Mathias Vorreiter Pedersen
|
83d751b287
|
Merge pull request #11768 from MathiasVP/fix-implicit-reads-in-cleartext-sqlite-database
C++: Fix implicit reads on `cpp/cleartext-storage-database`
|
2022-12-22 13:47:10 +00:00 |
|
Mathias Vorreiter Pedersen
|
e86e3ec3ec
|
Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow
|
2022-12-22 11:29:43 +00:00 |
|
Mathias Vorreiter Pedersen
|
98c30b8545
|
Merge pull request #11761 from MathiasVP/ir-for-microsoft-try-except-finally
C++: Generate IR for `__try __finally` and `__try __except`
|
2022-12-22 11:23:01 +00:00 |
|
Mathias Vorreiter Pedersen
|
e453c7a36e
|
C++: Accept test changes.
|
2022-12-22 10:57:54 +00:00 |
|
Mathias Vorreiter Pedersen
|
05cd2518a4
|
C++: Map more expressions to operand nodes.
|
2022-12-22 10:57:11 +00:00 |
|
erik-krogh
|
b3dd50bc36
|
inline Location into the shared implementation of InlineExpectationsTest
|
2022-12-22 11:09:43 +01:00 |
|
Mathias Vorreiter Pedersen
|
a974cb1861
|
C++: Add another test with an _actual_ throw.
|
2022-12-22 10:01:41 +00:00 |
|
Mathias Vorreiter Pedersen
|
5fa968138c
|
C++: Add another test case with a throw.
|
2022-12-22 09:38:57 +00:00 |
|
Rasmus Lerchedahl Petersen
|
d97e185994
|
cpp: use shared inline tests
- remove from identical-files
|
2022-12-22 10:20:06 +01:00 |
|
Mathias Vorreiter Pedersen
|
bbf0ec81ab
|
C++: Fix implicit this.
|
2022-12-21 14:41:51 +00:00 |
|
Mathias Vorreiter Pedersen
|
ff6e8a285d
|
C++: Model semantics of '__except' condition in IR.
|
2022-12-21 14:08:26 +00:00 |
|
Mathias Vorreiter Pedersen
|
e6a03a6152
|
C++: Fix exception handling for '__try __except'.
|
2022-12-21 14:08:26 +00:00 |
|
Arthur Baars
|
98c5b81456
|
Merge pull request #11723 from aibaars/alert-suppression
CodeQL alert suppression
|
2022-12-21 10:59:57 +01:00 |
|
Mathias Vorreiter Pedersen
|
273af3cbf1
|
C++: Fix 'allowImplicitRead' override in 'cpp/cleartext-storage-database'.
|
2022-12-21 09:43:00 +00:00 |
|
Arthur Baars
|
035ad65e43
|
AlertSuppression: move library into util folder
|
2022-12-21 10:39:57 +01:00 |
|
Mathias Vorreiter Pedersen
|
f0ba33ae74
|
C++: Accept test changes.
|
2022-12-20 18:19:18 +00:00 |
|
Mathias Vorreiter Pedersen
|
07ab119b8c
|
C++: Add explicit qualifiers.
|
2022-12-20 13:38:50 +00:00 |
|
Mathias Vorreiter Pedersen
|
d2964a7d4a
|
C++: Also handle '__finally' blocks.
|
2022-12-20 13:28:33 +00:00 |
|
Mathias Vorreiter Pedersen
|
3c8efa88e0
|
C++: Handle Microsoft '__try __except' in the existing 'TryStmt' IR logic.
|
2022-12-20 13:28:28 +00:00 |
|
Mathias Vorreiter Pedersen
|
cd6e421cf5
|
C++: Add a test with '__try __except' and '__try __finally' in the 'ir' test directory.
|
2022-12-20 13:28:22 +00:00 |
|
Jeroen Ketema
|
0addae81cd
|
Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow
|
2022-12-20 11:34:41 +01:00 |
|
Mathias Vorreiter Pedersen
|
cbe330eb7b
|
Merge pull request #11693 from jketema/argv-param-flowsource
C++: Define the `argv` flow source in terms the input parameter
|
2022-12-20 09:30:19 +00:00 |
|
Aditya Sharad
|
ed29b3e4d6
|
Shared packs: Depend on codeql/tutorial from all language libraries
This allows `import tutorial` from queries targeting
any language, just like before, while removing the
duplicate copies of `tutorial.qll`.
|
2022-12-19 15:52:11 -08:00 |
|
Arthur Baars
|
a8be5d7274
|
AlertSuppression: add change notes
|
2022-12-19 17:02:52 +01:00 |
|
Arthur Baars
|
0f313231bc
|
AlertSuppression: add more tests
|
2022-12-19 16:43:11 +01:00 |
|
Jeroen Ketema
|
0c710479ec
|
C++: Update experimental test changes
|
2022-12-19 16:35:24 +01:00 |
|
Arthur Baars
|
c176606be5
|
AlertSuppression: allow //lgtm comments to scope over the next line
|
2022-12-19 16:10:26 +01:00 |
|
Arthur Baars
|
016c7a8ca7
|
Merge pull request #11719 from aibaars/alert-suppression-shared
Shared AlertSuppression library
|
2022-12-19 16:04:44 +01:00 |
|
Jeroen Ketema
|
949b61c635
|
Merge pull request #11729 from MathiasVP/fix-cleartext-sqlite-database
C++: Prepare `cpp/cleartext-storage-database` for use-use flow
|
2022-12-19 14:01:34 +01:00 |
|
Jeroen Ketema
|
edd29f4b0e
|
C++: Add change note
|
2022-12-19 13:50:50 +01:00 |
|
Jeroen Ketema
|
ed33b905a6
|
C++: Simplify cpp/path-injection now argv sources are parameters
|
2022-12-19 12:54:16 +01:00 |
|
Jeroen Ketema
|
7549915773
|
C++: Accept test changes
|
2022-12-19 12:52:35 +01:00 |
|
Arthur Baars
|
ad80822a52
|
C/C++: use shared AlertSuppression.qll
|
2022-12-19 12:25:46 +01:00 |
|
Jeroen Ketema
|
a73bd050f7
|
C++: Define the argv flow source in terms the input parameter
|
2022-12-19 12:13:39 +01:00 |
|
Jeroen Ketema
|
2705aebbbc
|
C++: Restrict CWE-119 semmle tests to have a single main function
|
2022-12-19 12:13:37 +01:00 |
|
Jeroen Ketema
|
88a1eead03
|
Merge pull request #11724 from MathiasVP/clear-text-transmission-dont-track-indirection
C++: Use `asExpr` in `cpp/cleartext-transmission`
|
2022-12-19 11:31:06 +01:00 |
|
turbo
|
d1d4163b79
|
Exclude cpp/wrong-use-of-the-umask
|
2022-12-18 15:55:04 +01:00 |
|
turbo
|
1e5426fca2
|
Create security-experimental suite helper and all language suite implementations
|
2022-12-18 15:44:08 +01:00 |
|
ihsinme
|
a2836dc72a
|
Update test.cpp
|
2022-12-18 00:38:32 +03:00 |
|
ihsinme
|
945cdef18d
|
Update DivideByZeroUsingReturnValue.expected
|
2022-12-18 00:35:28 +03:00 |
|
ihsinme
|
c790b0fed6
|
Update DivideByZeroUsingReturnValue.ql
|
2022-12-18 00:34:14 +03:00 |
|
Robert Marsh
|
df7a4ac093
|
Merge pull request #11722 from MathiasVP/make-buffer.qll-unique-again
C++: Use `unique` in `getBufferSize`
|
2022-12-16 15:00:18 -05:00 |
|
Henry Mercer
|
30451ee950
|
Merge pull request #11681 from github/henrymercer/mergeback-3.8
Merge `rc/3.8` back to `main`
|
2022-12-16 17:43:12 +00:00 |
|
Mathias Vorreiter Pedersen
|
1d80e94bb4
|
C++: Prepare 'CleartextSqliteDatabase.ql' for use-use flow.
|
2022-12-16 17:10:10 +00:00 |
|
Mathias Vorreiter Pedersen
|
c09ed10d33
|
Merge pull request #11727 from MathiasVP/fix-crement-and-assign-op-dataflow-mappings
C++: Fix `DataFlow <-> Expr` mappings for `CrementOperation` and `AssignOperation`
|
2022-12-16 17:05:13 +00:00 |
|
Mathias Vorreiter Pedersen
|
33649ed7d3
|
Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow
|
2022-12-16 17:02:06 +00:00 |
|
Mathias Vorreiter Pedersen
|
a7aa1a7d8b
|
C++: Accept more test changes
|
2022-12-16 16:04:35 +00:00 |
|
Jeroen Ketema
|
32800bca96
|
Merge pull request #11680 from jketema/predefined-typedef-for-float
C++: Update tests after frontend changes
|
2022-12-16 15:21:58 +01:00 |
|
Mathias Vorreiter Pedersen
|
45f69be94c
|
C++: Accept test changes
|
2022-12-16 14:14:58 +00:00 |
|
Mathias Vorreiter Pedersen
|
df526552a6
|
C++: Fix mapping between dataflow nodes and '{Crement, Assign}Operations'.
|
2022-12-16 14:14:48 +00:00 |
|