hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,593 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.6
Commit Graph

12902 Commits

Author SHA1 Message Date
Jonas Jensen
0da452d59a C++: Revert object-orientation of unresolveElement 
The change to make `unresolveElement` a member predicate was helpful for
the optimiser when it dispatched on `this`, but now that it "dispatches"
on `result` it's just an unnecessary pollution of the `ElementBase`
namespace.
 2018-09-27 13:25:30 +02:00
Jonas Jensen
c61b311682 C++: Make unresolve dispatch on result, not this 
This change means that there are no results for `unresolveElement(t)`
where `t` is a "junk type" -- a class definition that is not in the
image of `resolveClass`. These "junk types" still exist as `Element`s,
but they will never be returned by any predicate that goes through
`unresolveElement` to query the db.

We get a small reduction in DIL size and a significant speed
improvement. The DIL for `NewArrayDeleteMismatch.ql` is reduced from
27,630 lines to 27,507 lines, and the total analysis time for the LGTM
suite on jdk8u is reduced from 1158s to 984s.
 2018-09-27 13:23:11 +02:00
Aditya Sharad
4767d85a96 Merge pull request #239 from ian-semmle/type_mention 
C++: Update test output
 2018-09-27 11:02:46 +01:00
Ian Lynagh
fd91374b2f C++: Update test output 2018-09-26 18:22:20 +01:00
Aditya Sharad
51697f077c Version: Bump to 1.18.0 release. 2018-09-26 18:18:20 +01:00
Aditya Sharad
4ff79b046d C++: Update HashCons test output. 2018-09-26 17:56:21 +01:00
Anders Schack-Mulligen
9198f5b9bd CPP/CSharp/Java/Javascript: Use concat in XMLParent.allCharactersString(). 2018-09-26 15:47:21 +02:00
Anders Schack-Mulligen
26c1397216 CPP/CSharp/Javascript: Clean up QLDoc and bring the different XML.qll files closer. 2018-09-26 15:36:20 +02:00
Jonas Jensen
d813cb63e7 C++: Upper-case Boolean and <code> around HRESULT 2018-09-26 15:29:07 +02:00
Jonas Jensen
3b2512fa0d C++: pragma[nomagic] in Overflow.qll 
These two predicates were supposed to be fast but became slow after the
recent inlining of `unresolve`.
 2018-09-26 14:39:44 +02:00
Jonas Jensen
6ccd208d4e C++: Prevent incomplete classes from being Types 
Raw classes from the database that are incomplete and should be
represented by their complete twin are now allowed to be `Element`s for
performance reasons, but this commit prevents them from being `Type`s.
It was causing confusion in test results and might also cause confusion
in queries.
 2018-09-26 14:02:15 +02:00
Aditya Sharad
75680dbfef Merge branch 'next' into qlucie/master 2018-09-26 12:08:33 +01:00
Nick Rolfe
57f3ac8a79 Merge pull request #226 from adityasharad/merge/1.18-master-250918 
Merge rc/1.18 into master.
 2018-09-26 10:47:03 +01:00
Jonas Jensen
0e0ab1ea97 C++: make unresolve a member of ElementBase 
Also remove the charpred of ElementBase. This gets rid of many redundant
charpred checks. It means that incomplete classes from the db are now
`Element`s, which is maybe noisy but should not be harmful.

Together, these changes give a great reduction in DIL and should help
the optimiser. It brings the DIL of `UncontrolledFormatString.ql` down
from 43,908 lines to 35,400 lines.
 2018-09-26 11:12:40 +02:00
Jonas Jensen
397c8b5750 Merge pull request #212 from raulgarciamsft/master 
Setting a SECURITY_DESCRIPTOR’s DACL to NULL
 2018-09-26 09:32:29 +02:00
Geoffrey White
9c219b958c Merge pull request #225 from sauyon/sizeofcheck 
Allow void* pointer arithmetic with sizeof
 2018-09-25 22:53:07 +01:00
Aditya Sharad
accacdc9a4 Merge rc/1.18 into next. 2018-09-25 21:59:47 +01:00
Raul Garcia
54493eb990 Merge branch 'master' into master 2018-09-25 10:58:51 -07:00
Raul Garcia
d6d27df27b Removing all usage of single quotes 2018-09-25 10:50:34 -07:00
Aditya Sharad
28329562a7 Merge rc/1.18 into master. 2018-09-25 14:31:45 +01:00
Jonas Jensen
8f19efe2e8 Merge pull request #211 from raulgarciamsft/users/raulga/HESULT 
Cast between semantically different integer types: HRESULT to/from bool
 2018-09-25 09:01:35 +02:00
Sauyon Lee
614a8ef091 Allow void* pointer arithmetic with sizeof 
Technically this isn't allowed by the C spec, but it's been seen in the wild:
see 3763c7b338/files/src/csp_buffer.c\#x1d04047d2bb68c21:1
 2018-09-24 11:05:40 -07:00
Raul Garcia
a566ffae4a Fixed the test .expected file 2018-09-24 10:18:39 -07:00
Pavel Avgustinov
fa698380e2 C++ definitions: Ignore type mentions of class inatantiations. 
We currently erroneously keep mentions of class instantiations, which
can lead to bad performance on template-heavy code bases. We never
want to link those anyway, so we can simply suppress them.
 2018-09-24 18:18:30 +01:00
Raul Garcia
c75019726c Removing tabs & reformatting 2018-09-24 10:10:58 -07:00
Raul Garcia
c3b523cdc4 Fixing a missed reference to renamed file. 2018-09-24 10:02:52 -07:00
Geoffrey White
4edc54df0c CPP: Use unspecified types everywhere (for simplicity and robustness). 2018-09-24 17:17:41 +01:00
Geoffrey White
b15db5d1e5 CPP: Add a test case that we handle poorly. 2018-09-24 17:17:41 +01:00
Jonas Jensen
a56376a2df C++: rename effectivelyConstant to likelySmall 
This reflects the existing QLDoc better and makes it more clear why it
includes char-typed expressions.
 2018-09-24 14:37:11 +02:00
Jonas Jensen
4d2e4c53f1 C++: Suppress IntMultToLong alert on char 2018-09-24 14:37:09 +02:00
Jonas Jensen
2b5d150829 C++: Test for IntMultToLong on char-typed numbers 2018-09-24 14:36:36 +02:00
Dave Bartolomeo
1f36f5552f Normalize all text files to LF 
Use `* text=auto eol=lf`
 2018-09-23 16:24:31 -07:00
Dave Bartolomeo
26abf5d4a2 Force LF for basically everything. 2018-09-23 16:24:31 -07:00
Dave Bartolomeo
aa267c8302 C++: Force LF for .c,.cpp,.h,.hpp 2018-09-23 16:23:52 -07:00
Jonas Jensen
caf4a767ad Merge pull request #219 from geoffw0/resource-not-released 
C++: Exclude placement new from AV Rule 79.ql
 2018-09-22 17:41:36 +02:00
Raul Garcia
242ee10806 Major change in order to support the rule for C as well as cpp 2018-09-21 16:47:31 -07:00
Raul Garcia
925c3b51f9 Adding semmle-extractor-options: --microsoft to test 2018-09-21 15:21:07 -07:00
Raul Garcia
8519f1a9e1 Fixing tabs replaced to spaces 2018-09-21 13:07:39 -07:00
Geoffrey White
3922082e7d CPP: Tidy and simplify AV Rule 79.ql. 2018-09-21 19:35:23 +01:00
Raul Garcia
75ef377ac1 Replace Unicode apostrophe with ANSI single quote 2018-09-21 11:34:22 -07:00
Raul Garcia
94f752c59c Merge branch 'users/raulga/HESULT' of https://github.com/raulgarciamsft/ql into users/raulga/HESULT 2018-09-21 11:14:49 -07:00
Raul Garcia
783be15a45 Fixing typos & ID. 
NOTE: There is an ongoing discussion on the proper CWE we should use
 2018-09-21 11:14:14 -07:00
Geoffrey White
d5a48ad63e CPP: Additional test cases. 2018-09-21 15:55:29 +01:00
Geoffrey White
84f9900c8c CPP: Exclude placement new. 2018-09-21 10:53:42 +01:00
Geoffrey White
c7aa5c169b CPP: Add a test of placement new for AV Rule 79.ql. 2018-09-21 10:47:00 +01:00
Jonas Jensen
e2a17e9740 Merge remote-tracking branch 'upstream/rc/1.18' into mergeback-20180921_104253 2018-09-21 10:45:54 +02:00
Raul Garcia
5ccc1a32aa Merge branch 'master' into master 2018-09-20 16:30:48 -07:00
Raul Garcia
48c99fb1d1 Setting a SECURITY_DESCRIPTOR’s DACL to NULL 
Closing the gap between Semmle & PreFAST
This rule is equivalent to C6248
 2018-09-20 16:28:37 -07:00
Raul Garcia
64b8a5ba01 Merge branch 'master' into users/raulga/HESULT 2018-09-20 16:20:26 -07:00
Raul Garcia
b0ec929aad Cast between semantically different integer types: HRESULT to/from a Boolean type. 
Closing the gap between Semmle and PreFast.
Covers C6214, C6215, C6216, C6217, C6230
 2018-09-20 16:16:32 -07:00