911	C++: Fix result duplication.	2023-01-06 11:05:47 +00:00
Geoffrey White	2023abdc60	C++: Update the queries.	2023-01-05 11:33:58 +00:00
Mathias Vorreiter Pedersen	4fd6ac5657	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-12-08 13:10:18 +00:00
Jeroen Ketema	b5147bbfb0	C++: Deprecate DefaultTaintTracking and TaintTrackingImpl	2022-12-06 17:45:16 +01:00
Jeroen Ketema	223eeb6921	C++: Fix upper bound detection in default taint flow	2022-11-24 14:38:36 +01:00
Josh Soref	aa70b97bd3	spelling: optimistically ... Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	2022-10-14 15:08:44 -04:00
erik-krogh	66c9705502	fix some more style-guide violations in the alert-messages	2022-10-07 11:19:46 +02:00
erik-krogh	a30c38f38c	CPP: make more alert messages follow the style-guide	2022-09-23 14:45:59 +02:00
Mathias Vorreiter Pedersen	7593ebaa62	C++: Use 'getAstVariable' now that 'getASTVariable' is deprecated.	2022-03-14 13:38:27 +00:00
Mathias Vorreiter Pedersen	8a8fb692a3	C++: Use a 'TaintTracking::Configuration' for 'cpp/uncontrolled-allocation-size'.	2022-03-09 12:09:32 +00:00
Mathias Vorreiter Pedersen	bbb936154a	C++: Increase the precision of 'cpp/uncontrolled-arithmetic' to high.	2021-12-20 14:03:13 +01:00
Mathias Vorreiter Pedersen	95fa93b274	C++: Only recognize signed integers as sinks in 'cpp/uncontrolled-arithmetic' in the case of overflow.	2021-12-20 14:02:44 +01:00
Geoffrey White	54253bc2eb	C++: Resurrect underflow detection, but only on unsigned types.	2021-08-03 15:02:39 +01:00
Geoffrey White	417edab126	C++: Simplify out the 'effect' string.	2021-07-29 15:44:53 +01:00
Geoffrey White	13823df5a1	C++: Remove underflow detection.	2021-07-29 15:22:18 +01:00
Geoffrey White	e7842b9625	C++: Autoformat.	2021-07-27 14:19:30 +01:00
Geoffrey White	00f6f668cc	C++: Don't report underflowing multiplication.	2021-07-27 14:02:40 +01:00
Geoffrey White	40f0658e8a	C++: Exclude unintended results on pointers.	2021-07-27 13:39:20 +01:00
Mathias Vorreiter Pedersen	7da7ec60d9	C++: Inline predicates from 'Bounded.qll'.	2021-07-12 19:09:33 +02:00
Mathias Vorreiter Pedersen	4fc60aedc6	C++: Relax the restrictions on when '%' is a barrier and accept test changes.	2021-07-12 17:39:12 +02:00
Mathias Vorreiter Pedersen	04dcef5ec4	C++: Include ComplementExpr as a sanitizer.	2021-07-12 11:53:47 +02:00
Mathias Vorreiter Pedersen	af56c782bf	C++: Add QLDoc.	2021-06-24 15:57:01 +02:00
Mathias Vorreiter Pedersen	5bfb78b583	C++: Block flow through all bitwise 'and' and 'or' operations. This seems to be a common source of false positives on LGTM.	2021-06-24 15:53:59 +02:00
Mathias Vorreiter Pedersen	e8bba78825	C++: Convert 'cpp/uncontrolled-arithmetic' to use a 'TaintTracking::Configuration'.	2021-06-24 15:51:44 +02:00
Mathias Vorreiter Pedersen	c0ffd9027f	C++: Add more random sources.	2021-06-24 13:40:00 +02:00
Mathias Vorreiter Pedersen	c44475458e	Update cpp/ql/src/Security/CWE/CWE-190/Bounded.qll ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2021-06-23 14:38:36 +02:00
Mathias Vorreiter Pedersen	6379463bcf	Merge branch 'main' into improve-tainted-arithmetic	2021-06-23 11:42:45 +02:00
Geoffrey White	298f70f082	Merge pull request #6120 from MathiasVP/not-overflow-is-barrier-in-cwe-190 ... C++: Recognize any non-overflowing arithmetic expression as a barrier for `cpp/uncontrolled-arithmetic`	2021-06-23 10:35:33 +01:00
Mathias Vorreiter Pedersen	9b94f3a650	Merge branch 'main' into improve-tainted-arithmetic	2021-06-23 11:04:08 +02:00
Mathias Vorreiter Pedersen	a611e76ed2	C++: Respond to review comments.	2021-06-23 10:28:00 +02:00
Mathias Vorreiter Pedersen	3bc6b11ae5	C++: Share the 'bounded' predicate from 'cpp/uncontrolled-arithmetic' and use it in 'cpp/tainted-arithmetic'.	2021-06-21 16:38:17 +02:00
Mathias Vorreiter Pedersen	238c483e5b	C++: Make any non-overflowing arithmetic operation a barrier.	2021-06-21 14:05:34 +02:00
Mathias Vorreiter Pedersen	17df8e44d0	C++: Convert 'cpp/tainted-arithmetic' to a 'path-problem' query.	2021-06-18 14:56:17 +02:00
Calum Grant	771e686946	Update security-severity scores	2021-06-15 13:25:17 +01:00
Calum Grant	a594afb828	Add security-severity metadata	2021-06-10 20:11:08 +01:00
Geoffrey White	32545a1346	C++: Add CWE-789 tag to cpp/uncontrolled-allocation-size.	2021-06-08 10:59:03 +01:00
Mathias Vorreiter Pedersen	8765c33847	C++: Also check the number of parameters to keep the tests happy.	2021-06-01 10:17:57 +02:00
Mathias Vorreiter Pedersen	615c805b2c	C++: Only use std::rand as a source of randomness.	2021-06-01 09:28:06 +02:00
Mathias Vorreiter Pedersen	41c93d92d7	C++: Remove FPs from right shifts and explicitly bounded random functions.	2021-05-31 15:40:02 +02:00
Mathias Vorreiter Pedersen	d46452e8de	Merge pull request #5903 from MathiasVP/tainted-allocation-size-barrier ... C++: Add barriers to `cpp/uncontrolled-allocation-size`	2021-05-17 15:24:45 +02:00
Mathias Vorreiter Pedersen	2d0a56128d	C++: Prevent flow out of pointer-difference expressions.	2021-05-14 13:49:48 +02:00