hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-06 11:10:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into deduplicate-dataflow-results-take-3

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2023-09-12 10:28:57 +01:00
parent ff28f45058 b291ee361a
commit d528c96563
7 changed files with 134 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
csharp/ql/integration-tests/all-platforms/dotnet_run/test.py
View File

@@ -54,7 +54,6 @@ s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test7-db', 'dotne
check_build_out("hello, world", s)
check_diagnostics(test_db="test8-db")
# two arguments, no '--' (first argument quoted)
s = run_codeql_database_create_stdout(['dotnet clean', 'rm -rf test8-db', 'dotnet run "hello world part1" part2'], "test9-db")
check_build_out("hello world part1, part2", s)

12
csharp/tools/tracing-config.lua
View File

@@ -64,7 +64,7 @@ function RegisterExtractorPack(id)
-- for `dotnet test`, we should not append `-p:UseSharedCompilation=false` to the command line
-- if an `exe` or `dll` is passed as an argument as the call is forwarded to vstest.
if testMatch and (arg:match('%.exe$') or arg:match('%.dll')) then
if testMatch and (arg:match('%.exe$') or arg:match('%.dll')) then
match = false
break
end
@@ -84,10 +84,6 @@ function RegisterExtractorPack(id)
dotnetRunNeedsSeparator = false
dotnetRunInjectionIndex = i
end
-- if we encounter a whitespace, we explicitly need to quote the argument.
if OperatingSystem == 'windows' and arg:match('%s') then
argv[i] = '"' .. arg .. '"'
end
end
if match then
local injections = { '-p:UseSharedCompilation=false', '-p:EmitCompilerGeneratedFiles=true' }
@@ -114,7 +110,7 @@ function RegisterExtractorPack(id)
invocation = {
path = AbsolutifyExtractorPath(id, compilerPath),
arguments = {
commandLineString = table.concat(argv, " ")
commandLineString = ArgvToCommandLineString(argv)
}
}
}
@@ -178,7 +174,7 @@ function RegisterExtractorPack(id)
seenCompilerCall = true
end
if seenCompilerCall then
table.insert(extractorArgs, '"' .. arg .. '"')
table.insert(extractorArgs, arg)
end
end
@@ -188,7 +184,7 @@ function RegisterExtractorPack(id)
invocation = {
path = AbsolutifyExtractorPath(id, extractor),
arguments = {
commandLineString = table.concat(extractorArgs, " ")
commandLineString = ArgvToCommandLineString(extractorArgs)
}
}
}

4
go/codeql-tools/configure-baseline.cmd
View File

@@ -1,6 +1,6 @@
@echo off
if exist vendor\modules.txt (
type %CODEQL_EXTRACTOR_GO_ROOT%\tools\baseline-config-vendor.json
type "%CODEQL_EXTRACTOR_GO_ROOT%\tools\baseline-config-vendor.json"
) else (
type %CODEQL_EXTRACTOR_GO_ROOT%\tools\baseline-config-empty.json
type "%CODEQL_EXTRACTOR_GO_ROOT%\tools\baseline-config-empty.json"
)

4
go/codeql-tools/configure-baseline.sh
View File

@@ -1,7 +1,7 @@
#!/bin/sh
if [ -f vendor/modules.txt ]; then
cat $CODEQL_EXTRACTOR_GO_ROOT/tools/baseline-config-vendor.json
cat "$CODEQL_EXTRACTOR_GO_ROOT/tools/baseline-config-vendor.json"
else
cat $CODEQL_EXTRACTOR_GO_ROOT/tools/baseline-config-empty.json
cat "$CODEQL_EXTRACTOR_GO_ROOT/tools/baseline-config-empty.json"
fi

62
swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
View File

@@ -5,10 +5,12 @@ edges
| file://:0:0:0:0 | self [v2, some:0] | file://:0:0:0:0 | .v2 [some:0] |
| file://:0:0:0:0 | self [v2] | file://:0:0:0:0 | .v2 |
| file://:0:0:0:0 | self [v3] | file://:0:0:0:0 | .v3 |
| file://:0:0:0:0 | self [v] | file://:0:0:0:0 | .v |
| file://:0:0:0:0 | self [x, some:0] | file://:0:0:0:0 | .x [some:0] |
| file://:0:0:0:0 | self [x] | file://:0:0:0:0 | .x |
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [v2] |
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [v3] |
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [v] |
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [x] |
| file://:0:0:0:0 | value [some:0] | file://:0:0:0:0 | [post] self [v2, some:0] |
| file://:0:0:0:0 | value [some:0] | file://:0:0:0:0 | [post] self [x, some:0] |
@@ -481,9 +483,34 @@ edges
| test.swift:803:15:803:15 | dict4 [Collection element, Tuple element at index 1] | test.swift:803:15:803:35 | call to randomElement() [some:0, Tuple element at index 1] |
| test.swift:803:15:803:35 | call to randomElement() [some:0, Tuple element at index 1] | test.swift:803:15:803:36 | ...! [Tuple element at index 1] |
| test.swift:803:15:803:36 | ...! [Tuple element at index 1] | test.swift:803:15:803:38 | .1 |
| test.swift:809:8:809:13 | v | test.swift:810:14:810:14 | v |
| test.swift:810:5:810:5 | [post] self [v] | test.swift:809:3:811:3 | self[return] [v] |
| test.swift:810:14:810:14 | v | test.swift:810:5:810:5 | [post] self [v] |
| test.swift:813:8:813:8 | self [v] | test.swift:813:31:813:31 | self [v] |
| test.swift:813:31:813:31 | self [v] | test.swift:813:31:813:31 | .v |
| test.swift:813:31:813:31 | self [v] | test.swift:815:7:815:7 | self [v] |
| test.swift:815:7:815:7 | self [v] | file://:0:0:0:0 | self [v] |
| test.swift:815:7:815:7 | value | file://:0:0:0:0 | value |
| test.swift:819:14:819:25 | call to S3.init(_:) [v] | test.swift:822:15:822:15 | s1 [v] |
| test.swift:819:14:819:25 | call to S3.init(_:) [v] | test.swift:824:15:824:15 | s1 [v] |
| test.swift:819:17:819:24 | call to source() | test.swift:809:8:809:13 | v |
| test.swift:819:17:819:24 | call to source() | test.swift:819:14:819:25 | call to S3.init(_:) [v] |
| test.swift:822:15:822:15 | s1 [v] | test.swift:815:7:815:7 | self [v] |
| test.swift:822:15:822:15 | s1 [v] | test.swift:822:15:822:18 | .v |
| test.swift:824:15:824:15 | s1 [v] | test.swift:813:8:813:8 | self [v] |
| test.swift:824:15:824:15 | s1 [v] | test.swift:824:15:824:23 | call to getv() |
| test.swift:828:5:828:5 | [post] s2 [v] | test.swift:831:15:831:15 | s2 [v] |
| test.swift:828:5:828:5 | [post] s2 [v] | test.swift:833:15:833:15 | s2 [v] |
| test.swift:828:12:828:19 | call to source() | test.swift:815:7:815:7 | value |
| test.swift:828:12:828:19 | call to source() | test.swift:828:5:828:5 | [post] s2 [v] |
| test.swift:831:15:831:15 | s2 [v] | test.swift:815:7:815:7 | self [v] |
| test.swift:831:15:831:15 | s2 [v] | test.swift:831:15:831:18 | .v |
| test.swift:833:15:833:15 | s2 [v] | test.swift:813:8:813:8 | self [v] |
| test.swift:833:15:833:15 | s2 [v] | test.swift:833:15:833:23 | call to getv() |
nodes
| file://:0:0:0:0 | .a [x] | semmle.label | .a [x] |
| file://:0:0:0:0 | .str | semmle.label | .str |
| file://:0:0:0:0 | .v | semmle.label | .v |
| file://:0:0:0:0 | .v2 | semmle.label | .v2 |
| file://:0:0:0:0 | .v2 [some:0] | semmle.label | .v2 [some:0] |
| file://:0:0:0:0 | .v3 | semmle.label | .v3 |
@@ -493,6 +520,7 @@ nodes
| file://:0:0:0:0 | [post] self [v2, some:0] | semmle.label | [post] self [v2, some:0] |
| file://:0:0:0:0 | [post] self [v2] | semmle.label | [post] self [v2] |
| file://:0:0:0:0 | [post] self [v3] | semmle.label | [post] self [v3] |
| file://:0:0:0:0 | [post] self [v] | semmle.label | [post] self [v] |
| file://:0:0:0:0 | [post] self [x, some:0] | semmle.label | [post] self [x, some:0] |
| file://:0:0:0:0 | [post] self [x] | semmle.label | [post] self [x] |
| file://:0:0:0:0 | self [a, x] | semmle.label | self [a, x] |
@@ -500,11 +528,13 @@ nodes
| file://:0:0:0:0 | self [v2, some:0] | semmle.label | self [v2, some:0] |
| file://:0:0:0:0 | self [v2] | semmle.label | self [v2] |
| file://:0:0:0:0 | self [v3] | semmle.label | self [v3] |
| file://:0:0:0:0 | self [v] | semmle.label | self [v] |
| file://:0:0:0:0 | self [x, some:0] | semmle.label | self [x, some:0] |
| file://:0:0:0:0 | self [x] | semmle.label | self [x] |
| file://:0:0:0:0 | value | semmle.label | value |
| file://:0:0:0:0 | value | semmle.label | value |
| file://:0:0:0:0 | value | semmle.label | value |
| file://:0:0:0:0 | value | semmle.label | value |
| file://:0:0:0:0 | value [some:0] | semmle.label | value [some:0] |
| file://:0:0:0:0 | value [some:0] | semmle.label | value [some:0] |
| test.swift:6:19:6:26 | call to source() | semmle.label | call to source() |
@@ -1005,6 +1035,27 @@ nodes
| test.swift:803:15:803:35 | call to randomElement() [some:0, Tuple element at index 1] | semmle.label | call to randomElement() [some:0, Tuple element at index 1] |
| test.swift:803:15:803:36 | ...! [Tuple element at index 1] | semmle.label | ...! [Tuple element at index 1] |
| test.swift:803:15:803:38 | .1 | semmle.label | .1 |
| test.swift:809:3:811:3 | self[return] [v] | semmle.label | self[return] [v] |
| test.swift:809:8:809:13 | v | semmle.label | v |
| test.swift:810:5:810:5 | [post] self [v] | semmle.label | [post] self [v] |
| test.swift:810:14:810:14 | v | semmle.label | v |
| test.swift:813:8:813:8 | self [v] | semmle.label | self [v] |
| test.swift:813:31:813:31 | .v | semmle.label | .v |
| test.swift:813:31:813:31 | self [v] | semmle.label | self [v] |
| test.swift:815:7:815:7 | self [v] | semmle.label | self [v] |
| test.swift:815:7:815:7 | value | semmle.label | value |
| test.swift:819:14:819:25 | call to S3.init(_:) [v] | semmle.label | call to S3.init(_:) [v] |
| test.swift:819:17:819:24 | call to source() | semmle.label | call to source() |
| test.swift:822:15:822:15 | s1 [v] | semmle.label | s1 [v] |
| test.swift:822:15:822:18 | .v | semmle.label | .v |
| test.swift:824:15:824:15 | s1 [v] | semmle.label | s1 [v] |
| test.swift:824:15:824:23 | call to getv() | semmle.label | call to getv() |
| test.swift:828:5:828:5 | [post] s2 [v] | semmle.label | [post] s2 [v] |
| test.swift:828:12:828:19 | call to source() | semmle.label | call to source() |
| test.swift:831:15:831:15 | s2 [v] | semmle.label | s2 [v] |
| test.swift:831:15:831:18 | .v | semmle.label | .v |
| test.swift:833:15:833:15 | s2 [v] | semmle.label | s2 [v] |
| test.swift:833:15:833:23 | call to getv() | semmle.label | call to getv() |
subpaths
| test.swift:75:22:75:22 | x | test.swift:65:16:65:28 | arg1 | test.swift:65:1:70:1 | arg2[return] | test.swift:75:32:75:32 | [post] y |
| test.swift:114:19:114:19 | arg | test.swift:109:9:109:14 | arg | test.swift:110:12:110:12 | arg | test.swift:114:12:114:22 | call to ... |
@@ -1059,6 +1110,13 @@ subpaths
| test.swift:764:18:764:25 | call to source() | test.swift:617:8:617:11 | x | test.swift:617:3:619:3 | self[return] [x] | test.swift:764:13:764:26 | call to S.init(x:) [x] |
| test.swift:765:29:765:29 | s [some:0, x] | test.swift:655:8:655:12 | s [some:0, x] | test.swift:655:3:657:3 | self[return] [s, some:0, x] | test.swift:765:14:765:30 | call to S2_Optional.init(s:) [s, some:0, x] |
| test.swift:767:15:767:15 | s2 [s, some:0, x] | test.swift:766:13:766:29 | enter #keyPath(...) [s, some:0, x] | test.swift:766:13:766:29 | exit #keyPath(...) | test.swift:767:15:767:28 | \\...[...] |
| test.swift:813:31:813:31 | self [v] | test.swift:815:7:815:7 | self [v] | file://:0:0:0:0 | .v | test.swift:813:31:813:31 | .v |
| test.swift:819:17:819:24 | call to source() | test.swift:809:8:809:13 | v | test.swift:809:3:811:3 | self[return] [v] | test.swift:819:14:819:25 | call to S3.init(_:) [v] |
| test.swift:822:15:822:15 | s1 [v] | test.swift:815:7:815:7 | self [v] | file://:0:0:0:0 | .v | test.swift:822:15:822:18 | .v |
| test.swift:824:15:824:15 | s1 [v] | test.swift:813:8:813:8 | self [v] | test.swift:813:31:813:31 | .v | test.swift:824:15:824:23 | call to getv() |
| test.swift:828:12:828:19 | call to source() | test.swift:815:7:815:7 | value | file://:0:0:0:0 | [post] self [v] | test.swift:828:5:828:5 | [post] s2 [v] |
| test.swift:831:15:831:15 | s2 [v] | test.swift:815:7:815:7 | self [v] | file://:0:0:0:0 | .v | test.swift:831:15:831:18 | .v |
| test.swift:833:15:833:15 | s2 [v] | test.swift:813:8:813:8 | self [v] | test.swift:813:31:813:31 | .v | test.swift:833:15:833:23 | call to getv() |
#select
| test.swift:7:15:7:15 | t1 | test.swift:6:19:6:26 | call to source() | test.swift:7:15:7:15 | t1 | result |
| test.swift:9:15:9:15 | t1 | test.swift:6:19:6:26 | call to source() | test.swift:9:15:9:15 | t1 | result |
@@ -1169,3 +1227,7 @@ subpaths
| test.swift:802:15:802:38 | .0 | test.swift:800:44:800:51 | call to source() | test.swift:802:15:802:38 | .0 | result |
| test.swift:803:15:803:38 | .1 | test.swift:799:20:799:27 | call to source() | test.swift:803:15:803:38 | .1 | result |
| test.swift:803:15:803:38 | .1 | test.swift:801:33:801:40 | call to source() | test.swift:803:15:803:38 | .1 | result |
| test.swift:822:15:822:18 | .v | test.swift:819:17:819:24 | call to source() | test.swift:822:15:822:18 | .v | result |
| test.swift:824:15:824:23 | call to getv() | test.swift:819:17:819:24 | call to source() | test.swift:824:15:824:23 | call to getv() | result |
| test.swift:831:15:831:18 | .v | test.swift:828:12:828:19 | call to source() | test.swift:831:15:831:18 | .v | result |
| test.swift:833:15:833:23 | call to getv() | test.swift:828:12:828:19 | call to source() | test.swift:833:15:833:23 | call to getv() | result |

36
swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
View File

@@ -983,3 +983,39 @@
| test.swift:803:15:803:35 | call to randomElement() | test.swift:803:15:803:36 | ...! |
| test.swift:804:15:804:15 | [post] dict4 | test.swift:805:15:805:15 | dict4 |
| test.swift:804:15:804:15 | dict4 | test.swift:805:15:805:15 | dict4 |
| test.swift:809:3:809:3 | SSA def(self) | test.swift:810:5:810:5 | self |
| test.swift:809:3:809:3 | self | test.swift:809:3:809:3 | SSA def(self) |
| test.swift:809:8:809:13 | SSA def(v) | test.swift:810:14:810:14 | v |
| test.swift:809:8:809:13 | v | test.swift:809:8:809:13 | SSA def(v) |
| test.swift:810:5:810:5 | [post] self | test.swift:809:3:811:3 | self[return] |
| test.swift:810:5:810:5 | self | test.swift:809:3:811:3 | self[return] |
| test.swift:813:8:813:8 | SSA def(self) | test.swift:813:31:813:31 | self |
| test.swift:813:8:813:8 | self | test.swift:813:8:813:8 | SSA def(self) |
| test.swift:813:31:813:31 | [post] self | test.swift:813:3:813:33 | self[return] |
| test.swift:813:31:813:31 | self | test.swift:813:3:813:33 | self[return] |
| test.swift:815:7:815:7 | self | test.swift:815:7:815:7 | SSA def(self) |
| test.swift:815:7:815:7 | self | test.swift:815:7:815:7 | SSA def(self) |
| test.swift:815:7:815:7 | self | test.swift:815:7:815:7 | SSA def(self) |
| test.swift:815:7:815:7 | value | test.swift:815:7:815:7 | SSA def(value) |
| test.swift:819:9:819:9 | SSA def(s1) | test.swift:822:15:822:15 | s1 |
| test.swift:819:9:819:9 | s1 | test.swift:819:9:819:9 | SSA def(s1) |
| test.swift:819:14:819:25 | call to S3.init(_:) | test.swift:819:9:819:9 | s1 |
| test.swift:820:9:820:9 | SSA def(s2) | test.swift:823:15:823:15 | s2 |
| test.swift:820:9:820:9 | s2 | test.swift:820:9:820:9 | SSA def(s2) |
| test.swift:820:14:820:18 | call to S3.init(_:) | test.swift:820:9:820:9 | s2 |
| test.swift:822:15:822:15 | [post] s1 | test.swift:824:15:824:15 | s1 |
| test.swift:822:15:822:15 | s1 | test.swift:824:15:824:15 | s1 |
| test.swift:823:15:823:15 | [post] s2 | test.swift:825:15:825:15 | s2 |
| test.swift:823:15:823:15 | s2 | test.swift:825:15:825:15 | s2 |
| test.swift:824:15:824:15 | [post] s1 | test.swift:827:5:827:5 | s1 |
| test.swift:824:15:824:15 | s1 | test.swift:827:5:827:5 | s1 |
| test.swift:825:15:825:15 | [post] s2 | test.swift:828:5:828:5 | s2 |
| test.swift:825:15:825:15 | s2 | test.swift:828:5:828:5 | s2 |
| test.swift:827:5:827:5 | [post] s1 | test.swift:830:15:830:15 | s1 |
| test.swift:827:5:827:5 | s1 | test.swift:830:15:830:15 | s1 |
| test.swift:828:5:828:5 | [post] s2 | test.swift:831:15:831:15 | s2 |
| test.swift:828:5:828:5 | s2 | test.swift:831:15:831:15 | s2 |
| test.swift:830:15:830:15 | [post] s1 | test.swift:832:15:832:15 | s1 |
| test.swift:830:15:830:15 | s1 | test.swift:832:15:832:15 | s1 |
| test.swift:831:15:831:15 | [post] s2 | test.swift:833:15:833:15 | s2 |
| test.swift:831:15:831:15 | s2 | test.swift:833:15:833:15 | s2 |

28
swift/ql/test/library-tests/dataflow/dataflow/test.swift
View File

@@ -804,3 +804,31 @@ func testDictionary() {
sink(arg: dict4.keys.randomElement()) // $ MISSING: flow=800
sink(arg: dict4.values.randomElement()) // $ MISSING: flow=799 flow=801
}
struct S3 {
init(_ v: Int) {
self.v = v
}
func getv() -> Int { return v }
var v: Int
}
func testStruct() {
var s1 = S3(source())
var s2 = S3(0)
sink(arg: s1.v) // $ flow=819
sink(arg: s2.v)
sink(arg: s1.getv()) // $ flow=819
sink(arg: s2.getv())
s1.v = 0
s2.v = source()
sink(arg: s1.v)
sink(arg: s2.v) // $ flow=828
sink(arg: s1.getv())
sink(arg: s2.getv()) // $ flow=828
}