6881 Commits

Author	SHA1	Message	Date
Jeroen Ketema	f5ed02a433	C++: Take into account the delta at the final sink in cpp/invalid-pointer-deref	2023-05-30 18:33:20 +02:00
Jeroen Ketema	a8c76388c0	C++: Fix configuration names in comments in cpp/invalid-pointer-deref	2023-05-30 18:15:37 +02:00
Mathias Vorreiter Pedersen	f00b29d3d2	C++: The small-string optimization commonly used inside 'std::string' is causing a lot of FPs. Let's exclude this for now to reduce the number of results for this query.	2023-05-30 07:33:07 -07:00
Mathias Vorreiter Pedersen	0f08642653	C++: Fix join in 'pointerArithOverflow0'.	2023-05-26 11:16:44 -07:00
Robert Marsh	d18fb646d1	C++: handle cast arrays properly in off-by-one query	2023-05-26 13:16:21 -04:00
Robert Marsh	6e230e10f8	C++: include stack-allocated arrays in off-by-one query	2023-05-26 13:04:51 -04:00
Robert Marsh	b2fb2aa0d1	Merge pull request #13045 from rdmarsh2/rdmarsh2/cpp/improve-constant-off-by-one ... C++: stitch paths and ignore cast arrays in constant off-by-one query	2023-05-26 12:47:08 -04:00
Mathias Vorreiter Pedersen	960e6521a4	Revert "C++: Whitespace commit to make qhelp show up in diff." ... This reverts commit ec192d621c.	2023-05-25 15:21:09 -07:00
Mathias Vorreiter Pedersen	c3fdc83af6	C++: Also add an out barrier on all sinks.	2023-05-25 12:23:50 -07:00
Mathias Vorreiter Pedersen	ec192d621c	C++: Whitespace commit to make qhelp show up in diff.	2023-05-24 16:13:42 -07:00
Mathias Vorreiter Pedersen	ebc1d5feff	Merge branch 'main' into rdmarsh2/cpp/improve-constant-off-by-one	2023-05-24 16:07:08 -07:00
Mathias Vorreiter Pedersen	298013a57e	C++: Add in-barrier on sources to reduce duplication.	2023-05-24 16:02:27 -07:00
Mathias Vorreiter Pedersen	64d7b4923d	C++: Prune flow states based on 'PointerArithmeticToDerefConfig'.	2023-05-24 16:02:17 -07:00
Mathias Vorreiter Pedersen	90824d01b4	C++: Add change note.	2023-05-24 14:39:05 -07:00
github-actions[bot]	d2e192020b	Post-release preparation for codeql-cli-2.13.3	2023-05-24 11:26:12 +00:00
Mathias Vorreiter Pedersen	e1223d0b21	C++: Add security severity.	2023-05-23 15:01:33 -07:00
Mathias Vorreiter Pedersen	0dfc9b996d	C++: Promote 'cpp/overrun-write' out of experimental.	2023-05-23 14:57:42 -07:00
Mathias Vorreiter Pedersen	81dbfecbfc	C++: Promote the product-dataflow library out of experimental.	2023-05-23 09:48:50 -07:00
github-actions[bot]	7aa23cf11d	Release preparation for version 2.13.3	2023-05-22 20:47:00 +00:00
Robert Marsh	4ed7450689	C++: remove unneeded pragma	2023-05-22 11:09:44 -04:00
Robert Marsh	604affdeb0	C++: autoformat	2023-05-22 09:31:39 -04:00
Robert Marsh	bf07b0f97b	C++: fix cxartesian product in constant off-by-one query	2023-05-19 18:32:09 -04:00
Mathias Vorreiter Pedersen	a77c62473e	C++: Reduce code-duplication in 'cpp/overrun-write'.	2023-05-18 13:23:15 +01:00
Nicky Mouha	27519ce3ea	Create IfStatementAdditionOverflow.qhelp	2023-05-17 15:27:19 -04:00
Nicky Mouha	5c6fc2ff01	Update IfStatementAdditionOverflow.ql	2023-05-17 15:18:52 -04:00
Jeroen Ketema	d1efffe492	Merge branch 'main' into deref-size	2023-05-17 17:13:49 +02:00
Jeroen Ketema	e3aecd3f1f	Merge pull request #13200 from jketema/deref-subpath ... C++: Implement the `subpaths` query predicate for `cpp/invalid-pointer-deref`	2023-05-17 17:13:28 +02:00
Jeroen Ketema	b83aaf9594	C++: Use range analysis-based hasSize predicate in cpp/invalid-pointer-deref ... This is copied from `cpp/overrun-write`.	2023-05-17 11:39:41 +02:00
Jeroen Ketema	31ae513f8c	C++: Implement the subpaths query predicate for cpp/invalid-pointer-deref	2023-05-17 11:27:37 +02:00
Mathias Vorreiter Pedersen	a5632a21d1	Merge branch 'main' into precompute-states-in-overrun-write	2023-05-16 18:09:16 +01:00
Mathias Vorreiter Pedersen	650e9e1088	C++: Fix Code Scanning error.	2023-05-15 14:05:41 +01:00
Mathias Vorreiter Pedersen	f1c124a3da	C++: Share more code between 'ValidState' and 'StringSizeConfig'.	2023-05-15 14:01:17 +01:00
Mathias Vorreiter Pedersen	f31709fb29	C++: Make comment more clear.	2023-05-15 13:36:29 +01:00
Mathias Vorreiter Pedersen	a7712b608a	C++: Add more comments.	2023-05-15 11:14:06 +01:00
Robert Marsh	584adf843a	C++: restrict flowstates in constant off-by-one query	2023-05-12 12:43:10 -04:00
Mathias Vorreiter Pedersen	f20a69074a	C++: Remove flow through ssa phi back-edges.	2023-05-12 13:01:29 +01:00
Mathias Vorreiter Pedersen	75e36e89de	C++: Precompute the set of necessary states.	2023-05-12 10:47:23 +01:00
Mathias Vorreiter Pedersen	f7924bda0d	Merge pull request #13099 from MathiasVP/heuristic-allocation-for-overrun-write ... C++: Use heuristic allocation functions in `cpp/overrun-write`	2023-05-12 10:15:28 +01:00
Mathias Vorreiter Pedersen	fd6282063e	Merge pull request #12971 from MathiasVP/fix-fp-in-invalid-deref-2 ... C++: Fix more FPs on `cpp/invalid-pointer-deref`	2023-05-11 10:06:01 +01:00
Robert Marsh	f77c77fdf9	C++: refactor off-by-one query to use flowstate	2023-05-10 15:01:01 -04:00
Kasper Svendsen	8410eb3477	C++: Enable implicit this warnings	2023-05-10 15:15:21 +02:00
Mathias Vorreiter Pedersen	f05cce8fc2	C++: Add a member predicate to phi nodes for checking if a phi is a read-phi and use it to restrict flow in 'cpp/invalid-pointer-deref'.	2023-05-10 14:10:13 +01:00
Jeroen Ketema	c3a7f98b2f	Merge branch 'main' into fix-fp-in-invalid-deref-2	2023-05-10 11:31:10 +02:00
Mathias Vorreiter Pedersen	9da7c9f696	C++: Use heuristic allocation in 'cpp/overrun-write'.	2023-05-10 08:22:56 +01:00
Kasper Svendsen	c46898cb75	C++: Make implicit this receivers explicit	2023-05-09 15:35:54 +02:00
Mathias Vorreiter Pedersen	2021f46f19	C++: Add QLDoc to 'getOverflow'.	2023-05-09 08:52:08 +01:00
Robert Marsh	b7653ec92d	C++: ignore cast arrays in constant off-by-one query	2023-05-04 16:39:02 -04:00
Robert Marsh	3abf5d1bd2	C++: stitch paths in array off-by-one query	2023-05-04 16:28:05 -04:00
Mathias Vorreiter Pedersen	2587f8ed96	C++: Only alert on the largest possible overflow.	2023-05-04 17:29:31 +01:00
github-actions[bot]	18d4af994d	Post-release preparation for codeql-cli-2.13.1	2023-05-02 10:50:20 +00:00