hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,211 Commits 1,672 Branches 157 Tags
e414b8c5be491c957f93526224b51a07c5a73f44
Commit Graph

6881 Commits

Author SHA1 Message Date
github-actions[bot]
3bd29171fb Release preparation for version 2.13.1 2023-04-28 12:14:35 +00:00
Mathias Vorreiter Pedersen
faf846bd58 C++: Disable flow through nodes that are sources of phi edges' back edges. 2023-04-28 11:36:42 +01:00
Mathias Vorreiter Pedersen
fb1a871777 Merge pull request #12855 from MathiasVP/fix-joins-in-use-after-free 
C++: Fix bad self-join in `cpp/use-after-free`
 2023-04-18 17:13:03 +01:00
Alex Ford
924ce250dd Merge pull request #12847 from github/post-release-prep/codeql-cli-2.13.0 
Post-release preparation for codeql-cli-2.13.0
 2023-04-18 14:40:40 +01:00
Mathias Vorreiter Pedersen
61aba4683f C++: Fix bad self-join in 'cpp/use-after-free'. 
Before:
```ql
[2023-04-18 09:17:24] Evaluated non-recursive predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs_project#Instruction#577b6a83::Initia__#loop_invariant_prefix@ae046923 in 3903ms (size: 130544).
Evaluated relational algebra for predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs_project#Instruction#577b6a83::Initia__#loop_invariant_prefix@ae046923 with tuple counts:
        533787724  ~0%    {2} r1 = JOIN ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs WITH ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
           130544  ~0%    {2} r2 = JOIN r1 WITH project#Instruction#577b6a83::InitializeParameterInstruction#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.0
                          return r2
```

After:
```ql
[2023-04-18 10:09:34] Evaluated non-recursive predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_project#Instruction#577b6a83::InitializeParamete__#loop_invariant_prefix@eb90a6fk in 2ms (size: 18380).
Evaluated relational algebra for predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_project#Instruction#577b6a83::InitializeParamete__#loop_invariant_prefix@eb90a6fk with tuple counts:
        18380  ~0%    {2} r1 = JOIN ValueNumberingInternal#c9f42560::tvalueNumber#1#ff WITH project#Instruction#577b6a83::InitializeParameterInstruction#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.0
                      return r1
```
 2023-04-18 10:14:45 +01:00
Tom Hvitved
f6d000eb20 Merge pull request #12805 from hvitved/remove-queries-xml 
Remove all `queries.xml` files
 2023-04-18 10:52:14 +02:00
github-actions[bot]
648f0e19ec Post-release preparation for codeql-cli-2.13.0 2023-04-17 15:39:24 +00:00
Mathias Vorreiter Pedersen
d975ceb648 Merge pull request #12818 from MathiasVP/dataflow-for-missing-scanf-qery 
C++: Use the new dataflow library in `cpp/missing-check-scanf`
 2023-04-17 14:34:11 +01:00
Mathias Vorreiter Pedersen
7eee589304 Merge pull request #12569 from andersfugmann/andersfugmann/use_after_free 
C++: Implement use-after-free and double-free queries using the new IR use-use dataflow
 2023-04-17 08:01:58 +01:00
Mathias Vorreiter Pedersen
fa5ed04286 Update cpp/ql/src/Critical/DoubleFree.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-04-17 07:40:01 +01:00
Mathias Vorreiter Pedersen
dba46bd324 Update cpp/ql/src/Critical/DoubleFree.ql 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-04-17 07:38:30 +01:00
github-actions[bot]
075d063370 Release preparation for version 2.13.0 2023-04-14 13:31:30 +00:00
Alex Ford
9169ddb9c1 Merge pull request #12823 from alexet/alexet/bump-version 
Bump all qlpacks major versions
 2023-04-14 12:18:27 +01:00
Alex Eyers-Taylor
c6a482819a Bump all qlpacks major versions 2023-04-13 19:15:27 +01:00
Mathias Vorreiter Pedersen
b7bbdb76ba Update cpp/ql/src/Likely Bugs/RedundantNullCheckSimple.ql 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-04-13 18:42:12 +01:00
Mathias Vorreiter Pedersen
f1a7b1a853 C++: Add change note. 2023-04-13 17:35:28 +01:00
Mathias Vorreiter Pedersen
b8d2896d5d C++: Convert 'cpp/redundant-null-check-simple' to a path-problem query and assigned it precision high. 2023-04-13 17:28:07 +01:00
Mathias Vorreiter Pedersen
0db05fe4fa C++: Use the new dataflow library in the 'missing scanf' query. 2023-04-13 14:51:08 +01:00
Alex Ford
8c46bfd051 Merge pull request #12816 from github/rc/3.9 
Merge `rc/3.9` into `main`
 2023-04-13 12:35:41 +01:00
Mathias Vorreiter Pedersen
40dde93beb C++: Fix FP and accept test changes. 2023-04-13 11:00:08 +01:00
Mathias Vorreiter Pedersen
23a7cd943f C++: Fix missing result and accept test changes. 2023-04-13 10:50:46 +01:00
Tom Hvitved
3cc9dec9c8 Remove all queries.xml files 2023-04-13 11:18:58 +02:00
Mathias Vorreiter Pedersen
d304022685 C++: Add QLDoc to 'isExcludeFreePair'. 2023-04-13 10:15:23 +01:00
Mathias Vorreiter Pedersen
e0aeea058e C++: Fix qhelp for double-free. 2023-04-13 10:10:42 +01:00
Mathias Vorreiter Pedersen
ba4e3ae949 Update cpp/ql/src/Critical/FlowAfterFree.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-04-12 16:50:57 +01:00
Mathias Vorreiter Pedersen
d1e3c1b407 C++: Fix joins in 'select' of 'cpp/constant-array-overflow'. 2023-04-12 11:39:35 +01:00
Mathias Vorreiter Pedersen
49cceb2901 C++: Fix joins. 2023-04-12 09:58:24 +01:00
Mathias Vorreiter Pedersen
259d5b6452 C++: Add use-after-free change note. 2023-04-11 15:30:51 +01:00
Mathias Vorreiter Pedersen
c1960c6ff9 C++: Add double-free change note. 2023-04-11 15:30:51 +01:00
Mathias Vorreiter Pedersen
725004a6fe C++: Modernize use-after-free query using dataflow. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
17fe5f2317 C++: Change the id of the experimental double-free query to not overlap with the new non-experimental one. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
fb2ec15dad C++: Add double-free query documentation. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
cc12e74c23 C++: Add double-free query. 2023-04-11 14:44:15 +01:00
Mathias Vorreiter Pedersen
dfe00ffe4b C++: Add a flow-after-free library. 2023-04-11 14:40:17 +01:00
Jeroen Ketema
9123657fd2 C++: Update product flow to match data flow naming 2023-04-06 17:13:12 +02:00
Jeroen Ketema
886abd1231 C++: Fix typo 2023-04-06 17:11:03 +02:00
Jeroen Ketema
39272def2d C++: Clean up the ProductFlow FlowStates 2023-04-06 17:10:44 +02:00
Jeroen Ketema
4e12924521 C++: Refactor ProductFlow to have a DataFlow::ConfigSig-like interface 2023-04-06 17:10:40 +02:00
Jeroen Ketema
c8798637fa Merge pull request #12777 from jketema/mctv-join 
C++: Fix number of join order problems in memory corruption queries
 2023-04-06 16:55:42 +02:00
Jeroen Ketema
8e7eec173b C++: inline isInvalidPointerDerefSink 2023-04-06 12:49:10 +02:00
Mathias Vorreiter Pedersen
025081e223 C++: Add change note. 2023-04-06 10:54:16 +01:00
Mathias Vorreiter Pedersen
8fef101432 C++: Fix missing result and accept test changes. 2023-04-06 10:41:08 +01:00
Jeroen Ketema
f98576bcb4 C++: Fix number of join order problems in memory corruption queries 2023-04-06 10:53:18 +02:00
github-actions[bot]
ac426b1302 Post-release preparation for codeql-cli-2.12.6 2023-04-04 16:49:26 +00:00
Mathias Vorreiter Pedersen
f007083ef0 C++: Switch back to a 'Bound' instead of a 'SemBound'. 2023-04-04 09:43:23 +01:00
Mathias Vorreiter Pedersen
c19edc5f0b C++: Fix Code Scanning errors. 2023-04-03 15:17:37 +01:00
Mathias Vorreiter Pedersen
aa337c72c2 C++: Update import paths in tests and experimental queries. 2023-04-03 15:17:37 +01:00
Mathias Vorreiter Pedersen
e5700e07c7 C++: Fix join order in 'cpp/unsafe-strncat'. 2023-03-31 21:33:28 +01:00
github-actions[bot]
0a3218676c Release preparation for version 2.12.6 2023-03-30 19:25:06 +00:00
github-actions[bot]
e87ce62f95 Post-release preparation for codeql-cli-2.12.5 2023-03-30 13:48:58 +00:00