github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
6 561 коммит 1 541 ветка 130 Теги 483 MiB
Граф коммитов

1988 Коммитов

Автор SHA1 Сообщение Дата
Jonas Jensen b348803a66
Merge pull request #1594 from geoffw0/erafix7 
CPP: Add test coverage for LeapYearFieldAccess.isModifiedByArithmeticOperation.
 2019-08-09 15:57:35 +02:00
Jonas Jensen 8aa24fe5c9 C++: Improve QLDoc on assignmentLikeOperation 2019-08-09 15:06:19 +02:00
Geoffrey White 67eb37f460 CPP: Update test annotations. 2019-08-09 09:31:47 +01:00
Jonas Jensen 605b56f8ca
Merge pull request #1563 from geoffw0/constexprif 
CPP: Test cases for EmptyBlock.ql with 'if constexpr'
 2019-08-08 20:57:28 +02:00
Geoffrey White 1173daefca CPP: Minor changes. 2019-08-08 17:55:50 +01:00
Geoffrey White 950bc6e3d0 CPP: Brace placement. 2019-08-08 17:51:27 +01:00
Geoffrey White c406746190 CPP: Brace placement. 2019-08-08 17:16:47 +01:00
Geoffrey White 5bdaefd504 CPP: Brace placement. 2019-08-08 17:13:58 +01:00
Geoffrey White f0e6730eba
Update cpp/ql/src/semmle/code/cpp/Union.qll 
Co-Authored-By: Jonas Jensen <jbj@knef.dk>
 2019-08-08 17:11:05 +01:00
Geoffrey White a1cf7b50a9
Update cpp/ql/src/semmle/code/cpp/Struct.qll 
Co-Authored-By: Jonas Jensen <jbj@knef.dk>
 2019-08-08 17:10:52 +01:00
Geoffrey White 7086004f8a
Update cpp/ql/src/semmle/code/cpp/Union.qll 
Co-Authored-By: Jonas Jensen <jbj@knef.dk>
 2019-08-08 17:06:44 +01:00
Geoffrey White b3bcc33bce
Update cpp/ql/src/semmle/code/cpp/Struct.qll 
Co-Authored-By: Jonas Jensen <jbj@knef.dk>
 2019-08-08 17:06:17 +01:00
Geoffrey White 82bf631541 CPP: Add test cases. 2019-08-08 15:02:56 +01:00
Geoffrey White ef37893d15 CPP: Improve the MemberFunctions test. 2019-08-08 15:02:56 +01:00
Geoffrey White 843b85c0e6 CPP: Test PureVirtualFunction. 2019-08-08 15:02:55 +01:00
Geoffrey White 44ea685bf3 CPP: Simplify the VirtualFunctions test. 2019-08-08 15:02:55 +01:00
Geoffrey White be25338e44 CPP: QLDoc Function.qll. 2019-08-08 15:02:55 +01:00
Jonas Jensen 2c6dbacd2b C++: Tidy up DataFlowUtil.qll 2019-08-08 14:05:03 +02:00
Jonas Jensen 0a13d7a337 C++: PartialDefNode -> PartialDefinitionNode 2019-08-08 14:05:03 +02:00
Jonas Jensen 98d6f3cada C++: Unify partial def and def-by-ref 
This removes a lot of flow steps, but it all seems to be flow that was
present twice: both exiting a `PartialDefNode` and a
`DefinitionByReferenceNode`. All `DefinitionByReferenceNode`s are now
`PartialDefNode`s.
 2019-08-08 14:05:03 +02:00
Jonas Jensen 5370e7d693 C++: Remove TThisVar 
There's no need to model `this` as a variable because it's never
reassigned.
 2019-08-08 14:05:03 +02:00
Jonas Jensen 6a3f5efc1b C++: Accept AST field flow test output 2019-08-08 14:05:03 +02:00
Jonas Jensen 861964337c C++: Undo autoformat of FlowVar.qll 
The formatting changes were good, but were tangled in with other
changes, making it hard to review this file.
 2019-08-08 14:05:03 +02:00
Pavel Avgustinov 79d75d7d18 Add extra test cases 2019-08-08 14:05:03 +02:00
Pavel Avgustinov 835e495e7c Remove unused args 2019-08-08 14:05:03 +02:00
Pavel Avgustinov b1632587bc Use more meaningful name 2019-08-08 14:05:03 +02:00
Pavel Avgustinov 6d4d131ad4 C++ field flow: Add test. 
This is a fairly direct translation of the Java field flow test to
C++. Not all the `// flow` annotations are currently accurate.
 2019-08-08 14:05:03 +02:00
Pavel Avgustinov dccc0f4db1 Add handling of post-constructor-call nodes 2019-08-08 14:05:03 +02:00
Pavel Avgustinov 9e6c240ee2 Override getFunction on PostUpdateNodes 2019-08-08 14:05:03 +02:00
Pavel Avgustinov abcaeded23 Only split BBs for var-defining partial-defs 2019-08-08 14:05:03 +02:00
Pavel Avgustinov 46e6b587bc Exclude partial defs from ordinary SSA handling 2019-08-08 14:05:03 +02:00
Pavel Avgustinov 5fbe982084 Add missing `getType` override 2019-08-08 14:05:03 +02:00
Pavel Avgustinov 1b9a2d3d87 Reduce partial definition flow edge redundancy 2019-08-08 14:05:02 +02:00
Pavel Avgustinov bb8eb235e0 Handle constructor call qualifiers 2019-08-08 14:05:02 +02:00
Pavel Avgustinov 66164eb06f Propagate data flow through `NewExpr`s 2019-08-08 14:05:02 +02:00
Pavel Avgustinov 623652247d Introduce partial-definition nodes 2019-08-08 14:05:02 +02:00
Pavel Avgustinov 15b56d93bd No implicit instances for constructor call 2019-08-08 14:05:02 +02:00
Pavel Avgustinov 04454ef184 Begin extending dataflow node model for field flow (and other stuff) 2019-08-08 14:05:02 +02:00
Jonas Jensen 3b2ef44195
Merge pull request #1710 from geoffw0/oddsandends 
CPP: Delete invalid URL
 2019-08-07 15:02:37 +02:00
Geoffrey White d1093cae2e CPP: Delete invalid URL and strange comment. 2019-08-07 09:25:36 +01:00
yh-semmle 033879f5a6
Merge pull request #1639 from aschackmull/java/in-out-barriers 
Java/C++/C# DataFlow: Add support for in/out barriers on sources and sinks.
 2019-08-07 01:07:19 -04:00
Jonas Jensen 077f372f98
Merge pull request #1570 from geoffw0/qldoceg 
CPP: Add syntax examples to QLDoc in Class.qll.
 2019-08-06 21:17:45 +02:00
zlaski-semmle 3ad0bcf3de
Merge pull request #1701 from Semmle/geoffw0-patch-1 
CPP: QLDoc tidy up Declaration.qll
 2019-08-06 11:53:20 -07:00
Geoffrey White bbe7691a3d CPP: Fix indentation. 2019-08-06 17:56:24 +01:00
Geoffrey White 42bf1be0fd CPP: 'if constexpr' test cases. 2019-08-06 17:56:24 +01:00
Geoffrey White 6a5ac08578 CPP: Add c++17 flag to the test. 2019-08-06 17:56:24 +01:00
Geoffrey White 3550fc7137 CPP: Merge the two unions tests. 2019-08-06 16:05:10 +01:00
Geoffrey White 4ed559ee0b CPP: Extend the unions test. 2019-08-06 16:00:35 +01:00
Geoffrey White cf20647765 CPP: Extend the structs test. 2019-08-06 15:52:25 +01:00
Geoffrey White 2466299df5 CPP: Improve the Enums3 test. 2019-08-06 15:38:10 +01:00
Geoffrey White 064b8773a4 CPP: Test LocalEnum and NestedEnum. 2019-08-06 15:38:10 +01:00
Geoffrey White 33d38ac090 CPP: QLDoc Enum.qll. 2019-08-06 15:38:10 +01:00
Geoffrey White 5d4fba4446 CPP: QLDoc examples in Struct.qll and Union.qll. 2019-08-06 15:36:38 +01:00
Nick Rolfe 257daddf3b
Merge pull request #1702 from mgrettondann/cpp-add-thread_local-support-external 
C++: add thread_local support
 2019-08-06 14:51:27 +01:00
Jonas Jensen b4b940ae50 C++ IR: Remove unused predicate 2019-08-06 14:50:59 +02:00
Jonas Jensen aab6c072c7 C++ IR: Remove fields from InstructionTag 
Like array indexes were seemingly not needed in instruction tags, the
same appears to apply to fields.
 2019-08-06 14:50:59 +02:00
Jonas Jensen d378da33e8 C++ IR: Fix performance of large array value init 
There were two problems here.

1. The inline predicates `isInitialized` and `isValueInitialized` on
   `ArrayAggregateLiteral` caused their callers to materialize every
   `int` that was a valid index into the array. This was slow on huge
   value-initialized arrays.
2. The `isInitialized` predicate was used in the `TInstructionTag` IPA
   type, creating a numbered tuple for each integer in it. This seemed
   to be entirely unnecessary since the `TranslatedElement`s using those
   tags were already indexed appropriately.
 2019-08-06 14:50:57 +02:00
Jonas Jensen f160447c20 C++: Update test results to latest master 2019-08-06 14:42:47 +02:00
Geoffrey White 73736675ce CPP: Bits and bobs. 2019-08-06 13:32:04 +01:00
Geoffrey White ab823f45fc CPP: class, struct or union where appropriate. 2019-08-06 13:32:04 +01:00
Geoffrey White 8d22eb87f0 CPP: Improvements to qldoc. 2019-08-06 13:29:42 +01:00
Geoffrey White 4dd1267d6d CPP: Bracket consistency. 2019-08-06 13:29:42 +01:00
Geoffrey White cf1869cfaa CPP: Indentation. 2019-08-06 13:29:42 +01:00
Geoffrey White 0029a33ee6 CPP: Deprecate Interface and remove the test. 2019-08-06 13:29:42 +01:00
Geoffrey White 49f6ac7358 CPP: Clean up Class, ClassDerivation and ClassTemplateSpecialization QLDoc. 2019-08-06 13:29:42 +01:00
Geoffrey White 2b408490a1 CPP: Implement simple changes. 2019-08-06 13:29:42 +01:00
Geoffrey White 99880bc4ea CPP: Add syntax examples for Class.qll. 2019-08-06 13:29:42 +01:00
Jonas Jensen d0d6b2b70c C++: Add IR sanity queries to syntax-zoo test dir 2019-08-06 14:10:25 +02:00
Jonas Jensen d18181f032 C++: Rename qlcfg -> syntax-zoo 2019-08-06 14:10:25 +02:00
Jonas Jensen 4dfd4f1dda
Merge pull request #1674 from dave-bartolomeo/dave/ExternDecls2 
C++: Two IR fixes and a PrintAST workaround
 2019-08-06 13:46:04 +02:00
Matthew Gretton-Dann 90cfde53b3 C++: Add thread_local support - typo fix 2019-08-06 12:09:43 +01:00
Matthew Gretton-Dann 0e50a143af C++: Improve ReturnStackAllocatedMemory query 
Update the ReturnStackAllocatedMmeory query to not give a false positive
for thread_local variables.
 2019-08-06 11:22:32 +01:00
Matthew Gretton-Dann a733625646 C++: Add Variable.isThreadLocal() 2019-08-06 11:22:26 +01:00
Geoffrey White de9b936d76
QLDoc tidy up Declaration.qll 
Mostly just adding backticks in QLDoc comments.  I'm trying out the edit-in-github workflow @jbj showed me, which seems like it will be a quicker way to do minor changes like these.
 2019-08-06 10:54:20 +01:00
Anders Schack-Mulligen a80cb262fc Java/C++/C#: Elaborate qldoc. 2019-08-05 16:28:25 +02:00
Anders Schack-Mulligen 9ebb83497d Java/C++/C#: Fix small mistake. 2019-08-05 15:34:12 +02:00
Anders Schack-Mulligen 2dc83c539c Java/C++/C#: Sync dataflow. 2019-08-05 12:07:32 +02:00
Anders Schack-Mulligen d6e1ba6bed CPP: Autoformat cookbook examples. 2019-08-02 15:29:20 +02:00
Dave Bartolomeo 6370391dbd C++: Add sanity test for definitions that don't dominate their uses. 2019-08-01 15:01:42 -07:00
Dave Bartolomeo 912679ef8c C++: Two IR fixes 
My original fix in https://github.com/Semmle/ql/pull/1661 fixed my minimal test case, but did not fix the original failure in a Linux snapshot. The real fix is to simply not create a `TranslatedDeclarationEntry` for an extern declaration, and have `TranslatedDeclStmt` skip any such declarations. I've added a regression test for that case (multiple extern declarations with same location in a macro expansion, with control flow between them). I did verify that it generates correct IR, and that it fixes all of the "use not dominated by definition" failures in Linux.

The underlying extractor bug, that caused the above issue also caused PrintAST to print garbage. I've worked around the bug in PrintAST.qll.

I've also fixed a bug in the control flow for `try`/`catch`, where there was missing flow from the `CatchByType` of the last handler of a `try` to the enclosing handler (or `Unwind`). Hat tip to @AndreiDiaconu1 for spotting this bug.
 2019-08-01 14:38:19 -07:00
zlaski-semmle 2bc66ae553
Merge pull request #1661 from dave-bartolomeo/dave/ExternDeclarations 
C++: Stop generating `NoOp` instructions for declarations of externs
 2019-07-31 19:09:06 -07:00
semmle-qlci 1d806971ed
Merge pull request #1634 from aibaars/cookbook 
Approved by aschackmull, dave-bartolomeo, hvitved, markshannon, xiemaisi, yh-semmle
 2019-07-31 14:31:28 +01:00
Dave Bartolomeo 972f0d97d3 C++: Stop generating `NoOp` instructions for declarations of externs 
Previously, where we had a function-scoped `DeclarationEntry` for an extern variable or function, we would generate a `NoOp` instruction for it. There's nothing wrong with this by itself, although it was unnecessary. However, I've hit an extractor issue (Jira ticket already opened) that commonly causes multiple `DeclStmt`s to share a single `DeclarationEntry` child on extern declarations, so removing the `NoOp` instructions is an easy way to work around the extractor issue.
 2019-07-30 16:49:24 -07:00
Ian Lynagh 8d8a2201b7 C++: Accept changes to getValueText 2019-07-30 23:24:52 +01:00
semmle-qlci 07fa55f331
Merge pull request #1647 from zlaski-semmle/zlaski/builtin-types-compatible-p 
Approved by dave-bartolomeo
 2019-07-30 20:43:39 +01:00
zlaski-semmle 075e4ab159
Update cpp/ql/src/semmle/code/cpp/exprs/BuiltInOperations.qll 
Co-Authored-By: Dave Bartolomeo <42150477+dave-bartolomeo@users.noreply.github.com>
 2019-07-30 11:39:42 -07:00
Ian Lynagh 96a21238d1 C++: Add an upgrade script 2019-07-30 14:07:35 +01:00
Ian Lynagh 5d9d289eb7 C++: Add stats for 'constexpr if' 2019-07-30 14:07:35 +01:00
Ian Lynagh 6cce7ef2b7 C++: Add CFG test for constexpr_if 2019-07-30 14:07:35 +01:00
Ian Lynagh 7c763cc3bd C++: Add a test for constexpr if 2019-07-30 14:07:35 +01:00
Ian Lynagh f705c25c74 C++: Add support for constexpr if 2019-07-30 14:07:35 +01:00
Ziemowit Laski 2abf7681e0 Point the old BuiltInOperationBuiltInTypes at our new BuiltInOperationBuiltInTypesCompatibleP, 
for backward compatibility.
 2019-07-29 19:43:18 -07:00
Ziemowit Laski 889408be8f Add test case. 2019-07-29 17:17:42 -07:00
Ziemowit Laski 80ca950ae7 Change `__builtin_types` to `__builtin_types_compatible_p` 2019-07-29 15:41:41 -07:00
Robert Marsh 6bd22b01b3
Merge pull request #1607 from dave-bartolomeo/dave/CrossLanguageIR 
C++: Start preparing IR for supporting multiple languages
 2019-07-29 12:34:21 -07:00
Ian Lynagh b2a68d7eaa C++: Update stats following lambda change 2019-07-26 20:39:22 +01:00
Ian Lynagh cff1bb0b96 C++: Update lambda test output 
Indexes are now 0-based.
 2019-07-26 20:39:22 +01:00
Ian Lynagh 6c21fbaade C++: Add an upgrade script 2019-07-26 20:39:22 +01:00
Ian Lynagh 4385ca1ab6 C++: Follow changes to how lambdas are extracted 2019-07-26 20:39:22 +01:00
Arthur Baars ccde7cf6cf Add @id to example queries 2019-07-26 17:47:11 +02:00
Arthur Baars bdce7d07c1 Move 'snippet' queries to 'snippets' folders 2019-07-26 17:47:11 +02:00
Arthur Baars 30860daac4 Add cookbook queries 2019-07-26 17:47:11 +02:00
Anders Schack-Mulligen 6d022aa359 Java/C++/C#: Sync dataflow. 2019-07-26 13:17:12 +02:00
yh-semmle a42d9b1f96
Merge pull request #1616 from aschackmull/java/dataflow-prunetype-bugfix 
Java: Bugfix for flow through methods with taint step and upcast.
 2019-07-24 22:28:05 -04:00
Robert Marsh 05cad96086
Merge pull request #1605 from geoffw0/bitwiseneg 
CPP: Make BitwiseSignCheck.ql more accurate
 2019-07-24 12:33:40 -07:00
Robert Marsh fa43ae241d
Merge pull request #1615 from geoffw0/exprowninit 
CPP: Test + workaround for UseInOwnInitializer.ql
 2019-07-24 12:13:24 -07:00
Geoffrey White 75f77b5f47
Merge pull request #1532 from zlaski-semmle/zlaski/cpp386 
[CPP-386] Add `getCanonicalQLClass()` for AST QL elements.
 2019-07-24 09:38:39 +01:00
Ziemowit Laski e989eabc0a Update test case (remove references to MacroInvocationStmt and MacroInvocationExpr) 2019-07-22 11:09:30 -07:00
Ziemowit Laski f8d52a3bea Remove getCanonicalQLClass() from MacroInvocationExpr and MacroInvocationStmt. 2019-07-22 11:04:30 -07:00
Anders Schack-Mulligen cd8d16183c Java/CPP/C#: Sync dataflow. 2019-07-22 15:41:37 +02:00
Geoffrey White d39d9bf1f0 CPP: Workaround FPs. 2019-07-22 11:48:25 +01:00
Geoffrey White 185ca590f2 CPP: Test exposing UseInOwnInitializer FPs. 2019-07-22 11:34:01 +01:00
Ziemowit Laski dbf655253f Get rid of tabs. 2019-07-19 17:01:34 -07:00
Ziemowit Laski a0570213d7 [CPP-386] Separate printing of casts and conversion, per Dave's request. 2019-07-19 16:56:22 -07:00
Dave Bartolomeo 8456bdd6eb C++: Move IR files that are now pyrameterized into `implementation`. 2019-07-19 15:37:45 -07:00
Dave Bartolomeo 832807401b C++: Move imports from instantiated pyrameterized modules into separate file 
Rather than have IR.qll (which depends on the flavor) import EdgeKind.qll (which does not) with an non-relative import, I've moved these imports into internal.IRImports relative to IR.qll. These imports files can be shared across flavors within one language, but are different between C# and C++ due to the difference in paths.
 2019-07-19 13:09:36 -07:00
Dave Bartolomeo ac6e0cedaf
Merge pull request #1614 from rdmarsh2/rdmarsh/cpp/ir-overlap-speedup 
C++: further optimization of overlap computation
 2019-07-18 19:48:59 -07:00
Ziemowit Laski 45d944411f [CPP-386] Fix Local{Class,Struct,Union}, macro invocations, 
printing of member functions and operators.
 2019-07-18 16:09:04 -07:00
Robert Marsh 2f27c1c2f5 C++: further optimization of overlap computation 2019-07-18 14:57:48 -07:00
Dave Bartolomeo 8d8c66fc49 C++: Delete unused file ValueCategory.qll 2019-07-18 13:55:34 -07:00
Dave Bartolomeo add1702bf6 C++: Fix test breaks due to private imports of `cpp` 2019-07-18 12:29:41 -07:00
Dave Bartolomeo 5d1d082a4f C++: Pull a bunch of language-dependent code that the IR depends on out into a separate module 2019-07-17 17:05:06 -07:00
Dave Bartolomeo 1fdce43484
Merge pull request #1587 from rdmarsh2/rdmarsh/cpp/ir-overlap-speedup 
C++: improve performance of overlap computation
 2019-07-17 16:54:41 -07:00
Ziemowit Laski 926742561b [CPP-340] Eliminate superfluous print-outs of `NestedStruct`, 
`NestedUnion` and `MemberFunction`
 2019-07-17 13:39:43 -07:00
Geoffrey White 48a60651b6 CPP: Fix query. 2019-07-17 11:43:05 +01:00
Geoffrey White aa368d8763 CPP: Add test cases. 2019-07-17 11:38:59 +01:00
Ziemowit Laski f0982791e3 [CPP-340] Remove colons and extraenous QLDoc comments; add a few more classes. 2019-07-16 17:58:39 -07:00
Dave Bartolomeo e58df94672 Remove unnecessary dependencies on `cpp` 2019-07-16 15:10:46 -07:00
Dave Bartolomeo 60b3ffe3d5 Make all imports of `cpp` private 2019-07-16 15:02:26 -07:00
zlaski-semmle 6764390970
Merge pull request #1586 from geoffw0/norm-taint-test 
CPP: Normalize the taint tests
 2019-07-16 11:49:42 -07:00
Geoffrey White 1b7d1c37ec CPP: Test showing that Adding365daysPerYear.ql doesn't actually care whether the return value of the time conversion function is checked. 2019-07-16 17:29:30 +01:00
Robert Marsh 1f17cfb8ad C++: add comments and private annotations 2019-07-15 14:47:21 -07:00
Geoffrey White 4df176ae34 CPP: Add test coverage for isModifiedByArithmeticOperation. 2019-07-15 19:42:50 +01:00
Robert Marsh 86a018b0b4 C++: overlapping def/use must share IRVariable 2019-07-15 10:35:57 -07:00
Robert Marsh 20e67eb37a C++: improve performance of overlap computation 
This is still quadratic in the number of MemoryLocations for a vvar, but
only for a single pipeline step, which is not materialized. It seems to be
fast enough in practice for the IR.
 2019-07-15 10:15:58 -07:00
Geoffrey White cf194219b9 CPP: Fix FPs. 2019-07-15 14:58:35 +01:00
Geoffrey White 5362fef81c CPP: Additional AllocaInLoop test cases. 2019-07-15 14:50:02 +01:00
Ziemowit Laski c906560edd Fix up expected IR output after rebase. 2019-07-13 12:57:25 -07:00
Ziemowit Laski 960a41be85 Handle `__builtin_addressof`. 2019-07-13 12:23:40 -07:00
Ziemowit Laski 175ba7b3b0 Fix up .expected on the IR side. 2019-07-13 12:23:40 -07:00
Ziemowit Laski 2637c22732 Fix up .expected file. 2019-07-13 12:23:40 -07:00
Ziemowit Laski 2459d2ab92 Reformat PrintAST.qll ONLY. 2019-07-13 12:23:40 -07:00
Ziemowit Laski 49b0fc0a57 [CPP-386] A few more QL classes. 2019-07-13 12:23:40 -07:00
Ziemowit Laski ab82aebbd7 [CPP-386] Add `override` keyword as needed; annotate a few more classes. 2019-07-13 12:23:40 -07:00
Ziemowit Laski e5fc07660d [CPP-386] Print QL AST classes next to elements in PrintAST trees. 2019-07-13 12:23:09 -07:00
Ziemowit Laski ddb0fd90e9 [CPP-386] Provide `getCanonicalQLClass()` predicate for many AST elements. 2019-07-13 12:19:40 -07:00
Ziemowit Laski a4affbebbf [CPP-386] Add ElementBase::getCanonicalQLClass(). 2019-07-13 12:19:40 -07:00
Robert Marsh 41e46f6686
Merge pull request #1584 from geoffw0/swap 
CPP: Model std::swap
 2019-07-12 10:41:14 -07:00
Geoffrey White a9b953f89a CPP: Flip test output for consistency and easy comparison with the other tests. 2019-07-12 18:18:08 +01:00
Geoffrey White c2fd2e273e CPP: Model taint flow through std::swap. 2019-07-12 18:00:39 +01:00