hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 14:34:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
69,484 Commits 1,741 Branches 165 Tags
f0327732effaf86500a4f33466c87db4ac17b4a6
Commit Graph

692 Commits

Author SHA1 Message Date
Geoffrey White
0344381120 Merge remote-tracking branch 'upstream/main' into docsforautofix 2024-07-10 11:17:52 +01:00
Geoffrey White
74384625f6 C++: Autoformat. 2024-07-10 11:17:44 +01:00
Mathias Vorreiter Pedersen
962c73da16 C++: Promote 'cpp/unsafe-strncat' to Code Scanning. 2024-07-08 16:02:29 +01:00
Geoffrey White
4f0d725acd C++: Add a 'good' example as well. 2024-07-08 14:32:03 +01:00
Geoffrey White
d52210d565 C++: Improve the example for cpp/return-stack-allocated-memory. 2024-07-08 14:32:01 +01:00
Geoffrey White
0288499801 C++: Rephrase the alert message for cpp/wrong-type-format-argument to be less prescriptive. 2024-07-08 14:31:59 +01:00
Mathias Vorreiter Pedersen
05d46a6793 C++: Also ignore phi input edges in 'AllocaInLoop.ql'. 2024-06-05 09:58:44 +01:00
Mathias Vorreiter Pedersen
769d9317c7 C++: Avoid a CP between 'getExpr(node)' and 'this' in 'LoopWithAlloca'. 2024-05-22 15:15:40 +01:00
Jeroen Ketema
1a60c01723 C++: Add memcmp test for cpp/network-to-host-function-as-array-bound 2024-05-21 10:27:38 +02:00
Geoffrey White
0ba3cd96f5 C++: Update an instance of the name 'Semmle' in a doc page. 2024-05-20 10:02:50 +01:00
Geoffrey White
871fd9aba3 Merge pull request #16405 from geoffw0/qhelp3 
C++: Improve qhelp for StrncpyFlippedArgs.
 2024-05-08 11:23:41 +01:00
Geoffrey White
880d56c576 Merge pull request #16404 from geoffw0/qhelp2 
C++: Improve qhelp for WrongTypeFormatArguments.
 2024-05-08 11:22:57 +01:00
Geoffrey White
f5431abb10 C++: Fix strncpy reference link (the old link was broken). 2024-05-02 17:37:52 +01:00
Geoffrey White
73cc211779 C++: Fix qhelp error. 2024-05-02 17:36:35 +01:00
Geoffrey White
08e08a2b3a C++: Qhelp punctuation. 2024-05-02 17:32:24 +01:00
Geoffrey White
657402b42f C++: Fix % character in qhelp. 2024-05-02 17:31:09 +01:00
Geoffrey White
ecbf7aef18 C++: Fix qhelp formatting. 2024-05-02 17:26:24 +01:00
Geoffrey White
669fc925e0 C++: Fix qhelp formatting. 2024-05-02 17:24:20 +01:00
Geoffrey White
8a04840f93 C++: Improve qhelp for IncorrectNotOperatorUsage.ql, including mention of an alternative fix. 2024-05-02 17:17:55 +01:00
Geoffrey White
f4e4e238ba C++: Add test cases for IncorrectNotOperatorUsage.ql. 2024-05-02 17:17:55 +01:00
Geoffrey White
8f682ef4e4 C++: Improve quality of some qhelp references. 2024-05-02 17:08:26 +01:00
Geoffrey White
8a261b7e7a C++: Update StrncpyFlippedArgs.qhelp. 2024-05-02 17:04:49 +01:00
Geoffrey White
06d8892e03 C++: Rename an example file. 2024-05-02 16:39:59 +01:00
Geoffrey White
e22159ab5d C++: Update WrongTypeFormatArguments.qhelp. 2024-05-02 16:34:56 +01:00
Geoffrey White
355c7d9b41 C++: Rename an example file. 2024-05-02 16:34:49 +01:00
Jeroen Ketema
adfb3c3d50 C++: Simplify cpp/boost/tls-settings-misconfiguration 2024-03-22 11:22:11 +01:00
Jeroen Ketema
a770bddff0 C++: Add precision to cpp/boost/tls-settings-misconfiguration and cpp/boost/use-of-deprecated-hardcoded-security-protocol 
Also clean up the names of the queries while here.
 2024-03-22 10:48:18 +01:00
Mathias Vorreiter Pedersen
1330c885c8 C++: Use 'asIndirectExpr' in the sink of 'ExistsAnyFlowConfig. 2024-03-20 18:04:59 +00:00
Mathias Vorreiter Pedersen
4a55b6fbdf C++: Make 'cpp/uninitialized-local' a path-problem query. 2024-03-18 15:02:33 +00:00
Mathias Vorreiter Pedersen
61597f5ac7 C++: This commit does two things: 
1. It fixes a logic error in the cannotContainString predicate.
2. It reverts the changes to the `isSource` predicate that required the external
function to be within the source root.

The change to `isSource` was meant to fix the a performance problem that occurred
because of the logic error in the cannotContainString predicate. However, now that
the logic error is fixed this is no longer necessary 🎉
 2024-03-13 22:40:06 +00:00
Mathias Vorreiter Pedersen
51f5740707 C++: Exclude functions that aren't declared inside the source root. This fixes performance on ImageMagick. 2024-03-12 14:20:16 +00:00
Mathias Vorreiter Pedersen
6a563c161e C++: Simplify the definition of 'isNonConst'. On ImageMagick I get the same exact sources before and after. 2024-03-12 14:20:09 +00:00
Mathias Vorreiter Pedersen
179a7d500e C++: Handle 'wchar_t' types that may be defined as unsigned short in C. This brings back SAMATE results. 2024-03-12 14:19:48 +00:00
Mathias Vorreiter Pedersen
9854ed4b89 C++: Delete comment. 2024-03-11 18:54:53 +00:00
Mathias Vorreiter Pedersen
2345907a52 C++: Reintroduce the 'cannotContainString' optimization that was removed in #15516. 2024-03-11 18:49:03 +00:00
Mathias Vorreiter Pedersen
f97b6e2848 C++: Stop conflating pointers and indirections in the query. 2024-03-11 18:48:19 +00:00
Mathias Vorreiter Pedersen
32e532ff3c C++: Some cleanup to avoid conflating the case of a function returning something as a return value, and a function updating one of its arguments. 2024-03-11 18:42:42 +00:00
Benjamin Rodes
8d35db0fe6 Making argv filter positional. 2024-02-21 12:25:35 -05:00
Benjamin Rodes
639642fb67 Formatting. 2024-02-16 11:19:02 -05:00
Benjamin Rodes
0410ed734b Adding exclusion for main's argv (I believe this and other changes were accidentally removed in prior merge with other non-const branches) 2024-02-16 11:18:06 -05:00
Benjamin Rodes
9f3dd6300f Fixing query to use path graph. 2024-02-16 11:11:48 -05:00
Benjamin Rodes
aa7c677e13 Merge branch '51-2cppnon-constant-format-alter-not-const-source' into cpp-non-constant-format-as-path-query 
# Conflicts:
#	cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql
 2024-02-16 10:49:05 -05:00
Benjamin Rodes
93f2e856af Formatting update. 2024-02-16 10:28:14 -05:00
Benjamin Rodes
4a9b2d5027 Comment change. 2024-02-16 10:18:07 -05:00
Benjamin Rodes
5b0a3dcdbe Accidental removal of an and. 2024-02-16 10:15:21 -05:00
Benjamin Rodes
95ebbb1bbd Ql alterations for cleanup as part of merge suggestions. 2024-02-16 10:13:50 -05:00
Ben Rodes
1fb7f089ca Update cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2024-02-16 10:06:34 -05:00
Benjamin Rodes
d6b0746b30 The non-constant format query is now a path query. Minor changes to the output alert to be more precise on what is being alerted. Minor changes to the query itself to avoid redundancies with argv. 2024-02-15 12:14:52 -05:00
Benjamin Rodes
caf2ee27fa Adding false negative tests for future work. 2024-02-15 09:43:26 -05:00
Benjamin Rodes
5c508553f3 Efficiency improvement (force a better join order) 2024-02-13 09:42:08 -08:00