hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-29 19:58:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,626 Commits 1,723 Branches 164 Tags
e4d2c7cfc423ebd263bbc767c4ca829eb002b982
Commit Graph

232 Commits

Author SHA1 Message Date
Geoffrey White
e4d2c7cfc4 C++: Rewrite so that we look for additional evidence. 2021-05-13 13:19:39 +01:00
Geoffrey White
40cf29b625 C++: Rearrange the library. 2021-05-13 08:39:37 +01:00
Geoffrey White
0450caa73d C++: Exclude array initializers. 2021-05-12 19:39:30 +01:00
Geoffrey White
52a88af6c1 C++: Exclude macro invocations in switch case expressions. 2021-05-12 19:33:18 +01:00
Geoffrey White
9404d0676d C++: Exclude macros that don't generate anything. 2021-05-12 19:28:08 +01:00
Mathias Vorreiter Pedersen
5016c6436a Merge pull request #5859 from MathiasVP/fix-fp-in-comparison-with-wider-type 
C++: Fix false positive in `cpp/comparison-with-wider-type`
 2021-05-10 17:58:31 +02:00
Mathias Vorreiter Pedersen
d55db836cb C++: Remove implied conjunct. 2021-05-10 16:13:54 +02:00
Mathias Vorreiter Pedersen
c0b65314be C++: Fix false positive by restricting _both_ the old (unconverted) expression _and_ all of the conversions. 2021-05-10 15:18:42 +02:00
Mathias Vorreiter Pedersen
c91ed80e6c C++: Fix false positive by computing range of the converted expression. 2021-05-10 10:12:43 +02:00
Geoffrey White
75edcf0b4f Merge branch 'main' into unsigneddiff2 2021-05-07 16:35:16 +01:00
Geoffrey White
69468514f0 Update cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-05-07 16:26:42 +01:00
Geoffrey White
91be483c57 Update cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-05-07 16:26:36 +01:00
Geoffrey White
fc96c1c400 Update cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-05-07 16:26:23 +01:00
Geoffrey White
5db6abe2f4 Update cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-05-07 16:22:48 +01:00
Geoffrey White
894f5d523c Update cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-05-07 16:19:48 +01:00
Mathias Vorreiter Pedersen
86822f6c61 C++: Exclude pointer results from cpp/integer-overflow-tainted. 2021-04-23 16:01:53 +02:00
Geoffrey White
8daca01c87 C++: Cleaner use of DataFlow::Node in exprIsSubLeftOrLess. 2021-04-13 15:13:11 +01:00
Geoffrey White
4879104568 C++: Add more dataflow cases to replace the loss. 2021-04-13 15:09:12 +01:00
Geoffrey White
b0ad927fdd C++: Remove useUsePair. 2021-04-13 15:03:06 +01:00
Geoffrey White
0818c1d703 C++: Update QLDoc. 2021-04-09 18:11:48 +01:00
Geoffrey White
3b437fe6cf C++: Replace GVN with some other libraries. 2021-04-09 15:21:42 +01:00
Robert Marsh
e22ec50dee Merge pull request #5613 from github/hmakholm/pr/fix-redos 
Fix ReDOS in cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql
 2021-04-06 15:54:27 -07:00
Geoffrey White
a8193dac08 C++: Reintroduce the exprMightOverflowNegatively bit. 2021-04-06 22:36:59 +01:00
Geoffrey White
60e4faba4c C++: Add linear expression logic. 2021-04-06 22:28:36 +01:00
Geoffrey White
48ff8e237c C++: Rewrite the range analysis exclusion to be recursive and more robust. 2021-04-06 22:26:55 +01:00
Geoffrey White
3ecd13531f C++: Improve isGuarded. 2021-04-06 22:21:59 +01:00
Henning Makholm
2d615ef503 Fix ReDOS in cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql 
The sub-regex `(\s|.)*` aims to capture arbitrary string content
(in contrast to `.*` which doesn't match newlines), but it is
unsafe, since non-newline whitespace can match both alternatives.

This caused an evaluator crash in the wild.

Replace with `[\s\S]*`, which matches everything in a safe way.
 2021-04-06 20:10:57 +02:00
Taus Brock-Nannestad
3d0d280972 Merge remote-tracking branch 'upstream/rc/3.1' into mergeback-rc/3.1-to-main 2021-03-08 22:15:10 +01:00
Mathias Vorreiter Pedersen
2d7f15cc8a C++: Fix join-order in cpp/memset-may-be-deleted. 2021-03-05 11:38:15 +01:00
Marcono1234
5a8ffa5a85 Use .inc.qhelp extension for included help files 2021-03-04 22:04:48 +01:00
Mathias Vorreiter Pedersen
0f7256752a Update cpp/ql/src/Security/CWE/CWE-014/MemsetMayBeDeleted.qhelp 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2021-02-26 19:16:28 +01:00
Mathias Vorreiter Pedersen
42d2a673c7 C++: Respond to review comments. 2021-02-26 10:06:05 +01:00
Mathias Vorreiter Pedersen
faadcd913e C++: Exclude memsets that clear a variable that has no other uses. 2021-02-25 21:27:12 +01:00
Mathias Vorreiter Pedersen
2777ca445e Update cpp/ql/src/Security/CWE/CWE-014/MemsetMayBeDeleted.ql 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2021-02-25 19:49:58 +01:00
Mathias Vorreiter Pedersen
9e7c9d0ea0 C++: Respond to review comments. Relax the escaping requirements on the local variable being used in memset. 2021-02-25 18:22:48 +01:00
Mathias Vorreiter Pedersen
3f26b2940d Update cpp/ql/src/Security/CWE/CWE-014/MemsetMayBeDeleted.ql 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-02-25 15:48:48 +01:00
Mathias Vorreiter Pedersen
d33209388d C++: Fix test annotations. Also exclude static locals from the query and add a testcase for this. 2021-02-25 13:25:11 +01:00
Mathias Vorreiter Pedersen
c44fbaaf3c C++: Promote memset query out of experimental. 2021-02-24 18:01:41 +01:00
Geoffrey White
79338052ad C++: Add CWE-676 tag. 2021-02-19 14:55:31 +00:00
Mathias Vorreiter Pedersen
fa44cedd38 C++: Add isBarrier to CgiXss.ql. 2021-02-16 18:58:28 +01:00
Mathias Vorreiter Pedersen
b1c7cb6396 C++: Address review comments. 2021-02-12 10:37:27 +01:00
NateD-MSFT
9470a99092 Add KeGetCurrentProcessorNumberEx to CQE-457 whitelist 
Windows driver developers may call KeGetCurrentProcessorNumberEx in their driver.  This function optionally may initialize a provided structure, but this initialization always occurs.  The return value is the current processor being run on.  As such, this query incorrectly marks calls to KeGetCurrentProcessorNumberEx that initialize a structure that is later used as risky, even though in reality the initialization always succeeds.

See https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/ntddk/nf-ntddk-kegetcurrentprocessornumberex
 2021-02-04 13:32:09 -08:00
Mathias Vorreiter Pedersen
cf0e464ab9 Merge branch 'promote-UnsignedDifferenceExpressionComparedZero' of github.com:MathiasVP/ql into promote-UnsignedDifferenceExpressionComparedZero 2021-02-04 17:24:59 +01:00
Mathias Vorreiter Pedersen
6a97d02247 C++: Address review comments. 2021-02-04 17:24:14 +01:00
Mathias Vorreiter Pedersen
161e5679a7 Apply suggestions from code review 
Co-authored-by: hubwriter <hubwriter@github.com>
 2021-02-04 16:47:45 +01:00
Mathias Vorreiter Pedersen
707f532e10 C++: Fix bad join-order using a poor man's unbind operator. 2021-02-04 16:11:34 +01:00
Mathias Vorreiter Pedersen
fd596ebbbb C++: Move cpp/unsigned-difference-expression-compared-zero out of experimental. 2021-02-04 16:10:34 +01:00
Geoffrey White
b5bcbd303e C++: Cleaner solution. 2021-01-06 18:22:31 +00:00
Geoffrey White
18890c4a77 C++: Use isAdditionalBarrier in the SqlTainted query. 2021-01-05 11:33:39 +00:00
Mathias Vorreiter Pedersen
f4f96fe257 C++: Use isSource in queries. These were the only queries that restrict the source after dataflow terminates. 2020-12-21 16:35:35 +01:00