Граф коммитов

8228 Коммитов

Автор SHA1 Сообщение Дата
erik-krogh a30c38f38c
CPP: make more alert messages follow the style-guide 2022-09-23 14:45:59 +02:00
Tom Hvitved 8b424d181a
Merge pull request #10505 from hvitved/dataflow/viable-impl-in-ctx-consistency
Data flow: Guard against `viableImplInCallContext` not being a subset of `viableCallable`
2022-09-23 10:38:48 +02:00
Dave Bartolomeo cee0e8e137
Merge pull request #10532 from github/henrymercer/3.7-mergeback
Final mergeback from `rc/3.7`
2022-09-22 13:42:59 -04:00
Tom Hvitved 7a694d5da5 C++: Update expected test output 2022-09-22 15:01:40 +02:00
Tom Hvitved ad6b870f94 Data flow: Sync files 2022-09-22 15:01:33 +02:00
Tom Hvitved f0f4fe7286
Merge pull request #10444 from hvitved/ruby/stmt-sequence-post-update
Ruby: Add post-update nodes for compound arguments
2022-09-22 13:18:51 +02:00
Henry Mercer f8f99af8b7 Bump the minor version of packs we regularly release 2022-09-22 12:14:19 +01:00
Andrew Eisenberg 99e8cb78b0
Merge pull request #10496 from aeisenberg/aeisenberg/merge-rc3.7-into-main
Aeisenberg/merge rc3.7 into main
2022-09-21 08:09:47 -07:00
Tom Hvitved db8b6ac69a Data flow: Sync files 2022-09-21 11:02:24 +02:00
Andrew Eisenberg 58e4861b45 Merge branch 'main' into rc/3.7 2022-09-20 12:43:20 -07:00
Geoffrey White 9ddb485405 Merge branch 'main' into cleartext-perf 2022-09-20 17:56:18 +01:00
Mathias Vorreiter Pedersen 74ccec75c8 C++: Sync identical files. 2022-09-20 13:37:54 +01:00
Mathias Vorreiter Pedersen 79654d978d C++: Sync identical files. 2022-09-20 12:57:21 +01:00
Mathias Vorreiter Pedersen 7c41219376
Merge pull request #10438 from MathiasVP/invalid-pointer-deref-query
C++: Add a `cpp/invalid-pointer-deref` query to experimental
2022-09-20 10:41:31 +01:00
Erik Krogh Kristensen a4cd913aea
Merge pull request #10312 from erik-krogh/fix-caseDiff
ensure consistent casing of names
2022-09-19 10:43:12 +02:00
Mathias Vorreiter Pedersen 02076074ff C++: Add more comments. 2022-09-18 12:48:13 +01:00
Mathias Vorreiter Pedersen 3e6576bfaf C++: Add example of missing result. 2022-09-18 12:18:04 +01:00
Mathias Vorreiter Pedersen d1cf688abf C++: Fix test function naming. 2022-09-18 12:17:46 +01:00
Mathias Vorreiter Pedersen 78535dc70b C++: Autoformat. 2022-09-18 12:02:32 +01:00
Mathias Vorreiter Pedersen dc00643ad1 C++: More QLDoc. 2022-09-16 17:14:29 +01:00
Mathias Vorreiter Pedersen 031f20a0eb C++: Respond to review comments. 2022-09-16 16:19:06 +01:00
github-actions[bot] 67ce442674 Post-release preparation for codeql-cli-2.10.5 2022-09-16 14:23:44 +00:00
Mathias Vorreiter Pedersen 4482669d7e C++: Add a new 'InvalidPointerDeref' query to experimental. 2022-09-15 17:47:15 +01:00
Mathias Vorreiter Pedersen b8a5aa5d85 C++: Fix a couple of range analysis issues:
1. The new query is expecting pointer arithmetic operations to generate
range-analysis bounds, but this wasn't true on main.
2. The bounds generated by `boundFlowCond` was incorrectly inferred as
non-strict when comparing a pointers (unlike when comparing values of
integral types). This gave FPs in the new query.

This also fixes a couple of missing results in existing queries that
use the new range-analysis library.
2022-09-15 17:46:52 +01:00
Mathias Vorreiter Pedersen d981f898e4 C++: Add flow states to the product dataflow library. 2022-09-15 15:54:09 +01:00
Philip Ginsbach 26099d6ab7 remove more upper-case variable names 2022-09-15 14:36:02 +01:00
Geoffrey White 6b21563018 C++: Update change note. 2022-09-15 13:37:20 +01:00
Philip Ginsbach c5703898b0 remove upper-case NamedExpression variable names 2022-09-14 16:35:24 +01:00
Philip Ginsbach 8f7f631211 upper-case variable names are deprecated 2022-09-14 14:50:26 +01:00
Mathias Vorreiter Pedersen 7f6b400b78
Merge pull request #10366 from MathiasVP/use-use-flow-in-experimental
C++: Use-use flow in `experimental`
2022-09-13 09:30:48 +01:00
Mathias Vorreiter Pedersen 6e4b3c242f
Merge pull request #10377 from geoffw0/deprecate-pointsto
C++: Put a warning on the PointsTo library.
2022-09-12 16:25:40 +01:00
Mathias Vorreiter Pedersen d2b150eaf5 C++: Fix QLDoc on the model predicates used by the new experimental use-use code. 2022-09-12 16:00:49 +01:00
Mathias Vorreiter Pedersen bb1c088fe0 C++: Undo changes to iterator models. 2022-09-12 15:58:49 +01:00
Geoffrey White 842af4bf74 C++: Specifically suggest DataFlow as an alternative. 2022-09-12 14:25:45 +01:00
erik-krogh bae4490620
add change-note 2022-09-12 12:12:18 +02:00
Mathias Vorreiter Pedersen c988547e9c C++: Accept test changes. 2022-09-11 18:31:53 +01:00
Geoffrey White 8ac3e10896 C++: Put a warning on the PointsTo library. 2022-09-09 18:03:23 +01:00
Mathias Vorreiter Pedersen 6dcfe0348b C++: Copy over the required changes to non-experimental libraries. 2022-09-09 17:26:58 +01:00
Mathias Vorreiter Pedersen 5509562fe6 C++: Repair a few broken models that were incorrectly a pointer
as tainted (instead of the pointee), or vice versa. Because of
existing dataflow pointer/pointee conflation we never noticed that,
but since this PR removes those imprecisions we now need to update
these models.
2022-09-09 17:04:36 +01:00
Mathias Vorreiter Pedersen 6d313ace2d C++: Copy the new use-use flow code to experimental. 2022-09-09 14:20:10 +01:00
Tony Torralba 569fad667a
Merge pull request #10360 from atorralba/atorralba/fix-taint-implicit-reads
Dataflow: Fix implicit reads in taint tracking when FlowStates are used
2022-09-09 14:28:39 +02:00
Geoffrey White 6011ae9ecc Merge branch 'main' into cleartext-perf 2022-09-09 11:40:47 +01:00
Geoffrey White edefda9213 C++: Make QL-for-QL happy. 2022-09-09 11:26:42 +01:00
Geoffrey White 813d166ad7 C++: Restore results in cpp/cleartext-storage-database using . 2022-09-09 11:03:29 +01:00
erik-krogh 26d8553f6e
ensure consistent casing of names 2022-09-09 10:34:14 +02:00
Tony Torralba 1078cf091e Add change notes for all languages 2022-09-09 10:28:36 +02:00
Tony Torralba 7db1eb98f5 Sync files 2022-09-08 17:32:03 +02:00
Robert Marsh 0feeafd0ac
Merge pull request #10339 from MathiasVP/dont-use-get-unique-id-in-range-analysis
C++: Don't use `getUniqueId` in range analysis
2022-09-08 11:13:43 -04:00
Mathias Vorreiter Pedersen 594c40a375
Merge pull request #10355 from MathiasVP/fix-unequalIntegralSsa-standard-order
C++: Avoid bad standard order in range analysis
2022-09-08 14:58:44 +01:00
Tom Hvitved b3653cc3d0
Merge pull request #10216 from hvitved/ssa/shared-lib
SSA: Create a new `codeql/shared-ssa` library pack and move implementation there
2022-09-08 15:39:29 +02:00