Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade github/codeql dependency to 2.15.5 #737

Merged
merged 18 commits into from
Oct 8, 2024
Merged

Upgrade github/codeql dependency to 2.15.5 #737

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
dad044e
C++: Accept test changes after github/codeql/pull/14637.
MathiasVP Oct 31, 2023
470f3fa
Merge pull request #419 from MathiasVP/accept-test-regression-after-r…
jketema Oct 31, 2023
f0e7936
Merge branch 'main' into next
jketema Nov 9, 2023
f0ffd4d
Merge branch 'main' into next
jketema Nov 28, 2023
faf222e
Use new `isPrototyped` predicate in RULE-8-2
jketema Nov 28, 2023
95d048a
C++: Disable the workaround for bitwise operations since the underlyi…
MathiasVP Nov 28, 2023
f553ba0
Completely rip out the Bitwise library.
MathiasVP Nov 29, 2023
7db8a89
Merge pull request #458 from MathiasVP/disable-bitwise-workaround
jketema Nov 29, 2023
20c1f72
Merge pull request #457 from jketema/prototype
jketema Nov 29, 2023
3e61d1d
Merge branch 'main' into next
jketema Dec 8, 2023
b9b508e
Merge branch 'main' into next
jketema Dec 12, 2023
c9a7b05
Upgrading `github/codeql` dependency to 2.15.5
lcartey Oct 4, 2024
0d86495
Merge commit 'b9b508e47b3aa62481e30b792a3c1d91f1848081' into codeql/u…
lcartey Oct 4, 2024
c7d3c73
Fix query formatting issue
lcartey Oct 4, 2024
c05b453
Merge branch 'main' into codeql/upgrade-to-2.15.5
lcartey Oct 5, 2024
8cb2a4c
Merge branch 'main' into codeql/upgrade-to-2.15.5
lcartey Oct 7, 2024
4c17999
MEM53-CPP: Remove FP introduced by upgrade to 2.15.5
lcartey Oct 7, 2024
12b1c4e
Add change note
lcartey Oct 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 8 additions & 4 deletions c/cert/src/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
2 changes: 1 addition & 1 deletion c/cert/src/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@ suites: codeql-suites
license: MIT
dependencies:
codeql/common-c-coding-standards: '*'
codeql/cpp-all: 0.9.3
codeql/cpp-all: 0.12.2
12 changes: 8 additions & 4 deletions c/cert/test/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
12 changes: 8 additions & 4 deletions c/common/src/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
2 changes: 1 addition & 1 deletion c/common/src/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,4 @@ version: 2.36.0-dev
license: MIT
dependencies:
codeql/common-cpp-coding-standards: '*'
codeql/cpp-all: 0.9.3
codeql/cpp-all: 0.12.2
12 changes: 8 additions & 4 deletions c/common/test/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
12 changes: 8 additions & 4 deletions c/misra/src/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
2 changes: 1 addition & 1 deletion c/misra/src/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,4 @@ license: MIT
default-suite-file: codeql-suites/misra-c-default.qls
dependencies:
codeql/common-c-coding-standards: '*'
codeql/cpp-all: 0.9.3
codeql/cpp-all: 0.12.2
4 changes: 1 addition & 3 deletions c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@
import cpp
import codingstandards.c.misra
import codingstandards.c.misra.EssentialTypes
import codingstandards.cpp.Bitwise

/**
* Holds if the operator `operator` has an operand `child` that is of an inappropriate essential type
Expand Down Expand Up @@ -179,8 +178,7 @@ predicate isInappropriateEssentialType(
child =
[
operator.(BinaryBitwiseOperation).getAnOperand(),
operator.(Bitwise::AssignBitwiseOperation).getAnOperand(),
operator.(ComplementExpr).getAnOperand()
operator.(AssignBitwiseOperation).getAnOperand(), operator.(ComplementExpr).getAnOperand()
] and
not operator instanceof LShiftExpr and
not operator instanceof RShiftExpr and
Expand Down
10 changes: 4 additions & 6 deletions c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,11 +49,9 @@ where
msg = "Function " + f + " does not specify void for no parameters present."
or
//parameters declared in declaration list (not in function signature)
//have placeholder file location associated only
exists(Parameter p |
p.getFunction() = f and
not p.getFile() = f.getFile() and
msg = "Function " + f + " declares parameter in unsupported declaration list."
)
//have no prototype
not f.isPrototyped() and
not hasZeroParamDecl(f) and
msg = "Function " + f + " declares parameter in unsupported declaration list."
)
select f, msg
12 changes: 8 additions & 4 deletions c/misra/test/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
1 change: 1 addition & 0 deletions change_notes/2024-10-07-upgrade-to-2.15.5.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
- Updated the CodeQL version to `2.15.5`.
12 changes: 8 additions & 4 deletions cpp/autosar/src/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
2 changes: 1 addition & 1 deletion cpp/autosar/src/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@ suites: codeql-suites
license: MIT
dependencies:
codeql/common-cpp-coding-standards: '*'
codeql/cpp-all: 0.9.3
codeql/cpp-all: 0.12.2
3 changes: 1 addition & 2 deletions cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,15 +16,14 @@

import cpp
import codingstandards.cpp.autosar
import codingstandards.cpp.Bitwise
import codingstandards.cpp.Conversion

predicate isBinaryBitwiseOperation(Operation o, VariableAccess l, VariableAccess r) {
exists(BinaryBitwiseOperation bbo | bbo = o |
l = bbo.getLeftOperand() and r = bbo.getRightOperand()
)
or
exists(Bitwise::AssignBitwiseOperation abo | abo = o |
exists(AssignBitwiseOperation abo | abo = o |
l = abo.getLValue() and
r = abo.getRValue()
)
Expand Down
3 changes: 1 addition & 2 deletions cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,14 @@

import cpp
import codingstandards.cpp.autosar
import codingstandards.cpp.Bitwise

from Operation o, VariableAccess va
where
not isExcluded(o, ExpressionsPackage::bitwiseOperatorAppliedToSignedTypesQuery()) and
(
o instanceof UnaryBitwiseOperation or
o instanceof BinaryBitwiseOperation or
o instanceof Bitwise::AssignBitwiseOperation
o instanceof AssignBitwiseOperation
) and
o.getAnOperand() = va and
va.getTarget().getUnderlyingType().(IntegralType).isSigned()
Expand Down
3 changes: 1 addition & 2 deletions cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@

import cpp
import codingstandards.cpp.autosar
import codingstandards.cpp.Bitwise

class ShiftOperation extends Operation {
Expr leftOperand;
Expand All @@ -34,7 +33,7 @@ class ShiftOperation extends Operation {
rightOperand = o.getRightOperand()
)
or
exists(Bitwise::AssignBitwiseOperation o | this = o |
exists(AssignBitwiseOperation o | this = o |
(
o instanceof AssignLShiftExpr
or
Expand Down
12 changes: 8 additions & 4 deletions cpp/autosar/test/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
12 changes: 8 additions & 4 deletions cpp/cert/src/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
2 changes: 1 addition & 1 deletion cpp/cert/src/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,5 @@ description: CERT C++ 2016
suites: codeql-suites
license: MIT
dependencies:
codeql/cpp-all: 0.9.3
codeql/cpp-all: 0.12.2
codeql/common-cpp-coding-standards: '*'
9 changes: 6 additions & 3 deletions cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,15 @@ module AllocToStaticCastConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) {
exists(AllocationExpr ae |
ae.getType().getUnspecifiedType() instanceof VoidPointerType and
source.asExpr() = ae and
// Ignore realloc, as that memory may already be partially constructed
not ae.(FunctionCall).getTarget().getName().toLowerCase().matches("%realloc%")
source.asExpr() = ae
)
}

predicate isBarrier(DataFlow::Node sanitizer) {
// Ignore realloc, as that memory may already be partially constructed
sanitizer.asExpr().(FunctionCall).getTarget().getName().toLowerCase().matches("%realloc%")
}

predicate isSink(DataFlow::Node sink) {
exists(StaticOrCStyleCast sc, Class nonTrivialClass |
sc.getExpr() = sink.asExpr() and
Expand Down
12 changes: 8 additions & 4 deletions cpp/cert/test/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
12 changes: 8 additions & 4 deletions cpp/common/src/codeql-pack.lock.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,17 @@
lockVersion: 1.0.0
dependencies:
codeql/cpp-all:
version: 0.9.3
version: 0.12.2
codeql/dataflow:
version: 0.1.5
codeql/rangeanalysis:
version: 0.0.4
codeql/ssa:
version: 0.1.5
version: 0.2.5
codeql/tutorial:
version: 0.1.5
version: 0.2.5
codeql/typetracking:
version: 0.2.5
codeql/util:
version: 0.1.5
version: 0.2.5
compiled: false
Loading
Loading