hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,671 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

4437 Commits

Author SHA1 Message Date
Geoffrey White
1c6a4b8cbf Swift: Update the test .qlref. 2023-11-06 17:32:25 +00:00
Mathias Vorreiter Pedersen
84594e66bc Merge pull request #14682 from geoffw0/filepathclosure 
Swift: Correct a couple of FilePath models.
 2023-11-06 17:31:17 +00:00
Geoffrey White
127f819762 Swift: Move command injection query out from experimental. 2023-11-06 17:23:28 +00:00
Geoffrey White
426bdc0011 Swift: Add test cases. Before the changes, we don't catch the cases for return values from the closures. 2023-11-06 16:32:23 +00:00
Geoffrey White
e4f6b1ac27 Swift: Change note. 2023-11-06 16:00:22 +00:00
Geoffrey White
77e48f72ec Swift: Detect Realm sinks more reliably. 2023-11-06 15:54:17 +00:00
Geoffrey White
9ec5e6e35e Swift: Re-organize the RealmStore constructor. 2023-11-06 15:54:17 +00:00
Geoffrey White
424046d238 Swift: Add test case. 2023-11-06 15:54:17 +00:00
Alex Denisov
80c4b7357a Swlft: force canonical type computation before using the type 
`getCanonicalType` will force computation of the canonical type.
Without canonical type computed. `getString` may cause crashes in
certain cases.
 2023-11-06 16:53:38 +01:00
Robert Marsh
49428c4585 Merge pull request #14683 from geoffw0/nsstringclosure 
Swift: Model NSString.enumerate*
 2023-11-06 10:19:25 -05:00
Geoffrey White
b926090f0d Swift: Simplify AdoptsWkNavigationDelegate in WebView.qll. 2023-11-06 12:29:32 +00:00
Geoffrey White
838a00bbc9 Swift: Add a webview test case from a branch that didn't make it. 2023-11-06 09:44:53 +00:00
Geoffrey White
b99e44c3ca Swift: Fix the Data test. 2023-11-06 09:18:27 +00:00
Geoffrey White
e621d208e4 Merge branch 'main' into nsstringclosure 2023-11-03 20:54:53 +00:00
Geoffrey White
55ec27f47f Merge branch 'main' into filepathclosure 2023-11-03 20:54:16 +00:00
Geoffrey White
e90b630c9b Merge branch 'main' into dataclosure 2023-11-03 20:50:20 +00:00
Geoffrey White
07eba4e3b1 Swift: Fix some failing tests, looks like this could be the result of some recently merged PRs interacting (positively!) 2023-11-03 17:08:05 +00:00
Geoffrey White
041dc19055 Swift: Change note. 2023-11-03 16:22:46 +00:00
Geoffrey White
989a546796 Swift: Model the NSString.enumerate* methods. 2023-11-03 16:22:45 +00:00
Geoffrey White
d0ca7045d4 Swift: Fix some NSString models. 2023-11-03 16:07:34 +00:00
Geoffrey White
a59ed5bc49 Swift: Add test cases. 2023-11-03 15:45:45 +00:00
Geoffrey White
06191922c3 Swift: Correct a couple of FilePath models. 2023-11-03 15:12:31 +00:00
Geoffrey White
71ad6a8262 Swift: Change note. 2023-11-03 14:53:37 +00:00
Geoffrey White
0d7943031c Swift: Generalize subscript assignment storeStep. 2023-11-03 14:53:37 +00:00
Geoffrey White
245f475fdb Swift: Remove duplicate model. 2023-11-03 12:55:36 +00:00
Geoffrey White
e7e6529df6 Swift: Add tests. 2023-11-03 12:21:32 +00:00
Geoffrey White
49add7d8ce Swift: Add stubs to test. 2023-11-03 12:07:15 +00:00
Paolo Tranquilli
506b911767 Merge pull request #14629 from github/redsun82/rework-resource-dir 
Swift: rework resource dir
 2023-11-03 11:14:49 +01:00
Robert Marsh
81d77bf37c Merge pull request #14578 from geoffw0/stringwith 
Swift: Models for String methods involving closures.
 2023-11-02 13:53:22 -04:00
Geoffrey White
431d9d58f1 Merge pull request #14639 from geoffw0/anchorquery 
Swift: New query for Missing Regular Expression Anchor
 2023-11-02 09:20:19 +00:00
Geoffrey White
242399817a Swift: Remove 'only'. 2023-11-02 08:32:36 +00:00
Geoffrey White
c937230f1a Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-11-02 08:30:53 +00:00
Geoffrey White
48c3db2290 Swift: Change note. 2023-11-01 18:49:45 +00:00
Geoffrey White
206acea41c Swift: Fix defaultImplicitTaintRead for sinks that are field accesses on a subclass of the type containing the field. 2023-11-01 17:49:25 +00:00
Geoffrey White
727a7e804c Update swift/ql/src/queries/Security/CWE-020/MissingRegexAnchor.qhelp 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-11-01 16:32:25 +00:00
Geoffrey White
b3fa59d94b Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-11-01 13:15:06 +00:00
Geoffrey White
554007b305 Swift: Add a couple more test cases close to the failures. 2023-10-31 17:19:28 +00:00
Geoffrey White
c82eb4dff3 Swift: Test spacing. 2023-10-31 17:18:08 +00:00
Paolo Tranquilli
051a77fd79 Merge pull request #14537 from github/alexdenisov/remove-outdated-cli-arg 
Swift: remove outdated CLI argument
 2023-10-31 17:06:52 +01:00
Paolo Tranquilli
567aa1102a Swift: fix toolchain SHAs 2023-10-31 16:20:58 +01:00
Paolo Tranquilli
bc34374075 Swift: switch to downloading the 20.04 toolchain 2023-10-31 16:20:58 +01:00
Paolo Tranquilli
e25a655509 Swift: fix Linux compatibility problem and fetch resource dir from toolchain 
This fetches the resource directory directly from the released
toolchains, allowing us to stop prebuilding and assembling them.
Moreover insertion of our resource directory is moved to the lua
tracing configuration (solving a `TODO`) and enhanced. Now all options
that start with the original resource directory (either explicit or
implied) are redirected to our resource directory.

This solves a problem where `-I <original resource dir>/some/path` was
passed to the extractor and did not work.

This works around the 5.9 linux compatibility problem by including the
`PackageDescription` swift modules in the in-dist toolchain. Copying the
toolchain and fixing the `-I` flag was not enough as for some reason
compilation of `PackageDescription.swiftinterface`  was causing a crash
in the SIL pass. We work around that by pre-compiling those modules
during the build and  including `.swiftmodule` files in the resource
directory.

TODO (apart from testing):
* the libraries included in the macOS toolchain are now fat (they were
  intel only before), occupying more space. We should see if we need to
  trim them down.
* there might be other swiftinterface files causing problems on linux
  lurking around...
* if we go with this, we can simplify and trim down the prebuilding we
  do leaving out the resource directory.
 2023-10-31 16:20:58 +01:00
Mathias Vorreiter Pedersen
e75562e508 Merge pull request #14633 from github/redsun82/capture-list-vars 
Swift: add `VarDecl` children to `CaptureListExpr`
 2023-10-31 12:48:14 +01:00
Mathias Vorreiter Pedersen
5b17066e6c Merge pull request #14638 from geoffw0/jsevaltest 
Swift: Clean up the swift/unsafe-js-eval test
 2023-10-31 11:43:41 +01:00
Paolo Tranquilli
ea04b500a3 Swift: tweak dataflow test 2023-10-31 11:39:25 +01:00
Chris Smowton
79e1aa0498 Merge pull request #14634 from github/post-release-prep/codeql-cli-2.15.2 
Post-release preparation for codeql-cli-2.15.2
 2023-10-31 10:24:53 +00:00
Paolo Tranquilli
5407b57261 Swift: add change note 2023-10-31 10:57:02 +01:00
Paolo Tranquilli
aac6cf60ee Swift: add explicative comment 2023-10-31 10:46:12 +01:00
Paolo Tranquilli
ffff10a7e8 Swift: synthesize CaptureListExpr::getVariable in QL instead of extracting it 2023-10-31 10:44:50 +01:00
Paolo Tranquilli
7bae2d9192 Swift: fix tests 2023-10-31 10:44:41 +01:00