mirror of
https://github.com/github/codeql.git
synced 2026-05-16 04:09:27 +02:00
Compare commits
79 Commits
codeql-cli
...
dbartol/ja
| Author | SHA1 | Date | |
|---|---|---|---|
|
85cfb83f32 | ||
|
|
f7db47b771 | ||
|
|
0b6ec4624e | ||
|
|
d6848f5c5d | ||
|
|
01abcf8537 | ||
|
|
8c87b66bea | ||
|
|
d6415cd0c8 | ||
|
|
3a1f6efce4 | ||
|
|
8243f87179 | ||
|
|
fb9ec2423c | ||
|
|
3fa52ad680 | ||
|
|
9c7216fe4f | ||
|
|
69e0ad0181 | ||
|
|
8b536f54fd | ||
|
|
d3695dce4d | ||
|
|
8f0b7f0969 | ||
|
|
c4eafb2cf3 | ||
|
|
8b66dc16ad | ||
|
|
e8cb3490e6 | ||
|
|
85957767c9 | ||
|
|
071076875c | ||
|
|
26c69b8f8a | ||
|
|
bbd0aa929f | ||
|
|
17770af491 | ||
|
|
a507854288 | ||
|
|
8c1fd8fa7a | ||
|
|
f3e3734424 | ||
|
|
5444a5bf8a | ||
|
|
3a54c10f36 | ||
|
|
5fb61b0304 | ||
|
|
6af5afc184 | ||
|
|
cd1f10cdea | ||
|
|
74826032ef | ||
|
|
a9b3c0d91b | ||
|
|
323b7cb96f | ||
|
|
901f756c69 | ||
|
|
01c9509741 | ||
|
|
6081ba5902 | ||
|
|
91e26d0f44 | ||
|
|
a172063e6a | ||
|
|
fe00c8819d | ||
|
|
cb0b388345 | ||
|
|
4712ae1cfc | ||
|
|
59a77d70c0 | ||
|
|
4b5aa1497b | ||
|
|
d689db23d8 | ||
|
|
60abea17e6 | ||
|
|
66d156d386 | ||
|
|
b0efffd8f0 | ||
|
|
a282efc43e | ||
|
|
1d6626c821 | ||
|
|
2427227b84 | ||
|
|
204e4c5bb0 | ||
|
|
e97878ed63 | ||
|
|
be389b4c19 | ||
|
|
c9d6c80913 | ||
|
|
684aedf6aa | ||
|
|
c496503053 | ||
|
|
eeddb176f8 | ||
|
|
162519185d | ||
|
|
9e9469f3ca | ||
|
|
318e75c094 | ||
|
|
c91f7f4918 | ||
|
|
31324fc778 | ||
|
|
51e787b316 | ||
|
|
c4737c7fbb | ||
|
|
338ab96593 | ||
|
|
5c4b4d644a | ||
|
|
a8f55d93cb | ||
|
|
0459d136d3 | ||
|
|
ec0bd4494c | ||
|
|
e73d1c7b76 | ||
|
|
b73fe0ba0a | ||
|
|
92c8d39ba3 | ||
|
|
cc24f1ed9f | ||
|
|
26e58532ee | ||
|
|
caca4950e6 | ||
|
|
f8ce11b3a7 | ||
|
|
7da2845cad |
@@ -1,4 +1,5 @@
|
||||
provide:
|
||||
- "*/ql/base/qlpack.yml"
|
||||
- "*/ql/src/qlpack.yml"
|
||||
- "*/ql/lib/qlpack.yml"
|
||||
- "*/ql/test*/qlpack.yml"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-all
|
||||
version: 2.0.1
|
||||
version: 2.0.2-dev
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
||||
@@ -500,6 +500,17 @@ class Function extends Declaration, ControlFlowNode, AccessHolder, @function {
|
||||
* Gets the nearest enclosing AccessHolder.
|
||||
*/
|
||||
override AccessHolder getEnclosingAccessHolder() { result = this.getDeclaringType() }
|
||||
|
||||
/**
|
||||
* Holds if this function has extraction errors that create an `ErrorExpr`.
|
||||
*/
|
||||
predicate hasErrors() {
|
||||
exists(ErrorExpr e |
|
||||
e.getEnclosingFunction() = this and
|
||||
// Exclude the first allocator call argument because it is always extracted as `ErrorExpr`.
|
||||
not exists(NewOrNewArrayExpr new | e = new.getAllocatorCall().getArgument(0))
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
pragma[noinline]
|
||||
|
||||
@@ -57,5 +57,5 @@ where
|
||||
not declarationHasSideEffects(v) and
|
||||
not exists(AsmStmt s | f = s.getEnclosingFunction()) and
|
||||
not v.getAnAttribute().getName() = "unused" and
|
||||
not any(ErrorExpr e).getEnclosingFunction() = f // unextracted expr may use `v`
|
||||
not f.hasErrors() // Unextracted expressions may use `v`
|
||||
select v, "Variable " + v.getName() + " is not used."
|
||||
|
||||
@@ -29,7 +29,7 @@ class ReturnStackAllocatedMemoryConfig extends MustFlowConfiguration {
|
||||
override predicate isSource(Instruction source) {
|
||||
exists(Function func |
|
||||
// Rule out FPs caused by extraction errors.
|
||||
not any(ErrorExpr e).getEnclosingFunction() = func and
|
||||
not func.hasErrors() and
|
||||
not intentionallyReturnsStackPointer(func) and
|
||||
func = source.getEnclosingFunction()
|
||||
|
|
||||
|
||||
@@ -65,6 +65,7 @@ predicate isSinkImpl(Instruction sink, VariableAccess va) {
|
||||
exists(LoadInstruction load |
|
||||
va = load.getUnconvertedResultExpression() and
|
||||
not va = commonException() and
|
||||
not va.getTarget().(LocalVariable).getFunction().hasErrors() and
|
||||
sink = load.getSourceValue()
|
||||
)
|
||||
}
|
||||
|
||||
@@ -24,7 +24,7 @@ predicate instructionHasVariable(VariableAddressInstruction vai, StackVariable v
|
||||
// Pointer-to-member types aren't properly handled in the dbscheme.
|
||||
not vai.getResultType() instanceof PointerToMemberType and
|
||||
// Rule out FPs caused by extraction errors.
|
||||
not any(ErrorExpr e).getEnclosingFunction() = f
|
||||
not f.hasErrors()
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -13,23 +13,85 @@
|
||||
*/
|
||||
|
||||
import cpp
|
||||
import semmle.code.cpp.controlflow.Guards
|
||||
|
||||
class WideCharPointerType extends PointerType {
|
||||
WideCharPointerType() { this.getBaseType() instanceof WideCharType }
|
||||
}
|
||||
|
||||
/**
|
||||
* Given type `t`, recurses through and returns all
|
||||
* intermediate base types, including `t`.
|
||||
*/
|
||||
Type getABaseType(Type t) {
|
||||
result = t
|
||||
or
|
||||
result = getABaseType(t.(DerivedType).getBaseType())
|
||||
or
|
||||
result = getABaseType(t.(TypedefType).getBaseType())
|
||||
}
|
||||
|
||||
/**
|
||||
* A type that may also be `CharPointerType`, but that are likely used as arbitrary buffers.
|
||||
*/
|
||||
class UnlikelyToBeAStringType extends Type {
|
||||
UnlikelyToBeAStringType() {
|
||||
this.(PointerType).getBaseType().(CharType).isUnsigned() or
|
||||
this.(PointerType).getBaseType().getName().toLowerCase().matches("%byte") or
|
||||
this.getName().toLowerCase().matches("%byte") or
|
||||
this.(PointerType).getBaseType().hasName("uint8_t")
|
||||
exists(Type targ | getABaseType(this) = targ |
|
||||
// NOTE: not using CharType isUnsigned, but rather look for any explicitly declared unsigned
|
||||
// char types. Assuming these are used for buffers, not strings.
|
||||
targ.(CharType).getName().toLowerCase().matches("unsigned%") or
|
||||
targ.getName().toLowerCase().matches(["uint8_t", "%byte%"])
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
// Types that can be wide depending on the UNICODE macro
|
||||
// see https://learn.microsoft.com/en-us/windows/win32/winprog/windows-data-types
|
||||
class UnicodeMacroDependentWidthType extends Type {
|
||||
UnicodeMacroDependentWidthType() {
|
||||
exists(Type targ | getABaseType(this) = targ |
|
||||
targ.getName() in [
|
||||
"LPCTSTR",
|
||||
"LPTSTR",
|
||||
"PCTSTR",
|
||||
"PTSTR",
|
||||
"TBYTE",
|
||||
"TCHAR"
|
||||
]
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
class UnicodeMacro extends Macro {
|
||||
UnicodeMacro() { this.getName().toLowerCase().matches("%unicode%") }
|
||||
}
|
||||
|
||||
class UnicodeMacroInvocation extends MacroInvocation {
|
||||
UnicodeMacroInvocation() { this.getMacro() instanceof UnicodeMacro }
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds when a expression whose type is UnicodeMacroDependentWidthType and
|
||||
* is observed to be guarded by a check involving a bitwise-and operation
|
||||
* with a UnicodeMacroInvocation.
|
||||
* Such expressions are assumed to be checked dynamically, i.e.,
|
||||
* the flag would indicate if UNICODE typing is set correctly to allow
|
||||
* or disallow a widening cast.
|
||||
*/
|
||||
predicate isLikelyDynamicallyChecked(Expr e) {
|
||||
e.getType() instanceof UnicodeMacroDependentWidthType and
|
||||
exists(GuardCondition gc, BitwiseAndExpr bai, UnicodeMacroInvocation umi |
|
||||
bai.getAnOperand() = umi.getExpr()
|
||||
|
|
||||
// bai == 0 is false when reaching `e.getBasicBlock()`.
|
||||
// That is, bai != 0 when reaching `e.getBasicBlock()`.
|
||||
gc.ensuresEq(bai, 0, e.getBasicBlock(), false)
|
||||
or
|
||||
// bai == k and k != 0 is true when reaching `e.getBasicBlock()`.
|
||||
gc.ensuresEq(bai, any(int k | k != 0), e.getBasicBlock(), true)
|
||||
)
|
||||
}
|
||||
|
||||
from Expr e1, Cast e2
|
||||
where
|
||||
e2 = e1.getConversion() and
|
||||
@@ -42,7 +104,11 @@ where
|
||||
not e1.getType() instanceof UnlikelyToBeAStringType and
|
||||
// Avoid castings from 'new' expressions as typically these will be safe
|
||||
// Example: `__Type* ret = reinterpret_cast<__Type*>(New(m_pmo) char[num * sizeof(__Type)]);`
|
||||
not exists(NewOrNewArrayExpr newExpr | newExpr.getAChild*() = e1)
|
||||
not exists(NewOrNewArrayExpr newExpr | newExpr.getAChild*() = e1) and
|
||||
// Avoid cases where the cast is guarded by a check to determine if
|
||||
// unicode encoding is enabled in such a way to disallow the dangerous cast
|
||||
// at runtime.
|
||||
not isLikelyDynamicallyChecked(e1)
|
||||
select e1,
|
||||
"Conversion from " + e1.getType().toString() + " to " + e2.getType().toString() +
|
||||
". Use of invalid string can lead to undefined behavior."
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `cpp/incorrect-string-type-conversion` query now produces fewer false positives caused by failure to detect byte arrays.
|
||||
* The `cpp/incorrect-string-type-conversion` query now produces fewer false positives caused by failure to recognize dynamic checks prior to possible dangerous widening.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Fixed false positives in the `cpp/uninitialized-local` ("Potentially uninitialized local variable") query if there are extraction errors in the function.
|
||||
@@ -49,7 +49,7 @@ predicate functionsMissingReturnStmt(Function f, ControlFlowNode blame) {
|
||||
predicate functionImperfectlyExtracted(Function f) {
|
||||
exists(CompilerError e | f.getBlock().getLocation().subsumes(e.getLocation()))
|
||||
or
|
||||
exists(ErrorExpr ee | ee.getEnclosingFunction() = f)
|
||||
f.hasErrors()
|
||||
or
|
||||
count(f.getType()) > 1
|
||||
or
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-queries
|
||||
version: 1.2.4
|
||||
version: 1.2.5-dev
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
||||
@@ -2,25 +2,168 @@
|
||||
| file://:0:0:0:0 | (unnamed parameter 0) | false |
|
||||
| file://:0:0:0:0 | __super | false |
|
||||
| file://:0:0:0:0 | __va_list_tag | false |
|
||||
| file://:0:0:0:0 | decltype([...](...){...}) | false |
|
||||
| file://:0:0:0:0 | operator= | false |
|
||||
| file://:0:0:0:0 | operator= | false |
|
||||
| test.cpp:0:0:0:0 | test.cpp | false |
|
||||
| test.cpp:2:1:2:61 | #define FOO class S{int i; void f(void) { int j; return; } }; | false |
|
||||
| test.cpp:2:1:2:68 | #define CLASS_DECL class S{int i; void f(void) { int j; return; } }; | false |
|
||||
| test.cpp:4:1:4:1 | S | false |
|
||||
| test.cpp:4:1:4:1 | declaration of S | false |
|
||||
| test.cpp:4:1:4:1 | declaration of operator= | false |
|
||||
| test.cpp:4:1:4:1 | declaration of operator= | false |
|
||||
| test.cpp:4:1:4:1 | operator= | false |
|
||||
| test.cpp:4:1:4:1 | operator= | false |
|
||||
| test.cpp:4:1:4:3 | FOO | false |
|
||||
| test.cpp:4:1:4:3 | S | false |
|
||||
| test.cpp:4:1:4:3 | declaration | true |
|
||||
| test.cpp:4:1:4:3 | definition of S | true |
|
||||
| test.cpp:4:1:4:3 | definition of f | true |
|
||||
| test.cpp:4:1:4:3 | definition of i | true |
|
||||
| test.cpp:4:1:4:3 | definition of j | true |
|
||||
| test.cpp:4:1:4:3 | f | false |
|
||||
| test.cpp:4:1:4:3 | i | false |
|
||||
| test.cpp:4:1:4:3 | j | true |
|
||||
| test.cpp:4:1:4:3 | return ... | true |
|
||||
| test.cpp:4:1:4:3 | { ... } | true |
|
||||
| test.cpp:4:1:4:10 | CLASS_DECL | false |
|
||||
| test.cpp:4:1:4:10 | S | false |
|
||||
| test.cpp:4:1:4:10 | declaration | true |
|
||||
| test.cpp:4:1:4:10 | definition of S | true |
|
||||
| test.cpp:4:1:4:10 | definition of f | true |
|
||||
| test.cpp:4:1:4:10 | definition of i | true |
|
||||
| test.cpp:4:1:4:10 | definition of j | true |
|
||||
| test.cpp:4:1:4:10 | f | false |
|
||||
| test.cpp:4:1:4:10 | i | false |
|
||||
| test.cpp:4:1:4:10 | j | true |
|
||||
| test.cpp:4:1:4:10 | return ... | true |
|
||||
| test.cpp:4:1:4:10 | { ... } | true |
|
||||
| test.cpp:6:1:6:42 | #define FUNCTION_DECL void f1() { int k; } | false |
|
||||
| test.cpp:8:1:8:13 | FUNCTION_DECL | false |
|
||||
| test.cpp:8:1:8:13 | declaration | true |
|
||||
| test.cpp:8:1:8:13 | definition of f1 | true |
|
||||
| test.cpp:8:1:8:13 | definition of k | true |
|
||||
| test.cpp:8:1:8:13 | f1 | false |
|
||||
| test.cpp:8:1:8:13 | k | true |
|
||||
| test.cpp:8:1:8:13 | return ... | true |
|
||||
| test.cpp:8:1:8:13 | { ... } | true |
|
||||
| test.cpp:10:1:10:33 | #define VARIABLE_DECL int v1 = 1; | false |
|
||||
| test.cpp:12:1:12:13 | 1 | true |
|
||||
| test.cpp:12:1:12:13 | VARIABLE_DECL | false |
|
||||
| test.cpp:12:1:12:13 | definition of v1 | true |
|
||||
| test.cpp:12:1:12:13 | initializer for v1 | true |
|
||||
| test.cpp:12:1:12:13 | v1 | true |
|
||||
| test.cpp:14:1:14:35 | #define TYPE_DECL_1 typedef int t1; | false |
|
||||
| test.cpp:16:1:16:11 | TYPE_DECL_1 | false |
|
||||
| test.cpp:16:1:16:11 | declaration of t1 | true |
|
||||
| test.cpp:16:1:16:11 | t1 | false |
|
||||
| test.cpp:18:1:18:35 | #define TYPE_DECL_2 using t2 = int; | false |
|
||||
| test.cpp:20:1:20:11 | TYPE_DECL_2 | false |
|
||||
| test.cpp:20:1:20:11 | declaration of t2 | true |
|
||||
| test.cpp:20:1:20:11 | t2 | false |
|
||||
| test.cpp:22:1:22:47 | #define NAMESPACE_DECL namespace ns { int v2; } | false |
|
||||
| test.cpp:24:1:24:14 | NAMESPACE_DECL | false |
|
||||
| test.cpp:24:1:24:14 | definition of v2 | true |
|
||||
| test.cpp:24:1:24:14 | ns | false |
|
||||
| test.cpp:24:1:24:14 | ns | false |
|
||||
| test.cpp:24:1:24:14 | v2 | true |
|
||||
| test.cpp:26:1:26:43 | #define USING_NAMESPACE using namespace ns; | false |
|
||||
| test.cpp:28:1:28:34 | #define ENUM_CONSTANT enum_element | false |
|
||||
| test.cpp:30:12:30:21 | definition of enum_class | false |
|
||||
| test.cpp:30:12:30:21 | enum_class | false |
|
||||
| test.cpp:30:25:30:37 | ENUM_CONSTANT | false |
|
||||
| test.cpp:30:25:30:37 | enum_element | false |
|
||||
| test.cpp:32:1:32:41 | #define USING_ENUM using enum enum_class; | false |
|
||||
| test.cpp:34:1:34:10 | USING_ENUM | false |
|
||||
| test.cpp:34:1:34:10 | using enum enum_class | false |
|
||||
| test.cpp:36:1:36:48 | #define STATIC_ASSERT static_assert(1 == 1, ""); | false |
|
||||
| test.cpp:38:1:38:13 | 1 | true |
|
||||
| test.cpp:38:1:38:13 | 1 | true |
|
||||
| test.cpp:38:1:38:13 | ... == ... | true |
|
||||
| test.cpp:38:1:38:13 | STATIC_ASSERT | false |
|
||||
| test.cpp:38:1:38:13 | static_assert(..., "") | false |
|
||||
| test.cpp:40:1:40:42 | #define ATTRIBUTE [[nodiscard("reason1")]] | false |
|
||||
| test.cpp:42:1:42:9 | ATTRIBUTE | false |
|
||||
| test.cpp:42:1:42:9 | nodiscard | false |
|
||||
| test.cpp:42:1:42:9 | reason1 | false |
|
||||
| test.cpp:42:1:42:9 | reason1 | true |
|
||||
| test.cpp:43:5:43:6 | declaration of f2 | false |
|
||||
| test.cpp:43:5:43:6 | f2 | false |
|
||||
| test.cpp:45:1:45:31 | #define ATTRIBUTE_ARG "reason2" | false |
|
||||
| test.cpp:47:3:47:11 | nodiscard | false |
|
||||
| test.cpp:47:13:47:25 | ATTRIBUTE_ARG | false |
|
||||
| test.cpp:47:13:47:25 | reason2 | false |
|
||||
| test.cpp:47:13:47:25 | reason2 | true |
|
||||
| test.cpp:48:5:48:6 | declaration of f3 | false |
|
||||
| test.cpp:48:5:48:6 | f3 | false |
|
||||
| test.cpp:50:1:50:16 | #define TYPE int | false |
|
||||
| test.cpp:52:1:52:4 | TYPE | false |
|
||||
| test.cpp:52:6:52:7 | definition of v3 | true |
|
||||
| test.cpp:52:6:52:7 | v3 | true |
|
||||
| test.cpp:52:11:52:11 | 1 | false |
|
||||
| test.cpp:52:11:52:11 | initializer for v3 | false |
|
||||
| test.cpp:54:1:54:29 | #define DERIVATION : public S | false |
|
||||
| test.cpp:56:7:56:7 | T | false |
|
||||
| test.cpp:56:7:56:7 | T | false |
|
||||
| test.cpp:56:7:56:7 | declaration of T | false |
|
||||
| test.cpp:56:7:56:7 | declaration of operator= | false |
|
||||
| test.cpp:56:7:56:7 | declaration of operator= | false |
|
||||
| test.cpp:56:7:56:7 | definition of T | false |
|
||||
| test.cpp:56:7:56:7 | operator= | false |
|
||||
| test.cpp:56:7:56:7 | operator= | false |
|
||||
| test.cpp:56:9:56:18 | DERIVATION | false |
|
||||
| test.cpp:56:9:56:18 | derivation | false |
|
||||
| test.cpp:58:1:58:31 | #define FRIEND friend int f3(); | false |
|
||||
| test.cpp:60:7:60:7 | U | false |
|
||||
| test.cpp:60:7:60:7 | declaration of operator= | false |
|
||||
| test.cpp:60:7:60:7 | declaration of operator= | false |
|
||||
| test.cpp:60:7:60:7 | definition of U | false |
|
||||
| test.cpp:60:7:60:7 | operator= | false |
|
||||
| test.cpp:60:7:60:7 | operator= | false |
|
||||
| test.cpp:61:3:61:8 | FRIEND | false |
|
||||
| test.cpp:61:3:61:8 | U's friend | false |
|
||||
| test.cpp:64:1:64:24 | #define NAME_QUAL_1 ns:: | false |
|
||||
| test.cpp:66:1:66:22 | #define NAME_QUAL_2 ns | false |
|
||||
| test.cpp:68:1:68:19 | #define LOCAL_VAR m | false |
|
||||
| test.cpp:70:6:70:7 | definition of f4 | false |
|
||||
| test.cpp:70:6:70:7 | f4 | false |
|
||||
| test.cpp:70:11:76:1 | { ... } | false |
|
||||
| test.cpp:71:5:71:8 | ns:: | false |
|
||||
| test.cpp:71:5:71:15 | NAME_QUAL_1 | false |
|
||||
| test.cpp:71:5:71:18 | v2 | false |
|
||||
| test.cpp:71:5:71:19 | ExprStmt | false |
|
||||
| test.cpp:72:5:72:8 | ns:: | false |
|
||||
| test.cpp:72:5:72:15 | NAME_QUAL_2 | false |
|
||||
| test.cpp:72:5:72:21 | v2 | false |
|
||||
| test.cpp:72:5:72:22 | ExprStmt | false |
|
||||
| test.cpp:73:5:73:23 | declaration | false |
|
||||
| test.cpp:73:9:73:17 | LOCAL_VAR | false |
|
||||
| test.cpp:73:9:73:17 | definition of m | true |
|
||||
| test.cpp:73:9:73:17 | m | true |
|
||||
| test.cpp:73:20:73:22 | 42 | false |
|
||||
| test.cpp:73:20:73:22 | initializer for m | false |
|
||||
| test.cpp:74:5:74:41 | declaration | false |
|
||||
| test.cpp:74:10:74:10 | definition of l | false |
|
||||
| test.cpp:74:10:74:10 | l | false |
|
||||
| test.cpp:74:13:74:40 | [...](...){...} | false |
|
||||
| test.cpp:74:13:74:40 | initializer for l | false |
|
||||
| test.cpp:74:13:74:40 | {...} | false |
|
||||
| test.cpp:74:14:74:14 | (unnamed constructor) | false |
|
||||
| test.cpp:74:14:74:14 | (unnamed constructor) | false |
|
||||
| test.cpp:74:14:74:14 | (unnamed constructor) | false |
|
||||
| test.cpp:74:14:74:14 | declaration of (unnamed constructor) | false |
|
||||
| test.cpp:74:14:74:14 | declaration of (unnamed constructor) | false |
|
||||
| test.cpp:74:14:74:14 | definition of (unnamed constructor) | false |
|
||||
| test.cpp:74:14:74:14 | definition of operator= | false |
|
||||
| test.cpp:74:14:74:14 | operator= | false |
|
||||
| test.cpp:74:15:74:15 | definition of m | false |
|
||||
| test.cpp:74:15:74:15 | m | false |
|
||||
| test.cpp:74:15:74:15 | m | false |
|
||||
| test.cpp:74:15:74:23 | LOCAL_VAR | false |
|
||||
| test.cpp:74:15:74:23 | m | true |
|
||||
| test.cpp:74:25:74:25 | definition of operator() | false |
|
||||
| test.cpp:74:25:74:25 | operator() | false |
|
||||
| test.cpp:74:28:74:40 | { ... } | false |
|
||||
| test.cpp:74:30:74:38 | return ... | false |
|
||||
| test.cpp:74:37:74:37 | (int)... | false |
|
||||
| test.cpp:75:5:75:5 | (const lambda [] type at line 74, col. 14)... | false |
|
||||
| test.cpp:75:5:75:5 | l | false |
|
||||
| test.cpp:75:5:75:8 | ExprStmt | false |
|
||||
| test.cpp:75:6:75:6 | call to operator() | false |
|
||||
| test.cpp:76:1:76:1 | return ... | false |
|
||||
| test.cpp:78:1:78:15 | #define ID(x) x | false |
|
||||
| test.cpp:79:1:79:23 | #define NESTED(x) ID(x) | false |
|
||||
| test.cpp:80:5:80:6 | definition of v4 | false |
|
||||
| test.cpp:80:5:80:6 | v4 | false |
|
||||
| test.cpp:80:10:80:18 | ID(x) | false |
|
||||
| test.cpp:80:10:80:18 | NESTED(x) | false |
|
||||
| test.cpp:80:17:80:17 | 1 | true |
|
||||
| test.cpp:80:17:80:17 | initializer for v4 | true |
|
||||
| test.cpp:82:1:82:39 | // semmle-extractor-options: -std=c++20 | false |
|
||||
|
||||
@@ -1,5 +1,82 @@
|
||||
|
||||
#define FOO class S{int i; void f(void) { int j; return; } };
|
||||
#define CLASS_DECL class S{int i; void f(void) { int j; return; } };
|
||||
|
||||
FOO
|
||||
CLASS_DECL
|
||||
|
||||
#define FUNCTION_DECL void f1() { int k; }
|
||||
|
||||
FUNCTION_DECL
|
||||
|
||||
#define VARIABLE_DECL int v1 = 1;
|
||||
|
||||
VARIABLE_DECL
|
||||
|
||||
#define TYPE_DECL_1 typedef int t1;
|
||||
|
||||
TYPE_DECL_1
|
||||
|
||||
#define TYPE_DECL_2 using t2 = int;
|
||||
|
||||
TYPE_DECL_2
|
||||
|
||||
#define NAMESPACE_DECL namespace ns { int v2; }
|
||||
|
||||
NAMESPACE_DECL
|
||||
|
||||
#define USING_NAMESPACE using namespace ns;
|
||||
|
||||
#define ENUM_CONSTANT enum_element
|
||||
|
||||
enum class enum_class { ENUM_CONSTANT };
|
||||
|
||||
#define USING_ENUM using enum enum_class;
|
||||
|
||||
USING_ENUM
|
||||
|
||||
#define STATIC_ASSERT static_assert(1 == 1, "");
|
||||
|
||||
STATIC_ASSERT
|
||||
|
||||
#define ATTRIBUTE [[nodiscard("reason1")]]
|
||||
|
||||
ATTRIBUTE
|
||||
int f2();
|
||||
|
||||
#define ATTRIBUTE_ARG "reason2"
|
||||
|
||||
[[nodiscard(ATTRIBUTE_ARG)]]
|
||||
int f3();
|
||||
|
||||
#define TYPE int
|
||||
|
||||
TYPE v3 = 1;
|
||||
|
||||
#define DERIVATION : public S
|
||||
|
||||
class T DERIVATION {};
|
||||
|
||||
#define FRIEND friend int f3();
|
||||
|
||||
class U {
|
||||
FRIEND
|
||||
};
|
||||
|
||||
#define NAME_QUAL_1 ns::
|
||||
|
||||
#define NAME_QUAL_2 ns
|
||||
|
||||
#define LOCAL_VAR m
|
||||
|
||||
void f4() {
|
||||
NAME_QUAL_1 v2;
|
||||
NAME_QUAL_2 :: v2;
|
||||
int LOCAL_VAR = 42;
|
||||
auto l = [LOCAL_VAR]() { return m; };
|
||||
l();
|
||||
}
|
||||
|
||||
#define ID(x) x
|
||||
#define NESTED(x) ID(x)
|
||||
int v4 = NESTED(1);
|
||||
|
||||
// semmle-extractor-options: -std=c++20
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
edges
|
||||
nodes
|
||||
| errors.cpp:13:7:13:7 | definition of x | semmle.label | definition of x |
|
||||
| test.cpp:11:6:11:8 | definition of foo | semmle.label | definition of foo |
|
||||
| test.cpp:111:6:111:8 | definition of foo | semmle.label | definition of foo |
|
||||
| test.cpp:226:7:226:7 | definition of x | semmle.label | definition of x |
|
||||
@@ -14,6 +15,7 @@ nodes
|
||||
| test.cpp:472:6:472:6 | definition of x | semmle.label | definition of x |
|
||||
| test.cpp:479:6:479:6 | definition of x | semmle.label | definition of x |
|
||||
#select
|
||||
| errors.cpp:14:18:14:18 | x | errors.cpp:13:7:13:7 | definition of x | errors.cpp:13:7:13:7 | definition of x | The variable $@ may not be initialized at this access. | errors.cpp:13:7:13:7 | x | x |
|
||||
| test.cpp:12:6:12:8 | foo | test.cpp:11:6:11:8 | definition of foo | test.cpp:11:6:11:8 | definition of foo | The variable $@ may not be initialized at this access. | test.cpp:11:6:11:8 | foo | foo |
|
||||
| test.cpp:113:6:113:8 | foo | test.cpp:111:6:111:8 | definition of foo | test.cpp:111:6:111:8 | definition of foo | The variable $@ may not be initialized at this access. | test.cpp:111:6:111:8 | foo | foo |
|
||||
| test.cpp:227:3:227:3 | x | test.cpp:226:7:226:7 | definition of x | test.cpp:226:7:226:7 | definition of x | The variable $@ may not be initialized at this access. | test.cpp:226:7:226:7 | x | x |
|
||||
|
||||
@@ -0,0 +1,15 @@
|
||||
// semmle-extractor-options: --expect_errors
|
||||
|
||||
int f1() {
|
||||
int x;
|
||||
initialize(&x); // error expression - initialize() is not defined
|
||||
return x; // GOOD - assume x is initialized
|
||||
}
|
||||
|
||||
void * operator new(unsigned long, bool);
|
||||
void operator delete(void*, bool);
|
||||
|
||||
int f2() {
|
||||
int x;
|
||||
new(true) int (x); // BAD, ignore implicit error expression
|
||||
}
|
||||
@@ -53,4 +53,59 @@ void NonStringFalsePositiveTest2(unsigned char* buffer)
|
||||
{
|
||||
wchar_t *lpWchar = NULL;
|
||||
lpWchar = (LPWSTR)buffer; // Possible False Positive
|
||||
}
|
||||
}
|
||||
|
||||
typedef unsigned char BYTE;
|
||||
using FOO = BYTE*;
|
||||
|
||||
void NonStringFalsePositiveTest3(FOO buffer)
|
||||
{
|
||||
wchar_t *lpWchar = NULL;
|
||||
lpWchar = (LPWSTR)buffer; // GOOD
|
||||
}
|
||||
|
||||
#define UNICODE 0x8
|
||||
|
||||
// assume EMPTY_MACRO is tied to if UNICODE is enabled
|
||||
#ifdef EMPTY_MACRO
|
||||
typedef WCHAR* LPTSTR;
|
||||
#else
|
||||
typedef char* LPTSTR;
|
||||
#endif
|
||||
|
||||
void CheckedConversionFalsePositiveTest3(unsigned short flags, LPTSTR buffer)
|
||||
{
|
||||
wchar_t *lpWchar = NULL;
|
||||
if(flags & UNICODE)
|
||||
lpWchar = (LPWSTR)buffer; // GOOD
|
||||
else
|
||||
lpWchar = (LPWSTR)buffer; // BUG
|
||||
|
||||
if((flags & UNICODE) == 0x8)
|
||||
lpWchar = (LPWSTR)buffer; // GOOD
|
||||
else
|
||||
lpWchar = (LPWSTR)buffer; // BUG
|
||||
|
||||
if((flags & UNICODE) != 0x8)
|
||||
lpWchar = (LPWSTR)buffer; // BUG
|
||||
else
|
||||
lpWchar = (LPWSTR)buffer; // GOOD
|
||||
|
||||
// Bad operator precedence
|
||||
if(flags & UNICODE == 0x8)
|
||||
lpWchar = (LPWSTR)buffer; // BUG
|
||||
else
|
||||
lpWchar = (LPWSTR)buffer; // BUG
|
||||
|
||||
if((flags & UNICODE) != 0)
|
||||
lpWchar = (LPWSTR)buffer; // GOOD
|
||||
else
|
||||
lpWchar = (LPWSTR)buffer; // BUG
|
||||
|
||||
if((flags & UNICODE) == 0)
|
||||
lpWchar = (LPWSTR)buffer; // BUG
|
||||
else
|
||||
lpWchar = (LPWSTR)buffer; // GOOD
|
||||
|
||||
lpWchar = (LPWSTR)buffer; // BUG
|
||||
}
|
||||
|
||||
@@ -3,3 +3,11 @@
|
||||
| WcharCharConversion.cpp:24:22:24:27 | lpChar | Conversion from char * to wchar_t *. Use of invalid string can lead to undefined behavior. |
|
||||
| WcharCharConversion.cpp:26:23:26:28 | lpChar | Conversion from char * to LPCWSTR. Use of invalid string can lead to undefined behavior. |
|
||||
| WcharCharConversion.cpp:27:17:27:22 | lpChar | Conversion from char * to LPWSTR. Use of invalid string can lead to undefined behavior. |
|
||||
| WcharCharConversion.cpp:82:21:82:26 | buffer | Conversion from LPTSTR to LPWSTR. Use of invalid string can lead to undefined behavior. |
|
||||
| WcharCharConversion.cpp:87:21:87:26 | buffer | Conversion from LPTSTR to LPWSTR. Use of invalid string can lead to undefined behavior. |
|
||||
| WcharCharConversion.cpp:90:21:90:26 | buffer | Conversion from LPTSTR to LPWSTR. Use of invalid string can lead to undefined behavior. |
|
||||
| WcharCharConversion.cpp:96:21:96:26 | buffer | Conversion from LPTSTR to LPWSTR. Use of invalid string can lead to undefined behavior. |
|
||||
| WcharCharConversion.cpp:98:21:98:26 | buffer | Conversion from LPTSTR to LPWSTR. Use of invalid string can lead to undefined behavior. |
|
||||
| WcharCharConversion.cpp:103:21:103:26 | buffer | Conversion from LPTSTR to LPWSTR. Use of invalid string can lead to undefined behavior. |
|
||||
| WcharCharConversion.cpp:106:21:106:26 | buffer | Conversion from LPTSTR to LPWSTR. Use of invalid string can lead to undefined behavior. |
|
||||
| WcharCharConversion.cpp:110:20:110:25 | buffer | Conversion from LPTSTR to LPWSTR. Use of invalid string can lead to undefined behavior. |
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.26
|
||||
version: 1.7.27-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.26
|
||||
version: 1.7.27-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-all
|
||||
version: 3.0.0
|
||||
version: 3.0.1-dev
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
||||
@@ -318,7 +318,7 @@ private predicate elementSpec(
|
||||
or
|
||||
summaryModel(namespace, type, subtypes, name, signature, ext, _, _, _, _, _)
|
||||
or
|
||||
neutralModel(namespace, type, name, signature, _, _) and ext = "" and subtypes = false
|
||||
neutralModel(namespace, type, name, signature, _, _) and ext = "" and subtypes = true
|
||||
}
|
||||
|
||||
private predicate elementSpec(
|
||||
@@ -602,7 +602,7 @@ private predicate interpretSummary(
|
||||
predicate interpretNeutral(UnboundCallable c, string kind, string provenance) {
|
||||
exists(string namespace, string type, string name, string signature |
|
||||
neutralModel(namespace, type, name, signature, kind, provenance) and
|
||||
c = interpretElement(namespace, type, false, name, signature, "")
|
||||
c = interpretElement(namespace, type, true, name, signature, "")
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-queries
|
||||
version: 1.0.9
|
||||
version: 1.0.10-dev
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -27,3 +27,10 @@ options:
|
||||
The default is 'false'.
|
||||
type: string
|
||||
pattern: "^(false|true)$"
|
||||
extract_vendor_dirs:
|
||||
title: Whether to include Go vendor directories in the CodeQL database.
|
||||
description: >
|
||||
A value indicating whether Go vendor directories should be included in the CodeQL database.
|
||||
The default is 'false'.
|
||||
type: string
|
||||
pattern: "^(false|true)$"
|
||||
|
||||
@@ -28,7 +28,8 @@ type BaselineConfig struct {
|
||||
func GetConfigBaselineAsJSON(rootDir string) ([]byte, error) {
|
||||
vendorDirs := make([]string, 0)
|
||||
|
||||
if util.IsVendorDirExtractionEnabled() {
|
||||
extractVendorDirs, _ := util.IsVendorDirExtractionEnabled()
|
||||
if extractVendorDirs {
|
||||
// The user wants vendor directories scanned; emit an empty report.
|
||||
} else {
|
||||
filepath.WalkDir(rootDir, func(dirPath string, d fs.DirEntry, err error) error {
|
||||
|
||||
@@ -81,11 +81,27 @@ func ExtractWithFlags(buildFlags []string, patterns []string, extractTests bool)
|
||||
}
|
||||
}
|
||||
|
||||
testMessage := ""
|
||||
if extractTests {
|
||||
testMessage = " (test extraction enabled)"
|
||||
// If CODEQL_EXTRACTOR_GO_[OPTION_]EXTRACT_VENDOR_DIRS is "true", we extract `vendor` directories;
|
||||
// otherwise (the default) is to exclude them from extraction
|
||||
includeVendor, oldOptionUsed := util.IsVendorDirExtractionEnabled()
|
||||
|
||||
if oldOptionUsed {
|
||||
log.Println("Warning: obsolete option \"CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS\" was set. Use \"CODEQL_EXTRACTOR_GO_OPTION_EXTRACT_VENDOR_DIRS\" or pass `--extractor-option extract_vendor_dirs=true` instead.")
|
||||
}
|
||||
log.Printf("Running packages.Load%s.", testMessage)
|
||||
|
||||
modeNotifications := make([]string, 0, 2)
|
||||
if extractTests {
|
||||
modeNotifications = append(modeNotifications, "test extraction enabled")
|
||||
}
|
||||
if includeVendor {
|
||||
modeNotifications = append(modeNotifications, "extracting vendor directories")
|
||||
}
|
||||
|
||||
modeMessage := strings.Join(modeNotifications, ", ")
|
||||
if modeMessage != "" {
|
||||
modeMessage = " (" + modeMessage + ")"
|
||||
}
|
||||
log.Printf("Running packages.Load%s.", modeMessage)
|
||||
|
||||
// This includes test packages if either we're tracing a `go test` command,
|
||||
// or if CODEQL_EXTRACTOR_GO_OPTION_EXTRACT_TESTS is set to "true".
|
||||
@@ -233,9 +249,6 @@ func ExtractWithFlags(buildFlags []string, patterns []string, extractTests bool)
|
||||
// Construct a list of directory segments to exclude from extraction, starting with ".."
|
||||
excludedDirs := []string{`\.\.`}
|
||||
|
||||
// If CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS is "true", we extract `vendor` directories;
|
||||
// otherwise (the default) is to exclude them from extraction
|
||||
includeVendor := util.IsVendorDirExtractionEnabled()
|
||||
if !includeVendor {
|
||||
excludedDirs = append(excludedDirs, "vendor")
|
||||
}
|
||||
|
||||
@@ -4,6 +4,8 @@ import (
|
||||
"os"
|
||||
)
|
||||
|
||||
func IsVendorDirExtractionEnabled() bool {
|
||||
return os.Getenv("CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS") == "true"
|
||||
func IsVendorDirExtractionEnabled() (bool, bool) {
|
||||
oldOptionVal := os.Getenv("CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS")
|
||||
return (oldOptionVal == "true" ||
|
||||
os.Getenv("CODEQL_EXTRACTOR_GO_OPTION_EXTRACT_VENDOR_DIRS") == "true"), oldOptionVal != ""
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql-go-consistency-queries
|
||||
version: 1.0.9
|
||||
version: 1.0.10-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -4,3 +4,6 @@ import os
|
||||
def test(codeql, go):
|
||||
os.environ["CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS"] = "true"
|
||||
codeql.database.create(source_root="src")
|
||||
|
||||
def test_extractor_option(codeql, go):
|
||||
codeql.database.create(source_root="src", extractor_option = "extract_vendor_dirs=true")
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
import os
|
||||
|
||||
def test(codeql, go):
|
||||
codeql.database.create(source_root="src", extractor_option = ["extract_tests=true"])
|
||||
@@ -1,2 +0,0 @@
|
||||
all:
|
||||
go get
|
||||
@@ -1,3 +0,0 @@
|
||||
go 1.14
|
||||
|
||||
module testsample
|
||||
@@ -1,45 +0,0 @@
|
||||
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
|
||||
golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
||||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
|
||||
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
|
||||
golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
|
||||
golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
|
||||
golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
|
||||
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
|
||||
golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
@@ -1,5 +0,0 @@
|
||||
package testsample
|
||||
|
||||
func PublicFunction() int { return 1 }
|
||||
|
||||
func privateFunction() int { return 2 }
|
||||
@@ -1,15 +0,0 @@
|
||||
package testsample_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
"testsample"
|
||||
)
|
||||
|
||||
func TestTestMe(t *testing.T) {
|
||||
|
||||
publicResult := testsample.PublicFunction()
|
||||
if publicResult != 1 {
|
||||
t.Errorf("Expected 1, got %d", publicResult)
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,19 +0,0 @@
|
||||
package testsample
|
||||
|
||||
import (
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestTestMe(t *testing.T) {
|
||||
|
||||
publicResult := PublicFunction()
|
||||
if publicResult != 1 {
|
||||
t.Errorf("Expected 1, got %d", publicResult)
|
||||
}
|
||||
|
||||
privateResult := privateFunction()
|
||||
if privateResult != 2 {
|
||||
t.Errorf("Expected 2, got %d", privateResult)
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,9 +0,0 @@
|
||||
#select
|
||||
| src/testme.go:0:0:0:0 | src/testme.go |
|
||||
| src/testme_blackbox_test.go:0:0:0:0 | src/testme_blackbox_test.go |
|
||||
| src/testme_test.go:0:0:0:0 | src/testme_test.go |
|
||||
calls
|
||||
| src/testme_blackbox_test.go:10:18:10:44 | call to PublicFunction | src/testme.go:3:1:3:38 | function declaration |
|
||||
| src/testme_test.go:9:18:9:33 | call to PublicFunction | src/testme.go:3:1:3:38 | function declaration |
|
||||
| src/testme_test.go:14:19:14:35 | call to privateFunction | src/testme.go:5:1:5:39 | function declaration |
|
||||
extractionErrors
|
||||
@@ -1,4 +0,0 @@
|
||||
import os
|
||||
|
||||
def test(codeql, go):
|
||||
codeql.database.create(source_root="src", command="go test -c")
|
||||
@@ -1,9 +0,0 @@
|
||||
import go
|
||||
import semmle.go.DiagnosticsReporting
|
||||
|
||||
from GoFile f
|
||||
select f
|
||||
|
||||
query predicate calls(CallExpr ce, FuncDecl f) { f = ce.getTarget().getFuncDecl() }
|
||||
|
||||
query predicate extractionErrors(string msg, int sev) { reportableDiagnostics(_, msg, sev) }
|
||||
7
go/ql/integration-tests/test-extraction/test.py
Normal file
7
go/ql/integration-tests/test-extraction/test.py
Normal file
@@ -0,0 +1,7 @@
|
||||
import os
|
||||
|
||||
def test_traced(codeql, go):
|
||||
codeql.database.create(source_root="src", command="go test -c")
|
||||
|
||||
def test_autobuild(codeql, go):
|
||||
codeql.database.create(source_root="src", extractor_option = ["extract_tests=true"])
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-all
|
||||
version: 2.1.0
|
||||
version: 2.1.1-dev
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-queries
|
||||
version: 1.1.0
|
||||
version: 1.1.1-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-automodel-queries
|
||||
version: 1.0.9
|
||||
version: 1.0.10-dev
|
||||
groups:
|
||||
- java
|
||||
- automodel
|
||||
|
||||
@@ -212,7 +212,6 @@ extensions:
|
||||
- ["java.lang", "Object", "equals", "(Object)", "summary", "manual"]
|
||||
- ["java.lang", "Object", "getClass", "()", "summary", "manual"]
|
||||
- ["java.lang", "Object", "hashCode", "()", "summary", "manual"]
|
||||
- ["java.lang", "Object", "toString", "()", "summary", "manual"]
|
||||
- ["java.lang", "Runtime", "getRuntime", "()", "summary", "manual"]
|
||||
- ["java.lang", "String", "compareTo", "(String)", "summary", "manual"]
|
||||
- ["java.lang", "String", "contains", "(CharSequence)", "summary", "manual"]
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-all
|
||||
version: 4.1.0
|
||||
version: 4.1.1-dev
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
||||
@@ -416,7 +416,7 @@ private predicate elementSpec(
|
||||
or
|
||||
summaryModel(package, type, subtypes, name, signature, ext, _, _, _, _, _)
|
||||
or
|
||||
neutralModel(package, type, name, signature, _, _) and ext = "" and subtypes = false
|
||||
neutralModel(package, type, name, signature, _, _) and ext = "" and subtypes = true
|
||||
}
|
||||
|
||||
private string getNestedName(Type t) {
|
||||
|
||||
@@ -34,7 +34,7 @@ module Input implements InputSig<Location, DataFlowImplSpecific::JavaDataFlow> {
|
||||
) {
|
||||
exists(string namespace, string type, string name, string signature |
|
||||
neutralModel(namespace, type, name, signature, kind, provenance) and
|
||||
c.asCallable() = interpretElement(namespace, type, false, name, signature, "", isExact)
|
||||
c.asCallable() = interpretElement(namespace, type, true, name, signature, "", isExact)
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-queries
|
||||
version: 1.1.6
|
||||
version: 1.1.7-dev
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
||||
@@ -77,7 +77,7 @@ class Endpoint extends Callable {
|
||||
predicate isNeutral() {
|
||||
exists(string namespace, string type, string name, string signature |
|
||||
neutralModel(namespace, type, name, signature, _, _) and
|
||||
this = interpretElement(namespace, type, false, name, signature, "", _)
|
||||
this = interpretElement(namespace, type, true, name, signature, "", _)
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
| java.lang.Object#toString() | no manual model |
|
||||
| java.lang.Runnable#run() | no manual model |
|
||||
| java.util.Comparator#comparing(Function) | no manual model |
|
||||
| java.util.function.BiConsumer#accept(Object,Object) | no manual model |
|
||||
|
||||
10
java/ql/test/library-tests/MemberRefExpr/parameters.expected
Normal file
10
java/ql/test/library-tests/MemberRefExpr/parameters.expected
Normal file
@@ -0,0 +1,10 @@
|
||||
| Test.java:3:22:3:24 | o |
|
||||
| Test.java:7:22:7:26 | i |
|
||||
| Test.java:45:22:45:26 | s |
|
||||
| Test.java:49:29:49:42 | this |
|
||||
| Test.java:50:29:50:42 | this |
|
||||
| Test.java:51:29:51:39 | this |
|
||||
| Test.java:52:40:52:64 | this |
|
||||
| Test.java:70:13:70:22 | length |
|
||||
| Test.java:71:13:71:26 | length |
|
||||
| Test.java:75:31:75:47 | this |
|
||||
5
java/ql/test/library-tests/MemberRefExpr/parameters.ql
Normal file
5
java/ql/test/library-tests/MemberRefExpr/parameters.ql
Normal file
@@ -0,0 +1,5 @@
|
||||
import java
|
||||
|
||||
from Parameter p
|
||||
where p.fromSource()
|
||||
select p
|
||||
8
javascript/ql/base/qlpack.yml
Normal file
8
javascript/ql/base/qlpack.yml
Normal file
@@ -0,0 +1,8 @@
|
||||
name: codeql/javascript-base
|
||||
version: 1.0.0-dev
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
library: true
|
||||
upgrades: upgrades
|
||||
warnOnImplicitThis: true
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user