hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,189 Commits 1,672 Branches 157 Tags
ebd38eaf3bd0d5f4cb15bf4724fb2bb90ad1f8a6
Commit Graph

200 Commits

Author SHA1 Message Date
Geoffrey White
b38a9d51e6 C++: Effect of 'Don't override getParameterSizeIndex in the model for Accept'... 2021-03-23 12:26:59 +00:00
Geoffrey White
13eb9e0833 C++: Fix the test. 2021-03-23 12:26:58 +00:00
Geoffrey White
30e1b88b7f C++: Extend test. 2021-03-23 12:26:58 +00:00
Mathias Vorreiter Pedersen
01cc2f2c77 Merge pull request #5366 from MathiasVP/better-path-explanation-for-this-indirection 
C++: Replace 'Argument -1 indirection' with 'This indirection'
 2021-03-11 10:48:44 +01:00
Jonas Jensen
e1adf5e8b0 Merge pull request #5218 from MathiasVP/no-write-side-effects-for-const-pointer-params 
C++: Don't generate write side effects for const parameter indirections
 2021-03-11 09:48:05 +01:00
Mathias Vorreiter Pedersen
55da16c4a9 C++: Accept test changes. 2021-03-11 09:27:45 +01:00
Mathias Vorreiter Pedersen
7207a17f6f C++: Accept more tests. 2021-03-08 16:50:12 +01:00
Mathias Vorreiter Pedersen
72daf2eef9 C++: Make the tests more realistic by actually using the local variable for something. Otherwise it looks like a zero-initialization of a buffer, which the query now tries to exclude. 2021-02-26 09:19:05 +01:00
Mathias Vorreiter Pedersen
d33209388d C++: Fix test annotations. Also exclude static locals from the query and add a testcase for this. 2021-02-25 13:25:11 +01:00
Mathias Vorreiter Pedersen
ef8b734863 C++: Move tests out of experimental and merge with old existing tests from the other memset PRs. 2021-02-24 18:02:16 +01:00
Mathias Vorreiter Pedersen
299f371715 C++: Accept more test changes. 2021-02-19 16:01:31 +01:00
Mathias Vorreiter Pedersen
25beadcb05 Update cpp/ql/test/query-tests/Security/CWE/CWE-079/semmle/CgiXss/search.c 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-02-17 11:54:24 +01:00
Mathias Vorreiter Pedersen
f5d5460dde C++: Fix testcase. 2021-02-17 10:53:31 +01:00
Mathias Vorreiter Pedersen
fa44cedd38 C++: Add isBarrier to CgiXss.ql. 2021-02-16 18:58:28 +01:00
Mathias Vorreiter Pedersen
fd596ebbbb C++: Move cpp/unsigned-difference-expression-compared-zero out of experimental. 2021-02-04 16:10:34 +01:00
Jonas Jensen
064568c36d Revert "Merge pull request #4784 from MathiasVP/mathiasvp/reverse-read-take-3" 
This reverts commit 1b3d69d617, reversing
changes made to 527c41520e.
 2021-02-03 08:49:37 +01:00
Jonas Jensen
1b3d69d617 Merge pull request #4784 from MathiasVP/mathiasvp/reverse-read-take-3 
C++: Support longer access paths in IR field flow
 2021-01-25 10:36:03 +01:00
Geoffrey White
81205f37c5 C++: Fix test annotation. 2021-01-06 11:45:17 +00:00
Geoffrey White
18890c4a77 C++: Use isAdditionalBarrier in the SqlTainted query. 2021-01-05 11:33:39 +00:00
Geoffrey White
01b204ea30 C++: Add a test case with a tainted integer. 2021-01-04 15:35:18 +00:00
Geoffrey White
7a3f9c7895 C++: Add a test (cleaned up) that was previously in the internal repo. 2021-01-04 15:35:18 +00:00
Mathias Vorreiter Pedersen
77aa9615c0 C++: Accept test changes in paths. 2020-12-22 09:14:55 +01:00
Mathias Vorreiter Pedersen
f5e4725642 C++: Propagate flow from instruction's to non-exact operands for arrays and unions, and accept test changes. 2020-12-18 13:54:34 +01:00
Mathias Vorreiter Pedersen
3c2fb5a93f Merge branch 'main' into interleave-op-instr-field-flow 2020-11-09 09:58:19 +01:00
Mathias Vorreiter Pedersen
177f94368e C++: Respond to review comments and accept test changes. 2020-10-30 15:59:39 +01:00
Mathias Vorreiter Pedersen
f3f9a044e0 C++: Accept more tests. 2020-10-29 13:55:45 +01:00
Dave Bartolomeo
5a6cd4aca9 Fix test expectations for new nodes and edges in path queries 2020-10-28 14:47:42 -04:00
Geoffrey White
a372578571 C++: Move the SizeCheck*.ql tests to the standard location. 2020-10-20 16:02:54 +01:00
Mathias Vorreiter Pedersen
e95aefe0b2 C++: Now that PrimaryArgumentNode is an OperandNode we want a specialized toString on it 2020-10-05 15:13:33 +02:00
Mathias Vorreiter Pedersen
d162c3d8c6 C++: Accept more test changes 2020-10-05 14:29:57 +02:00
Mathias Vorreiter Pedersen
072e1967c1 C++: Accept more tests 2020-10-02 15:51:29 +02:00
Mathias Vorreiter Pedersen
73cd5ceb80 C++: Accept tests. Due to the removal of overlap between the reads steps there are fewer repeated edges in path explanations. 2020-09-21 14:17:49 +02:00
Jonas Jensen
c67605f15c Merge pull request #4230 from MathiasVP/mathiasvp/array-field-flow 
C++: Replace `field -> object` taint rule with `ArrayContent` dataflow
 2020-09-18 10:56:51 +02:00
Mathias Vorreiter Pedersen
3520b86771 C++: Accept test changes. 2020-09-16 14:51:11 +02:00
Mathias Vorreiter Pedersen
7b456d6162 Merge branch 'main' into mathiasvp/array-field-flow 2020-09-16 10:45:31 +02:00
Mathias Vorreiter Pedersen
3005f252ca C++: Fix annotation 2020-09-15 13:34:50 +02:00
Mathias Vorreiter Pedersen
0ba72c6685 C++: Accept changes. 2020-09-15 12:49:22 +02:00
Geoffrey White
6ca9c449af C++: Add a test demonstrating the recent regression. 2020-09-14 17:55:20 +01:00
Geoffrey White
22097a9e13 C++: Add some CWE-190 tests I had lying around. 2020-09-14 14:39:02 +01:00
Mathias Vorreiter Pedersen
9659afdf09 C++: Accept more test changes 2020-09-08 22:25:33 +02:00
Jonas Jensen
fd0937eb01 C++: Accept improved IntegerOverflowTainted test 2020-08-18 16:47:29 +02:00
Mathias Vorreiter Pedersen
edc33b6516 C++: Add getOutputParameterIndex override to UserDefinedFormattingFunction and accept test changes 2020-07-15 14:46:08 +02:00
Mathias Vorreiter Pedersen
d711c22cd2 C++: Add testcase demonstrating lost query results 2020-07-15 14:42:45 +02:00
Geoffrey White
91b9b78c48 C++: Add a test case for CWE-114 involving pointers and references. 2020-06-10 14:09:46 +01:00
Jonas Jensen
ad292d8fb6 C++: Accept one more test change from last commit 2020-06-03 14:51:05 +02:00
Jonas Jensen
5f0d283212 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
The conflicts came from how `this` is now a parameter but not a
`Parameter` on `master`.

Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/defaulttainttracking.cpp
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
	cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected
	cpp/ql/test/library-tests/dataflow/fields/ir-flow.expected
	cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected
 2020-06-02 15:35:02 +02:00
Mathias Vorreiter Pedersen
bd97fe627c Merge branch 'master' into remove-field-conflation-from-ir-fieldflow 2020-05-27 17:08:19 +02:00
Jonas Jensen
bc09720704 Merge pull request #3479 from geoffw0/fp2762 
C++: Allow equality to block taint (security taint tracking)
 2020-05-25 15:11:10 +02:00
Mathias Vorreiter Pedersen
617ef32464 C++: Remove [FALSE POSITIVE] annotations 2020-05-21 02:22:57 +02:00
Mathias Vorreiter Pedersen
3c167125e5 C++: Accept test output 2020-05-20 18:18:34 +02:00