hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,258 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.3
Commit Graph

2114 Commits

Author SHA1 Message Date
Tony Torralba
33029b0ed8 Fix sanitizer QLDoc 2023-01-09 18:01:07 +01:00
Tony Torralba
b203a9eb6e Add a sanitizer for OSLogPrivacy options 
Add test cases to verify how the sanitizer behaves depending on the argument type and the privacy option being used.
 2023-01-09 18:01:07 +01:00
Tony Torralba
aad56097ac Add Cleartext Loggin query for Swift. 
With some caveats: see TODO comments and failing tests.
 2023-01-09 18:01:07 +01:00
Mathias Vorreiter Pedersen
381301e552 Update swift/ql/lib/swift.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-01-09 10:32:52 +00:00
Mathias Vorreiter Pedersen
6bb09ef289 Swift: Add integral type classes. 2023-01-09 09:43:09 +00:00
Mathias Vorreiter Pedersen
9be9636816 Merge pull request #11670 from atorralba/atorralba/swift/predicate-injection 
Swift: Add predicate injection query
 2023-01-09 08:54:13 +00:00
Geoffrey White
bb50a99b36 Swift: Additional test cases. 2023-01-06 18:48:46 +00:00
Geoffrey White
b5dd815249 Swift: Flow through optional binding. 2023-01-06 18:34:22 +00:00
Geoffrey White
c598d9b882 Swift: Generalize an SSA case for variables declared in Patterns. 2023-01-06 18:34:22 +00:00
Aditya Sharad
9988c19a42 Merge branch 'main' into tutorial/library-pack 2023-01-03 14:08:37 -08:00
Geoffrey White
e05bb7fcee Merge branch 'main' into format 2023-01-03 15:14:55 +00:00
Tony Torralba
07d99bd643 Add path injection sinks 2022-12-23 17:16:06 +01:00
Nora Dimitrijević
aaadf198ab Swift: fix 'ql/redundant-import' 2022-12-20 23:32:38 -05:00
Nora Dimitrijević
fbb14797b1 Merge branch 'main' into swift/extract-mainactor 2022-12-20 23:20:37 -05:00
Nora Dimitrijević
101f42ab3d Revert "Swift: silence QL-for-QL "Redundant override" FP" 
This reverts commit 56a72d7c37.
 2022-12-20 23:17:45 -05:00
Nora Dimitrijević
f3ebb6e03b Swift: MethodLookupExpr.getMethodRef() [codegen'd] 
This refactors SelfApplyExpr.getFunction() as MethodLookupExpr().getMethodRef().

This is simpler, because we are not hiding DeclRefExprs or reinventing hidden AST resolution.
 2022-12-20 23:09:02 -05:00
Nora Dimitrijević
4900e4030a Swift: MethodLookupExpr.getMethodRef() [hand-written] 
This refactors SelfApplyExpr.getFunction() as MethodLookupExpr().getMethodRef().

This is simpler, because we are not hiding DeclRefExprs or reinventing hidden AST resolution.
 2022-12-20 23:08:32 -05:00
Aditya Sharad
ed29b3e4d6 Shared packs: Depend on codeql/tutorial from all language libraries 
This allows `import tutorial` from queries targeting
any language, just like before, while removing the
duplicate copies of `tutorial.qll`.
 2022-12-19 15:52:11 -08:00
Nora Dimitrijević
55c6e565f7 Swift: PrintAst.qll nodes() ordering fix not needed 
No-double-parents should be sufficient for a stable top-level ordering.
 2022-12-19 17:52:20 -05:00
Nora Dimitrijević
3da54ebc61 Swift: give a clearer name to {Self,Super}RefExpr.getMethodDecl 2022-12-19 17:33:13 -05:00
Nora Dimitrijević
56a72d7c37 Swift: silence QL-for-QL "Redundant override" FP 2022-12-19 16:45:31 -05:00
Jami
ff652f7dee Merge branch 'main' into jcogs33/model-top-jdk-apis 2022-12-16 15:32:50 -05:00
Geoffrey White
640f894b00 Merge branch 'main' into format 2022-12-16 11:42:03 +00:00
Tony Torralba
46ea067449 Add bidirectional import in ExternalFlow.qll 2022-12-16 09:59:48 +01:00
Tom Hvitved
e45edcc159 Merge pull request #11674 from hvitved/dataflow/param-context 
Data flow: Track callable in flow-through pruning
 2022-12-16 09:25:15 +01:00
Jami Cogswell
f01ee9e4c2 Java: remove PR-merging comment 2022-12-15 22:56:15 -05:00
Jami
fd63348549 Merge pull request #11585 from jcogs33/jcogs33/mad-metrics-query 
Java: add MaD metrics query
 2022-12-15 19:26:51 -05:00
Nora Dimitrijević
938f724602 Swift: fix db upgrade/downgrade script after pull 2022-12-15 16:37:52 -05:00
Geoffrey White
1f7d96a74a Merge branch 'main' into format 2022-12-15 15:17:54 +00:00
Tom Hvitved
f8571dd0b6 Data flow: Work around functionality-induced misoptimization 2022-12-15 15:29:14 +01:00
Tom Hvitved
6eda042229 Data flow: Sync files 2022-12-15 15:29:13 +01:00
Geoffrey White
8e61c78ce6 Swift: Fix RemoteFlowSource performance issue. 2022-12-15 12:36:32 +00:00
Jami Cogswell
46b8fbc4c9 Java: update remaining models, resolve merge conflict 2022-12-15 00:33:06 -05:00
Nora Dimitrijević
e16b23afc1 Swift: db upgrade/downgrade script 2022-12-14 15:56:05 -05:00
Jami
359e49044f Merge branch 'main' into jcogs33/mad-metrics-query 2022-12-14 15:33:29 -05:00
Nora Dimitrijević
8a3ef31a2c Swift: silence QL-for-QL redundant import warning 2022-12-14 15:22:39 -05:00
Nora Dimitrijević
6269e6b24d Swift: move getName to Callable (generated) 
Now that getStaticTarget returns a Callable.
 2022-12-14 14:30:33 -05:00
Nora Dimitrijević
535daf39b7 Swift: move getName to Callable (hand-written) 
Now that getStaticTarget returns a Callable.
 2022-12-14 14:29:13 -05:00
Nora Dimitrijević
89cd082f0a Swift: {Method,Initializer}CallExpr + SelfRefExpr 
Adds a bit of symmetry in the API.

Also, fix a couple of tests that were using the old types.
 2022-12-14 14:28:01 -05:00
Nora Dimitrijević
5f03099000 Swift: clarify DotSyntaxBaseIgnoredExpr 
- Add docstring with implementation note.
- Avoid `concat` aggregate in toString().

Still, this class should really be cleaned up in the following ways:

- Rename to a sane name at the schema level
- Have subtypes that change the return type of getSubExpr to reflect
  the structure of the desugared closure. E.g. one for methods,
  one for fields.
 2022-12-14 14:28:00 -05:00
Nora Dimitrijević
16a119248d Swift: remove toString() = "call to call to ..." 2022-12-14 14:28:00 -05:00
Nora Dimitrijević
91f35a5d53 Swift: isStaticOrClassMethod + isInstanceMethod 
Still, we should really be extracting these attributes.
 2022-12-14 14:28:00 -05:00
Nora Dimitrijević
a620658a66 Swift: fix PrintAst order, double parents, orphan decl refs 
The main problem is that a lot of the old DotSyntaxApplyExpr->MethodRefExpr
synth-constructor hacks were not fully generalized to SelfApplyExpr
and OtherConstructorDeclRefExpr.

Also:

- Gave a index-in-parent-based ordering to PrintAst nodes(), to stabilize it more.
- Use a slightly more general SelfApplyExpr->Decl conversion
 2022-12-14 14:28:00 -05:00
Nora Dimitrijević
b5bb814112 Swift: fix toString of some invisible DeclRefExprs 2022-12-14 14:28:00 -05:00
Nora Dimitrijević
799b4c932f Swift: DotSyntaxBaseIgnored calls now have static target 
This relies on getStaticTarget() returning a Callable... Not sure how I feel about that, since often we want to say

```
exists(Call c |
  c.getStaticTarget().hasName("...")
)
```

and Callable has a sparse interface. Maybe some AbstractFunctionDecl
methods can be moved to Callable.
 2022-12-14 14:24:36 -05:00
Nora Dimitrijević
89bfad0420 Swift: fix MethodLookupExpr.getMethod() 
By adding a couple missing cases.
 2022-12-14 14:24:36 -05:00
Nora Dimitrijević
c1e746a980 Swift: add InitializerLookupExpr < MethodLookupExpr 2022-12-14 14:24:36 -05:00
Nora Dimitrijević
2af8ec86e6 Swift: init/deinit stringifies with qualifier 2022-12-14 14:24:36 -05:00
Nora Dimitrijević
14b84c6e06 Swift: add MethodDecl.isStatic/0 2022-12-14 14:24:36 -05:00
Nora Dimitrijević
668d79a62d Swift: one more rename 2022-12-14 14:24:36 -05:00