hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,003 Commits 1,671 Branches 157 Tags
e58b90ef1c670308976b6e901b202a4c4ab665a3
Commit Graph

84 Commits

Author SHA1 Message Date
Anders Fugmann
ddbaf585ec Merge branch 'main' into andersfugmann/improve_upper_bound 2021-09-06 10:32:44 +02:00
Anders Fugmann
d962fc4ce1 C++: Improve predicate upperBound in SimpleRangeAnalysis 
If an expression has an immediate guardPhi node, this is used as a strict upper bound
 2021-09-02 21:46:18 +02:00
Jonas Jensen
abdf993e47 Merge pull request #6537 from andersfugmann/implicit_downcast_involving_references 
Implicit downcast involving references
 2021-08-25 09:45:32 +02:00
Anders Peter Fugmann
67a267d971 Update cpp/change-notes/2021-08-24-implicit-downcast-from-bitfield.md 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-08-25 08:58:44 +02:00
Jonas Jensen
19ee64d9ad C++:Lower potentially-dangerous-function precision 
There have been multiple reports of false positives from this query over
time. Now that it has `@security-severity 10.0`, these false positives
look even worse.

The query looks purely for calls to functions with certain names, not
at whether the calls happen in a dangerous context. To justify a higher
precision, the query should only flag calls that happen in a thread or
another non-reentrant context.
 2021-08-24 17:14:42 +02:00
Anders Fugmann
6b66f5dbb4 C++: Add change note for implicit downcasting involving references 2021-08-24 10:26:25 +02:00
Ian Lynagh
1e06808105 Update cpp/change-notes/2021-08-23-getPrimaryQlClasses.md 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-08-23 16:52:07 +01:00
Ian Lynagh
a9db1c52e5 All languages: Add getPrimaryQlClasses() 
This is a non-overridable predicate that concatenates all the
getAPrimaryQlClass() results into a comma-separated string.
 2021-08-23 15:49:10 +01:00
Alexandre Boulgakov
3ba308a69f C++: Allow querying for "C" language linkage on routine types. 2021-08-18 15:35:30 +01:00
Alexandre Boulgakov
490498899b C++: Expose trailing return type presence. 2021-08-11 16:04:07 +01:00
Mathias Vorreiter Pedersen
8ce6335383 Merge pull request #6372 from geoffw0/uncontrolledarith 2021-08-03 17:53:39 +02:00
Alexandre Boulgakov
e55bd4fb64 C++: Allow querying virtual, override, and final declaration specifiers. 2021-07-29 14:02:03 +01:00
Geoffrey White
5ac6b38380 C++: Change note. 2021-07-27 14:27:16 +01:00
Robert Marsh
fbb3f2e506 Merge pull request #6273 from geoffw0/cleartext-storage-file 
C++: Improve the CleartextFileWrite query
 2021-07-26 12:46:51 -07:00
Geoffrey White
fa0f5d08a2 Merge branch 'main' into toctou2 2021-07-21 16:21:29 +01:00
Mathias Vorreiter Pedersen
a006a7fb24 Revert "Merge pull request #6004 from MathiasVP/path-sensitive-stack-variable-reachability-analysis" 
This reverts commit e3e7b00986, reversing
changes made to 8ccdd4fb9f.
 2021-07-20 18:06:49 +02:00
Geoffrey White
5d1c7841a6 C++: Change note. 2021-07-20 14:14:01 +01:00
Geoffrey White
e3e7b00986 Merge pull request #6004 from MathiasVP/path-sensitive-stack-variable-reachability-analysis 
C++: Add path-sensitivity to `StackVariableReachability`
 2021-07-15 12:34:33 +01:00
Robert Marsh
4d8e882214 Merge pull request #6186 from geoffw0/formatarg 
C++: Fix FPs from cpp/wrong-type-format-argument
 2021-07-14 17:20:46 -07:00
Geoffrey White
dd03828522 C++: Change note. 2021-07-13 18:08:34 +01:00
Mathias Vorreiter Pedersen
be06230b43 Merge branch 'main' into path-sensitive-stack-variable-reachability-analysis 2021-07-12 14:46:44 +02:00
Geoffrey White
4a8299e5d0 C++: Change note. 2021-06-30 09:21:10 +01:00
Mathias Vorreiter Pedersen
a294fb07f5 C++: Add change-note. 2021-06-24 16:01:59 +02:00
Anders Schack-Mulligen
95ad8b55fe Merge pull request #6107 from aschackmull/dataflow/implicit-reads 
Dataflow: Add support for implicit reads
 2021-06-24 15:38:35 +02:00
Anders Schack-Mulligen
01fc3e6559 C++/C#/Java/Python: Add change notes. 2021-06-24 14:29:34 +02:00
Geoffrey White
05ed4ed739 Update cpp/change-notes/2021-06-21-weak-cryptographic-algorithm.md 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-06-21 14:22:56 +01:00
Geoffrey White
6f808c9e4c C++: Update change note. 2021-06-21 12:32:48 +01:00
Geoffrey White
90e2a2d222 C++: Change note. 2021-06-21 11:30:12 +01:00
Mathias Vorreiter Pedersen
b2e9fe79a7 C++: Add change-note. 2021-06-15 10:01:45 +02:00
John L. Singleton
9c946a79c7 Update cpp/change-notes/2021-06-10-std-types.md 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-06-11 09:49:44 -04:00
John L. Singleton
219dc71ae6 changlog entry 2021-06-10 17:15:06 -04:00
Geoffrey White
2fd461e984 Merge pull request #5938 from MathiasVP/promote-access-of-memory-location-after-end-of-buffer-using-strncat 
C++: Promote `cpp/access-memory-location-after-end-buffer-strncat` out of experimental
 2021-05-25 14:36:53 +01:00
Mathias Vorreiter Pedersen
b33adb8630 Merge pull request #5930 from MathiasVP/promote-incorrect-allocation-error-out 
C++: Promote `cpp/incorrect-allocation-error-handling`
 2021-05-25 10:57:31 +02:00
Robert Marsh
7ac04a8650 Merge pull request #5942 from MathiasVP/fix-change-note-dates 
C++: Convert yyyy-dd-mm change-notes to yyyy-mm-dd
 2021-05-21 12:34:30 -07:00
Mathias Vorreiter Pedersen
d086ba618f C++: Convert the yyyy-dd-mm change-notes to yyyy-mm-dd. 2021-05-21 16:24:15 +02:00
Mathias Vorreiter Pedersen
3662ec4c83 C++: Credit the original query author in change-note. 2021-05-21 11:12:19 +02:00
Mathias Vorreiter Pedersen
84b0b8c2bd C++: Add change-note. 2021-05-21 10:57:23 +02:00
Alex Denisov
ab23507e3f C++: Add ref qualifiers 2021-05-20 10:03:54 +02:00
Mathias Vorreiter Pedersen
b2432158a8 C++: Add change-note. 2021-05-20 10:00:32 +02:00
Geoffrey White
aaae717328 Merge branch 'main' into weak_crypto 2021-05-19 11:19:08 +01:00
Geoffrey White
e985204a62 C++: Add change note. 2021-05-19 11:14:23 +01:00
Mathias Vorreiter Pedersen
6103aabdce C++: Add change-note. 2021-05-18 19:17:11 +02:00
Mathias Vorreiter Pedersen
d46452e8de Merge pull request #5903 from MathiasVP/tainted-allocation-size-barrier 
C++: Add barriers to `cpp/uncontrolled-allocation-size`
 2021-05-17 15:24:45 +02:00
Robert Marsh
d706d7b7a4 Merge pull request #5887 from MathiasVP/fewer-rand-sources-in-uncontrolled-arithmetic 
C++: Add more sanitizers to `cpp/uncontrolled-arithmetic`
 2021-05-14 15:35:56 -07:00
Mathias Vorreiter Pedersen
58dde68b10 C++: Add change-note. 2021-05-14 14:16:00 +02:00
Mathias Vorreiter Pedersen
7d26aca793 C++: Add change-note. 2021-05-12 16:34:23 +02:00
Mathias Vorreiter Pedersen
3e21f479a9 C++: Add change-note. 2021-05-11 14:58:48 +02:00
Mathias Vorreiter Pedersen
5016c6436a Merge pull request #5859 from MathiasVP/fix-fp-in-comparison-with-wider-type 
C++: Fix false positive in `cpp/comparison-with-wider-type`
 2021-05-10 17:58:31 +02:00
Mathias Vorreiter Pedersen
474b337eeb C++: Add change-note. 2021-05-10 10:22:44 +02:00
Geoffrey White
75edcf0b4f Merge branch 'main' into unsigneddiff2 2021-05-07 16:35:16 +01:00