codeql

mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00

Author	SHA1	Message	Date
Tom Hvitved	a533c95640	C++: Update expected test output	2022-11-03 15:52:30 +01:00
Mathias Vorreiter Pedersen	a856bc8678	Merge pull request #10562 from rdmarsh2/rdmarsh2/cpp/field-off-by-one C++: prototype for off-by-one in array-typed field	2022-10-06 11:04:12 +01:00
Robert Marsh	8ac8101a75	C++: convert to path-problem	2022-09-30 11:35:02 -04:00
Robert Marsh	423e0bf99a	C++: respond to style comments on PR	2022-09-30 11:27:14 -04:00
Robert Marsh	f17b563692	C++: handle interprocedural flows This currently copy-pastes some predicates from InvalidPointerDeref.ql. Those should be moved to a library file in a followup	2022-09-29 16:09:48 -04:00
Robert Marsh	99d7512881	C++: tests for constant-size off-by-one query	2022-09-29 13:33:13 -04:00
Mathias Vorreiter Pedersen	e4305948ef	C++: Fix FP on CWE-193 by blocking flow through back-edges of phi nodes.	2022-09-27 16:28:03 +01:00
Mathias Vorreiter Pedersen	1c55bbe2e8	C++: Add FP for CWE-193.	2022-09-26 11:53:03 +01:00
Mathias Vorreiter Pedersen	73f279d6e7	Merge pull request #10555 from MathiasVP/testcase-for-php-cve C++: Fix missing bounds in range analysis	2022-09-23 16:55:51 +01:00
Mathias Vorreiter Pedersen	ce3654c6ec	C++: Make ql-for-ql happy.	2022-09-23 13:07:07 +01:00
Mathias Vorreiter Pedersen	494afdde96	C++: Accept test changes.	2022-09-23 12:21:31 +01:00
Mathias Vorreiter Pedersen	6d06234048	C++: Add testcase demonstrating missing result for 'cpp/invalid-pointer-deref' query.	2022-09-23 11:41:16 +01:00
Mathias Vorreiter Pedersen	c4afb3a2b5	Merge branch 'main' into further-work-on-buffer-over-queries	2022-09-22 16:35:52 +01:00
Robert Marsh	32ab636c77	C++: adjust test so size flows from malloc to field	2022-09-21 12:43:44 -04:00
Robert Marsh	fcd0bb13b3	C++: add paths to ArrayAccessProductFlow	2022-09-21 12:37:31 -04:00
Mathias Vorreiter Pedersen	3e6576bfaf	C++: Add example of missing result.	2022-09-18 12:18:04 +01:00
Mathias Vorreiter Pedersen	d1cf688abf	C++: Fix test function naming.	2022-09-18 12:17:46 +01:00
Mathias Vorreiter Pedersen	4482669d7e	C++: Add a new 'InvalidPointerDeref' query to experimental.	2022-09-15 17:47:15 +01:00
Mathias Vorreiter Pedersen	b8a5aa5d85	C++: Fix a couple of range analysis issues: 1. The new query is expecting pointer arithmetic operations to generate range-analysis bounds, but this wasn't true on main. 2. The bounds generated by `boundFlowCond` was incorrectly inferred as non-strict when comparing a pointers (unlike when comparing values of integral types). This gave FPs in the new query. This also fixes a couple of missing results in existing queries that use the new range-analysis library.	2022-09-15 17:46:52 +01:00
Mathias Vorreiter Pedersen	c7ccff2e20	C++: Accept test changes.	2022-09-13 12:11:22 +01:00
Mathias Vorreiter Pedersen	011d15aca3	C++: Accept test changes.	2022-09-07 14:56:08 +01:00
Robert Marsh	ca2694ae1d	C++: exclude end pointers in iterator-style loops	2022-09-01 17:42:19 -04:00
Robert Marsh	56eacce320	C++: restrict to end-of-allocation pointers	2022-08-16 17:52:06 -04:00
Robert Marsh	93de8e2308	C++: fix missing bounds in exp range analysis	2022-08-16 17:44:51 -04:00
Robert Marsh	e4d0e7431c	C++: some experimental product flow queries	2022-08-16 17:44:46 -04:00

25 Commits