hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

3543 Commits

Author SHA1 Message Date
Jason Reed
66da91fe59 Java, Javascript, Csharp: Restrict definitions predicates 
Only expose definition-use relation itself, and getEncodedFile.
 2020-05-11 15:14:16 -04:00
Dave Bartolomeo
e5bd66809a C++/C#: Add QLDoc for renamed queries 2020-05-11 14:16:21 -04:00
Dave Bartolomeo
09d1da2f7a C++/C#: Rename sanity -> consistency 
I did both of these languages together because they share some of the changed code via `identical-files.json`.
 2020-05-11 13:29:52 -04:00
Jonas Jensen
cec73e689e Merge pull request #3393 from dbartol/codeql-c-analysis-team/40/1 
C++: A few IR QLDoc comments
 2020-05-11 15:56:43 +02:00
Calum Grant
91229f8d52 Merge pull request #3398 from hvitved/csharp/missing-x-frame-option 
C#: More results for `cs/web/missing-x-frame-options`
 2020-05-11 10:28:26 +01:00
Jason Reed
beccdce108 C#: Refactor definitions query, add queries for ide search 
This enables jump-to-definition and find-references in the VS Code
extension, for C# source archives.
 2020-05-08 07:31:50 -04:00
Dave Bartolomeo
e435484740 C++/C#: Fix formatting 2020-05-07 08:39:01 -04:00
Dave Bartolomeo
f0e86a9191 C++: Add missing module comment 2020-05-06 17:30:20 -04:00
Dave Bartolomeo
df4fdaf6ff C++: Fix PR feedback 
Note that the various predicates to access the singleton instances of the `EdgeKind` classes have been moved into a module named `EdgeKind`.
 2020-05-06 17:06:48 -04:00
Tom Hvitved
0466e36985 C#: Teach Implements.qll about nested types 2020-05-06 09:25:40 +02:00
Tom Hvitved
4c1a9b25c1 C#: Teach unification library about nested types 2020-05-06 09:25:40 +02:00
Jonas Jensen
63f04afa8d Merge pull request #3312 from hvitved/dataflow/impl-no-postupdate 
Data flow: Support stores into nodes that are not `PostUpdateNode`s
 2020-05-06 09:09:31 +02:00
Tom Hvitved
e8e27e0e00 C#: Address review comments 2020-05-05 14:28:13 +02:00
Tom Hvitved
c324c388d0 C#: Refine UnboundGeneric and ConstructedGeneric 2020-05-05 14:28:13 +02:00
Tom Hvitved
e95cc24b3f Data flow: Support stores into nodes that are not PostUpdateNodes 2020-05-05 14:01:04 +02:00
Anders Schack-Mulligen
b7458091a9 Merge pull request #3110 from hvitved/dataflow/no-more-summaries 
Data flow: No more flow summaries
 2020-05-05 13:27:07 +02:00
Geoffrey White
a70f534458 Sync identical files. 2020-05-05 09:18:05 +01:00
Calum Grant
a01ef83312 Merge pull request #3270 from hvitved/csharp/dataflow/library-field-flow 
C#: Field-sensitive summaries for library code
 2020-05-04 16:11:18 +01:00
Tom Hvitved
c7763e69e5 C#: Add comments to LibraryCodeNode::get{Predecessor|Successor}() 2020-05-04 13:46:52 +02:00
Tom Hvitved
a4d933d1d6 C#: More results for cs/web/missing-x-frame-options 
Report an alert in _any_ `Web.config` file, as long as it does not have an
`X-Frame-Options` entry (as opposed to only reporting alerts when _all_
`Web.config` files lack the entry).
 2020-05-04 09:17:08 +02:00
Tom Hvitved
32b419229d C#: Address review comments 2020-05-04 09:01:49 +02:00
Dave Bartolomeo
8e9e3c8919 Merge pull request #3395 from jbj/IRBlock-unique 
C++: Use `unique` aggregate in IRBlock computation
 2020-05-03 07:54:51 -04:00
Jonas Jensen
0a59045dc3 C++: Use unique aggregate in IRBlock computation 
This gives a slight speedup, and I think it makes the code shorter and
clearer.

On Wireshark, the time from the beginning of the `IRBlock` stage until
just before evaluation of `getInstruction` drops from 44s to 34s.
 2020-05-03 10:07:09 +02:00
Dave Bartolomeo
a166a4d143 C++: A few IR QLDoc comments 2020-05-01 18:17:20 -04:00
Robert Marsh
83e222e5bd C++/C#: sync files 2020-05-01 14:17:43 -07:00
Tom Hvitved
7cbf37c6ba C#: Convert string.format() queries to path queries 2020-04-28 09:59:19 +02:00
Tom Hvitved
d28c4fb0f5 Merge pull request #3202 from jbj/pathStep-join-unique 
Java/C++/C#: Use `unique` to improve join order fix
 2020-04-27 13:06:27 +02:00
Tom Hvitved
5b5f9adfc6 C#: Add missing CFG edge from generic catch block to finally block 2020-04-23 08:45:11 +02:00
Jonas Jensen
875daae84b Merge pull request #3151 from dbartol/dbartol/floats 
C++: Better support for complex numbers in IR and AST
 2020-04-20 16:27:20 +02:00
Dave Bartolomeo
de5abdb29a C++/C#: Add missing QLDoc 2020-04-18 09:55:35 -04:00
Robert Marsh
9008084b74 Merge pull request #3272 from dbartol/dbartol/DumpFixes 
C++: A couple of fixes for IR dumps
 2020-04-17 11:49:52 -07:00
Tom Hvitved
1b6e978a62 Data flow: Sync files 2020-04-17 13:49:06 +02:00
Tom Hvitved
de41e668b0 Data flow: No more flow summaries 2020-04-17 13:48:20 +02:00
Tom Hvitved
1959480b78 C#: Field-flow summaries for library code 2020-04-16 15:20:47 +02:00
Dave Bartolomeo
3dd3b5304e Merge remote-tracking branch 'upstream/master' into dbartol/floats 2020-04-16 08:44:41 -04:00
Tom Hvitved
922e52f061 Merge pull request #3257 from hvitved/csharp/dataflow/tests 
C#: Update data flow tests
 2020-04-16 11:47:45 +02:00
Dave Bartolomeo
90dc14c56e C++/C#: Fix phantom Chi definitions in PrintSSA 
When `PrintSSA.qll` is imported, IR dumps will be annotated with the alias analysis information used during SSA construction. When printing this information, we incorrectly treated instructions at offset -1, which should only be `Phi` instructions, as `Chi` instructions for the instruction at offset 0. This produced phantom annotations, but did not affect the correctness of the actual IR.
 2020-04-15 18:24:11 -04:00
Chris Gavin
4e981d8e70 Merge rc/1.24 into master. 2020-04-14 21:30:29 +01:00
Tom Hvitved
a9b88b6eaa C#: Update data flow tests 2020-04-14 09:31:10 +02:00
Dave Bartolomeo
1bde11706e C++: Connect InitializeIndirection to UnmodeledDefinition 
The IR generation for `InitializeIndirection` currently connects its load operand to the result of the corresponding `InitializeParameter` instruction. This isn't exactly wrong, but it doesn't fit the IR invariant of "All unmodeled uses consume `UnmodeledDefinition`". Our current code doesn't care, because we just throw away all of the existing def-use information, modeled or otherwise, when we build unaliased SSA. However, some upcoming SSA changes don't work correctly if this invariant is broken.

I've added the trivial IR generation change, along with a new sanity query.
 2020-04-13 18:37:47 -04:00
Robert Marsh
a5e7db73b2 Merge branch 'rc/1.24' into rdmarsh/cpp/ir-flow-through-outparams 
For submodule consistency
 2020-04-13 12:02:59 -07:00
Pavel Avgustinov
6737e99d65 Merge pull request #3209 from hmakholm/baselib-extractor 
Add extractor field in base language QL packs
 2020-04-09 15:24:49 +01:00
Robert Marsh
7e299e7494 C++/C#: Document ReturnIndirectionInstruction::getParameter 2020-04-08 16:41:07 -07:00
Robert Marsh
c38ccaaab6 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-04-08 12:32:35 -07:00
Tom Hvitved
6685a5ed4d Merge pull request #3136 from calumgrant/cs/buildless-extraction 
C#: Improvements to buildless extraction
 2020-04-07 08:52:00 +02:00
Henning Makholm
bf579dedd4 Add extractor field in base language QL packs 2020-04-06 18:48:01 +02:00
Calum Grant
6cce0de9b2 Merge pull request #3124 from hvitved/csharp/dataflow/sources-and-sinks 
C#: Introduce `RemoteFlowSink` class
 2020-04-06 12:36:14 +01:00
Jonas Jensen
46fc91315b Java/C++/C#: Revert the join order fix from #2872 
This revert brings back the performance problems in
`DataFlowImplLocal.qll` so they can be fixed in a different way. The fix
in #2872 was asymptotically good but had undesired overhead because it
introduced another predicate in the SCC that existed purely for join
ordering.

I did the revert by inlining the helper predicate, eliminating the
`enclosing` variable, and re-ordering the resulting lines to what they
were before #2872.
 2020-04-06 10:04:50 +02:00
Robert
1096e5d947 Merge pull request #3163 from robertbrignull/code_scanning_suites 
Add code-scanning suites
 2020-04-06 08:45:40 +01:00
Tom Hvitved
c8c706a0ba C#: Un-deprecate PublicCallableParameterFlowSource 2020-04-06 09:01:44 +02:00