codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00

Author	SHA1	Message	Date
github-actions[bot]	0b2fb4f70a	Release preparation for version 2.11.6	2022-12-10 15:49:35 +00:00
Mathias Vorreiter Pedersen	9f9ffef697	C++: Make the Node IPA type private.	2022-12-10 14:51:21 +00:00
Mathias Vorreiter Pedersen	de70cbfee9	C++: Change caching for dataflow.	2022-12-09 23:30:47 +00:00
Jeroen Ketema	ce92ba640a	C++: Accept test changes	2022-12-09 23:38:03 +01:00
Jeroen Ketema	9dc2614012	C++: Make all flow source descriptions start with a lower case letter In every context where we use the description a lower case letter makes more sense.	2022-12-09 23:18:58 +01:00
Jeroen Ketema	1e1974c9fb	C++: Add change note	2022-12-09 23:17:36 +01:00
Jeroen Ketema	331fab5ac0	C++: Generalize the `ArgvSource` flow source This matches `isUserInput` and handles cases where `argv` has a different name, which is allowed.	2022-12-09 23:12:31 +01:00
Mathias Vorreiter Pedersen	52bf39bcf9	C++: Use a 'fastTC' instead of '*' to improve performance.	2022-12-09 14:21:09 +00:00
Mathias Vorreiter Pedersen	a3285653ae	C++: Prevent an expression to stepping to itself.	2022-12-09 14:20:27 +00:00
Mathias Vorreiter Pedersen	7d1f10bc78	Merge pull request #11627 from jketema/getaddrinfo C++: Model `getaddrinfo` as flow source	2022-12-09 12:38:43 +00:00
Mathias Vorreiter Pedersen	1169c1b898	C++: Accept test changes caused by the new consitency check.	2022-12-09 09:20:29 +00:00
Jeroen Ketema	2095f11b8c	C++: Add change note	2022-12-08 23:35:32 +01:00
Jeroen Ketema	aabbafd2bf	C++: Fix QL-for-QL warning	2022-12-08 19:33:11 +01:00
Jeroen Ketema	ec0ce56269	C++: Model `getaddrinfo` as flow source	2022-12-08 19:20:11 +01:00
Jeroen Ketema	89cd4790d5	Merge pull request #11610 from jketema/scanf C++: Model `scanf` and `fscanf` as flow sources	2022-12-08 19:14:39 +01:00
Geoffrey White	f373b7fe7c	Merge pull request #11596 from geoffw0/cleartextbufferwrite C++: Performance fix for cpp/cleartext-storage-buffer	2022-12-08 17:18:10 +00:00
Robert Marsh	f235b991db	Merge pull request #11374 from MathiasVP/indirect-outnodes-are-post-update-nodes C++: Field flow through reference-returning functions	2022-12-08 10:46:19 -05:00
Jeroen Ketema	8f9a73ee09	C++: Address review comments	2022-12-08 16:14:12 +01:00
Jeroen Ketema	33fa76f911	C++: Add change note	2022-12-08 15:22:42 +01:00
Jeroen Ketema	b216c79992	C++: Accept test changes	2022-12-08 15:22:41 +01:00
Jeroen Ketema	f35b7f8fe8	C++: Model `scanf` and `fscanf` as flow sources	2022-12-08 15:22:41 +01:00
Mathias Vorreiter Pedersen	f814ce7f10	Merge branch 'mathiasvp/replace-ast-with-ir-use-usedataflow' into refactor-isdef-isuse	2022-12-08 13:25:20 +00:00
Mathias Vorreiter Pedersen	0a1097d735	C++: Accept test changes to 'sources-and-sinks.cpp'.	2022-12-08 13:17:35 +00:00
Mathias Vorreiter Pedersen	4fd6ac5657	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-12-08 13:10:18 +00:00
Mathias Vorreiter Pedersen	6897b20722	Merge pull request #11601 from MathiasVP/keep-std-string-iterator	2022-12-08 12:59:33 +00:00
Mathias Vorreiter Pedersen	36d0903733	C++: Simplify 'getSourceVariable'.	2022-12-08 12:29:15 +00:00
Chris Smowton	49bc524fd0	Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main	2022-12-08 11:12:30 +00:00
Jeroen Ketema	a6bc9fd10f	Merge pull request #11591 from jketema/getenv C++: Model `secure_getenv` and `_wgetenv` as local flow sources	2022-12-08 10:44:28 +01:00
Jeroen Ketema	fc49ede33d	C++: Add change note	2022-12-08 09:44:23 +01:00
Jeroen Ketema	a2dac3a41e	C++: Move remote flow sink test and also handle local and remote sinks	2022-12-08 09:36:19 +01:00
Mathias Vorreiter Pedersen	9f85175ee1	C++: Fix blowup in 'stripPointer'.	2022-12-07 22:35:37 +00:00
Mathias Vorreiter Pedersen	5ae3228928	C++: Fix TODO.	2022-12-07 22:34:10 +00:00
Mathias Vorreiter Pedersen	68f0997d87	C++: Generalize loads and stores.	2022-12-07 22:34:10 +00:00
Mathias Vorreiter Pedersen	589f7bdbcc	C++: Introduce BaseSourceVariableInstruction.	2022-12-07 22:34:03 +00:00
Mathias Vorreiter Pedersen	54c12cd715	C++: Reintroduce 'StdBasicStringIterator'.	2022-12-07 18:21:52 +00:00
Geoffrey White	1d4631e231	C++: Better solution.	2022-12-07 18:00:38 +00:00
Geoffrey White	627162b343	C++: Fix cpp/offset-use-before-range-check performance.	2022-12-07 17:32:36 +00:00
Geoffrey White	a8b8b54f8d	Update cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2022-12-07 16:44:33 +00:00
Geoffrey White	4b8575bfc3	C++: Simplify the query slightly.	2022-12-07 15:35:45 +00:00
Geoffrey White	b3d838d678	C++: Define the sources more clearly and consistently (fixes performance issue).	2022-12-07 14:45:39 +00:00
Jeroen Ketema	01d8ad98f6	C++: Model `secure_getenv` and `_wgetenv` as local flow sources	2022-12-07 13:37:12 +01:00
Jeroen Ketema	b5147bbfb0	C++: Deprecate `DefaultTaintTracking` and `TaintTrackingImpl`	2022-12-06 17:45:16 +01:00
Mathias Vorreiter Pedersen	2c500142c7	Merge pull request #11435 from jketema/rewrite-tainted-path C++: Rewrite `cpp/path-injection` to not use `DefaultTaintTracking`	2022-12-06 14:54:57 +00:00
Mathias Vorreiter Pedersen	e71fbb1def	Merge pull request #11541 from MathiasVP/add-node0 C++: Introduce a pre-SSA `DataFlow::Node` class	2022-12-06 13:28:39 +00:00
Jeroen Ketema	995efef5da	C++: Add explanatory comment to `hasFilteredFlowPath`	2022-12-06 09:03:21 +01:00
Jeroen Ketema	5637d573c1	C++: Add test case that is no longer detected after latest changes	2022-12-06 08:31:22 +01:00
Jeroen Ketema	6dbc59d5b5	C++: Simplify `isSink` based on reviewer comments	2022-12-05 23:23:08 +01:00
Tom Hvitved	7972db68bc	C++: Update expected test output	2022-12-05 17:07:32 +01:00
Tom Hvitved	52f3a48638	Data flow: Sync files	2022-12-05 12:57:27 +01:00
Mathias Vorreiter Pedersen	c563ed3635	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-12-05 10:27:55 +00:00

... 10 11 12 13 14 ...

9282 Commits