hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
cd73dcfb048d573d4eee428f39f741d172c22b00
codeql/cpp/ql/lib/change-notes/released/7.1.0.md
Henry Mercer 1a6b2b9b82 Fix capitalization of MySQL
2026-02-02 12:37:32 +00:00

1.6 KiB
Raw Blame History

7.1.0

New Features

  • Added a subclass Embed of PreprocessorDirective for C23 and C++26 #embed preprocessor directives.
  • Added modules DataFlow::ParameterizedBarrierGuard and DataFlow::ParameterizedInstructionBarrierGuard. These modules provide the same features as DataFlow::BarrierGuard and DataFlow::InstructionBarrierGuard, but allow for an additional parameter to support properly using them in dataflow configurations that uses flow states.

Minor Analysis Improvements

  • The Buffer.qll library will no longer report incorrect buffer sizes on certain malformed databases. As a result, the queries cpp/static-buffer-overflow, cpp/overflow-buffer, cpp/badly-bounded-write, cpp/overrunning-write, cpp/overrunning-write-with-float, and cpp/very-likely-overrunning-write will report fewer false positives on such databases.
  • Added taint summary models and sql-injection barrier models for the MySQL mysql_real_escape_string and mysql_real_escape_string_quote escaping functions.
  • The predicate SummarizedCallable.propagatesFlow has been extended with the columns Provenance p and boolean isExact, and as a consequence the predicates SummarizedCallable.hasProvenance and SummarizedCallable.hasExactModel have been removed.

Bug Fixes

  • Fixed a bug in the GuardCondition library which sometimes prevented binary logical operators from being recognized as guard conditions. As a result, queries using GuardCondition may see improved results.
  • Fixed a bug which caused Node.asDefinition() to not have a result for certain assignments.