hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-22 02:44:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,816 Commits 1,685 Branches 158 Tags
fb90c2ba52853279964e9972052e400b35284ff6
Commit Graph

1361 Commits

Author SHA1 Message Date
Jonas Jensen
27b5902258 Merge pull request #2707 from geoffw0/taint-format 
C++: Add TaintFunction model to FormattingFunction
 2020-01-29 08:20:34 +01:00
Mathias Vorreiter Pedersen
c1091a03d0 C++: Accept output 2020-01-28 17:38:35 +01:00
Mathias Vorreiter Pedersen
928b0c50d2 C++: Add test demonstrating false negative when using dynamic_cast 2020-01-28 17:31:53 +01:00
Geoffrey White
f02ffcbbd2 C++: Modify ParameterIndex to account for varargs. 2020-01-28 14:53:18 +00:00
Geoffrey White
d66f608d41 C++: Taint from FormattingFunction varargs. 2020-01-28 14:53:18 +00:00
Geoffrey White
8b215c155e C++: Correct a few test comments. 2020-01-28 14:51:46 +00:00
Mathias Vorreiter Pedersen
287af2bdec C++: Fix annotations in testcase file 2020-01-28 13:51:36 +01:00
Mathias Vorreiter Pedersen
611d9553dd C++: Fix formatting 2020-01-28 10:22:33 +01:00
Mathias Vorreiter Pedersen
130911ad44 C++: Accept new output in already existing test 2020-01-28 10:00:52 +01:00
Mathias Vorreiter Pedersen
fd79e7991d C++: Add tests demonstrating differences between AST virtual dispatch analysis and IR virtual dispatch analysis 2020-01-28 10:00:21 +01:00
Geoffrey White
30580e97dc C++: Add a TaintFunction model to FormattingFunction. 2020-01-28 08:46:46 +00:00
Geoffrey White
1d46971bb7 C++: Add an ArrayFunction model to FormattingFunction. 2020-01-28 08:46:46 +00:00
Geoffrey White
06f5720cd5 C++: Add taint tests of formatting functions. 2020-01-28 08:46:46 +00:00
Robert Marsh
a9bcc1dcc6 Merge pull request #2667 from dbartol/dbartol/NoEscape 
C++/C#: Make escape analysis unsound by default
 2020-01-27 19:17:33 -05:00
Robert Marsh
c7975e83a7 Merge pull request #2657 from jbj/DefaultTaintTracking-models 
C++: wire up models library to DefaultTaintTracking
 2020-01-27 17:41:54 -05:00
Dave Bartolomeo
7df3cf4c23 C++: Accept more test output after merge 2020-01-27 13:48:43 -07:00
Dave Bartolomeo
3b3502060b Merge remote-tracking branch 'upstream/master' into dbartol/NoEscape 2020-01-27 13:29:18 -07:00
Robert Marsh
79a72a3496 Merge pull request #2680 from geoffw0/modelstrndup 
CPP: Model strndup.
 2020-01-27 15:19:52 -05:00
Dave Bartolomeo
40952f85a9 C++: Accept test diffs 2020-01-27 10:31:18 -07:00
Robert Marsh
4d743d2bce Merge pull request #2692 from jbj/pure-string-read 
C++: Model that string functions read their buffer
 2020-01-27 11:40:03 -05:00
Geoffrey White
4778914154 CPP: Repair flow. 2020-01-27 14:08:03 +00:00
Geoffrey White
d9f6895602 CPP: 'sometimes copying' is considered data flow. 2020-01-27 14:07:39 +00:00
Jonas Jensen
0e3ed2dfa6 C++: Remove test for unrelated issue 
The issue for that test is being tested and fixed on PR #2686. Adding a
test here will cause a semantic merge conflict.
 2020-01-27 14:25:28 +01:00
Dave Bartolomeo
6988241b09 Merge from master 2020-01-26 16:38:48 -07:00
Dave Bartolomeo
708e83546f C++: Remove acceidentally added tests 2020-01-26 16:20:27 -07:00
Jonas Jensen
fb6ad5274f C++: Accept test changes 2020-01-24 22:28:20 +01:00
Mathias Vorreiter Pedersen
d26cf12c3a Merge pull request #2688 from geoffw0/move-taint-test 
C++: Add the security taint test (previously internal).
 2020-01-24 15:58:20 +01:00
Geoffrey White
af903fc30c C++: Add the security taint test (previously internal). 2020-01-24 11:28:51 +00:00
Jonas Jensen
ee0648bb57 Merge pull request #2684 from geoffw0/rearrange-tests 
CPP: Test cleanup
 2020-01-24 11:57:58 +01:00
Geoffrey White
912260b3aa C++: Autoformat tests. 2020-01-24 09:43:58 +00:00
Geoffrey White
795afa8160 CPP: Better location for the StackVariableReachability test. 2020-01-23 17:32:07 +00:00
Geoffrey White
b693ef51e2 C++: Put a little bit of content in the StackVariableReachability test. 2020-01-23 17:25:26 +00:00
Jonas Jensen
33070cc16d Merge pull request #2678 from MathiasVP/union-access-global-virtual-dispatch 
C++: IR virtual dispatch through union field access
 2020-01-23 15:32:31 +01:00
Geoffrey White
edf2b54813 CPP: Model strndup. 2020-01-23 13:46:57 +00:00
Jonas Jensen
8a0089a875 Merge pull request #2672 from geoffw0/qualifierflow 
CPP: Support taint flow in and out of qualifiers
 2020-01-23 13:17:17 +01:00
Geoffrey White
166be063a9 C++: Rename test of the now un-deprecated StackVariableReachability. 2020-01-23 11:06:24 +00:00
Geoffrey White
0c4eabca98 C++: Merge two tests of UnusedStaticFunctions from the library-tests into the existing test in query-test. 2020-01-23 11:05:47 +00:00
Geoffrey White
f40a37cae2 C++: Move a test from library-tests to query-tests. 2020-01-23 11:05:47 +00:00
Geoffrey White
fcdb20d1fc C++: Move the SuspiciousCallToStrncat test to the expected location. 2020-01-23 11:05:46 +00:00
Geoffrey White
f4f0f6d93e C++: Merge the StrncpyFlippedArgs tests. 2020-01-23 11:05:46 +00:00
Geoffrey White
3aa66f5aca C++: Merge the OverflowStatic tests. 2020-01-23 11:05:46 +00:00
Mathias Vorreiter Pedersen
77531294bf C++: Accepted output on tests 2020-01-23 10:20:10 +01:00
Mathias Vorreiter Pedersen
256ae2fda6 C++: Add test demonstrating a flow not detected 2020-01-23 10:16:24 +01:00
Jonas Jensen
ceeb9ab718 Merge pull request #2622 from MathiasVP/implicit-function-declaration 
C++: Add 'implicit function declaration' query
 2020-01-23 09:23:44 +01:00
Geoffrey White
1867d58034 CPP: Allow flow to return value. 2020-01-22 16:25:40 +00:00
Geoffrey White
704bfe7184 CPP: Support taint flow from qualifiers. 2020-01-22 16:22:29 +00:00
Geoffrey White
e6daf3b7ee CPP: Support taint flow to qualifiers. 2020-01-22 16:16:31 +00:00
Geoffrey White
1a6f7febe7 CPP: Add tests of taint through qualifiers. 2020-01-22 16:11:13 +00:00
Jonas Jensen
66914e52c6 C++: accept test changes 2020-01-22 14:08:05 +01:00
Jonas Jensen
6cdca29aa6 C++: Flow through read side effects 
Until we have better tracking of indirections, these flow rules conflate
pointers and their contents.
 2020-01-22 13:27:10 +01:00