hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into java-kotlin-sensitive-logging-substring-barriers

Browse Source
This commit is contained in:
Paul Hodgkinson
2025-11-17 11:03:39 +00:00
committed by GitHub
parent 528c451007 c0ebc17bdc
commit 7b25e22a37
795 changed files with 63338 additions and 33702 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
.github/workflows/build-ripunzip.yml vendored
View File

@@ -1,29 +1,58 @@
name: Build runzip
name: Build ripunzip
on:
workflow_dispatch:
inputs:
ripunzip-version:
description: "what reference to checktout from google/runzip"
description: What reference to checkout from google/ripunzip. Latest by default
required: false
default: v2.0.2
openssl-version:
description: "what reference to checkout from openssl/openssl for Linux"
description: What reference to checkout from openssl/openssl for Linux. Latest by default
required: false
default: openssl-3.5.0
open-pr:
description: Open a pull request updating the ripunzip versions committed to lfs
required: false
default: true # will be false on PRs
pull_request:
paths:
- .github/workflows/build-ripunzip.yml
permissions: {}
jobs:
versions:
runs-on: ubuntu-slim
outputs:
ripunzip-version: ${{ inputs.ripunzip-version || steps.fetch-ripunzip-version.outputs.version }}
openssl-version: ${{ inputs.openssl-version || steps.fetch-openssl-version.outputs.version }}
steps:
- name: Fetch latest ripunzip version
id: fetch-ripunzip-version
if: "!inputs.ripunzip-version"
run: &fetch-version
echo "version=$(gh release view --repo $REPO --json tagName --jq .tagName)" | tee -a $GITHUB_OUTPUT
env:
REPO: "google/ripunzip"
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Fetch latest openssl version
id: fetch-openssl-version
if: "!inputs.openssl-version"
run: *fetch-version
env:
REPO: "openssl/openssl"
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
build:
needs: versions
strategy:
fail-fast: false
matrix:
os: [ubuntu-22.04, macos-13, windows-2022]
os: [ubuntu-24.04, macos-15, windows-2025]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
with:
repository: google/ripunzip
ref: ${{ inputs.ripunzip-version }}
ref: ${{ needs.versions.outputs.ripunzip-version }}
# we need to avoid ripunzip dynamically linking into libssl
# see https://github.com/sfackler/rust-openssl/issues/183
- if: runner.os == 'Linux'
@@ -32,7 +61,7 @@ jobs:
with:
repository: openssl/openssl
path: openssl
ref: ${{ inputs.openssl-version }}
ref: ${{ needs.versions.outputs.openssl-version }}
- if: runner.os == 'Linux'
name: build and install openssl with fPIC
shell: bash
@@ -64,11 +93,74 @@ jobs:
lipo -create -output ripunzip-macos \
-arch x86_64 target/x86_64-apple-darwin/release/ripunzip \
-arch arm64 target/aarch64-apple-darwin/release/ripunzip
- uses: actions/upload-artifact@v4
- name: Archive
shell: bash
run: |
tar acf ripunzip-$RUNNER_OS.tar.zst ripunzip-$(echo $RUNNER_OS | tr '[:upper:]' '[:lower:]')
- name: Upload built binary
uses: actions/upload-artifact@v4
with:
name: ripunzip-${{ runner.os }}
path: ripunzip-*
path: ripunzip-${{ runner.os }}.tar.zst
retention-days: 5
compression: 0
- name: Check built binary
shell: bash
run: |
rm -f ripunzip-*.tar.zst
./ripunzip-* --version
publish:
needs: [versions, build]
if: inputs.open-pr == 'true'
permissions:
contents: write
pull-requests: write
runs-on: ubuntu-slim
steps:
# workaround for git-lfs not being installed yet on ubuntu-slim runners
- name: Ensure git-lfs is installed
shell: bash
run: |
if which git-lfs &>/dev/null; then
echo "git-lfs is already installed"
exit 0
fi
cd $TMP
gh release download --repo git-lfs/git-lfs --pattern "git-lfs-linux-amd64-*.tar.gz" --clobber
tar xzf git-lfs-linux-amd64-*.tar.gz
rm git-lfs-linux-amd64-*.tar.gz
cd git-lfs-*
pwd | tee -a $GITHUB_PATH
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v5
with:
sparse-checkout: |
.github
misc/ripunzip
lfs: true
- name: Download built binaries
uses: actions/download-artifact@v4
with:
merge-multiple: true
path: misc/ripunzip
- name: Open PR
shell: bash
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git switch -c update-ripunzip
git add misc/ripunzip
git commit -m "Update ripunzip binaries to version $VERSION"
git push --set-upstream origin update-ripunzip --force
TITLE="Update ripunzip binaries to version $VERSION"
gh pr create \
--draft \
--title "$TITLE" \
--body "Automated update of ripunzip binaries." \
--assignee "$ACTOR" ||
(gh pr edit --title "$TITLE" --add-assignee "$ACTOR" && gh pr ready --undo)
env:
ACTOR: ${{ github.actor }}
VERSION: ${{ needs.versions.outputs.ripunzip-version }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

16
CODEOWNERS
View File

@@ -5,19 +5,29 @@
/actions/ @github/codeql-dynamic
/cpp/ @github/codeql-c-analysis
/csharp/ @github/codeql-csharp
/csharp/autobuilder/Semmle.Autobuild.Cpp @github/codeql-c-extractor
/csharp/autobuilder/Semmle.Autobuild.Cpp.Tests @github/codeql-c-extractor
/csharp/autobuilder/Semmle.Autobuild.Cpp @github/codeql-c-extractor @github/code-scanning-language-coverage
/csharp/autobuilder/Semmle.Autobuild.Cpp.Tests @github/codeql-c-extractor @github/code-scanning-language-coverage
/go/ @github/codeql-go
/go/codeql-tools/ @github/codeql-go @github/code-scanning-language-coverage
/go/downgrades/ @github/codeql-go @github/code-scanning-language-coverage
/go/extractor/ @github/codeql-go @github/code-scanning-language-coverage
/go/extractor-smoke-test/ @github/codeql-go @github/code-scanning-language-coverage
/go/ql/test/extractor-tests/ @github/codeql-go @github/code-scanning-language-coverage
/java/ @github/codeql-java
/javascript/ @github/codeql-javascript
/javascript/extractor/ @github/codeql-javascript @github/code-scanning-language-coverage
/python/ @github/codeql-python
/python/extractor/ @github/codeql-python @github/code-scanning-language-coverage
/ql/ @github/codeql-ql-for-ql-reviewers
/ruby/ @github/codeql-ruby
/ruby/extractor/ @github/codeql-ruby @github/code-scanning-language-coverage
/rust/ @github/codeql-rust
/rust/extractor/ @github/codeql-rust @github/code-scanning-language-coverage
/shared/ @github/codeql-shared-libraries-reviewers
/swift/ @github/codeql-swift
/swift/extractor/ @github/codeql-swift @github/code-scanning-language-coverage
/misc/codegen/ @github/codeql-swift
/java/kotlin-extractor/ @github/codeql-kotlin
/java/kotlin-extractor/ @github/codeql-kotlin @github/code-scanning-language-coverage
/java/ql/test-kotlin1/ @github/codeql-kotlin
/java/ql/test-kotlin2/ @github/codeql-kotlin

6
MODULE.bazel
View File

@@ -273,19 +273,19 @@ lfs_archive = use_repo_rule("//misc/bazel:lfs.bzl", "lfs_archive")
lfs_archive(
name = "ripunzip-linux",
src = "//misc/ripunzip:ripunzip-Linux.zip",
src = "//misc/ripunzip:ripunzip-Linux.tar.zst",
build_file = "//misc/ripunzip:BUILD.ripunzip.bazel",
)
lfs_archive(
name = "ripunzip-windows",
src = "//misc/ripunzip:ripunzip-Windows.zip",
src = "//misc/ripunzip:ripunzip-Windows.tar.zst",
build_file = "//misc/ripunzip:BUILD.ripunzip.bazel",
)
lfs_archive(
name = "ripunzip-macos",
src = "//misc/ripunzip:ripunzip-macOS.zip",
src = "//misc/ripunzip:ripunzip-macOS.tar.zst",
build_file = "//misc/ripunzip:BUILD.ripunzip.bazel",
)

4
actions/ql/lib/CHANGELOG.md
View File

@@ -1,3 +1,7 @@
## 0.4.20
No user-facing changes.
## 0.4.19
No user-facing changes.

3
actions/ql/lib/change-notes/released/0.4.20.md Normal file
View File

@@ -0,0 +1,3 @@
## 0.4.20
No user-facing changes.

2
actions/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.4.19
lastReleaseVersion: 0.4.20

2
actions/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/actions-all
version: 0.4.20-dev
version: 0.4.21-dev
library: true
warnOnImplicitThis: true
dependencies:

4
actions/ql/src/CHANGELOG.md
View File

@@ -1,3 +1,7 @@
## 0.6.12
No user-facing changes.
## 0.6.11
No user-facing changes.

3
actions/ql/src/change-notes/released/0.6.12.md Normal file
View File

@@ -0,0 +1,3 @@
## 0.6.12
No user-facing changes.

2
actions/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.6.11
lastReleaseVersion: 0.6.12

2
actions/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/actions-queries
version: 0.6.12-dev
version: 0.6.13-dev
library: false
warnOnImplicitThis: true
groups: [actions, queries]

2437
cpp/downgrades/2121ffec11fac265524955fee1775217364d4ca4/old.dbscheme Normal file
View File

File diff suppressed because it is too large Load Diff

2436
cpp/downgrades/2121ffec11fac265524955fee1775217364d4ca4/semmlecode.cpp.dbscheme Normal file
View File

File diff suppressed because it is too large Load Diff

2
cpp/downgrades/2121ffec11fac265524955fee1775217364d4ca4/upgrade.properties Normal file
View File

@@ -0,0 +1,2 @@
description: Fix decltype qualifier issue
compatibility: full

24
cpp/ql/lib/CHANGELOG.md
View File

@@ -1,3 +1,7 @@
## 6.0.1
No user-facing changes.
## 6.0.0
### Breaking Changes
@@ -255,8 +259,8 @@ No user-facing changes.
### Breaking Changes
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
* Deleted the deprecated `hasQualifiedName` and `isDefined` predicates from the `Declaration` class, use `hasGlobalName` and `hasDefinition` respectively instead.
* Deleted the `getFullSignature` predicate from the `Function` class, use `getIdentityString(Declaration)` from `semmle.code.cpp.Print` instead.
* Deleted the deprecated `freeCall` predicate from `Alloc.qll`. Use `DeallocationExpr` instead.
@@ -290,7 +294,7 @@ No user-facing changes.
* A `getTemplateClass` predicate was added to the `DeductionGuide` class to get the class template for which the deduction guide is a guide.
* An `isExplicit` predicate was added to the `Function` class that determines whether the function was declared as explicit.
* A `getExplicitExpr` predicate was added to the `Function` class that yields the constant boolean expression (if any) that conditionally determines whether the function is explicit.
* A `isDestroyingDeleteDeallocation` predicate was added to the `NewOrNewArrayExpr` and `DeleteOrDeleteArrayExpr` classes to indicate whether the deallocation function is a destroying delete.
* A `isDestroyingDeleteDeallocation` predicate was added to the `NewOrNewArrayExpr` and `DeleteOrDeleteArrayExpr` classes to indicate whether the deallocation function is a destroying delete.
### Minor Analysis Improvements
@@ -368,9 +372,9 @@ No user-facing changes.
### New Features
* Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field.
* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant.
* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant.
* Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant.
* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant.
* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant.
* Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant.
* Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement.
@@ -486,7 +490,7 @@ No user-facing changes.
* Functions that do not return due to calling functions that don't return (e.g. `exit`) are now detected as
non-returning in the IR and dataflow.
* Treat functions that reach the end of the function as returning in the IR.
They used to be treated as unreachable but it is allowed in C.
They used to be treated as unreachable but it is allowed in C.
* The `DataFlow::asDefiningArgument` predicate now takes its argument from the range starting at `1` instead of `2`. Queries that depend on the single-parameter version of `DataFlow::asDefiningArgument` should have their arguments updated accordingly.
## 0.9.3
@@ -535,7 +539,7 @@ No user-facing changes.
### New Features
* The `DataFlow::StateConfigSig` signature module has gained default implementations for `isBarrier/2` and `isAdditionalFlowStep/4`.
* The `DataFlow::StateConfigSig` signature module has gained default implementations for `isBarrier/2` and `isAdditionalFlowStep/4`.
Hence it is no longer needed to provide `none()` implementations of these predicates if they are not needed.
### Minor Analysis Improvements
@@ -729,7 +733,7 @@ No user-facing changes.
### Deprecated APIs
* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
The old name still exists as a deprecated alias.
### New Features
@@ -746,7 +750,7 @@ No user-facing changes.
### Deprecated APIs
* Many classes/predicates/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
* Many classes/predicates/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
The old name still exists as a deprecated alias.
### New Features
@@ -845,7 +849,7 @@ No user-facing changes.
### Deprecated APIs
* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide.
* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide.
The old name still exists as a deprecated alias.
### New Features

0
cpp/ql/lib/change-notes/2025-10-16-range-analysis-performance.md → cpp/ql/lib/change-notes/2025-11-11-range-analysis-performance.md
View File

3
cpp/ql/lib/change-notes/released/6.0.1.md Normal file
View File

@@ -0,0 +1,3 @@
## 6.0.1
No user-facing changes.

2
cpp/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 6.0.0
lastReleaseVersion: 6.0.1

9
cpp/ql/lib/ext/cctype.model.yml Normal file
View File

@@ -0,0 +1,9 @@
extensions:
- addsTo:
pack: codeql/cpp-all
extensible: summaryModel
data: # namespace, type, subtypes, name, signature, ext, input, output, kind, provenance
- ["", "", False, "tolower", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["std", "", False, "tolower", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["", "", False, "toupper", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["std", "", False, "toupper", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]

7
cpp/ql/lib/ext/iconv.model.yml Normal file
View File

@@ -0,0 +1,7 @@
extensions:
- addsTo:
pack: codeql/cpp-all
extensible: summaryModel
data: # namespace, type, subtypes, name, signature, ext, input, output, kind, provenance
- ["", "", False, "iconv", "", "", "Argument[**1]", "Argument[**3]", "value", "manual"]

2
cpp/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/cpp-all
version: 6.0.1-dev
version: 6.0.2-dev
groups: cpp
dbscheme: semmlecode.cpp.dbscheme
extractor: cpp

4
cpp/ql/lib/semmle/code/cpp/NameQualifiers.qll
View File

@@ -144,14 +144,14 @@ class NameQualifiableElement extends Element, @namequalifiableelement {
class NameQualifyingElement extends Element, @namequalifyingelement {
/**
* Gets a name qualifier for which this is the qualifying namespace or
* user-defined type. For example: class `X` is the
* user-defined type, or decltype. For example: class `X` is the
* `NameQualifyingElement` and `X::` is the `NameQualifier`.
*/
NameQualifier getANameQualifier() {
namequalifiers(unresolveElement(result), _, underlyingElement(this), _)
}
/** Gets the name of this namespace or user-defined type. */
/** Gets the name of this namespace, user-defined type, or decltype. */
string getName() { none() }
}

10
cpp/ql/lib/semmle/code/cpp/Type.qll
View File

@@ -1146,7 +1146,7 @@ class DerivedType extends Type, @derivedtype {
* decltype(a) b;
* ```
*/
class Decltype extends Type {
class Decltype extends Type, NameQualifyingElement {
Decltype() { decltypes(underlyingElement(this), _, 0, _, _) }
override string getAPrimaryQlClass() { result = "Decltype" }
@@ -1187,7 +1187,7 @@ class Decltype extends Type {
override string toString() { result = "decltype(...)" }
override string getName() { none() }
override string getName() { result = "decltype(...)" }
override int getSize() { result = this.getBaseType().getSize() }
@@ -1247,7 +1247,7 @@ class TypeofType extends Type {
override string toString() { result = "typeof(...)" }
override string getName() { none() }
override string getName() { result = "typeof(...)" }
override int getSize() { result = this.getBaseType().getSize() }
@@ -1311,8 +1311,6 @@ class TypeofTypeType extends TypeofType {
Type getType() { type_operators(underlyingElement(this), unresolveElement(result), _, _) }
override string getAPrimaryQlClass() { result = "TypeofTypeType" }
override string toString() { result = "typeof(...)" }
}
/**
@@ -1394,7 +1392,7 @@ class IntrinsicTransformedType extends Type {
override Type resolveTypedefs() { result = this.getBaseType().resolveTypedefs() }
override string getName() { none() }
override string getName() { result = this.getIntrinsicName() + "(...)" }
override int getSize() { result = this.getBaseType().getSize() }

4
cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll
View File

@@ -703,6 +703,7 @@ private class GuardConditionFromBinaryLogicalOperator extends GuardConditionImpl
)
}
pragma[nomagic]
override predicate comparesLt(
Cpp::Expr left, Cpp::Expr right, int k, boolean isLessThan, boolean testIsTrue
) {
@@ -713,6 +714,7 @@ private class GuardConditionFromBinaryLogicalOperator extends GuardConditionImpl
)
}
pragma[nomagic]
override predicate comparesLt(Cpp::Expr e, int k, boolean isLessThan, GuardValue value) {
exists(GuardValue partValue, GuardCondition part |
this.(Cpp::BinaryLogicalOperation)
@@ -738,6 +740,7 @@ private class GuardConditionFromBinaryLogicalOperator extends GuardConditionImpl
)
}
pragma[nomagic]
override predicate comparesEq(
Cpp::Expr left, Cpp::Expr right, int k, boolean areEqual, boolean testIsTrue
) {
@@ -757,6 +760,7 @@ private class GuardConditionFromBinaryLogicalOperator extends GuardConditionImpl
)
}
pragma[nomagic]
override predicate comparesEq(Cpp::Expr e, int k, boolean areEqual, GuardValue value) {
exists(GuardValue partValue, GuardCondition part |
this.(Cpp::BinaryLogicalOperation)

122
cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll
View File

@@ -656,6 +656,7 @@ private string getTypeNameWithoutFunctionTemplates(Function f, int n, int remain
* Normalize the `n`'th parameter of `f` by replacing template names
* with `class:N` (where `N` is the index of the template).
*/
pragma[nomagic]
private string getTypeNameWithoutClassTemplates(Function f, int n, int remaining) {
// If there is a declaring type then we start by expanding the function templates
exists(Class template |
@@ -727,6 +728,7 @@ private string getSignatureWithoutClassTemplateNames(
* - The `remaining` number of template arguments in `partiallyNormalizedSignature`
* with their index in `nameArgs`.
*/
pragma[nomagic]
private string getSignatureWithoutFunctionTemplateNames(
string partiallyNormalizedSignature, string typeArgs, string nameArgs, int remaining
) {
@@ -770,6 +772,7 @@ private string getSignatureWithoutFunctionTemplateNames(
* ```
* In this case, `normalizedSignature` will be `"(const func:0 &,int,class:1,class:0 *)"`.
*/
pragma[nomagic]
private predicate elementSpecWithArguments(
string signature, string type, string name, string normalizedSignature, string typeArgs,
string nameArgs
@@ -789,6 +792,35 @@ private string getSignatureParameterName(string signature, string type, string n
)
}
/**
* Gets a `Function` identified by the `(namespace, type, name)` components.
*
* If `subtypes` is `true` then the result may be an override of the function
* identified by the components.
*/
pragma[nomagic]
private Function getFunction(string namespace, string type, boolean subtypes, string name) {
elementSpec(namespace, type, subtypes, name, _, _) and
(
funcHasQualifiedName(result, namespace, name) and
subtypes = false and
type = ""
or
exists(Class namedClass, Class classWithMethod |
hasClassAndName(classWithMethod, result, name) and
classHasQualifiedName(namedClass, namespace, type)
|
// member declared in the named type or a subtype of it
subtypes = true and
classWithMethod = namedClass.getADerivedClass*()
or
// member declared directly in the named type
subtypes = false and
classWithMethod = namedClass
)
)
}
/**
* Holds if the suffix containing the entries in `signature` starting at entry
* `i` matches the suffix containing the parameters of `func` starting at entry `i`.
@@ -812,13 +844,17 @@ private string getSignatureParameterName(string signature, string type, string n
* is `func:n` then the signature name is compared with the `n`'th name
* in `name`.
*/
private predicate signatureMatches(Function func, string signature, string type, string name, int i) {
pragma[nomagic]
private predicate signatureMatches(
Function func, string namespace, string signature, string type, string name, int i
) {
func = getFunction(namespace, type, _, name) and
exists(string s |
s = getSignatureParameterName(signature, type, name, i) and
s = getParameterTypeName(func, i)
) and
if exists(getParameterTypeName(func, i + 1))
then signatureMatches(func, signature, type, name, i + 1)
then signatureMatches(func, namespace, signature, type, name, i + 1)
else i = count(signature.indexOf(","))
}
@@ -833,7 +869,7 @@ module ExternalFlowDebug {
*
* Exposed for testing purposes.
*/
predicate signatureMatches_debug = signatureMatches/5;
predicate signatureMatches_debug = signatureMatches/6;
/**
* INTERNAL: Do not use.
@@ -883,6 +919,7 @@ private predicate parseParens(string s, string betweenParens) { s = "(" + betwee
* - `signatureWithoutParens` equals `signature`, but with the surrounding
* parentheses removed.
*/
pragma[nomagic]
private predicate elementSpecWithArguments0(
string signature, string type, string name, string signatureWithoutParens, string typeArgs,
string nameArgs
@@ -909,7 +946,7 @@ private predicate elementSpecMatchesSignature(
) {
elementSpec(namespace, pragma[only_bind_into](type), subtypes, pragma[only_bind_into](name),
pragma[only_bind_into](signature), _) and
signatureMatches(func, signature, type, name, 0)
signatureMatches(func, namespace, signature, type, name, 0)
}
/**
@@ -953,7 +990,7 @@ private predicate funcHasQualifiedName(Function func, string namespace, string n
* Holds if `namedClass` is in namespace `namespace` and has
* name `type` (excluding any template parameters).
*/
bindingset[type, namespace]
bindingset[type]
pragma[inline_late]
private predicate classHasQualifiedName(Class namedClass, string namespace, string type) {
exists(string typeWithoutArgs |
@@ -969,17 +1006,14 @@ private predicate classHasQualifiedName(Class namedClass, string namespace, stri
* are also returned.
* 3. The element has name `name`
* 4. If `signature` is non-empty, then the element has a list of parameter types described by `signature`.
*
* NOTE: `namespace` is currently not used (since we don't properly extract modules yet).
*/
pragma[nomagic]
private Element interpretElement0(
string namespace, string type, boolean subtypes, string name, string signature
) {
result = getFunction(namespace, type, subtypes, name) and
(
// Non-member functions
funcHasQualifiedName(result, namespace, name) and
subtypes = false and
type = "" and
(
elementSpecMatchesSignature(result, namespace, type, subtypes, name, signature)
@@ -989,52 +1023,36 @@ private Element interpretElement0(
)
or
// Member functions
exists(Class namedClass, Class classWithMethod |
hasClassAndName(classWithMethod, result, name) and
classHasQualifiedName(namedClass, namespace, type)
|
(
elementSpecMatchesSignature(result, namespace, type, subtypes, name, signature)
or
signature = "" and
elementSpec(namespace, type, subtypes, name, "", _)
) and
(
// member declared in the named type or a subtype of it
subtypes = true and
classWithMethod = namedClass.getADerivedClass*()
or
// member declared directly in the named type
subtypes = false and
classWithMethod = namedClass
)
)
elementSpecMatchesSignature(result, namespace, type, subtypes, name, signature)
or
elementSpec(namespace, type, subtypes, name, signature, _) and
// Member variables
signature = "" and
exists(Class namedClass, Class classWithMember, MemberVariable member |
member.getName() = name and
member = classWithMember.getAMember() and
namedClass.hasQualifiedName(namespace, type) and
result = member
|
// field declared in the named type or a subtype of it (or an extension of any)
subtypes = true and
classWithMember = namedClass.getADerivedClass*()
or
// field declared directly in the named type (or an extension of it)
subtypes = false and
classWithMember = namedClass
)
or
// Global or namespace variables
elementSpec(namespace, type, subtypes, name, signature, _) and
signature = "" and
type = "" and
subtypes = false and
result = any(GlobalOrNamespaceVariable v | v.hasQualifiedName(namespace, name))
elementSpec(namespace, type, subtypes, name, signature, _)
)
or
// Member variables
elementSpec(namespace, type, subtypes, name, signature, _) and
signature = "" and
exists(Class namedClass, Class classWithMember, MemberVariable member |
member.getName() = name and
member = classWithMember.getAMember() and
namedClass.hasQualifiedName(namespace, type) and
result = member
|
// field declared in the named type or a subtype of it (or an extension of any)
subtypes = true and
classWithMember = namedClass.getADerivedClass*()
or
// field declared directly in the named type (or an extension of it)
subtypes = false and
classWithMember = namedClass
)
or
// Global or namespace variables
elementSpec(namespace, type, subtypes, name, signature, _) and
signature = "" and
type = "" and
subtypes = false and
result = any(GlobalOrNamespaceVariable v | v.hasQualifiedName(namespace, name))
}
cached

8
cpp/ql/lib/semmle/code/cpp/models/implementations/Memcpy.qll
View File

@@ -12,8 +12,8 @@ import semmle.code.cpp.models.interfaces.Taint
import semmle.code.cpp.models.interfaces.NonThrowing
/**
* The standard functions `memcpy`, `memmove` and `bcopy`; and the gcc variant
* `__builtin___memcpy_chk`.
* The standard functions `memcpy`, `memmove` and `bcopy`; and variants such as
* `__builtin___memcpy_chk` and `__builtin___memmove_chk`.
*/
private class MemcpyFunction extends ArrayFunction, DataFlowFunction, SideEffectFunction,
AliasFunction, NonCppThrowingFunction
@@ -27,7 +27,9 @@ private class MemcpyFunction extends ArrayFunction, DataFlowFunction, SideEffect
// bcopy(src, dest, num)
// mempcpy(dest, src, num)
// memccpy(dest, src, c, n)
this.hasGlobalName(["bcopy", mempcpy(), "memccpy", "__builtin___memcpy_chk"])
this.hasGlobalName([
"bcopy", mempcpy(), "memccpy", "__builtin___memcpy_chk", "__builtin___memmove_chk"
])
}
/**

5
cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll
View File

@@ -19,7 +19,8 @@ private class MemsetFunctionModel extends ArrayFunction, DataFlowFunction, Alias
this.hasGlobalOrStdName("wmemset")
or
this.hasGlobalName([
bzero(), "__builtin_memset", "__builtin_memset_chk", "RtlZeroMemory", "RtlSecureZeroMemory"
bzero(), "__builtin_memset", "__builtin_memset_chk", "__builtin___memset_chk",
"RtlZeroMemory", "RtlSecureZeroMemory"
])
}
@@ -32,7 +33,7 @@ private class MemsetFunctionModel extends ArrayFunction, DataFlowFunction, Alias
or
this.hasGlobalOrStdName("wmemset")
or
this.hasGlobalName(["__builtin_memset", "__builtin_memset_chk"])
this.hasGlobalName(["__builtin_memset", "__builtin_memset_chk", "__builtin___memset_chk"])
) and
result = 1
}

6
cpp/ql/lib/semmle/code/cpp/models/implementations/Strcat.qll
View File

@@ -30,7 +30,9 @@ class StrcatFunction extends TaintFunction, DataFlowFunction, ArrayFunction, Sid
"_mbsncat", // _mbsncat(dst, src, max_amount)
"_mbsncat_l", // _mbsncat_l(dst, src, max_amount, locale)
"_mbsnbcat", // _mbsnbcat(dest, src, count)
"_mbsnbcat_l" // _mbsnbcat_l(dest, src, count, locale)
"_mbsnbcat_l", // _mbsnbcat_l(dest, src, count, locale)
"__builtin___strcat_chk", // __builtin___strcat_chk (dest, src, magic)
"__builtin___strncat_chk" // __builtin___strncat_chk (dest, src, max_amount, magic)
])
}
@@ -56,7 +58,7 @@ class StrcatFunction extends TaintFunction, DataFlowFunction, ArrayFunction, Sid
override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
(
this.getName() = ["strncat", "wcsncat", "_mbsncat", "_mbsncat_l"] and
this.getName() = ["strncat", "wcsncat", "_mbsncat", "_mbsncat_l", "__builtin___strncat_chk"] and
input.isParameter(2)
or
this.getName() = ["_mbsncat_l", "_mbsnbcat_l"] and

6
cpp/ql/lib/semmle/code/cpp/models/implementations/Strcpy.qll
View File

@@ -36,7 +36,11 @@ class StrcpyFunction extends ArrayFunction, DataFlowFunction, TaintFunction, Sid
"_mbsnbcpy", // _mbsnbcpy(dest, src, max_amount)
"stpcpy", // stpcpy(dest, src)
"stpncpy", // stpncpy(dest, src, max_amount)
"strlcpy" // strlcpy(dst, src, dst_size)
"strlcpy", // strlcpy(dst, src, dst_size)
"__builtin___strcpy_chk", // __builtin___strcpy_chk (dest, src, magic)
"__builtin___stpcpy_chk", // __builtin___stpcpy_chk (dest, src, magic)
"__builtin___stpncpy_chk", // __builtin___stpncpy_chk(dest, src, max_amount, magic)
"__builtin___strncpy_chk" // __builtin___strncpy_chk (dest, src, max_amount, magic)
])
or
(

24
cpp/ql/lib/semmle/code/cpp/rangeanalysis/SimpleRangeAnalysis.qll
View File

@@ -592,7 +592,7 @@ private module BoundsEstimate {
not exists(def.getAPhiInput(v)) and
// If there's different `access`es, then they refer to the same variable
// with the same lower bounds. Hence adding these guards make no sense (the
// implementation will take the union but they'll be removed by
// implementation will take the union, but they'll be removed by
// deduplication). Hence we use `max` as an approximation.
result =
max(VariableAccess access | isGuardPhiWithBound(def, v, access) | nrOfBoundsExpr(access))
@@ -624,8 +624,13 @@ private module BoundsEstimate {
* Gets the number of bounds for `def` when `def` is an NE phi node for the
* variable `v`.
*/
private float nrOfBoundsNEPhi(RangeSsaDefinition def, StackVariable v) {
exists(VariableAccess access | isNEPhi(v, def, access, _) and result = nrOfBoundsExpr(access))
language[monotonicAggregates]
float nrOfBoundsNEPhi(RangeSsaDefinition def, StackVariable v) {
// If there's different `access`es, then they refer to the same variable
// with the same lower bounds. Hence adding these guards make no sense (the
// implementation will take the union, but they'll be removed by
// deduplication). Hence we use `max` as an approximation.
result = max(VariableAccess access | isNEPhi(v, def, access, _) | nrOfBoundsExpr(access))
or
def.isPhiNode(v) and
not isNEPhi(v, def, _, _) and
@@ -636,11 +641,14 @@ private module BoundsEstimate {
* Gets the number of bounds for `def` when `def` is an unsupported guard phi
* node for the variable `v`.
*/
language[monotonicAggregates]
private float nrOfBoundsUnsupportedGuardPhi(RangeSsaDefinition def, StackVariable v) {
exists(VariableAccess access |
isUnsupportedGuardPhi(v, def, access) and
result = nrOfBoundsExpr(access)
)
// If there's different `access`es, then they refer to the same variable
// with the same lower bounds. Hence adding these guards make no sense (the
// implementation will take the union, but they'll be removed by
// deduplication). Hence we use `max` as an approximation.
result =
max(VariableAccess access | isUnsupportedGuardPhi(v, def, access) | nrOfBoundsExpr(access))
or
def.isPhiNode(v) and
not isUnsupportedGuardPhi(v, def, _) and
@@ -701,7 +709,7 @@ private module BoundsEstimate {
* ```
* the actual number of bounds for `y` is 1. However, the estimate will be 4
* as the conditional assignment to `x` gives two bounds for `x` on the last
* line and the addition gives 2 * 2 bounds. There are two sources of anncuracies:
* line and the addition gives 2 * 2 bounds. There are two sources of inaccuracies:
*
* 1. Without tracking the lower bounds we can't see that `x` is assigned a
* value that is equal to its lower bound.

3
cpp/ql/lib/semmlecode.cpp.dbscheme
View File

@@ -1327,7 +1327,8 @@ specialnamequalifyingelements(
@namequalifiableelement = @expr | @namequalifier;
@namequalifyingelement = @namespace
| @specialnamequalifyingelement
| @usertype;
| @usertype
| @decltype;
namequalifiers(
unique int id: @namequalifier,

2436
cpp/ql/lib/upgrades/c16b29b27f71247023321cc0d0360998b318837c/old.dbscheme Normal file
View File

File diff suppressed because it is too large Load Diff

2437
cpp/ql/lib/upgrades/c16b29b27f71247023321cc0d0360998b318837c/semmlecode.cpp.dbscheme Normal file
View File

File diff suppressed because it is too large Load Diff

2
cpp/ql/lib/upgrades/c16b29b27f71247023321cc0d0360998b318837c/upgrade.properties Normal file
View File

@@ -0,0 +1,2 @@
description: Fix decltype qualifier issue
compatibility: full

4
cpp/ql/src/CHANGELOG.md
View File

@@ -1,3 +1,7 @@
## 1.5.3
No user-facing changes.
## 1.5.2
No user-facing changes.

3
cpp/ql/src/change-notes/released/1.5.3.md Normal file
View File

@@ -0,0 +1,3 @@
## 1.5.3
No user-facing changes.

2
cpp/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 1.5.2
lastReleaseVersion: 1.5.3

2
cpp/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/cpp-queries
version: 1.5.3-dev
version: 1.5.4-dev
groups:
- cpp
- queries

20
cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
View File

@@ -7988,6 +7988,26 @@ WARNING: module 'TaintTracking' has been deprecated and may be removed in future
| taint.cpp:841:21:841:35 | call to indirect_source | taint.cpp:843:16:843:17 | fp | |
| taint.cpp:842:11:842:12 | ref arg fp | taint.cpp:843:16:843:17 | fp | |
| taint.cpp:842:15:842:16 | | taint.cpp:842:11:842:12 | ref arg fp | TAINT |
| taint.cpp:851:10:851:15 | call to source | taint.cpp:852:18:852:18 | s | |
| taint.cpp:851:10:851:15 | call to source | taint.cpp:854:18:854:18 | s | |
| taint.cpp:852:10:852:16 | call to toupper | taint.cpp:853:7:853:7 | u | |
| taint.cpp:854:10:854:16 | call to tolower | taint.cpp:855:7:855:7 | l | |
| taint.cpp:861:24:861:27 | size | taint.cpp:866:16:866:19 | size | |
| taint.cpp:862:12:862:26 | call to indirect_source | taint.cpp:866:12:866:12 | s | |
| taint.cpp:863:7:863:9 | out | taint.cpp:864:12:864:14 | out | |
| taint.cpp:864:12:864:14 | out | taint.cpp:866:23:866:23 | p | |
| taint.cpp:864:12:864:14 | out | taint.cpp:867:8:867:8 | p | |
| taint.cpp:865:9:865:16 | size_out | taint.cpp:866:27:866:34 | size_out | |
| taint.cpp:866:11:866:12 | ref arg & ... | taint.cpp:866:12:866:12 | s [inner post update] | |
| taint.cpp:866:12:866:12 | s | taint.cpp:866:11:866:12 | & ... | |
| taint.cpp:866:15:866:19 | ref arg & ... | taint.cpp:866:16:866:19 | size [inner post update] | |
| taint.cpp:866:16:866:19 | size | taint.cpp:866:15:866:19 | & ... | |
| taint.cpp:866:22:866:23 | ref arg & ... | taint.cpp:866:23:866:23 | p [inner post update] | |
| taint.cpp:866:22:866:23 | ref arg & ... | taint.cpp:867:8:867:8 | p | |
| taint.cpp:866:23:866:23 | p | taint.cpp:866:22:866:23 | & ... | |
| taint.cpp:866:26:866:34 | ref arg & ... | taint.cpp:866:27:866:34 | size_out [inner post update] | |
| taint.cpp:866:27:866:34 | size_out | taint.cpp:866:26:866:34 | & ... | |
| taint.cpp:867:8:867:8 | p | taint.cpp:867:7:867:8 | * ... | TAINT |
| thread.cpp:10:27:10:27 | s | thread.cpp:10:27:10:27 | s | |
| thread.cpp:10:27:10:27 | s | thread.cpp:11:8:11:8 | s | |
| thread.cpp:14:26:14:26 | s | thread.cpp:15:8:15:8 | s | |

23
cpp/ql/test/library-tests/dataflow/taint-tests/taint.cpp
View File

@@ -842,4 +842,27 @@ int f7(void)
fprintf(fp, "");
indirect_sink(fp); // $ ir MISSING: ast
return 0;
}
int toupper(int);
int tolower(int);
void test_toupper_and_tolower() {
int s = source();
int u = toupper(s);
sink(u); // $ ir MISSING: ast
int l = tolower(s);
sink(l); // $ ir MISSING: ast
}
typedef int iconv_t;
size_t iconv(iconv_t cd, char **, size_t *, char **, size_t *);
void test_iconv(size_t size) {
char* s = indirect_source();
char out[10];
char* p = out;
size_t size_out;
iconv(0, &s, &size, &p, &size_out);
sink(*p); // $ ast,ir
}

19603
cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
View File

File diff suppressed because it is too large Load Diff

2
cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.ql
View File

@@ -2,7 +2,7 @@ import cpp
import semmle.code.cpp.dataflow.ExternalFlow
import ExternalFlowDebug
query predicate signatureMatches = signatureMatches_debug/5;
query predicate signatureMatches = signatureMatches_debug/6;
query predicate getSignatureParameterName = getSignatureParameterName_debug/4;

1000
cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/lowerBound.expected
View File

File diff suppressed because it is too large Load Diff

5955
cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.expected
View File

File diff suppressed because it is too large Load Diff

30
cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.ql
View File

@@ -1,5 +1,31 @@
import cpp
import utils.test.InlineExpectationsTest
import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
from Expr e
select e, SimpleRangeAnalysisInternal::estimateNrOfBounds(e)
query predicate estimateNrOfBounds(Expr e, float nrOfBounds) {
nrOfBounds = SimpleRangeAnalysisInternal::estimateNrOfBounds(e)
}
/**
* Finds any expressions for which `nrOfBounds` is not functional. The result
* should be empty, so this predicate is useful to debug non-functional cases.
*/
private predicate nonFunctionalNrOfBounds(Expr e) {
strictcount(SimpleRangeAnalysisInternal::estimateNrOfBounds(e)) > 1
}
module FunctionalityTest implements TestSig {
string getARelevantTag() { result = "nonFunctionalNrOfBounds" }
predicate hasActualResult(Location location, string element, string tag, string value) {
exists(Expr e |
nonFunctionalNrOfBounds(e) and
location = e.getLocation() and
element = e.toString() and
tag = "nonFunctionalNrOfBounds" and
value = ""
)
}
}
import MakeTest<FunctionalityTest>

144
cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/ternaryLower.expected
View File

@@ -72,77 +72,77 @@
| test.c:405:22:405:82 | ... ? ... : ... | 0.13204114 | 0.42186276 | 0.13204114 |
| test.c:405:26:405:69 | ... ? ... : ... | 0.42186276 | 0.42186276 | 0.44996679 |
| test.c:405:30:405:56 | ... ? ... : ... | 0.42186276 | 0.42186276 | 0.53843358 |
| test.c:432:4:606:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:432:5:434:49 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:435:6:517:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:436:8:454:41 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:439:10:443:21 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:439:31:439:79 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:441:13:443:21 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:448:12:453:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:449:12:449:60 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:451:15:453:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:455:6:474:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:458:8:462:19 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:458:29:458:77 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:460:11:462:19 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:463:6:463:54 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:467:10:471:21 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:467:31:467:79 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:469:13:471:21 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:472:9:474:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:476:10:495:43 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:479:12:484:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:480:12:480:60 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:482:15:484:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:489:14:494:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:490:14:490:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:492:17:494:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:496:9:517:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:499:14:504:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:500:14:500:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:502:17:504:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:505:12:505:60 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:509:12:514:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:510:12:510:60 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:512:15:514:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:515:11:517:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:518:9:520:51 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:521:9:606:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:522:14:541:47 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:525:16:530:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:526:16:526:64 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:528:19:530:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:535:18:540:29 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:536:18:536:66 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:538:21:540:29 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:542:12:563:29 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:545:14:550:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:546:14:546:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:548:17:550:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:551:12:551:60 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:555:16:560:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:556:16:556:64 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:558:19:560:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:561:15:563:29 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:565:12:584:45 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:568:14:573:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:569:14:569:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:571:17:573:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:578:16:583:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:579:16:579:64 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:581:19:583:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:585:11:606:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:588:16:593:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:589:16:589:64 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:591:19:593:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:594:14:594:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:598:14:603:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:599:14:599:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:601:17:603:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:604:13:606:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:632:20:632:36 | ... ? ... : ... | 0.0 | 0.0 | 100.0 |
| test.c:844:5:844:14 | ... ? ... : ... | 0.0 | 1.0 | 0.0 |
| test.c:845:5:845:14 | ... ? ... : ... | 0.0 | 0.0 | 1.0 |
| test.c:447:4:621:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:447:5:449:49 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:450:6:532:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:451:8:469:41 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:454:10:458:21 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:454:31:454:79 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:456:13:458:21 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:463:12:468:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:464:12:464:60 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:466:15:468:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:470:6:489:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:473:8:477:19 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:473:29:473:77 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:475:11:477:19 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:478:6:478:54 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:482:10:486:21 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:482:31:482:79 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:484:13:486:21 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:487:9:489:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:491:10:510:43 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:494:12:499:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:495:12:495:60 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:497:15:499:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:504:14:509:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:505:14:505:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:507:17:509:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:511:9:532:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:514:14:519:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:515:14:515:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:517:17:519:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:520:12:520:60 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:524:12:529:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:525:12:525:60 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:527:15:529:23 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:530:11:532:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:533:9:535:51 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:536:9:621:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:537:14:556:47 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:540:16:545:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:541:16:541:64 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:543:19:545:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:550:18:555:29 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:551:18:551:66 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:553:21:555:29 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:557:12:578:29 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:560:14:565:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:561:14:561:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:563:17:565:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:566:12:566:60 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:570:16:575:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:571:16:571:64 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:573:19:575:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:576:15:578:29 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:580:12:599:45 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:583:14:588:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:584:14:584:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:586:17:588:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:593:16:598:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:594:16:594:64 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:596:19:598:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:600:11:621:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:603:16:608:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:604:16:604:64 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:606:19:608:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:609:14:609:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:613:14:618:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:614:14:614:62 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:616:17:618:25 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:619:13:621:27 | ... ? ... : ... | 0.0 | 0.0 | 0.0 |
| test.c:647:20:647:36 | ... ? ... : ... | 0.0 | 0.0 | 100.0 |
| test.c:859:5:859:14 | ... ? ... : ... | 0.0 | 1.0 | 0.0 |
| test.c:860:5:860:14 | ... ? ... : ... | 0.0 | 0.0 | 1.0 |
| test.cpp:121:3:121:12 | ... ? ... : ... | 0.0 | 1.0 | 0.0 |
| test.cpp:122:3:122:12 | ... ? ... : ... | 0.0 | 0.0 | 1.0 |

144
cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/ternaryUpper.expected
View File

@@ -72,77 +72,77 @@
| test.c:405:22:405:82 | ... ? ... : ... | 0.53843358 | 0.53843358 | 0.13204114 |
| test.c:405:26:405:69 | ... ? ... : ... | 0.53843358 | 0.53843358 | 0.44996679 |
| test.c:405:30:405:56 | ... ? ... : ... | 0.53843358 | 0.42186276 | 0.53843358 |
| test.c:432:4:606:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:432:5:434:49 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:435:6:517:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:436:8:454:41 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:439:10:443:21 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:439:31:439:79 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:441:13:443:21 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:448:12:453:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:449:12:449:60 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:451:15:453:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:455:6:474:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:458:8:462:19 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:458:29:458:77 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:460:11:462:19 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:463:6:463:54 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:467:10:471:21 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:467:31:467:79 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:469:13:471:21 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:472:9:474:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:476:10:495:43 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:479:12:484:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:480:12:480:60 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:482:15:484:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:489:14:494:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:490:14:490:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:492:17:494:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:496:9:517:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:499:14:504:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:500:14:500:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:502:17:504:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:505:12:505:60 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:509:12:514:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:510:12:510:60 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:512:15:514:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:515:11:517:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:518:9:520:51 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:521:9:606:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:522:14:541:47 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:525:16:530:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:526:16:526:64 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:528:19:530:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:535:18:540:29 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:536:18:536:66 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:538:21:540:29 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:542:12:563:29 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:545:14:550:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:546:14:546:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:548:17:550:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:551:12:551:60 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:555:16:560:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:556:16:556:64 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:558:19:560:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:561:15:563:29 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:565:12:584:45 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:568:14:573:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:569:14:569:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:571:17:573:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:578:16:583:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:579:16:579:64 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:581:19:583:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:585:11:606:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:588:16:593:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:589:16:589:64 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:591:19:593:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:594:14:594:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:598:14:603:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:599:14:599:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:601:17:603:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:604:13:606:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:632:20:632:36 | ... ? ... : ... | 100.0 | 99.0 | 100.0 |
| test.c:844:5:844:14 | ... ? ... : ... | 32767.0 | 32767.0 | 0.0 |
| test.c:845:5:845:14 | ... ? ... : ... | 32767.0 | 0.0 | 32767.0 |
| test.c:447:4:621:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:447:5:449:49 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:450:6:532:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:451:8:469:41 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:454:10:458:21 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:454:31:454:79 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:456:13:458:21 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:463:12:468:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:464:12:464:60 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:466:15:468:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:470:6:489:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:473:8:477:19 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:473:29:473:77 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:475:11:477:19 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:478:6:478:54 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:482:10:486:21 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:482:31:482:79 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:484:13:486:21 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:487:9:489:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:491:10:510:43 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:494:12:499:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:495:12:495:60 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:497:15:499:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:504:14:509:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:505:14:505:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:507:17:509:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:511:9:532:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:514:14:519:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:515:14:515:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:517:17:519:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:520:12:520:60 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:524:12:529:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:525:12:525:60 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:527:15:529:23 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:530:11:532:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:533:9:535:51 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:536:9:621:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:537:14:556:47 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:540:16:545:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:541:16:541:64 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:543:19:545:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:550:18:555:29 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:551:18:551:66 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:553:21:555:29 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:557:12:578:29 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:560:14:565:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:561:14:561:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:563:17:565:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:566:12:566:60 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:570:16:575:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:571:16:571:64 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:573:19:575:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:576:15:578:29 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:580:12:599:45 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:583:14:588:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:584:14:584:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:586:17:588:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:593:16:598:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:594:16:594:64 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:596:19:598:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:600:11:621:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:603:16:608:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:604:16:604:64 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:606:19:608:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:609:14:609:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:613:14:618:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:614:14:614:62 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:616:17:618:25 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:619:13:621:27 | ... ? ... : ... | 4.294967295E9 | 4.294967295E9 | 4.294967295E9 |
| test.c:647:20:647:36 | ... ? ... : ... | 100.0 | 99.0 | 100.0 |
| test.c:859:5:859:14 | ... ? ... : ... | 32767.0 | 32767.0 | 0.0 |
| test.c:860:5:860:14 | ... ? ... : ... | 32767.0 | 0.0 | 32767.0 |
| test.cpp:121:3:121:12 | ... ? ... : ... | 32767.0 | 32767.0 | 0.0 |
| test.cpp:122:3:122:12 | ... ? ... : ... | 32767.0 | 0.0 | 32767.0 |

15
cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/test.c
View File

@@ -425,6 +425,21 @@ int repeated_if_statements(unsigned int rhs) {
return rhs; // rhs has 6 bounds
}
int ne_phi_nodes(int a, int b) {
if (a == 17) {
if (b == 23) {
a += b;
}
if (a == 18) {
b = 10;
}
}
// The statement below is an NE phi node for the access `a` in both `a == 17`
// and `a == 18`.
int c = a + b;
return a + b;
}
unsigned int conditional_nested_guards(unsigned int ip) {
// This tests a combinatorial explosion that can happen from a large number of
// nested linear guards.

1000
cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/upperBound.expected
View File

File diff suppressed because it is too large Load Diff

1
csharp/codeql-extractor.yml
View File

@@ -4,6 +4,7 @@ aliases:
display_name: "C#"
version: 1.22.1
column_kind: "utf16"
overlay_support_version: 20250626
extra_env_vars:
DOTNET_GENERATE_ASPNET_CERTIFICATE: "false"
build_modes:

1478
csharp/downgrades/605f85053409cd72b4904df3f198ddc8324f3a83/old.dbscheme Normal file
View File

File diff suppressed because it is too large Load Diff

1460
csharp/downgrades/605f85053409cd72b4904df3f198ddc8324f3a83/semmlecode.csharp.dbscheme Normal file
View File

File diff suppressed because it is too large Load Diff

4
csharp/downgrades/605f85053409cd72b4904df3f198ddc8324f3a83/upgrade.properties Normal file
View File

@@ -0,0 +1,4 @@
description: Delete databaseMetadata and overlayChangedFiles relations
compatibility: full
databaseMetadata.rel: delete
overlayChangedFiles.rel: delete

1484
csharp/downgrades/68b5aec54e50fe7e375df3777b756a746ca3a37c/old.dbscheme Normal file
View File

File diff suppressed because it is too large Load Diff

1478
csharp/downgrades/68b5aec54e50fe7e375df3777b756a746ca3a37c/semmlecode.csharp.dbscheme Normal file
View File

File diff suppressed because it is too large Load Diff

2
csharp/downgrades/68b5aec54e50fe7e375df3777b756a746ca3a37c/upgrade.properties Normal file
View File

@@ -0,0 +1,2 @@
description: Remove @locatable type
compatibility: full

21
csharp/extractor/Semmle.Extraction.CSharp.Standalone/Extractor.cs
View File

@@ -2,6 +2,7 @@ using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Linq;
using Microsoft.CodeAnalysis;
using Microsoft.CodeAnalysis.CSharp;
@@ -53,6 +54,20 @@ namespace Semmle.Extraction.CSharp.Standalone
}
progressMonitor.MissingSummary(analyser.ExtractionContext!.MissingTypes.Count(), analyser.ExtractionContext!.MissingNamespaces.Count());
// If extracting a base database, we need to create an empty metadata file.
if (EnvironmentVariables.GetBaseMetaDataOutPath() is string baseMetaDataOutPath)
{
try
{
analyser.Logger.LogInfo($"Creating base metadata file at {baseMetaDataOutPath}");
File.WriteAllText(baseMetaDataOutPath, string.Empty);
}
catch (Exception ex)
{
analyser.Logger.LogError($"Failed to create base metadata file: {ex.Message}");
}
}
});
}
finally
@@ -143,7 +158,8 @@ namespace Semmle.Extraction.CSharp.Standalone
var pathTransformer = new PathTransformer(canonicalPathCache);
var progressMonitor = new ExtractionProgress(logger);
using var analyser = new StandaloneAnalyser(progressMonitor, fileLogger, pathTransformer, canonicalPathCache, false);
var overlayInfo = OverlayInfoFactory.Make(logger, options.SrcDir);
using var analyser = new StandaloneAnalyser(progressMonitor, fileLogger, pathTransformer, canonicalPathCache, overlayInfo, false);
try
{
var extractionInput = new ExtractionInput(dependencyManager.AllSourceFiles, dependencyManager.ReferenceFiles, dependencyManager.CompilationInfos);
@@ -154,7 +170,8 @@ namespace Semmle.Extraction.CSharp.Standalone
fileLogger.LogError($" Unhandled exception: {ex}");
}
logger.Log(Severity.Info, $"Extraction completed in {overallStopwatch.Elapsed}");
logger.Log(Severity.Info, $"Extraction completed in {analyzerStopwatch.Elapsed}");
logger.Log(Severity.Info, $"Total time: {overallStopwatch.Elapsed}");
return ExitCode.Ok;
}

13
csharp/extractor/Semmle.Extraction.CSharp/Entities/Attribute.cs
View File

@@ -57,8 +57,21 @@ namespace Semmle.Extraction.CSharp.Entities
public override void Populate(TextWriter trapFile)
{
// In this case, we don't extract the attribute again, as it was extracted using * ID
// originally and we re-use that.
if (Context.OnlyScaffold && (ReportingLocation is null || !ReportingLocation.IsInSource))
{
return;
}
var type = Type.Create(Context, Symbol.AttributeClass);
trapFile.attributes(this, kind, type.TypeRef, entity);
if (Context.OnlyScaffold)
{
return;
}
WriteLocationToTrap(trapFile.attribute_location, this, Location);
if (attributeSyntax is not null)

10
csharp/extractor/Semmle.Extraction.CSharp/Entities/CommentBlock.cs
View File

@@ -10,9 +10,13 @@ namespace Semmle.Extraction.CSharp.Entities
public override void Populate(TextWriter trapFile)
{
if (Context.OnlyScaffold)
{
return;
}
trapFile.commentblock(this);
WriteLocationToTrap(trapFile.commentblock_location, this, Context.CreateLocation(Symbol.Location));
Symbol.CommentLines.ForEach((l, child) => trapFile.commentblock_child(this, l, child));
WriteLocationToTrap(trapFile.commentblock_location, this, Context.CreateLocation(Symbol.Location));
}
public override bool NeedsPopulation => true;
@@ -27,6 +31,10 @@ namespace Semmle.Extraction.CSharp.Entities
public void BindTo(Label entity, CommentBinding binding)
{
if (Context.OnlyScaffold)
{
return;
}
Context.TrapWriter.Writer.commentblock_binding(this, entity, binding);
}

7
csharp/extractor/Semmle.Extraction.CSharp/Entities/CommentLine.cs
View File

@@ -21,9 +21,14 @@ namespace Semmle.Extraction.CSharp.Entities
public override void Populate(TextWriter trapFile)
{
location = Context.CreateLocation(Location);
if (Context.OnlyScaffold)
{
return;
}
trapFile.commentline(this, Type == CommentLineType.MultilineContinuation ? CommentLineType.Multiline : Type, Text, RawText);
location = Context.CreateLocation(Location);
WriteLocationToTrap(trapFile.commentline_location, this, location);
}
public override Microsoft.CodeAnalysis.Location? ReportingLocation => location?.Symbol;

5
csharp/extractor/Semmle.Extraction.CSharp/Entities/Compilations/CompilerDiagnostic.cs
View File

@@ -21,6 +21,11 @@ namespace Semmle.Extraction.CSharp.Entities
protected override void Populate(TextWriter trapFile)
{
if (Context.OnlyScaffold)
{
return;
}
var key = diagnostic.Id;
var messageCount = compilation.messageCounts.AddOrUpdate(key, 1, (_, c) => c + 1);
if (messageCount > limit)

24
csharp/extractor/Semmle.Extraction.CSharp/Entities/Constructor.cs
View File

@@ -29,9 +29,17 @@ namespace Semmle.Extraction.CSharp.Entities
ContainingType!.PopulateGenerics();
trapFile.constructors(this, Symbol.ContainingType.Name, ContainingType, (Constructor)OriginalDefinition);
if (Context.ExtractLocation(Symbol) && (!IsDefault || IsBestSourceLocation))
if (Symbol.IsImplicitlyDeclared)
{
WriteLocationToTrap(trapFile.constructor_location, this, Location);
var lineCounts = new LineCounts() { Total = 2, Code = 1, Comment = 0 };
trapFile.numlines(this, lineCounts);
}
ExtractCompilerGenerated(trapFile);
if (Context.OnlyScaffold)
{
return;
}
if (MakeSynthetic)
@@ -40,12 +48,11 @@ namespace Semmle.Extraction.CSharp.Entities
Statements.SyntheticEmptyBlock.Create(Context, this, 0, Location);
}
if (Symbol.IsImplicitlyDeclared)
if (Context.ExtractLocation(Symbol) && (!IsDefault || IsBestSourceLocation))
{
var lineCounts = new LineCounts() { Total = 2, Code = 1, Comment = 0 };
trapFile.numlines(this, lineCounts);
WriteLocationToTrap(trapFile.constructor_location, this, Location);
}
ExtractCompilerGenerated(trapFile);
}
protected override void ExtractInitializers(TextWriter trapFile)
@@ -53,7 +60,7 @@ namespace Semmle.Extraction.CSharp.Entities
// Do not extract initializers for constructed types.
// Extract initializers for constructors with a body, primary constructors
// and default constructors for classes and structs declared in source code.
if (Block is null && ExpressionBody is null && !MakeSynthetic)
if (Block is null && ExpressionBody is null && !MakeSynthetic || Context.OnlyScaffold)
{
return;
}
@@ -106,6 +113,7 @@ namespace Semmle.Extraction.CSharp.Entities
}
var baseConstructorTarget = Create(Context, baseConstructor);
var info = new ExpressionInfo(Context,
AnnotatedTypeSymbol.CreateNotAnnotated(baseType),
Location,
@@ -179,7 +187,7 @@ namespace Semmle.Extraction.CSharp.Entities
/// </summary>
private bool IsBestSourceLocation => ReportingLocation is not null && Context.IsLocationInContext(ReportingLocation);
private bool MakeSynthetic => IsPrimary || (IsDefault && IsBestSourceLocation);
private bool MakeSynthetic => (IsPrimary || (IsDefault && IsBestSourceLocation)) && !Context.OnlyScaffold;
[return: NotNullIfNotNull(nameof(constructor))]
public static new Constructor? Create(Context cx, IMethodSymbol? constructor)

1
csharp/extractor/Semmle.Extraction.CSharp/Entities/Destructor.cs
View File

@@ -15,6 +15,7 @@ namespace Semmle.Extraction.CSharp.Entities
ContainingType!.PopulateGenerics();
trapFile.destructors(this, $"~{Symbol.ContainingType.Name}", ContainingType, OriginalDefinition(Context, this, Symbol));
if (Context.ExtractLocation(Symbol))
{
WriteLocationToTrap(trapFile.destructor_location, this, Location);

8
csharp/extractor/Semmle.Extraction.CSharp/Entities/Event.cs
View File

@@ -37,7 +37,6 @@ namespace Semmle.Extraction.CSharp.Entities
Method.Create(Context, remover);
PopulateModifiers(trapFile);
BindComments();
var declSyntaxReferences = IsSourceDeclaration
? Symbol.DeclaringSyntaxReferences.Select(d => d.GetSyntax()).ToArray()
@@ -51,6 +50,13 @@ namespace Semmle.Extraction.CSharp.Entities
TypeMention.Create(Context, syntax.ExplicitInterfaceSpecifier!.Name, this, explicitInterface);
}
if (Context.OnlyScaffold)
{
return;
}
BindComments();
if (Context.ExtractLocation(Symbol))
{
WriteLocationsToTrap(trapFile.event_location, this, Locations);

5
csharp/extractor/Semmle.Extraction.CSharp/Entities/ExtractionMessage.cs
View File

@@ -28,6 +28,11 @@ namespace Semmle.Extraction.CSharp.Entities
protected override void Populate(TextWriter trapFile)
{
if (Context.OnlyScaffold)
{
return;
}
// For the time being we're counting the number of messages per severity, we could introduce other groupings in the future
var key = msg.Severity.ToString();
groupedMessageCounts.AddOrUpdate(key, 1, (_, c) => c + 1);

5
csharp/extractor/Semmle.Extraction.CSharp/Entities/Field.cs
View File

@@ -49,6 +49,11 @@ namespace Semmle.Extraction.CSharp.Entities
}
}
if (Context.OnlyScaffold)
{
return;
}
if (Context.ExtractLocation(Symbol))
{
WriteLocationsToTrap(trapFile.field_location, this, Locations);

38
csharp/extractor/Semmle.Extraction.CSharp/Entities/Indexer.cs
View File

@@ -19,10 +19,6 @@ namespace Semmle.Extraction.CSharp.Entities
var type = Type.Create(Context, Symbol.Type);
trapFile.indexers(this, Symbol.GetName(useMetadataName: true), ContainingType!, type.TypeRef, OriginalDefinition);
if (Context.ExtractLocation(Symbol))
{
WriteLocationsToTrap(trapFile.indexer_location, this, Locations);
}
var getter = BodyDeclaringSymbol.GetMethod;
var setter = BodyDeclaringSymbol.SetMethod;
@@ -42,20 +38,8 @@ namespace Semmle.Extraction.CSharp.Entities
Parameter.Create(Context, Symbol.Parameters[i], this, original);
}
if (IsSourceDeclaration)
{
var expressionBody = ExpressionBody;
if (expressionBody is not null)
{
// The expression may need to reference parameters in the getter.
// So we need to arrange that the expression is populated after the getter.
Context.PopulateLater(() => Expression.CreateFromNode(new ExpressionNodeInfo(Context, expressionBody, this, 0).SetType(Symbol.GetAnnotatedType())));
}
}
PopulateAttributes();
PopulateModifiers(trapFile);
BindComments();
var declSyntaxReferences = IsSourceDeclaration
? Symbol.DeclaringSyntaxReferences.
@@ -70,6 +54,28 @@ namespace Semmle.Extraction.CSharp.Entities
TypeMention.Create(Context, syntax.ExplicitInterfaceSpecifier!.Name, this, explicitInterface);
}
if (Context.OnlyScaffold)
{
return;
}
if (Context.ExtractLocation(Symbol))
{
WriteLocationsToTrap(trapFile.indexer_location, this, Locations);
}
if (IsSourceDeclaration)
{
var expressionBody = ExpressionBody;
if (expressionBody is not null)
{
// The expression may need to reference parameters in the getter.
// So we need to arrange that the expression is populated after the getter.
Context.PopulateLater(() => Expression.CreateFromNode(new ExpressionNodeInfo(Context, expressionBody, this, 0).SetType(Symbol.GetAnnotatedType())));
}
}
BindComments();
foreach (var syntax in declSyntaxReferences)
TypeMention.Create(Context, syntax.Type, this, type);

5
csharp/extractor/Semmle.Extraction.CSharp/Entities/LocalVariable.cs
View File

@@ -41,6 +41,11 @@ namespace Semmle.Extraction.CSharp.Entities
trapFile.localvars(this, Kinds.VariableKind.None, Symbol.Name, @var, Type.Create(Context, parent.Type).TypeRef, parent);
}
if (Context.OnlyScaffold)
{
return;
}
WriteLocationToTrap(trapFile.localvar_location, this, Location);
DefineConstantValue(trapFile);

2
csharp/extractor/Semmle.Extraction.CSharp/Entities/Method.cs
View File

@@ -48,7 +48,7 @@ namespace Semmle.Extraction.CSharp.Entities
protected virtual void PopulateMethodBody(TextWriter trapFile)
{
if (!IsSourceDeclaration)
if (!IsSourceDeclaration || Context.OnlyScaffold)
return;
var block = Block;

7
csharp/extractor/Semmle.Extraction.CSharp/Entities/NamespaceDeclaration.cs
View File

@@ -35,7 +35,6 @@ namespace Semmle.Extraction.CSharp.Entities
var ns = Namespace.Create(Context, @namespace);
trapFile.namespace_declarations(this, ns);
WriteLocationToTrap(trapFile.namespace_declaration_location, this, Context.CreateLocation(node.Name.GetLocation()));
var visitor = new Populators.TypeOrNamespaceVisitor(Context, trapFile, this);
@@ -48,6 +47,12 @@ namespace Semmle.Extraction.CSharp.Entities
{
trapFile.parent_namespace_declaration(this, parent);
}
if (Context.OnlyScaffold)
{
return;
}
WriteLocationToTrap(trapFile.namespace_declaration_location, this, Context.CreateLocation(node.Name.GetLocation()));
}
public static NamespaceDeclaration Create(Context cx, BaseNamespaceDeclarationSyntax decl, NamespaceDeclaration parent)

15
csharp/extractor/Semmle.Extraction.CSharp/Entities/OrdinaryMethod.cs
View File

@@ -34,6 +34,16 @@ namespace Semmle.Extraction.CSharp.Entities
var returnType = Type.Create(Context, Symbol.ReturnType);
trapFile.methods(this, Name, ContainingType, returnType.TypeRef, OriginalDefinition);
PopulateGenerics(trapFile);
Overrides(trapFile);
ExtractRefReturn(trapFile, Symbol, this);
ExtractCompilerGenerated(trapFile);
if (Context.OnlyScaffold)
{
return;
}
if (IsSourceDeclaration)
{
foreach (var declaration in Symbol.DeclaringSyntaxReferences.Select(s => s.GetSyntax()).OfType<MethodDeclarationSyntax>())
@@ -47,11 +57,6 @@ namespace Semmle.Extraction.CSharp.Entities
{
WriteLocationsToTrap(trapFile.method_location, this, Locations);
}
PopulateGenerics(trapFile);
Overrides(trapFile);
ExtractRefReturn(trapFile, Symbol, this);
ExtractCompilerGenerated(trapFile);
}
private bool IsCompilerGeneratedDelegate() =>

5
csharp/extractor/Semmle.Extraction.CSharp/Entities/Parameter.cs
View File

@@ -115,6 +115,11 @@ namespace Semmle.Extraction.CSharp.Entities
var type = Type.Create(Context, Symbol.Type);
trapFile.@params(this, Name, type.TypeRef, Ordinal, ParamKind, Parent!, Original);
if (Context.OnlyScaffold)
{
return;
}
if (Context.ExtractLocation(Symbol))
{
var locations = Context.GetLocations(Symbol);

7
csharp/extractor/Semmle.Extraction.CSharp/Entities/PreprocessorDirectives/PreprocessorDirective.cs
View File

@@ -13,10 +13,15 @@ namespace Semmle.Extraction.CSharp.Entities
PopulatePreprocessor(trapFile);
trapFile.preprocessor_directive_active(this, Symbol.IsActive);
WriteLocationToTrap(trapFile.preprocessor_directive_location, this, Context.CreateLocation(ReportingLocation));
var compilation = Compilation.Create(Context);
trapFile.preprocessor_directive_compilation(this, compilation);
if (Context.OnlyScaffold)
{
return;
}
WriteLocationToTrap(trapFile.preprocessor_directive_location, this, Context.CreateLocation(ReportingLocation));
}
protected abstract void PopulatePreprocessor(TextWriter trapFile);

8
csharp/extractor/Semmle.Extraction.CSharp/Entities/Property.cs
View File

@@ -40,7 +40,6 @@ namespace Semmle.Extraction.CSharp.Entities
{
PopulateAttributes();
PopulateModifiers(trapFile);
BindComments();
PopulateNullability(trapFile, Symbol.GetAnnotatedType());
PopulateRefKind(trapFile, Symbol.RefKind);
@@ -69,6 +68,13 @@ namespace Semmle.Extraction.CSharp.Entities
TypeMention.Create(Context, syntax.ExplicitInterfaceSpecifier!.Name, this, explicitInterface);
}
if (Context.OnlyScaffold)
{
return;
}
BindComments();
if (Context.ExtractLocation(Symbol))
{
WriteLocationsToTrap(trapFile.property_location, this, Locations);

5
csharp/extractor/Semmle.Extraction.CSharp/Entities/TypeMention.cs
View File

@@ -59,6 +59,11 @@ namespace Semmle.Extraction.CSharp.Entities
protected override void Populate(TextWriter trapFile)
{
if (Context.OnlyScaffold)
{
return;
}
switch (syntax.Kind())
{
case SyntaxKind.ArrayType:

6
csharp/extractor/Semmle.Extraction.CSharp/Entities/Types/DynamicType.cs
View File

@@ -16,10 +16,14 @@ namespace Semmle.Extraction.CSharp.Entities
public override void Populate(TextWriter trapFile)
{
trapFile.types(this, Kinds.TypeKind.DYNAMIC, "dynamic");
WriteLocationToTrap(trapFile.type_location, this, Location);
trapFile.has_modifiers(this, Modifier.Create(Context, "public"));
trapFile.parent_namespace(this, Namespace.Create(Context, Context.Compilation.GlobalNamespace));
if (Context.OnlyScaffold)
{
return;
}
WriteLocationToTrap(trapFile.type_location, this, Location);
}
public override void WriteId(EscapingTextWriter trapFile)

2
csharp/extractor/Semmle.Extraction.CSharp/Entities/Types/NamedType.cs
View File

@@ -81,7 +81,7 @@ namespace Semmle.Extraction.CSharp.Entities
}
// Class location
if (!Symbol.IsGenericType || Symbol.IsReallyUnbound())
if ((!Symbol.IsGenericType || Symbol.IsReallyUnbound()) && !Context.OnlyScaffold)
{
WriteLocationsToTrap(trapFile.type_location, this, Locations);
}

4
csharp/extractor/Semmle.Extraction.CSharp/Entities/Types/TupleType.cs
View File

@@ -51,6 +51,10 @@ namespace Semmle.Extraction.CSharp.Entities
trapFile.tuple_element(this, index++, element);
}
if (Context.OnlyScaffold)
{
return;
}
// Note: symbol.Locations seems to be very inconsistent
// about what locations are available for a tuple type.
// Sometimes it's the source code, and sometimes it's empty.

2
csharp/extractor/Semmle.Extraction.CSharp/Entities/Types/Type.cs
View File

@@ -222,7 +222,7 @@ namespace Semmle.Extraction.CSharp.Entities
private IEnumerable<BaseTypeSyntax> GetBaseTypeDeclarations()
{
if (!IsSourceDeclaration || !Symbol.FromSource())
if (!IsSourceDeclaration || !Symbol.FromSource() || Context.OnlyScaffold)
{
return Enumerable.Empty<BaseTypeSyntax>();
}

5
csharp/extractor/Semmle.Extraction.CSharp/Entities/Types/TypeParameter.cs
View File

@@ -26,6 +26,11 @@ namespace Semmle.Extraction.CSharp.Entities
var parentNs = Namespace.Create(Context, Symbol.TypeParameterKind == TypeParameterKind.Method ? Context.Compilation.GlobalNamespace : Symbol.ContainingNamespace);
trapFile.parent_namespace(this, parentNs);
if (Context.OnlyScaffold)
{
return;
}
if (Context.ExtractLocation(Symbol))
{
var locations = Context.GetLocations(Symbol);

11
csharp/extractor/Semmle.Extraction.CSharp/Entities/UserOperator.cs
View File

@@ -26,6 +26,14 @@ namespace Semmle.Extraction.CSharp.Entities
returnType.TypeRef,
(UserOperator)OriginalDefinition);
ContainingType.PopulateGenerics();
Overrides(trapFile);
if (Context.OnlyScaffold)
{
return;
}
if (Context.ExtractLocation(Symbol))
{
WriteLocationsToTrap(trapFile.operator_location, this, Locations);
@@ -39,9 +47,6 @@ namespace Semmle.Extraction.CSharp.Entities
foreach (var declaration in declSyntaxReferences.OfType<ConversionOperatorDeclarationSyntax>())
TypeMention.Create(Context, declaration.Type, this, returnType);
}
ContainingType.PopulateGenerics();
Overrides(trapFile);
}
public override bool NeedsPopulation => Context.Defines(Symbol) || IsImplicitOperator(out _);

5
csharp/extractor/Semmle.Extraction.CSharp/Entities/UsingDirective.cs
View File

@@ -20,6 +20,11 @@ namespace Semmle.Extraction.CSharp.Entities
protected override void Populate(TextWriter trapFile)
{
if (Context.OnlyScaffold)
{
return;
}
// This is guaranteed to be non-null as we only deal with "using namespace" not "using X = Y"
var name = node.Name!;

10
csharp/extractor/Semmle.Extraction.CSharp/Extractor/Analyser.cs
View File

@@ -41,16 +41,20 @@ namespace Semmle.Extraction.CSharp
public IPathCache PathCache { get; }
public IOverlayInfo OverlayInfo { get; }
protected Analyser(
IProgressMonitor pm,
ILogger logger,
PathTransformer pathTransformer,
IPathCache pathCache,
IOverlayInfo overlayInfo,
bool addAssemblyTrapPrefix)
{
Logger = logger;
PathTransformer = pathTransformer;
PathCache = pathCache;
OverlayInfo = overlayInfo;
this.addAssemblyTrapPrefix = addAssemblyTrapPrefix;
this.progressMonitor = pm;
@@ -158,7 +162,7 @@ namespace Semmle.Extraction.CSharp
if (compilation.GetAssemblyOrModuleSymbol(r) is IAssemblySymbol assembly)
{
var cx = new Context(ExtractionContext, compilation, trapWriter, new AssemblyScope(assembly, assemblyPath), addAssemblyTrapPrefix);
var cx = new Context(ExtractionContext, compilation, trapWriter, new AssemblyScope(assembly, assemblyPath), OverlayInfo, addAssemblyTrapPrefix);
foreach (var module in assembly.Modules)
{
@@ -195,7 +199,7 @@ namespace Semmle.Extraction.CSharp
var currentTaskId = IncrementTaskCount();
ReportProgressTaskStarted(currentTaskId, sourcePath);
var cx = new Context(ExtractionContext, compilation, trapWriter, new SourceScope(tree), addAssemblyTrapPrefix);
var cx = new Context(ExtractionContext, compilation, trapWriter, new SourceScope(tree), OverlayInfo, addAssemblyTrapPrefix);
// Ensure that the file itself is populated in case the source file is totally empty
var root = tree.GetRoot();
Entities.File.Create(cx, root.SyntaxTree.FilePath);
@@ -234,7 +238,7 @@ namespace Semmle.Extraction.CSharp
var assembly = compilation.Assembly;
var trapWriter = transformedAssemblyPath.CreateTrapWriter(Logger, options.TrapCompression, discardDuplicates: false);
compilationTrapFile = trapWriter; // Dispose later
var cx = new Context(ExtractionContext, compilation, trapWriter, new AssemblyScope(assembly, assemblyPath), addAssemblyTrapPrefix);
var cx = new Context(ExtractionContext, compilation, trapWriter, new AssemblyScope(assembly, assemblyPath), OverlayInfo, addAssemblyTrapPrefix);
compilationEntity = Entities.Compilation.Create(cx);

2
csharp/extractor/Semmle.Extraction.CSharp/Extractor/BinaryLogAnalyser.cs
View File

@@ -8,7 +8,7 @@ namespace Semmle.Extraction.CSharp
public class BinaryLogAnalyser : Analyser
{
public BinaryLogAnalyser(IProgressMonitor pm, ILogger logger, PathTransformer pathTransformer, IPathCache pathCache, bool addAssemblyTrapPrefix)
: base(pm, logger, pathTransformer, pathCache, addAssemblyTrapPrefix)
: base(pm, logger, pathTransformer, pathCache, new TrivialOverlayInfo(), addAssemblyTrapPrefix)
{
}

18
csharp/extractor/Semmle.Extraction.CSharp/Extractor/Context.cs
View File

@@ -29,6 +29,12 @@ namespace Semmle.Extraction.CSharp
/// </summary>
public bool ShouldAddAssemblyTrapPrefix { get; }
/// <summary>
/// Holds if trap only should be created for types and member signatures (and not for expressions and statements).
/// This is the case for all unchanged files, when running in overlay mode.
/// </summary>
public bool OnlyScaffold { get; }
public IList<object> TrapStackSuffix { get; } = new List<object>();
private int GetNewId() => TrapWriter.IdCounter++;
@@ -523,13 +529,16 @@ namespace Semmle.Extraction.CSharp
internal CommentProcessor CommentGenerator { get; } = new CommentProcessor();
public Context(ExtractionContext extractionContext, Compilation c, TrapWriter trapWriter, IExtractionScope scope, bool shouldAddAssemblyTrapPrefix = false)
public Context(ExtractionContext extractionContext, Compilation c, TrapWriter trapWriter, IExtractionScope scope, IOverlayInfo overlayInfo, bool shouldAddAssemblyTrapPrefix = false)
{
ExtractionContext = extractionContext;
TrapWriter = trapWriter;
ShouldAddAssemblyTrapPrefix = shouldAddAssemblyTrapPrefix;
Compilation = c;
this.scope = scope;
OnlyScaffold = overlayInfo.IsOverlayMode && (
IsAssemblyScope
|| (scope is SourceScope ss && overlayInfo.OnlyMakeScaffold(ss.SourceTree.FilePath)));
}
public bool FromSource => scope is SourceScope;
@@ -552,7 +561,8 @@ namespace Semmle.Extraction.CSharp
public bool ExtractLocation(ISymbol symbol) =>
SymbolEqualityComparer.Default.Equals(symbol, symbol.OriginalDefinition) &&
scope.InScope(symbol);
scope.InScope(symbol) &&
!OnlyScaffold;
/// <summary>
/// Gets the locations of the symbol that are either
@@ -621,6 +631,10 @@ namespace Semmle.Extraction.CSharp
/// <param name="l">Location of the entity.</param>
public void BindComments(Entity entity, Microsoft.CodeAnalysis.Location? l)
{
if (OnlyScaffold)
{
return;
}
var duplicationGuardKey = GetCurrentTagStackKey();
CommentGenerator.AddElement(entity.Label, duplicationGuardKey, l);
}

2
csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs
View File

@@ -182,7 +182,7 @@ namespace Semmle.Extraction.CSharp
var compilerCall = compilationData.CompilerCall;
var diagnosticName = compilerCall.GetDiagnosticName();
logger.LogInfo($" Processing compilation {diagnosticName} at {compilerCall.ProjectDirectory}");
var compilerArgs = compilerCall.GetArguments();
var compilerArgs = reader.ReadArguments(compilerCall);
var compilationIdentifierPath = string.Empty;
try

124
csharp/extractor/Semmle.Extraction.CSharp/Extractor/OverlayInfo.cs Normal file
View File

@@ -0,0 +1,124 @@
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text.Json;
using Semmle.Util;
using Semmle.Util.Logging;
namespace Semmle.Extraction.CSharp
{
public interface IOverlayInfo
{
/// <summary>
/// True, if the extractor is running in overlay mode.
/// </summary>
bool IsOverlayMode { get; }
/// <summary>
/// Returns true, if the given file is not in the set of changed files.
/// </summary>
/// <param name="filePath">A source file path</param>
bool OnlyMakeScaffold(string filePath);
}
/// <summary>
/// An instance of this class is used when overlay is not enabled.
/// </summary>
public class TrivialOverlayInfo : IOverlayInfo
{
public TrivialOverlayInfo() { }
public bool IsOverlayMode { get; } = false;
public bool OnlyMakeScaffold(string filePath) => false;
}
/// <summary>
/// An instance of this class is used for detecting
/// (1) Whether overlay is enabled.
/// (2) Fetch the changed files that should be fully extracted as a part
/// of the overlay extraction.
/// </summary>
public class OverlayInfo : IOverlayInfo
{
private readonly ILogger logger;
private readonly HashSet<string> changedFiles;
private readonly string srcDir;
public OverlayInfo(ILogger logger, string srcDir, string json)
{
this.logger = logger;
this.srcDir = srcDir;
changedFiles = ParseJson(json);
}
public bool IsOverlayMode { get; } = true;
public bool OnlyMakeScaffold(string filePath) => !changedFiles.Contains(filePath);
/// <summary>
/// Private type only used to parse overlay changes JSON files.
///
/// The content of such a file has the format
/// {
/// "changes": [
/// "app/controllers/about_controller.xyz",
/// "app/models/about.xyz"
/// ]
/// }
/// </summary>
private record ChangedFiles
{
public string[]? Changes { get; set; }
}
private HashSet<string> ParseJson(string json)
{
try
{
var options = new JsonSerializerOptions { PropertyNameCaseInsensitive = true };
var obj = JsonSerializer.Deserialize<ChangedFiles>(json, options);
return obj?.Changes is string[] changes
? changes.Select(change => Path.Join(srcDir, change)).ToHashSet()
: [];
}
catch (JsonException)
{
logger.LogError("Overlay: Unable to parse the JSON content from the overlay changes file.");
return [];
}
}
}
public static class OverlayInfoFactory
{
/// <summary>
/// The returned object is used to decide, whether
/// (1) The extractor is running in overlay mode.
/// (2) Which files to only extract scaffolds for (unchanged files)
/// </summary>
/// <param name="logger">A logger</param>
/// <param name="srcDir">The (overlay) source directory</param>
/// <returns>An overlay information object.</returns>
public static IOverlayInfo Make(ILogger logger, string srcDir)
{
if (EnvironmentVariables.GetOverlayChangesFilePath() is string path)
{
logger.LogInfo($"Overlay: Reading overlay changes from file '{path}'.");
try
{
var json = File.ReadAllText(path);
return new OverlayInfo(logger, srcDir, json);
}
catch
{
logger.LogError("Overlay: Unexpected error while reading the overlay changes file.");
}
}
logger.LogInfo("Overlay: Overlay mode not enabled.");
return new TrivialOverlayInfo();
}
}
}

4
csharp/extractor/Semmle.Extraction.CSharp/Extractor/StandaloneAnalyser.cs
View File

@@ -8,8 +8,8 @@ namespace Semmle.Extraction.CSharp
{
public class StandaloneAnalyser : Analyser
{
public StandaloneAnalyser(IProgressMonitor pm, ILogger logger, PathTransformer pathTransformer, IPathCache pathCache, bool addAssemblyTrapPrefix)
: base(pm, logger, pathTransformer, pathCache, addAssemblyTrapPrefix)
public StandaloneAnalyser(IProgressMonitor pm, ILogger logger, PathTransformer pathTransformer, IPathCache pathCache, IOverlayInfo overlayInfo, bool addAssemblyTrapPrefix)
: base(pm, logger, pathTransformer, pathCache, overlayInfo, addAssemblyTrapPrefix)
{
}

2
csharp/extractor/Semmle.Extraction.CSharp/Extractor/TracingAnalyser.cs
View File

@@ -14,7 +14,7 @@ namespace Semmle.Extraction.CSharp
private bool init;
public TracingAnalyser(IProgressMonitor pm, ILogger logger, PathTransformer pathTransformer, IPathCache pathCache, bool addAssemblyTrapPrefix)
: base(pm, logger, pathTransformer, pathCache, addAssemblyTrapPrefix)
: base(pm, logger, pathTransformer, pathCache, new TrivialOverlayInfo(), addAssemblyTrapPrefix)
{
}

8
csharp/extractor/Semmle.Extraction.CSharp/Populators/CommentPopulator.cs
View File

@@ -12,6 +12,10 @@ namespace Semmle.Extraction.CSharp.Populators
{
public static void ExtractCommentBlocks(Context cx, CommentProcessor gen)
{
if (cx.OnlyScaffold)
{
return;
}
cx.Try(null, null, () =>
{
gen.GenerateBindings((entity, duplicationGuardKey, block, binding) =>
@@ -34,6 +38,10 @@ namespace Semmle.Extraction.CSharp.Populators
public static void ExtractComment(Context cx, SyntaxTrivia trivia)
{
if (cx.OnlyScaffold)
{
return;
}
switch (trivia.Kind())
{
case SyntaxKind.SingleLineDocumentationCommentTrivia:

31
csharp/extractor/Semmle.Extraction.Tests/OverlayInfo.cs Normal file
View File

@@ -0,0 +1,31 @@
using Xunit;
using Semmle.Extraction.CSharp;
using System.IO;
namespace Semmle.Extraction.Tests
{
public class OverlayTests
{
[Fact]
public void TestOverlay()
{
var logger = new LoggerStub();
var json =
"""
{
"changes": [
"app/controllers/about_controller.xyz",
"app/models/about.xyz"
]
}
""";
var overlay = new OverlayInfo(logger, "overlay/source/path", json);
Assert.True(overlay.IsOverlayMode);
Assert.False(overlay.OnlyMakeScaffold("overlay/source/path" + Path.DirectorySeparatorChar + "app/controllers/about_controller.xyz"));
Assert.False(overlay.OnlyMakeScaffold("overlay/source/path" + Path.DirectorySeparatorChar + "app/models/about.xyz"));
Assert.True(overlay.OnlyMakeScaffold("overlay/source/path" + Path.DirectorySeparatorChar + "app/models/unchanged.xyz"));
}
}
}

23
csharp/extractor/Semmle.Util/EnvironmentVariables.cs
View File

@@ -53,5 +53,28 @@ namespace Semmle.Util
{
return Environment.GetEnvironmentVariable(name)?.Split(" ", StringSplitOptions.RemoveEmptyEntries) ?? [];
}
/// <summary>
/// Used to
/// (1) Detect whether the extractor should run in overlay mode.
/// (2) Returns the path to the file containing a list of changed files
/// in JSON format.
///
/// The environment variable is only set in case the extraction is supposed to be
/// performed in overlay mode. Furthermore, this only applies to buildless extraction.
/// </summary>
public static string? GetOverlayChangesFilePath()
{
return Environment.GetEnvironmentVariable("CODEQL_EXTRACTOR_CSHARP_OVERLAY_CHANGES");
}
/// <summary>
/// If the environment variable is set, the extractor is being called to extract a base database.
/// Its value will be a path, and the extractor must create either a file or directory at that location.
/// </summary>
public static string? GetBaseMetaDataOutPath()
{
return Environment.GetEnvironmentVariable("CODEQL_EXTRACTOR_CSHARP_OVERLAY_BASE_METADATA_OUT");
}
}
}

8
csharp/paket.dependencies
View File

@@ -4,16 +4,16 @@ source https://api.nuget.org/v3/index.json
# behave like nuget in choosing transitive dependency versions
strategy: max
nuget Basic.CompilerLog.Util 0.9.8
nuget Basic.CompilerLog.Util 0.9.21
nuget Mono.Posix.NETStandard
nuget Newtonsoft.Json
nuget xunit
nuget xunit.runner.visualstudio
nuget xunit.runner.utility
nuget Microsoft.NET.Test.Sdk
nuget Microsoft.CodeAnalysis.CSharp 4.12.0
nuget Microsoft.CodeAnalysis 4.12.0
nuget Microsoft.Build 17.12.6
nuget Microsoft.CodeAnalysis.CSharp 4.14.0
nuget Microsoft.CodeAnalysis 4.14.0
nuget Microsoft.Build 17.14.28
nuget Microsoft.Win32.Primitives
nuget System.Net.Primitives
nuget System.Security.Principal

273
csharp/paket.lock generated
View File

@@ -3,143 +3,148 @@ STRATEGY: MAX
RESTRICTION: == net9.0
NUGET
remote: https://api.nuget.org/v3/index.json
Basic.CompilerLog.Util (0.9.8)
MessagePack (>= 2.5.187)
Microsoft.CodeAnalysis (>= 4.12)
Microsoft.CodeAnalysis.CSharp (>= 4.12)
Microsoft.CodeAnalysis.VisualBasic (>= 4.12)
Microsoft.Extensions.ObjectPool (>= 9.0.2)
MSBuild.StructuredLogger (>= 2.2.243)
System.Buffers (>= 4.6)
Basic.CompilerLog.Util (0.9.21)
MessagePack (>= 3.1.4)
Microsoft.Bcl.Memory (>= 9.0.10)
Microsoft.CodeAnalysis (>= 4.8)
Microsoft.CodeAnalysis.CSharp (>= 4.8)
Microsoft.CodeAnalysis.VisualBasic (>= 4.8)
Microsoft.Extensions.ObjectPool (>= 9.0.10)
MSBuild.StructuredLogger (>= 2.3.71)
NaturalSort.Extension (>= 4.4)
Humanizer.Core (2.14.1)
MessagePack (3.0.300)
MessagePack.Annotations (>= 3.0.300)
MessagePackAnalyzer (>= 3.0.300)
MessagePack (3.1.4)
MessagePack.Annotations (>= 3.1.4)
MessagePackAnalyzer (>= 3.1.4)
Microsoft.NET.StringTools (>= 17.11.4)
MessagePack.Annotations (3.0.300)
MessagePackAnalyzer (3.0.300)
Microsoft.Bcl.AsyncInterfaces (9.0)
Microsoft.Build (17.12.6)
Microsoft.Build.Framework (>= 17.12.6)
Microsoft.NET.StringTools (>= 17.12.6)
System.Collections.Immutable (>= 8.0)
System.Configuration.ConfigurationManager (>= 8.0)
System.Reflection.Metadata (>= 8.0)
System.Reflection.MetadataLoadContext (>= 8.0)
Microsoft.Build.Framework (17.12.6)
Microsoft.Build.Utilities.Core (17.12.6)
Microsoft.Build.Framework (>= 17.12.6)
Microsoft.NET.StringTools (>= 17.12.6)
System.Collections.Immutable (>= 8.0)
System.Configuration.ConfigurationManager (>= 8.0)
Microsoft.CodeAnalysis (4.12)
MessagePack.Annotations (3.1.4)
MessagePackAnalyzer (3.1.4)
Microsoft.Bcl.AsyncInterfaces (9.0.10)
Microsoft.Bcl.Memory (9.0.10)
Microsoft.Build (17.14.28)
Microsoft.Build.Framework (>= 17.14.28)
Microsoft.NET.StringTools (>= 17.14.28)
System.Configuration.ConfigurationManager (>= 9.0)
System.Diagnostics.EventLog (>= 9.0)
System.Reflection.MetadataLoadContext (>= 9.0)
System.Security.Cryptography.ProtectedData (>= 9.0)
Microsoft.Build.Framework (17.14.28)
Microsoft.Build.Utilities.Core (17.14.28)
Microsoft.Build.Framework (>= 17.14.28)
Microsoft.NET.StringTools (>= 17.14.28)
System.Collections.Immutable (>= 9.0)
System.Configuration.ConfigurationManager (>= 9.0)
System.Diagnostics.EventLog (>= 9.0)
System.Security.Cryptography.ProtectedData (>= 9.0)
Microsoft.CodeAnalysis (4.14)
Humanizer.Core (>= 2.14.1)
Microsoft.Bcl.AsyncInterfaces (>= 8.0)
Microsoft.CodeAnalysis.Analyzers (>= 3.3.4)
Microsoft.CodeAnalysis.CSharp.Workspaces (4.12)
Microsoft.CodeAnalysis.VisualBasic.Workspaces (4.12)
Microsoft.Bcl.AsyncInterfaces (>= 9.0)
Microsoft.CodeAnalysis.Analyzers (>= 3.11)
Microsoft.CodeAnalysis.CSharp.Workspaces (4.14)
Microsoft.CodeAnalysis.VisualBasic.Workspaces (4.14)
System.Buffers (>= 4.5.1)
System.Collections.Immutable (>= 8.0)
System.Composition (>= 8.0)
System.IO.Pipelines (>= 8.0)
System.Collections.Immutable (>= 9.0)
System.Composition (>= 9.0)
System.IO.Pipelines (>= 9.0)
System.Memory (>= 4.5.5)
System.Numerics.Vectors (>= 4.5)
System.Reflection.Metadata (>= 8.0)
System.Reflection.Metadata (>= 9.0)
System.Runtime.CompilerServices.Unsafe (>= 6.0)
System.Text.Encoding.CodePages (>= 7.0)
System.Threading.Channels (>= 7.0)
System.Threading.Tasks.Extensions (>= 4.5.4)
Microsoft.CodeAnalysis.Analyzers (3.11)
Microsoft.CodeAnalysis.Common (4.12)
Microsoft.CodeAnalysis.Analyzers (>= 3.3.4)
System.Collections.Immutable (>= 8.0)
System.Reflection.Metadata (>= 8.0)
Microsoft.CodeAnalysis.CSharp (4.12)
Microsoft.CodeAnalysis.Analyzers (>= 3.3.4)
Microsoft.CodeAnalysis.Common (4.12)
System.Collections.Immutable (>= 8.0)
System.Reflection.Metadata (>= 8.0)
Microsoft.CodeAnalysis.CSharp.Workspaces (4.12)
Microsoft.CodeAnalysis.Common (4.14)
Microsoft.CodeAnalysis.Analyzers (>= 3.11)
System.Collections.Immutable (>= 9.0)
System.Reflection.Metadata (>= 9.0)
Microsoft.CodeAnalysis.CSharp (4.14)
Microsoft.CodeAnalysis.Analyzers (>= 3.11)
Microsoft.CodeAnalysis.Common (4.14)
System.Collections.Immutable (>= 9.0)
System.Reflection.Metadata (>= 9.0)
Microsoft.CodeAnalysis.CSharp.Workspaces (4.14)
Humanizer.Core (>= 2.14.1)
Microsoft.CodeAnalysis.Analyzers (>= 3.3.4)
Microsoft.CodeAnalysis.Common (4.12)
Microsoft.CodeAnalysis.CSharp (4.12)
Microsoft.CodeAnalysis.Workspaces.Common (4.12)
System.Collections.Immutable (>= 8.0)
System.Composition (>= 8.0)
System.IO.Pipelines (>= 8.0)
System.Reflection.Metadata (>= 8.0)
Microsoft.CodeAnalysis.Analyzers (>= 3.11)
Microsoft.CodeAnalysis.Common (4.14)
Microsoft.CodeAnalysis.CSharp (4.14)
Microsoft.CodeAnalysis.Workspaces.Common (4.14)
System.Collections.Immutable (>= 9.0)
System.Composition (>= 9.0)
System.IO.Pipelines (>= 9.0)
System.Reflection.Metadata (>= 9.0)
System.Threading.Channels (>= 7.0)
Microsoft.CodeAnalysis.VisualBasic (4.12)
Microsoft.CodeAnalysis.Analyzers (>= 3.3.4)
Microsoft.CodeAnalysis.Common (4.12)
System.Collections.Immutable (>= 8.0)
System.Reflection.Metadata (>= 8.0)
Microsoft.CodeAnalysis.VisualBasic.Workspaces (4.12)
Microsoft.CodeAnalysis.VisualBasic (4.14)
Microsoft.CodeAnalysis.Analyzers (>= 3.11)
Microsoft.CodeAnalysis.Common (4.14)
System.Collections.Immutable (>= 9.0)
System.Reflection.Metadata (>= 9.0)
Microsoft.CodeAnalysis.VisualBasic.Workspaces (4.14)
Humanizer.Core (>= 2.14.1)
Microsoft.CodeAnalysis.Analyzers (>= 3.3.4)
Microsoft.CodeAnalysis.Common (4.12)
Microsoft.CodeAnalysis.VisualBasic (4.12)
Microsoft.CodeAnalysis.Workspaces.Common (4.12)
System.Collections.Immutable (>= 8.0)
System.Composition (>= 8.0)
System.IO.Pipelines (>= 8.0)
System.Reflection.Metadata (>= 8.0)
Microsoft.CodeAnalysis.Analyzers (>= 3.11)
Microsoft.CodeAnalysis.Common (4.14)
Microsoft.CodeAnalysis.VisualBasic (4.14)
Microsoft.CodeAnalysis.Workspaces.Common (4.14)
System.Collections.Immutable (>= 9.0)
System.Composition (>= 9.0)
System.IO.Pipelines (>= 9.0)
System.Reflection.Metadata (>= 9.0)
System.Threading.Channels (>= 7.0)
Microsoft.CodeAnalysis.Workspaces.Common (4.12)
Microsoft.CodeAnalysis.Workspaces.Common (4.14)
Humanizer.Core (>= 2.14.1)
Microsoft.CodeAnalysis.Analyzers (>= 3.3.4)
Microsoft.CodeAnalysis.Common (4.12)
System.Collections.Immutable (>= 8.0)
System.Composition (>= 8.0)
System.IO.Pipelines (>= 8.0)
System.Reflection.Metadata (>= 8.0)
Microsoft.CodeAnalysis.Analyzers (>= 3.11)
Microsoft.CodeAnalysis.Common (4.14)
System.Collections.Immutable (>= 9.0)
System.Composition (>= 9.0)
System.IO.Pipelines (>= 9.0)
System.Reflection.Metadata (>= 9.0)
System.Threading.Channels (>= 7.0)
Microsoft.CodeCoverage (17.12)
Microsoft.Extensions.ObjectPool (9.0.3)
Microsoft.NET.StringTools (17.12.6)
Microsoft.NET.Test.Sdk (17.12)
Microsoft.CodeCoverage (>= 17.12)
Microsoft.TestPlatform.TestHost (>= 17.12)
Microsoft.CodeCoverage (18.0)
Microsoft.Extensions.ObjectPool (9.0.10)
Microsoft.NET.StringTools (17.14.28)
Microsoft.NET.Test.Sdk (18.0)
Microsoft.CodeCoverage (>= 18.0)
Microsoft.TestPlatform.TestHost (>= 18.0)
Microsoft.NETCore.Platforms (7.0.4)
Microsoft.NETCore.Targets (5.0)
Microsoft.TestPlatform.ObjectModel (17.12)
System.Reflection.Metadata (>= 1.6)
Microsoft.TestPlatform.TestHost (17.12)
Microsoft.TestPlatform.ObjectModel (>= 17.12)
Newtonsoft.Json (>= 13.0.1)
Microsoft.TestPlatform.ObjectModel (18.0)
System.Reflection.Metadata (>= 8.0)
Microsoft.TestPlatform.TestHost (18.0)
Microsoft.TestPlatform.ObjectModel (>= 18.0)
Newtonsoft.Json (>= 13.0.3)
Microsoft.Win32.Primitives (4.3)
Microsoft.NETCore.Platforms (>= 1.1)
Microsoft.NETCore.Targets (>= 1.1)
System.Runtime (>= 4.3)
Mono.Posix.NETStandard (1.0)
MSBuild.StructuredLogger (2.2.386)
MSBuild.StructuredLogger (2.3.71)
Microsoft.Build.Framework (>= 17.5)
Microsoft.Build.Utilities.Core (>= 17.5)
System.Collections.Immutable (>= 8.0)
Newtonsoft.Json (13.0.3)
System.Buffers (4.6)
System.Collections.Immutable (9.0)
System.Composition (9.0)
System.Composition.AttributedModel (>= 9.0)
System.Composition.Convention (>= 9.0)
System.Composition.Hosting (>= 9.0)
System.Composition.Runtime (>= 9.0)
System.Composition.TypedParts (>= 9.0)
System.Composition.AttributedModel (9.0)
System.Composition.Convention (9.0)
System.Composition.AttributedModel (>= 9.0)
System.Composition.Hosting (9.0)
System.Composition.Runtime (>= 9.0)
System.Composition.Runtime (9.0)
System.Composition.TypedParts (9.0)
System.Composition.AttributedModel (>= 9.0)
System.Composition.Hosting (>= 9.0)
System.Composition.Runtime (>= 9.0)
System.Configuration.ConfigurationManager (9.0)
System.Diagnostics.EventLog (>= 9.0)
System.Security.Cryptography.ProtectedData (>= 9.0)
System.Diagnostics.EventLog (9.0)
NaturalSort.Extension (4.4)
Newtonsoft.Json (13.0.4)
System.Buffers (4.6.1)
System.Collections.Immutable (9.0.10)
System.Composition (9.0.10)
System.Composition.AttributedModel (>= 9.0.10)
System.Composition.Convention (>= 9.0.10)
System.Composition.Hosting (>= 9.0.10)
System.Composition.Runtime (>= 9.0.10)
System.Composition.TypedParts (>= 9.0.10)
System.Composition.AttributedModel (9.0.10)
System.Composition.Convention (9.0.10)
System.Composition.AttributedModel (>= 9.0.10)
System.Composition.Hosting (9.0.10)
System.Composition.Runtime (>= 9.0.10)
System.Composition.Runtime (9.0.10)
System.Composition.TypedParts (9.0.10)
System.Composition.AttributedModel (>= 9.0.10)
System.Composition.Hosting (>= 9.0.10)
System.Composition.Runtime (>= 9.0.10)
System.Configuration.ConfigurationManager (9.0.10)
System.Diagnostics.EventLog (>= 9.0.10)
System.Security.Cryptography.ProtectedData (>= 9.0.10)
System.Diagnostics.EventLog (9.0.10)
System.IO (4.3)
Microsoft.NETCore.Platforms (>= 1.1)
Microsoft.NETCore.Targets (>= 1.1)
@@ -157,55 +162,55 @@ NUGET
System.Threading.Tasks (>= 4.3)
System.IO.FileSystem.Primitives (4.3)
System.Runtime (>= 4.3)
System.IO.Pipelines (9.0)
System.Memory (4.6)
System.IO.Pipelines (9.0.10)
System.Memory (4.6.3)
System.Net.Primitives (4.3.1)
Microsoft.NETCore.Platforms (>= 1.1.1)
Microsoft.NETCore.Targets (>= 1.1.3)
System.Runtime (>= 4.3.1)
System.Runtime.Handles (>= 4.3)
System.Numerics.Vectors (4.6)
System.Reflection.Metadata (9.0)
System.Reflection.MetadataLoadContext (9.0)
System.Numerics.Vectors (4.6.1)
System.Reflection.Metadata (9.0.10)
System.Reflection.MetadataLoadContext (9.0.10)
System.Runtime (4.3.1)
Microsoft.NETCore.Platforms (>= 1.1.1)
Microsoft.NETCore.Targets (>= 1.1.3)
System.Runtime.CompilerServices.Unsafe (6.1)
System.Runtime.CompilerServices.Unsafe (6.1.2)
System.Runtime.Handles (4.3)
Microsoft.NETCore.Platforms (>= 1.1)
Microsoft.NETCore.Targets (>= 1.1)
System.Runtime (>= 4.3)
System.Security.Cryptography.ProtectedData (9.0)
System.Security.Cryptography.ProtectedData (9.0.10)
System.Security.Principal (4.3)
System.Runtime (>= 4.3)
System.Text.Encoding (4.3)
Microsoft.NETCore.Platforms (>= 1.1)
Microsoft.NETCore.Targets (>= 1.1)
System.Runtime (>= 4.3)
System.Text.Encoding.CodePages (9.0)
System.Threading.Channels (9.0)
System.Text.Encoding.CodePages (9.0.10)
System.Threading.Channels (9.0.10)
System.Threading.Tasks (4.3)
Microsoft.NETCore.Platforms (>= 1.1)
Microsoft.NETCore.Targets (>= 1.1)
System.Runtime (>= 4.3)
System.Threading.Tasks.Extensions (4.6)
System.Threading.Tasks.Extensions (4.6.3)
System.Threading.ThreadPool (4.3)
System.Runtime (>= 4.3)
System.Runtime.Handles (>= 4.3)
xunit (2.9.2)
xunit.analyzers (>= 1.16)
xunit.assert (>= 2.9.2)
xunit.core (2.9.2)
xunit (2.9.3)
xunit.analyzers (>= 1.18)
xunit.assert (>= 2.9.3)
xunit.core (2.9.3)
xunit.abstractions (2.0.3)
xunit.analyzers (1.17)
xunit.assert (2.9.2)
xunit.core (2.9.2)
xunit.extensibility.core (2.9.2)
xunit.extensibility.execution (2.9.2)
xunit.extensibility.core (2.9.2)
xunit.analyzers (1.24)
xunit.assert (2.9.3)
xunit.core (2.9.3)
xunit.extensibility.core (2.9.3)
xunit.extensibility.execution (2.9.3)
xunit.extensibility.core (2.9.3)
xunit.abstractions (>= 2.0.3)
xunit.extensibility.execution (2.9.2)
xunit.extensibility.core (2.9.2)
xunit.runner.utility (2.9.2)
xunit.extensibility.execution (2.9.3)
xunit.extensibility.core (2.9.3)
xunit.runner.utility (2.9.3)
xunit.abstractions (>= 2.0.3)
xunit.runner.visualstudio (2.8.2)
xunit.runner.visualstudio (3.1.5)

104
csharp/paket.main.bzl generated
View File

File diff suppressed because one or more lines are too long

4
csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
View File

@@ -1,3 +1,7 @@
## 1.7.51
No user-facing changes.
## 1.7.50
No user-facing changes.

3
csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.51.md Normal file
View File

@@ -0,0 +1,3 @@
## 1.7.51
No user-facing changes.

2
csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 1.7.50
lastReleaseVersion: 1.7.51

2
csharp/ql/campaigns/Solorigate/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/csharp-solorigate-all
version: 1.7.51-dev
version: 1.7.52-dev
groups:
- csharp
- solorigate

4
csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
View File

@@ -1,3 +1,7 @@
## 1.7.51
No user-facing changes.
## 1.7.50
No user-facing changes.

Some files were not shown because too many files have changed in this diff Show More