hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

1641 Commits

Author SHA1 Message Date
Paolo Tranquilli
b4df557c5a Merge branch 'main' into redsun82/swift-do-not-extract-inactive-ifconfig-clauses 2022-09-20 15:41:34 +02:00
Paolo Tranquilli
3fd8136dc7 Swift: accept test results 2022-09-20 15:37:09 +02:00
Mathias Vorreiter Pedersen
90f24d3e82 Merge pull request #10430 from geoffw0/cleartextmissing 
Swift: Fix missing results in swift/cleartext-storage-database
 2022-09-20 14:23:29 +01:00
Paolo Tranquilli
72a4bd3f1e Swift: group unresolved elements and remove their tests 2022-09-20 15:22:20 +02:00
Paolo Tranquilli
7ae68fcc03 Swift: rework IfConfigDecl schema 2022-09-20 15:11:58 +02:00
Geoffrey White
213cd94047 Swift: Update the test. 2022-09-16 13:24:37 +01:00
Geoffrey White
dc47771937 Swift: Fix locationless results. 2022-09-14 20:43:24 +01:00
Geoffrey White
25840996f6 Swift: Use a slightly different approach to fix false positive. 2022-09-14 20:43:23 +01:00
Geoffrey White
7b96cb071a Swift: Remove the original sink cases as they are no longer required. 2022-09-14 20:43:22 +01:00
Geoffrey White
e0100d7b98 Swift: Expand sinks and fix issue with post-update notes to catch the missing test results. 2022-09-14 20:43:22 +01:00
Geoffrey White
eb2a0af4cc Swift: Additional test case. 2022-09-14 20:43:21 +01:00
Mathias Vorreiter Pedersen
6074f22d3f Merge pull request #10335 from github/redsun82/swift-weak-hashing-phase-1 
Swift: first version of query targeting weak hashing
 2022-09-14 08:29:47 +01:00
AlexDenisov
be21b26d46 Merge pull request #10045 from github/alexdenisov/swift-cwe-757 
Swift: CWE-757: insecure TLS configuration
 2022-09-12 15:25:15 +02:00
Paolo Tranquilli
776df33f55 Swift: fix typos and comments in testCrypto.swift 2022-09-12 08:47:43 +02:00
Paolo Tranquilli
a8a34addde Merge branch 'main' into redsun82/swift-weak-hashing-phase-1 2022-09-09 11:07:41 +02:00
Paolo Tranquilli
6223103bbd Swift: add more testing to WeakSensitiveDataHashing 2022-09-09 11:02:08 +02:00
Paolo Tranquilli
c739bbb051 Swift: bake in isProbablySafe in SensitiveExpr 
Also restructured the code a bit in the weak hashing query.
 2022-09-09 11:00:02 +02:00
Alex Denisov
d455a557be Swift: CWE-757: update docs and user facing text 2022-09-08 10:31:23 +02:00
Alex Denisov
d18ad665b6 Swift: CWE-757: Insecure TLS configuration 2022-09-08 09:34:04 +02:00
Mathias Vorreiter Pedersen
417b2152d8 Merge pull request #10319 from geoffw0/cleartextbarrier 2022-09-08 00:30:57 +01:00
Paolo Tranquilli
19b13ee4e3 Swift: first draft of query targeting weak hashing 2022-09-07 15:58:35 +02:00
Geoffrey White
d1867b9716 Merge pull request #10284 from geoffw0/stringlengthcleanup 
Swift: Improve swift/string-length-conflation
 2022-09-06 14:07:02 +01:00
Geoffrey White
0741266cea Swift: Switch from isSanitizerIn to isSanitizer. 2022-09-06 13:37:49 +01:00
Geoffrey White
8281d92e71 Swift: Add barriers for encryption. 2022-09-06 13:37:49 +01:00
Geoffrey White
9683a95162 Swift: Add a few more test cases. 2022-09-06 13:37:48 +01:00
Geoffrey White
a14efcfb69 Merge branch 'main' into stringlengthcleanup 2022-09-02 19:26:28 +01:00
Geoffrey White
c3a8da4570 Swift: Use getABaseTypeDecl() to improve StringLengthConflation.ql. 2022-09-02 19:21:50 +01:00
Paolo Tranquilli
48761b8667 Merge pull request #10233 from github/redsun82/swift-conversions-in-print-ast 
Swift: show conversions in `PrintAst`
 2022-09-02 16:13:21 +02:00
Paolo Tranquilli
2234070bfe Swift: ...and accept the test 2022-09-02 15:36:46 +02:00
Paolo Tranquilli
c842ae40f6 Swift: make node properties consistent with other languages 2022-09-02 15:31:37 +02:00
Paolo Tranquilli
e3e9774956 Swift: print conversions similarly to C++ 2022-09-02 15:31:37 +02:00
Geoffrey White
129ed426a0 Swift: Use allowImplicitRead as a better solution replacing one of the special flow cases. 2022-08-31 17:58:18 +01:00
Geoffrey White
c0bc0d78cc Swift: Accept test changes after merging main (again). 2022-08-31 17:58:10 +01:00
Geoffrey White
60fad4d652 Merge remote-tracking branch 'upstream/main' into swiftcleanup 2022-08-31 16:04:39 +01:00
Mathias Vorreiter Pedersen
f846c262dc Merge pull request #10157 from MathiasVP/swift-field-flow-2 
Swift: Add field flow
 2022-08-31 10:42:00 +01:00
Paolo Tranquilli
30049f622d Swift: move new code down in tests 2022-08-31 11:38:32 +02:00
Paolo Tranquilli
aa54e4bb46 Swift: add some typing information to PrintAst 2022-08-31 11:31:15 +02:00
Paolo Tranquilli
a237f691b5 Swift: show conversions in PrintAst 
This also showcases the customizability of the `PrintAst` infrastructure
resting on generated code.
 2022-08-31 11:28:17 +02:00
Paolo Tranquilli
281cd79b48 Swift: add generics to ast tests 2022-08-31 11:09:35 +02:00
Paolo Tranquilli
742cf0a593 Swift: hide orphaned DeclRefExpr nodes 2022-08-31 08:35:00 +02:00
Paolo Tranquilli
8f09485414 Swift: enhance PrintAst testing 
The `ParentChild` tests have been generalized to test all `PrintAst`
by factoring out `PrintAstNode` into a separate file.

The `child.ql` and `parent.ql` tests have been removed as they are
subsumed by `PrintAst.ql`. Also, a new `no_parent_child_loops` is
added to detect back edges to a root node (back edges to a non-root
node are already detected by `no_double_parents.ql`).
 2022-08-31 06:54:30 +02:00
Paolo Tranquilli
cd632dcfee Swift: minor tweaks 
Replace string singleton with a newtype-based one, and fix some doc
comment cosmetics.
 2022-08-31 06:39:35 +02:00
Mathias Vorreiter Pedersen
a4209df239 Merge branch 'main' into swift-field-flow-2 2022-08-30 18:52:23 +01:00
Geoffrey White
3e4a6be53f Swift: Add missing test annotations. 2022-08-30 18:12:26 +01:00
Geoffrey White
430a8e141d Swift: Fix issues. 2022-08-30 18:04:12 +01:00
Paolo Tranquilli
47b905bfaf Swift: add PrintAst 2022-08-30 18:04:55 +02:00
Paolo Tranquilli
6914c4469c Swift: accept tests after children changes 2022-08-30 17:36:39 +02:00
Paolo Tranquilli
38d65d3fae Swift: make ConstructorDecl's name include params 
In order to distinguish overloads of the constructor and for consistency
with other function calls, `ConstructorDecl` string representation uses
the name which includes parentheses and parameter labels.

For consistency also the destructor got the same change, which means
all `DestructorDecl`s will now show as `deinit()` rather than `deinit`.
 2022-08-30 11:11:50 +02:00
Paolo Tranquilli
beb0472811 Swift: fix ParentChild generation 
There was an issue in case multiple inheritance from classes with
children was involved, where indexes would overlap.

The generated code structure has been reshuffled a bit, with
`Impl::getImmediateChildOf<Class>` predicates giving 0-based children
for a given class, including those coming from bases, and the final
`Impl::getImmediateChild` disjuncting the above on final classes only.

This removes the need of `getMaximumChildrenIndex<Class>`, and also
removes the code scanning alerts.

Also, comments were fixed addressing the review.
 2022-08-30 10:15:11 +02:00
Paolo Tranquilli
20e94b8a38 Swift: add more tests for the generated parent-child relationship 2022-08-29 17:10:46 +02:00