hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-20 06:26:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
67,180 Commits 1,715 Branches 162 Tags
ea01ae65347aca6d0310ca0d5844b44adb8bea35
Commit Graph

797 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
9907f0f827 C++: Exclude a cast to any integral type. 2024-05-22 13:42:07 +01:00
Mathias Vorreiter Pedersen
af81698fa8 C++: Fix FP and accept test changes. 2024-05-22 12:34:09 +01:00
erik-krogh
a51d24cbab apply suggestions from code review, and the examples to the test 2024-05-08 19:34:50 +02:00
erik-krogh
3989717878 Merge branch 'main' into cpp-path 2024-05-07 23:01:52 +02:00
erik-krogh
336c7de643 updates based on review 2024-05-07 22:58:49 +02:00
Geoffrey White
c0cf1c7c8c Merge pull request #16402 from geoffw0/stringlifetimedoc 
C++: Improve UseOfStringAfterLifetimeEnds doc.
 2024-05-03 15:04:07 +01:00
Geoffrey White
807e6795a7 Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-03 11:40:56 +01:00
Geoffrey White
e4cf7df38f C++: Edits to the .qhelp based on suggestions. 2024-05-02 16:00:31 +01:00
Geoffrey White
b8b3689251 C++: Autoformat. 2024-05-02 15:49:56 +01:00
Geoffrey White
0693bf9e75 C++: Improve UseOfStringAfterLifetimeEnds qhelp, references and alert message. 2024-05-02 15:40:27 +01:00
Mathias Vorreiter Pedersen
40b6e1624f Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-01 11:41:23 +01:00
Mathias Vorreiter Pedersen
22e843abc6 Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-01 11:41:16 +01:00
Mathias Vorreiter Pedersen
708d12624f C++: Update documentation on 'cpp/iterator-to-expired-container'. 2024-04-30 16:32:32 +01:00
Mathias Vorreiter Pedersen
61ce7252e6 C++: Update the alert message in 'cpp/iterator-to-expired-container'. 2024-04-30 16:12:54 +01:00
Mathias Vorreiter Pedersen
c04e59611b Merge pull request #16355 from MathiasVP/promote-iterator-to-expired-container-out-of-experimental 
C++: Promote `cpp/iterator-to-expired-container` out of experimental
 2024-04-30 15:45:56 +01:00
Mathias Vorreiter Pedersen
94364f724e C++: Remove CP between all sinks and all states in 'cpp/iterator-to-expired-container'. 2024-04-29 16:46:00 +01:00
Mathias Vorreiter Pedersen
5c454bdd8c C++: Compute and add severity. 2024-04-29 11:09:42 +01:00
Mathias Vorreiter Pedersen
f194c70e8a C++: Set precision to medium. 2024-04-29 11:08:08 +01:00
Mathias Vorreiter Pedersen
179270ffc1 C++: Move 'cpp/iterator-to-expired-container' out of experimental. 2024-04-29 11:07:55 +01:00
Geoffrey White
15123a7b40 C++: Reduce duplication. 2024-04-25 16:49:22 +01:00
Geoffrey White
e29ce5f5d5 Merge branch 'main' into mad 2024-04-12 14:30:44 +01:00
Anders Schack-Mulligen
f202661912 C++: Add alert provenance plumbing. 2024-04-12 09:20:06 +02:00
Geoffrey White
36db493723 C++: Autoformat. 2024-04-10 15:02:19 +01:00
erik-krogh
3ab73c8552 C++: Improve the cpp/path-injection qhelp 2024-04-05 09:36:39 +02:00
Geoffrey White
a8742ea111 C++: PascalCase and US spelling fixes. 2024-04-03 14:17:55 +01:00
Geoffrey White
fa26b55452 C++: Add models-as-data models for ZMQ networking library + wiring. 2024-03-28 21:50:07 +00:00
Mathias Vorreiter Pedersen
7b0df57d7a C++: Remove the two configurations that depend on flow state to speed up performance on ChakraCore. 2024-03-11 13:56:22 +00:00
Mathias Vorreiter Pedersen
761f6d3a7e C++: Disable field flow from the 'cpp/type-confusion' query to fix performance on ChakraCore. 2024-03-07 15:24:04 -08:00
Mathias Vorreiter Pedersen
4f9bdca4f0 C++: Optimize. 2024-03-07 13:08:26 -08:00
Mathias Vorreiter Pedersen
cedbfbe7ea C++: Use a more generous definition of compatible types. 2024-03-07 10:50:20 -08:00
Mathias Vorreiter Pedersen
9e77b89885 Update TypeConfusion.qhelp 
Co-authored-by: hubwriter <hubwriter@github.com>
 2024-03-07 08:33:49 -08:00
Mathias Vorreiter Pedersen
b876117ecc C++: Add more QLDoc. 2024-03-06 22:25:04 -08:00
Mathias Vorreiter Pedersen
3295d5cb9f C++: Add more QLDoc. 2024-03-06 21:17:57 -08:00
Mathias Vorreiter Pedersen
cd57cd0d8a C++: Add qhelp reference. 2024-03-06 21:15:27 -08:00
Mathias Vorreiter Pedersen
8ae6fa5366 C++: Add a new query 'cpp/type-confusion' for detecting type confusion vulnerabilities. 2024-03-06 21:11:32 -08:00
Ben Rodes
f79846467e Update cpp/ql/src/Security/CWE/CWE-704/WcharCharConversion.ql 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2024-01-26 15:25:08 -05:00
Benjamin Rodes
562221f48e False positive fix. 2024-01-26 13:27:14 -05:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00
Mathias Vorreiter Pedersen
44124158c4 Merge pull request #15078 from alexet/unique-pointer-temporary 
CPP: Add query for detecting invalid uses of temporary unique pointers.
 2023-12-20 11:16:01 +01:00
Mathias Vorreiter Pedersen
57e0804cef Update cpp/ql/src/Security/CWE/CWE-416/UseOfUniquePointerAfterLifetimeEnds.ql 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-12-20 10:52:42 +01:00
Alex Eyers-Taylor
8e92fcc08f CPP: Format Temporaries 2023-12-15 12:00:44 +00:00
Alexander Eyers-Taylor
c68d3c5983 Update cpp/ql/src/Security/CWE/CWE-416/Temporaries.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-15 11:23:11 +00:00
Alex Eyers-Taylor
49e1467581 CPP: Fix handling of ternary operators in tempory queries and add tests. 2023-12-15 11:03:23 +00:00
Jeroen Ketema
2065ecff66 C++: Only consider the maximum buffer size for badly bounded write 2023-12-15 10:46:13 +01:00
Alexander Eyers-Taylor
236a6a1bce CPP: Apply suggestions from code review 
Fix spelling in query id

Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-12 17:22:46 +00:00
Alex Eyers-Taylor
e9bc5a54ea CPP: Add query for detecting invalid uses of temporary unique pointers. 2023-12-12 16:22:20 +00:00
Mathias Vorreiter Pedersen
03b77dbf2a C++: Make 'node.asExpr()' behave as 'node.asDefinition()' in void contexts. 2023-12-04 16:38:13 +00:00
Mathias Vorreiter Pedersen
c1561e8675 Merge branch 'main' into reduce-duplication-from-operators 2023-11-30 14:30:50 +00:00
Mathias Vorreiter Pedersen
351caaccfe C++: Add GOOD and BAD comments to qhelp examples. 2023-11-29 09:44:54 +00:00
Mathias Vorreiter Pedersen
8afd9288cb Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-11-29 09:36:29 +00:00