hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,211 Commits 1,672 Branches 157 Tags
e414b8c5be491c957f93526224b51a07c5a73f44
Commit Graph

846 Commits

Author SHA1 Message Date
Calum Grant
d38975bb99 C++: Use getType() instead of getUnderlyingType() 2024-12-06 13:07:58 +00:00
Calum Grant
b7f47f752b C++: Remove FPs from cpp/badly-bounded-write 2024-12-05 14:37:19 +00:00
Jeroen Ketema
9c4030ed45 Merge pull request #18014 from microsoft/brodes/seh_flow_phase1_throwing_models 
Brodes/seh flow phase1 throwing models
 2024-12-04 13:55:05 +01:00
Anders Schack-Mulligen
a66de28d8e C++: Remove references to the deleted api. 2024-12-03 20:08:32 +01:00
REDMOND\brodes
37365c746c Updating to NonCppThrowingFunction use in IncorrectALlocationErrorHandling.ql 2024-11-21 12:59:56 -05:00
Mathias Vorreiter Pedersen
61a012fc6c C++: Don't allow 'x < 0' as a barrier guard. 2024-10-09 14:17:56 +01:00
Mathias Vorreiter Pedersen
a2cdb9c173 C++: Use range analysis at the sink to exclude trivial FPs. 2024-10-08 10:05:08 +01:00
Mathias Vorreiter Pedersen
c9bd9e9303 C++: Modernize the 'cpp/unclear-array-index-validation' query by getting rid of the DefaultTaintTracking barriers and replacing them with a 'BarrierGuard' instantiation. 2024-10-08 10:05:03 +01:00
REDMOND\brodes
c496503053 Formatting. 2024-09-30 11:23:08 -04:00
REDMOND\brodes
162519185d Removing unnecessary bracket/singleton set literal. 2024-09-30 11:19:31 -04:00
REDMOND\brodes
318e75c094 Changing name of predicate to be clearer, and removing an unused parameter. 2024-09-30 11:10:28 -04:00
REDMOND\brodes
c91f7f4918 Altering exists predicate ordering to be clearer. 2024-09-30 11:07:09 -04:00
REDMOND\brodes
31324fc778 Altering ordering for exists statement to be clearer. 2024-09-30 11:05:38 -04:00
REDMOND\brodes
51e787b316 Switching to looking for explicit declaration of unsigned char, to avoid cases where unsigned char is the default char width for char. 2024-09-30 11:02:43 -04:00
REDMOND\brodes
c4737c7fbb Changing from hasIntermediateType to getABaseType. 2024-09-30 10:58:45 -04:00
REDMOND\brodes
338ab96593 Correct comment. 2024-09-30 10:46:39 -04:00
REDMOND\brodes
cc24f1ed9f Modifications to the query to address false positives. 2024-09-27 12:38:22 -04:00
REDMOND\brodes
1005a89007 Updating test cases. 2024-09-05 15:25:23 -04:00
erik-krogh
0fdd06fff5 use my script to delete outdated deprecations 2024-09-03 20:30:58 +02:00
Simon Friis Vindum
e7f059ae55 C++: Tweak the bounded barrier 2024-08-29 10:32:31 +02:00
Simon Friis Vindum
d9dbcdba34 C++: Fix imports 2024-08-26 12:42:44 +02:00
Simon Friis Vindum
128053e214 C++: Add basic modeling of functions that don't throw 2024-08-26 09:37:44 +02:00
Simon Friis Vindum
1959e1929e C++: Reuse bounded predicate in TaintedAllocationSize query 2024-08-19 08:23:32 +02:00
Simon Friis Vindum
5548304432 C++: Grammar improvements to query help text 2024-08-16 13:08:34 +02:00
Simon Friis Vindum
5e8ac5ef0d C++: Update documentation for cpp/uncontrolled-allocation-size to clarify its scope 2024-08-13 16:27:04 +02:00
Geoffrey White
52020f7e5b Merge pull request #17028 from geoffw0/cryptodoc 
C++: Improve query doc advice for using encryption
 2024-07-25 21:46:16 +01:00
Geoffrey White
27314aac16 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-07-25 15:17:21 +01:00
Mathias Vorreiter Pedersen
4d3377b116 Merge branch 'main' into promote-unsigned-difference-expression-compared-zero-to-code-scanning 2024-07-25 14:00:05 +01:00
Geoffrey White
c1bd892a13 Update cpp/ql/src/Security/CWE/CWE-311/CleartextStorage.inc.qhelp 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2024-07-23 13:14:07 +01:00
Geoffrey White
b4fa23d731 C++: Address false positive results in template instantiations. 2024-07-22 16:34:39 +01:00
Geoffrey White
b00e312569 C++: Replace placeholder key in the example for cpp/cleartext-storage-database. 2024-07-22 11:17:34 +01:00
Geoffrey White
f931dab14a C++: Improve the cpp/cleartext-* query examples by using libsodium rather than pseudocode. 2024-07-22 11:17:33 +01:00
Geoffrey White
ffc61ae1bb C++: Make memset_s a clearer recommendation in the .qhelp for cpp/memset-may-be-deleted. 2024-07-22 09:51:22 +01:00
Mathias Vorreiter Pedersen
9dd43d8e6f C++: Promote 'cpp/unsigned-difference-expression-compared-zero' to Code Scanning. 2024-07-17 11:44:37 +01:00
Mathias Vorreiter Pedersen
3d88f08264 C++: Include more expressions in the base case. 2024-07-16 13:04:45 +01:00
Mathias Vorreiter Pedersen
d539ce0a01 C++: Use GVN for base case. 2024-07-16 13:02:43 +01:00
Mathias Vorreiter Pedersen
575fbd2578 C++: Prepatory simplification. 2024-07-16 13:02:41 +01:00
Mathias Vorreiter Pedersen
5da3fb5e05 Merge pull request #16959 from MathiasVP/promote-iterator-to-expired-container-to-code-scanning 
C++: Promote `cp/iterator-to-expired-container` to Code Scanning
 2024-07-15 11:55:32 +01:00
Mathias Vorreiter Pedersen
8012f3b2f7 C++: Increase the precision of 'cpp/iterator-to-expired-container' to high. 2024-07-11 14:26:05 +01:00
Geoffrey White
8818f63ca7 C++: Add some practical details to the examples. 2024-07-08 14:32:05 +01:00
Geoffrey White
80af5b7725 C++: Add a third example for cpp/world-writable-file-creation. 2024-07-08 14:32:04 +01:00
Geoffrey White
3c70583aa2 C++: Add close calls to examples for cpp/toctou-race-condition. 2024-07-08 14:32:00 +01:00
Geoffrey White
1343e4c9aa C++: Add another 'good' example for cpp/unsigned-difference-expression-compared-zero. 2024-07-04 17:11:10 +01:00
Geoffrey White
7abece46c7 C++: Add a 'good' example for cpp/unsigned-difference-expression-compared-zero. 2024-07-04 17:11:09 +01:00
Geoffrey White
f64743e91d C++: Fix mistake in example for cpp/incorrect-allocation-error-handling. 2024-07-04 16:19:32 +01:00
Mathias Vorreiter Pedersen
921afb71e2 Update cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-06-25 10:03:53 +01:00
Mathias Vorreiter Pedersen
bb8b0d0bf5 C++: Use the unary version of 'comparesEq' to handle both disjuncts. 2024-06-25 09:30:53 +01:00
Jeroen Ketema
66077dc38d C++: Ignore gets'es with incorrect parameter counts 2024-06-04 11:15:07 +02:00
Remco Vermeulen
6df4c8964b Rewrite recommendations 
- Replace segmentation fault with crash that is platform agnostic (I think segmentation fault is not really a thing on Windows).
- Replace security vulnerability with malicious code execution. This provides a range of issues, because a crash (previously segmentation fault) could also be considered a security vulnerability. Namely a DOS.
- Removed the additional note on stack allocated arrays which seem confusing because we are always talking about buffers allocated on the heap.
 2024-05-24 16:10:42 -07:00
Mathias Vorreiter Pedersen
9907f0f827 C++: Exclude a cast to any integral type. 2024-05-22 13:42:07 +01:00