Esben Sparre Andreasen
030d9202de
JS: replace .stripParens library uses w. .getUnderlyingValue
2018-11-07 09:32:02 +01:00
semmle-qlci
4225e0bb44
Merge pull request #356 from asger-semmle/parameter-node
...
Approved by xiemaisi
2018-11-07 08:31:05 +00:00
semmle-qlci
2457eb98df
Merge pull request #166 from asger-semmle/documentable-self-assign
...
Approved by esben-semmle, xiemaisi
2018-11-07 08:30:17 +00:00
semmle-qlci
c20e24d549
Merge pull request #385 from asger-semmle/async-model
...
Approved by xiemaisi
2018-11-07 08:28:37 +00:00
semmle-qlci
282d1e2096
Merge pull request #404 from asger-semmle/useless-conditional2
...
Approved by xiemaisi
2018-11-07 08:28:01 +00:00
Max Schaefer
212a78b5fc
Merge pull request #323 from esben-semmle/js/always-return-type-inference
...
JS: additional return type inference
2018-11-07 08:25:28 +00:00
Jonas Jensen
6f2fd05480
Merge pull request #354 from geoffw0/return-exception
...
CPP: Remove successor edges after calls to non-returning functions
2018-11-07 09:24:41 +01:00
Anders Schack-Mulligen
268de8de4f
Style guide: Fix whitespace.
2018-11-07 09:12:55 +01:00
Anders Schack-Mulligen
92f265844b
Java: Fix mixed tabs/spaces in qhelp examples.
2018-11-07 09:02:41 +01:00
Tom Hvitved
67e64f21d8
C#: Fix whitespaces
2018-11-07 08:52:38 +01:00
Max Schaefer
f75ce7a6ef
JavaScript: Fix project layout for trap tests.
2018-11-07 07:48:25 +00:00
Max Schaefer
afe271c679
JavaScript: Update file classification in .lgtm.yml.
2018-11-07 07:48:25 +00:00
Max Schaefer
52e5879a2d
JavaScript: Move extractor change notes.
2018-11-07 07:48:25 +00:00
Max Schaefer
4c4920c3a9
JavaScript: Open-source extractor.
2018-11-07 07:48:25 +00:00
Max Schaefer
5ffe45a80b
JavaScript: Fix mixed tabs/spaces in qhelp.
2018-11-07 07:40:51 +00:00
semmle-qlci
b38effd55b
Merge pull request #402 from geoffw0/tag-typos
...
Approved by dave-bartolomeo
2018-11-07 00:59:21 +00:00
Raul Garcia
5212aa0911
Update .gitignore
2018-11-06 12:51:56 -08:00
Raul Garcia
5a35edfbe2
cpp: Incorrect not opeartor usage
...
Marked as Low precision as Linux kernel code mix the usage of logical operators and bit-wise opeartors.
warning C6317: incorrect operator: logical-not (!) is not interchangeable with ones-complement (~)
2018-11-06 12:49:33 -08:00
Robert Marsh
9d2d381e68
C++: test fixes for sign analysis
2018-11-06 12:02:39 -08:00
Robert Marsh
2d04d9ea04
C++: sync NegateInstruction between IR passes
2018-11-06 12:02:39 -08:00
Robert Marsh
6d06db7989
C++: fix comments
2018-11-06 12:02:39 -08:00
Robert Marsh
d9e6a6ea24
Move cached predicates to cached module
2018-11-06 12:02:38 -08:00
Robert Marsh
bf946c3ec3
C++: remove comments about Java implies predicates
...
The Java guards library includes a set of "implies" predicates to handle
short-circuiting conditionals. C++ handles those in IR generation, so
dominance on the IR produces correct results for controlling blocks.
2018-11-06 12:02:38 -08:00
Robert Marsh
554fea46c7
C++: Sign analysis for casts and unsigned integers
2018-11-06 12:02:38 -08:00
Robert Marsh
d1ae939c9c
C++: use guards and operands in sign analysis
2018-11-06 12:02:38 -08:00
Robert Marsh
08e9eea1f2
Add NegateInstruction
2018-11-06 12:02:38 -08:00
Robert Marsh
a3c6b8e575
C++: port sign analysis library from Java
2018-11-06 12:02:38 -08:00
Jonas Jensen
e03b4f0cb6
Merge pull request #293 from geoffw0/zerosizebuffer
...
CPP: Better handling of zero-sized buffers
2018-11-06 20:08:39 +01:00
semmle-qlci
33c02fe928
Merge pull request #355 from hvitved/csharp/guards-logic
...
Approved by calumgrant
2018-11-06 19:06:30 +00:00
Dave Bartolomeo
62a5aef0de
Merge pull request #410 from jbj/range-analysis-tests
...
C++: Tests for two range analysis bugs
2018-11-06 10:51:12 -08:00
Geoffrey White
ee4cfe8eb7
CPP: Update expected output for changes elsewhere.
2018-11-06 17:58:33 +00:00
Geoffrey White
e6e0d69b7d
CPP: Re-apply effect of discover_walk.
2018-11-06 17:53:18 +00:00
Geoffrey White
301c133bef
CPP: More descriptive.
2018-11-06 17:53:18 +00:00
Geoffrey White
2042c9c863
CPP: Extend the CPP-205 test (results prior to discover_walk).
2018-11-06 17:53:18 +00:00
Arthur Baars
89d728a50f
Merge pull request #412 from adityasharad/merge/master-next-061118
...
Merge master into next.
2018-11-06 18:46:50 +01:00
Geoffrey White
b671ef504d
Merge pull request #413 from jbj/return-this-getblock
...
C++: Restore `exists(getBlock())` in AV Rule 82
2018-11-06 17:04:05 +00:00
Geoffrey White
9c97176896
CPP: Tabs/spaces.
2018-11-06 17:01:30 +00:00
Anders Schack-Mulligen
fa3fa33c51
Java: Don't construct nonsense SSA for unreachable code.
2018-11-06 16:43:08 +01:00
Anders Schack-Mulligen
2004445817
Merge pull request #409 from yh-semmle/java/move-tests
...
Java: move/tweak some tests
2018-11-06 16:38:03 +01:00
Jonas Jensen
9382c9d528
C++: Regression tests for AV Rule 82
...
Without the last commit, this addition to the test gives the following
results:
```
+| AV Rule 82.cpp:176:14:176:22 | operator= | Assignment operator in class Forgivable does not return a reference to *this. |
+| AV Rule 82.cpp:181:14:181:22 | operator= | Assignment operator in class Forgivable does not return a reference to *this. |
```
2018-11-06 16:13:44 +01:00
Esben Sparre Andreasen
e396a55653
JS: change notes for type inference improvements
2018-11-06 16:04:46 +01:00
Esben Sparre Andreasen
a79a6a07b8
JS: stop tracking properties of object literals
2018-11-06 16:04:46 +01:00
Esben Sparre Andreasen
a07c094437
JS: introduce TypeInferredCalleeWithAnalyzedReturnFlow
2018-11-06 16:04:46 +01:00
Esben Sparre Andreasen
fef3573152
JS: use global layer in AnalyzedNode::getABooleanValue and -getAType
2018-11-06 16:04:46 +01:00
Geoffrey White
792369917a
CPP: Fix CWE tags.
2018-11-06 14:36:12 +00:00
Geoffrey White
698f8953c7
CPP: Change note.
2018-11-06 14:29:08 +00:00
Geoffrey White
dd8aa5a8d9
CPP: Fix StrncpyFlippedArgs.ql as well.
2018-11-06 14:29:08 +00:00
Geoffrey White
ad44416189
CPP: Move the fix into Buffer.qll so that it applies to other queries.
2018-11-06 14:29:08 +00:00
Sauyon Lee
f99f44a571
If a destination buffer has size 0, there's probably some hackery going on
2018-11-06 14:29:08 +00:00
Jonas Jensen
da73a033e5
C++: Restore exists(getBlock()) in AV Rule 82
...
I removed this condition in #362 , thinking it was covered by the new
conditions on return statements, but it turns out it wasn't in at least
the following cases.
1. Assignment operators that are deleted or marked private in order to
make them inaccessible.
2. Templates whose body was not extracted.
While some of these results are technically valid, they are not nearly
as interesting as the results that this query was designed to produce.
2018-11-06 13:42:20 +01:00
