Ziemowit Laski
e4ce8347bc
[CPP-340] Simplify MistypedFunctionArguments.ql and reduce its
...
precision from very-high to high.
2019-04-03 16:19:37 -07:00
Ziemowit Laski
96b8bdfeb5
[CPP-340] Add new queries to analysis-cpp.md; correct id of
...
TooFewArguments.ql
2019-04-01 19:15:27 -07:00
Ziemowit Laski
03aa86ed4d
Merge branch 'master' into cpp340a
...
So as to get to change-notes/1.21/analysis-cpp.md
2019-04-01 18:51:03 -07:00
Ziemowit Laski
bd139829ea
[CPP-340] Delete old 'UnspecifiedFunctions' folders
2019-04-01 18:44:49 -07:00
Ziemowit Laski
3ec988c39b
[CPP-340] Rename 'UnspecifiedFunctions' to 'Unspecified Functions'
...
Make MistypedFunctionArguments.ql more restrictive (allowing
type matching only in the presence of no-op conversions).
2019-04-01 18:39:46 -07:00
semmle-qlci
54b4e59d12
Merge pull request #1182 from esben-semmle/js/sourcenode-regexp-literals
...
Approved by xiemaisi
2019-04-01 21:58:58 +01:00
semmle-qlci
a4de82de06
Merge pull request #1185 from xiemaisi/js/improve-amd-imports
...
Approved by asger-semmle
2019-04-01 16:30:47 +01:00
Tom Hvitved
007cee8426
Merge pull request #1184 from calumgrant/cs/static-cryptotransform
...
C#: Remove static SHA1CryptoServiceProvider
2019-04-01 16:03:53 +02:00
semmle-qlci
a7d9a50dcf
Merge pull request #1176 from xiemaisi/js/fix-socket-io-type-tracking
...
Approved by asger-semmle
2019-04-01 13:57:13 +01:00
calum
932961bf19
C#: Remove static SHA1CryptoServiceProvider
2019-04-01 10:46:39 +01:00
Esben Sparre Andreasen
6908c54df6
JS: change notes
2019-04-01 09:25:07 +02:00
Esben Sparre Andreasen
364ba1b4ac
JS: use RegExpLiteral as a SourceNode
2019-04-01 09:19:25 +02:00
Esben Sparre Andreasen
7923c9d77c
JS: add tests for missing flow of regular expressions
2019-04-01 09:19:25 +02:00
Esben Sparre Andreasen
42d3012f81
JS: let RegExpLiteral be a DataFlow::SourceNode
2019-04-01 09:19:25 +02:00
Jonas Jensen
76caad0fb4
Merge pull request #1119 from geoffw0/wprintf2
...
CPP: Better handling of %s/%c/%S/%C in Printf/FormattingFunction.qll
2019-04-01 08:47:20 +02:00
Ziemowit Laski
8a653b9adc
[CPP-340] Fix TooFewArguments.c to actually provide a ()-prototype.
2019-03-29 20:34:49 -07:00
Ziemowit Laski
59a54df149
[CPP-340] cpp/too-many-arguments should remain as cpp/futile-params.
2019-03-29 20:30:40 -07:00
Ziemowit Laski
2ea9f81c7f
[CPP-340] Refer to C coding standard, not C++.
2019-03-29 20:27:25 -07:00
Ziemowit Laski
cb5bbd2197
[CPP-340] When warning about mismatched parameters, follow what C
...
compilers do. Various integral and floating-point types
are treated as mutually implicitly convertible. Remaining
warnings deal with misuse of pointer and array types.
2019-03-29 20:19:45 -07:00
semmle-qlci
ed0ef36427
Merge pull request #1035 from asger-semmle/firebase
...
Approved by xiemaisi
2019-03-29 13:44:02 +00:00
Max Schaefer
62c895de3e
JavaScript: Introduce Type(Back)Tracker::continue predicate.
2019-03-29 11:45:18 +00:00
Geoffrey White
a6e0296c0c
CPP: Be slash/case insensitive.
2019-03-29 11:19:20 +00:00
Geoffrey White
c8caca3305
CPP: Add test cases for %ls, %hs.
2019-03-29 11:19:20 +00:00
Geoffrey White
f5a7d7a035
CPP: Correct a few comments.
2019-03-29 11:19:19 +00:00
Geoffrey White
d22c93f101
CPP: Change note.
2019-03-29 11:19:19 +00:00
Geoffrey White
66e87fc34c
CPP: Detect Microsoft compilations even more reliably.
2019-03-29 11:18:32 +00:00
Geoffrey White
5911699c55
CPP: Clean up some remaining old 'isWideCharDefault' logic that has caused confusion.
2019-03-29 11:18:31 +00:00
Geoffrey White
eef050dd47
CPP: Improve deduction of %S types in FormattingFunction.qll.
2019-03-29 11:18:31 +00:00
Geoffrey White
4a25c37ecc
CPP: Detect Microsoft compilations somewhat more reliably.
2019-03-29 11:18:31 +00:00
Geoffrey White
975a0bbf0d
CPP: Handle %s/%c/%S/%C correctly on non-MS platforms.
2019-03-29 11:18:31 +00:00
Geoffrey White
648cdbab6c
CPP: Add FormattingFunction.getFormatCharType() and test.
2019-03-29 11:18:31 +00:00
Geoffrey White
162c9981bd
CPP: Add some test cases.
2019-03-29 11:18:31 +00:00
Max Schaefer
8bb91bf001
JavaScript: Autoformat.
2019-03-29 08:30:05 +00:00
Max Schaefer
41a3ad3f82
JavaScript: Tweak some regexes in Files.qll.
...
It seems preferable to use the same regex everywhere, even if it's overly general for a few cases.
2019-03-29 08:30:05 +00:00
Max Schaefer
f5279b2a1d
JavaScript: Resolve AMD imports based on absolute paths if there is only a single candidate.
2019-03-29 08:30:05 +00:00
Max Schaefer
b29b3dff4d
JavaScript: Use proper camel-case for AMD-related class names.
2019-03-29 08:14:07 +00:00
Jonas Jensen
752ca94402
Merge pull request #854 from geoffw0/taintedmalloc
...
CPP: Improve TaintedAllocationSize.ql
2019-03-29 09:13:18 +01:00
Jonas Jensen
68a19d7d3e
Merge branch 'master' into taintedmalloc
2019-03-29 09:12:38 +01:00
Max Schaefer
d541bd58fb
JavaScript: Unify (most) overrides of getAnImportedModule.
2019-03-29 08:11:29 +00:00
Max Schaefer
6a78e37d93
JavaScript: Make AMD dependencies Imports.
2019-03-29 08:11:29 +00:00
Jonas Jensen
fcf04abb84
Merge pull request #1120 from jcreedcmu/jcreed/nan
...
C++: Teach range analysis to pay attention to NaNs.
2019-03-29 07:51:27 +01:00
Jason Reed
e52bbe7784
C++: Add change note.
2019-03-28 20:47:03 -04:00
Jason Reed
d03b5bca31
C++: Fix non-private imports.
2019-03-28 20:39:29 -04:00
Jason Reed
9c0be34fd4
C++: Remove accidental redundancy.
2019-03-28 20:39:29 -04:00
Jason Reed
23ee7ee928
C++: Teach range analysis to pay attention to NaNs.
2019-03-28 20:39:29 -04:00
Jonas Jensen
886e52468d
Merge pull request #1177 from geoffw0/qhelp
...
CPP: Add a reference about include optimization for AV Rule 35
2019-03-28 20:44:39 +01:00
Geoffrey White
f358e61719
CPP: Add a reference about include optimization to the qhelp for AV Rule 35.
2019-03-28 16:37:50 +00:00
Geoffrey White
a7e349c2a2
CPP: Add change note.
2019-03-28 15:50:37 +00:00
Geoffrey White
faa23a53be
CPP: Update expected for changes elsewhere.
2019-03-28 15:49:36 +00:00
Geoffrey White
e7c02027f5
CPP: Fix 'BAD'.
2019-03-28 15:49:36 +00:00
