Pinned
4,898 contributions in the last year
Activity overview
Contributed to
github/codeql,
github/vscode-codeql-starter,
github/codeql-action
and 8 other
repositories
Contribution activity
May 2023
Created 108 commits in 1 repository
Created a pull request in github/codeql that received 17 comments
C++: Fix pointer/pointee conflation
This PR fixes the conflation identified in #13182. Turns out the problem was something we've actually seen before. Consider this code void incremen…
+33
−45
•
17
comments
Opened 30 other pull requests in 1 repository
github/codeql
5
open
24
merged
1
closed
-
C++: Change range-analysis test to not use
getAst -
C++: Fix result duplication on
DefaultTaintTracking -
C++: Promote
cpp/overrun-writeout of experimental -
C++: Modernize
PrintIRfor local dataflow - C++: Fix more pointer/pointee conflation
- C++: Promote the product-dataflow library out of experimental
-
C++: Add FP testcase for
cpp/overrun-write - C++: Quotient dataflow nodes by an equivalence relation
-
C++: Replace
C18withC17in documentation -
C++: Small cleanup of
cpp/overrun-write -
C++: Update documentation for
TypeMention -
C++: Reduce memory pressure from
getInstruction - C++: Add example with conflation in dataflow
-
Swift: Recommend a proper source of randomness in
swift/hardcoded-key -
C++: Block flow through back-edges in
cpp/overrun-write -
C++: Restrict flow-state space of
cpp/overrun-write - C++: Speedup product dataflow
-
Swift: Make
DoCatchTreemore precise -
C++: Cleanup
CallAllocationExprBasewith module signature members -
C++: Use heuristic allocation functions in
cpp/overrun-write -
C++: Add FP for
cpp/overrun-write -
C++: Add QLDoc to
getOverflow - C++: Remove self edges
-
C++: Only one alert message per alert on
cpp/overrun-write -
C++: Work around poor codegen for
forexin IR-based range analysis - Some pull requests not shown.
Reviewed 58 pull requests in 1 repository
github/codeql
25 pull requests
-
C++: Fix result duplication on
DefaultTaintTracking - Swift: Promote some Data models to DataProtocol
- Swift: remove some AST and CFG inconsistencies
- C++: fix equality refinement in new range analysis
- Swift: Add path injection sinks for sqlite3 and SQLite.swift
- Swift: add CFG and PrintAst consistency queries, enabling them in CI
- C++/Swift: Rewrite inline expectation tests to use the parameterized module
-
C++: Add
cpp/invalid-pointer-derefFP test case - C++: Promote the product-dataflow library out of experimental
- C++: Rewrite flow test common to use inline expectation test module
- Swift: make only certain elements hideable in the AST
- Swift: Make the cleartext logging query consistent with other cleartext-* queries.
- C++: stitch paths and ignore cast arrays in constant off-by-one query
-
C++: Include inline namespaces in
StdNamespace -
Swift: remove unneeded properties from
InterpolatedStringLiteralExpr - Swift: Add EnumDecl.getEnumElement(_)
-
C++: Add
cpp/invalid-pointer-dereffalse positives - Swift: Use asNominalTypeDecl more.
-
Swift: Drop support for plaintext diagnostics (and
helpLinks). - Swift: Taint model for FilePath
- CPP: Add query for CVE-2022-37454: Integer addition may overflow inside if statement
-
C++: Update documentation for
TypeMention - C++: Fix pointer/pointee conflation
-
Misc: Add script to accept
.expectedchanges from CI - Swift: bump all versions to 0.1.0
- Some pull request reviews not shown.
199
contributions
in private repositories
May 2 – May 25