hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,671 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

3543 Commits

Author SHA1 Message Date
Raul Garcia
f8ae56a27c Improving documentation 2019-02-26 16:22:39 -08:00
Calum Grant
5c2804d3ac Merge pull request #968 from hvitved/csharp/dataflow-performance 
C#: Improve join orders in `DataFlow` module
 2019-02-26 17:34:16 +00:00
Tom Hvitved
8abf76b618 C#: Reduce size of getAThrownException() 
In the precense of multiple core libraries, `getAThrownException()` would return
multiple copies of the same exception, say `System.OverflowException`, one for each
core library. With this change we try to identify which core library a given control
flow element was compiled against, and only return the corresponding version.
 2019-02-26 15:11:45 +01:00
Raul Garcia
9bb7816a3c Making changes based on feedback. 2019-02-22 10:10:20 -08:00
Tom Hvitved
116997cf85 Merge pull request #961 from calumgrant/cs/cve-2019-0657 
C#: Update cs/use-of-vulnerable-package to detect CVE-2019-0657
 2019-02-22 18:01:58 +01:00
Calum Grant
cd721f38b8 Merge pull request #967 from hvitved/csharp/ssa/block-precedes-var 
C#: Use explict recursion in `blockPrecedesVar()`
 2019-02-22 14:08:26 +00:00
Calum Grant
e93140d136 Merge pull request #959 from hvitved/csharp/dispose-not-called-on-exc-performance 
C#: Improve performance of `cs/dispose-not-called-on-throw`
 2019-02-22 14:04:48 +00:00
Tom Hvitved
74377a28c9 C#: Improve join orders in DataFlow module 2019-02-22 09:31:19 +01:00
Tom Hvitved
f02ef51459 C#: Use explict recursion in blockPrecedesVar() 2019-02-21 17:14:23 +01:00
calum
15341965e0 C#: Update cs/use-of-vulnerable-package to detect CVE-2019-0657 2019-02-21 11:48:48 +00:00
Tom Hvitved
f8bb00a81c C#: Cache Call::getArgumentForParameter() 2019-02-21 11:41:40 +01:00
Tom Hvitved
c8eb537591 C#: Improve performance of cs/dispose-not-called-on-throw 2019-02-21 11:20:54 +01:00
Tom Hvitved
c3a62b3656 C#: Always inline ControlFlowElement::[reachableFrom|getAReachableElement]() 2019-02-21 11:20:47 +01:00
Tom Hvitved
a382a5876f Merge pull request #808 from calumgrant/cs/double-checked-locks 
C#: Work on cs/unsafe-double-checked-lock
 2019-02-21 11:17:35 +01:00
Raul Garcia
7d197692ac Adding a new rule for detecting usage of static objects that implement ICryptoTransform that would be thread-unsafe, and potentially result in incorrect cryptographic results. 2019-02-20 17:07:04 -08:00
calum
40f3b8b439 C#: Address review comments (documentation). 2019-02-20 18:00:30 +00:00
calum
b0e2e436a7 C#: Fix documentation. 2019-02-18 09:37:10 +00:00
Tom Hvitved
5ce9b25ec9 C#: Improve CFG for assignments 
Write accesses in assignments, such as the access to `x` in `x = 0` are not
evaluated, so they should not have entries in the control flow graph. However,
qualifiers (and indexer arguments) should still be evaluated, for example in

```
x.Foo.Bar = 0;
```

the CFG should be `x --> x.Foo --> 0 --> x.Foo.Bar = 0` (as opposed to
`x --> x.Foo --> x.Foo.Bar --> 0 --> x.Foo.Bar = 0`, prior to this change).

A special case is assignments via acessors (properties, indexers, and event
adders), where we do want to include the access in the control flow graph,
as it represents the accessor call:

```
x.Prop = 0;
```

But instead of `x --> x.set_Prop --> 0 --> x.Prop = 0` the CFG should be
`x --> 0 --> x.set_Prop --> x.Prop = 0`, as the setter is called *after* the
assigned value has been evaluated.

An even more special case is tuple assignments via accessors:

```
(x.Prop1, y.Prop2) = (0, 1);
```

Here the CFG should be
`x --> y --> 0 --> 1 --> x.set_Prop1 --> y.set_Prop2 --> (x.Prop1, y.Prop2) = (0, 1)`.
 2019-02-16 19:19:24 +01:00
Anders Schack-Mulligen
fc9c7ea55a CSharp: Autoformat qls 2019-02-12 14:38:42 +01:00
Anders Schack-Mulligen
bcaaebfe7e CSharp: Autoformat qlls 2019-02-12 14:38:42 +01:00
Calum Grant
0513828000 Merge pull request #922 from hvitved/csharp/cfg/remove-exception-edges 
C#: Remove some impossible CFG exception edges
 2019-02-12 10:42:07 +00:00
Calum Grant
e10ea73a07 Merge pull request #901 from hvitved/csharp/conditional-assign-join-order 
C#: Improve join order in `conditionalAssign()`
 2019-02-12 10:39:49 +00:00
Calum Grant
b557b7b438 Merge pull request #895 from hvitved/csharp/get-a-thrown-exception 
C#: Avoid using `ExceptionClass` in deliberate Cartesian products
 2019-02-12 09:49:03 +00:00
calum
b51eb2cb92 C#: Fix tags in documentation. 2019-02-11 17:52:55 +00:00
Tom Hvitved
8cb8c967d2 C#: Remove some impossible CFG exception edges 2019-02-11 16:17:01 +01:00
Tom Hvitved
14bdea1cf2 Merge pull request #847 from calumgrant/cs/json.net 
C#: Model Json.NET dataflow
 2019-02-11 15:48:01 +01:00
calum
d18bbf6a73 C#: Make query only apply to reftypes, since I believe valuetypes are safe or cannot be fixed trivially using the volatile keyword. 2019-02-08 15:18:29 +00:00
calum
b473d2f7a8 C#: Update change notes. Decrease the priority of this query because the volatile keyword is no longer needed on modern .Net runtimes. 2019-02-08 14:59:45 +00:00
calum
7addd41e38 C#: Fixes to double-checked lock. 2019-02-08 14:57:57 +00:00
calum
c9cf183878 C#: Fix merge conflicts. 2019-02-08 14:38:51 +00:00
calum
08d13ea363 C#: Address review comments. 2019-02-08 14:38:51 +00:00
calum
7f7a92d092 C#: Model Json.NET dataflow. 2019-02-08 14:37:54 +00:00
Tom Hvitved
e663abd5da C#: Avoid using ExceptionClass in deliberate Cartesian products 
Using the class `ExceptionClass` in combination with a deliberate Cartesian
product can lead to bad join orders, for example

```
EVALUATE NONRECURSIVE RELATION:
  Completion::TriedControlFlowElement::getAThrownException_dispred#ff(int this, int result) :-
    {1} r1 = JOIN Expr::Expr::getType_dispred#ff_10#join_rhs WITH @integral_type#f ON Expr::Expr::getType_dispred#ff_10#join_rhs.<0>=@integral_type#f.<0> OUTPUT FIELDS {Expr::Expr::getType_dispred#ff_10#join_rhs.<1>}
    {1} r2 = JOIN r1 WITH @un_op#f ON r1.<0>=@un_op#f.<0> OUTPUT FIELDS {r1.<0>}
    {1} r3 = JOIN r2 WITH Stmt::TryStmt::getATriedElement#ff_1#join_rhs ON r2.<0>=Stmt::TryStmt::getATriedElement#ff_1#join_rhs.<0> OUTPUT FIELDS {r2.<0>}
    {2} r4 = JOIN r3 WITH Stmt::ExceptionClass#f CARTESIAN PRODUCT OUTPUT FIELDS {Stmt::ExceptionClass#f.<0>,r3.<0>}
    {2} r5 = JOIN r4 WITH System::SystemOverflowExceptionClass#class#f ON r4.<0>=System::SystemOverflowExceptionClass#class#f.<0> OUTPUT FIELDS {r4.<1>,r4.<0>}
```

where the CP is made with `ExceptionClass` rather than `SystemOverflowExceptionClass`
directly.
 2019-02-07 20:42:21 +01:00
Tom Hvitved
e074daee74 C#: Limit number of non-required CFG splits 2019-02-07 20:40:20 +01:00
Tom Hvitved
ab8ad9f8e6 C#: Improve a few join-orders in CFG splitting library 2019-02-07 20:40:20 +01:00
semmle-qlci
87c5872bc5 Merge pull request #903 from hvitved/csharp/successor-type-qldoc 
Approved by calumgrant
 2019-02-07 19:38:58 +00:00
calum
8afbd2d897 C#: Extend TrivialProperty to also include CIL::TrivialProperty 2019-02-07 12:05:42 +00:00
Tom Hvitved
ba575db93b C#: Add QL doc to SuccessorType.qll 2019-02-07 12:09:09 +01:00
Calum Grant
383e82a3f3 Merge pull request #886 from hvitved/csharp/cfg/restructure 
C#: Split up `ControlFlowGraph.qll` into multiple files
 2019-02-07 11:06:19 +00:00
Tom Hvitved
5f027e1761 Merge pull request #860 from calumgrant/cs/library-flow 
C#: Refactor LibraryTypeDataFlow
 2019-02-07 11:52:05 +01:00
Calum Grant
4274bb136f Merge pull request #892 from hvitved/csharp/get-arg-for-param-bad-magic 
C#: Prevent bad magic in `getArgumentForParameter()`
 2019-02-07 10:50:21 +00:00
Calum Grant
73d56e1bdb Merge pull request #881 from hvitved/csharp/remove-get-url 
C#: Remove `getUrl()` predicate
 2019-02-07 10:47:56 +00:00
Tom Hvitved
23e63e983c C#: Improve join order in conditionalAssign() 
Fixes a bad join-order in `Guards::Internal::conditionalAssign#ffff#antijoin_rhs#1`:

```
[2019-01-25 14:12:03] (377s) Starting to evaluate predicate Guards::Internal::conditionalAssign#ffff#antijoin_rhs#1
[2019-01-25 14:20:41] (895s) Tuple counts:
                      9302551    ~1%     {7} r1 = JOIN ControlFlowGraph::ControlFlow::Internal::PreSsa::Definition::getAPhiInput_dispred#ff WITH Guards::Internal::conditionalAssign#ffff#shared#1 ON ControlFlowGraph::ControlFlow::Internal::PreSsa::Definition::getAPhiInput_dispred#ff.<0>=Guards::Internal::conditionalAssign#ffff#shared#1.<0> OUTPUT FIELDS {ControlFlowGraph::ControlFlow::Internal::PreSsa::Definition::getAPhiInput_dispred#ff.<1>,Guards::Internal::conditionalAssign#ffff#shared#1.<1>,Guards::Internal::conditionalAssign#ffff#shared#1.<2>,Guards::Internal::conditionalAssign#ffff#shared#1.<0>,Guards::Internal::conditionalAssign#ffff#shared#1.<3>,Guards::Internal::conditionalAssign#ffff#shared#1.<4>,Guards::Internal::conditionalAssign#ffff#shared#1.<5>}
                      9302551    ~7%     {8} r2 = JOIN r1 WITH ControlFlowGraph::ControlFlow::Internal::PreSsa::Definition::getBasicBlock_dispred#ff ON r1.<0>=ControlFlowGraph::ControlFlow::Internal::PreSsa::Definition::getBasicBlock_dispred#ff.<0> OUTPUT FIELDS {r1.<1>,ControlFlowGraph::ControlFlow::Internal::PreSsa::Definition::getBasicBlock_dispred#ff.<1>,r1.<2>,r1.<3>,r1.<4>,r1.<5>,r1.<6>,r1.<0>}
                      1223774650 ~0%     {8} r3 = JOIN r2 WITH Guards::Internal::Guard::preControlsDirect_dispred#fff ON r2.<0>=Guards::Internal::Guard::preControlsDirect_dispred#fff.<0> AND r2.<1>=Guards::Internal::Guard::preControlsDirect_dispred#fff.<1> OUTPUT FIELDS {r2.<6>,Guards::Internal::Guard::preControlsDirect_dispred#fff.<2>,r2.<0>,r2.<2>,r2.<3>,r2.<4>,r2.<5>,r2.<7>}
                      80626      ~0%     {7} r4 = JOIN r3 WITH Guards::AbstractValue::getDualValue_dispred#ff ON r3.<0>=Guards::AbstractValue::getDualValue_dispred#ff.<0> AND r3.<1>=Guards::AbstractValue::getDualValue_dispred#ff.<1> OUTPUT FIELDS {r3.<2>,r3.<3>,r3.<4>,r3.<5>,r3.<6>,r3.<0>,r3.<7>}
                      9293564    ~0%     {7} r5 = Guards::Internal::conditionalAssign#ffff#shared#2 AND NOT Guards::Internal::conditionalAssign#ffff#antijoin_rhs(Guards::Internal::conditionalAssign#ffff#shared#2.<0>,Guards::Internal::conditionalAssign#ffff#shared#2.<1>,Guards::Internal::conditionalAssign#ffff#shared#2.<2>,Guards::Internal::conditionalAssign#ffff#shared#2.<3>,Guards::Internal::conditionalAssign#ffff#shared#2.<4>,Guards::Internal::conditionalAssign#ffff#shared#2.<5>,Guards::Internal::conditionalAssign#ffff#shared#2.<6>)
                      9293564    ~1%     {7} r6 = SCAN r5 OUTPUT FIELDS {r5.<6>,r5.<0>,r5.<1>,r5.<2>,r5.<3>,r5.<4>,r5.<5>}
                      9293564    ~2%     {8} r7 = JOIN r6 WITH ControlFlowGraph::ControlFlow::Internal::PreSsa::Definition::getBasicBlock_dispred#ff ON r6.<0>=ControlFlowGraph::ControlFlow::Internal::PreSsa::Definition::getBasicBlock_dispred#ff.<0> OUTPUT FIELDS {ControlFlowGraph::ControlFlow::Internal::PreSsa::Definition::getBasicBlock_dispred#ff.<1>,r6.<2>,r6.<1>,r6.<3>,r6.<4>,r6.<5>,r6.<6>,r6.<0>}
                      1940       ~2%     {7} r8 = JOIN r7 WITH ControlFlowGraph::ControlFlow::Internal::PreBasicBlocks::PreBasicBlock::dominates_dispred#ff ON r7.<0>=ControlFlowGraph::ControlFlow::Internal::PreBasicBlocks::PreBasicBlock::dominates_dispred#ff.<0> AND r7.<1>=ControlFlowGraph::ControlFlow::Internal::PreBasicBlocks::PreBasicBlock::dominates_dispred#ff.<1> OUTPUT FIELDS {r7.<2>,r7.<1>,r7.<3>,r7.<4>,r7.<5>,r7.<6>,r7.<7>}
                      82566      ~0%     {7} r9 = r4 \/ r8
                                         return r9
```
 2019-02-07 10:35:31 +01:00
calum
ce7e9901cc C#: Address review comments. 2019-02-06 17:15:43 +00:00
Tom Hvitved
8812f26517 C#: Address review comments 2019-02-06 13:17:47 +01:00
Tom Hvitved
c3378c44a1 C#: Prevent bad magic in getArgumentForParameter() 2019-02-06 13:09:56 +01:00
Calum Grant
dd75e5bce3 Merge pull request #877 from hvitved/csharp/matches-handle 
C#: Use `matchesHandle()` instead of `getLabel()`
 2019-02-06 11:02:09 +00:00
semmle-qlci
4b81ffab96 Merge pull request #869 from hvitved/csharp/autoformat 
Approved by calumgrant
 2019-02-05 16:35:10 +00:00
Tom Hvitved
37c55750f7 Merge pull request #873 from calumgrant/cs/format-getresource-strings 
C#: Fix FP in cs/format-argument-unused
 2019-02-05 17:12:04 +01:00
Tom Hvitved
23b9b1eb72 C#: Cache Splits::toString() 2019-02-05 15:01:25 +01:00