github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
49 730 коммитов 1 544 Ветки 131 Тег 485 MiB
Граф коммитов

8735 Коммитов

Автор SHA1 Сообщение Дата
Michael Nebel 7271d9987e
Merge pull request #11940 from michaelnebel/csharp/dotnet7 
C#: Update project targets, workflows and other scripts to use .NET 7.
 2023-02-02 08:14:55 +01:00
Nora Dimitrijević e137993acd
Merge pull request #12061 from d10c/cpp/missing-check-scanf-join-order-fix 2023-02-02 07:57:21 +01:00
Nora Dimitrijević 1df0be3ca2 C++: Fix join order in `cpp/missing-check-scanf` 
The issues were:
* `revFlow`: `revFlow` joins `fwdFlow` on `vn`.
* `Node.getASuccessor()`: `MkNode` self-join on `vn`.
* `hasFlow/5`: `MkNode` self-join on `vn`.
 2023-02-01 16:29:43 +01:00
Mathias Vorreiter Pedersen a2248e6ca6
Merge pull request #12030 from MathiasVP/iterator-public-models 
C++: Make iterator classes public
 2023-01-31 14:11:52 +00:00
Mathias Vorreiter Pedersen fcc4c91739 C++: More responding to comments. 2023-01-31 13:01:00 +00:00
Michael Nebel 3a4e5700e8 C#: Update project targets, workflows and other scripts to use .NET 7. 2023-01-31 13:20:59 +01:00
Gulshan Singh 1a109cab4d Remove unicode characters 2023-01-31 03:38:03 -08:00
Mathias Vorreiter Pedersen daf7d1b7e7 C++: Add more QLDoc. 2023-01-31 10:37:51 +00:00
Mathias Vorreiter Pedersen 7583fe2ad8 C++: Respond to PR reviews. 2023-01-31 10:31:02 +00:00
Gulshan Singh 2f38d363ff Fix typo in dependsOnChild 2023-01-30 19:55:53 -08:00
Gulshan Singh fb31570af3 Fix bitshift test 2023-01-30 19:55:53 -08:00
Gulshan Singh 1758e25207 Merge lshift/rshift range expressions into a single file and address PR comments 2023-01-30 19:55:53 -08:00
Gulshan Singh 051d36ee6a Add ConstantLShiftExprRange and ConstantRShiftExprRange classes 2023-01-30 19:55:53 -08:00
Gulshan Singh 5710289460 Add bitshift test 2023-01-30 19:55:53 -08:00
Mathias Vorreiter Pedersen a01a4734ed C++/C#: Sync identical files. 2023-01-30 17:32:53 +00:00
Mathias Vorreiter Pedersen 3a1a9a771c C++: Add a 'getCall' predicate to 'ArgumentOperand'. 2023-01-30 17:31:52 +00:00
Mathias Vorreiter Pedersen f90007ae71 C++: Make our iterator models public. 2023-01-30 17:23:52 +00:00
Mathias Vorreiter Pedersen 95b15825f9 DataFlow: Sync identical files. 2023-01-27 16:24:31 +00:00
Mathias Vorreiter Pedersen a691535e77 C++: Fix join order in 'fwdFlowRead'. 2023-01-27 16:24:08 +00:00
Mathias Vorreiter Pedersen 13baa5b60b C++: Add iterator typedefs to properly instantiate 'int_iterator_by_trait' and 'insert_iterator_by_trait'. 2023-01-26 11:43:33 +00:00
Mathias Vorreiter Pedersen 510211a4c7 C++: Add testcase with looping behavior in C/C++ def-use flow. 2023-01-24 09:44:30 +00:00
Mathias Vorreiter Pedersen ca5916f3dc
Merge pull request #11946 from MathiasVP/fix-taint-models-2 2023-01-24 08:13:43 +00:00
Jeroen Ketema 0a0d6d0841
Merge pull request #11963 from MathiasVP/testcase-with-loop 
C++: Add testcase with looping behavior
 2023-01-23 16:33:36 +01:00
Mathias Vorreiter Pedersen a217017859 C++: Add testcase with looping behavior in C/C++ use-use flow. 2023-01-23 14:29:39 +00:00
Jeroen Ketema 05ecd2e015
Merge pull request #11958 from jketema/argv-if-tests 
C++: Add some additional uncontrolled format string tests
 2023-01-23 14:05:07 +01:00
Jeroen Ketema cfc0dabad9
C++: Add some additional uncontrolled format string tests 
These duplicate the `i9` and `i91` tests slightly earlier in the same file, but
use an explicit `if` instead of the ternary operator.
 2023-01-23 11:50:45 +01:00
Mathias Vorreiter Pedersen 470abfd0aa C++: Conflate iterator value and indirection for taint-flow to fix AST dataflow. 2023-01-23 10:40:25 +00:00
Mathias Vorreiter Pedersen 962b651c44 C++: Fix models. 2023-01-23 10:10:02 +00:00
github-actions[bot] b62cb6ba84 Post-release preparation for codeql-cli-2.12.1 2023-01-20 19:49:56 +00:00
github-actions[bot] 005b3e4a47 Release preparation for version 2.12.1 2023-01-20 12:03:19 +00:00
Mathias Vorreiter Pedersen e26e83b8df
Merge pull request #11728 from github/rdmarsh2/parameterize-range-analysis 
C++: Parameterize the semantic range analysis
 2023-01-18 14:22:35 +00:00
Rasmus Wriedt Larsen e0ccb9306a
Merge pull request #11908 from RasmusWL/dataflow-consistency-more-excludes 
DataFlow: Add `uniqueParameterNodePositionExclude`
 2023-01-18 10:44:51 +01:00
Jeroen Ketema 6cd52237c3
Merge pull request #11913 from jketema/test-fixes 
C++: Some minor test fixes
 2023-01-17 21:52:57 +01:00
Jeroen Ketema ee19c3d80f
C++: Rename identically named classes in `syntax-zoo` 
Conceptually the test that comprises the whole of `syntax-zoo` forms one
single binary. To this binary ODR applies. There were two class definitions
`Foo` in `syntax-zoo`, violating ODR. Rename those classes to have different
names.
 2023-01-17 19:02:40 +01:00
Jeroen Ketema 06767c6760
C++: Split `bad_asts.cpp` IR test into two files 
The statements from `errorExpr` - which does not parse correctly - affected the
tuples that were being generated for the other code in `bad_asts.cpp` due to
the way the front-end handles parse errors. This did not affect the test
results, but was also not the intention of the test. Split off `errorExpr` into
a separate file.
 2023-01-17 18:57:29 +01:00
Geoffrey White 54b3262d9c
Merge pull request #11891 from geoffw0/authbypass 
C++: Fix issue with cpp/user-controlled-bypass
 2023-01-17 15:43:08 +00:00
Geoffrey White d628cc5ab8
Update cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-01-17 14:37:19 +00:00
Rasmus Wriedt Larsen a0b1c2ea79
DataFlow: Add `uniqueParameterNodePositionExclude` 2023-01-17 14:05:22 +01:00
Rasmus Wriedt Larsen 2b0a5fd5d1
DataFlow: Add `uniqueParameterNodeAtPositionExclude` 2023-01-17 14:05:17 +01:00
Mathias Vorreiter Pedersen 44ebc77ada
Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 2023-01-17 11:52:43 +00:00
Geoffrey White 1a416884d4 C++: Do something similar with the other three cases. 2023-01-14 00:09:01 +00:00
Geoffrey White 316117f5c9 C++: Reduce number of regexps. 2023-01-13 18:50:41 +00:00
Geoffrey White 2f09f0e2c1 C++: Turn the huge list into a predicate. 2023-01-13 18:47:18 +00:00
Geoffrey White 13ae15b867 C++: Add tests for more edge cases. 2023-01-13 18:38:29 +00:00
Robert Marsh 601b43ac0a Merge branch 'main' into rdmarsh2/parameterize-range-analysis 
Conflicting change to boundedPhiInp copied to RangeAnalysisStage.qll
 2023-01-13 12:06:21 -05:00
Mathias Vorreiter Pedersen c5038ed281
Merge pull request #11883 from MathiasVP/fold-definitions 
C++: Fix bad join in `definitionOf`
 2023-01-13 16:28:26 +00:00
Mathias Vorreiter Pedersen 6e6f2115c0
Merge pull request #11857 from MathiasVP/speedup-missing-check-scanf 
C++: Speedup `cpp/missing-check-scanf`
 2023-01-13 16:11:16 +00:00
Mathias Vorreiter Pedersen 2283eacc0b C++: Fix bad join in 'definitionOf'. 2023-01-13 11:42:15 +00:00
Mathias Vorreiter Pedersen 59072f9e81
C++: Improve QLDoc. 2023-01-13 11:01:23 +00:00
Mathias Vorreiter Pedersen dd8bead21a
C++: Fix spurious backticks. 2023-01-13 10:57:44 +00:00