hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,612 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.7
Commit Graph

3379 Commits

Author SHA1 Message Date
Dave Bartolomeo
4e1ee7a998 C++/C#: Fix formatting 2019-11-26 10:48:24 -07:00
Tom Hvitved
71e958eabc C#: Add taint-tracking steps through conversion operator calls 2019-11-26 13:53:50 +01:00
Robert Marsh
60b384a6e5 C++/C#: use line numbers for instruction IDs 
This should reduce the number of merge conflicts in the IR tests resulting
from instruction ID changes due to inserting or removing instructions
 2019-11-25 18:27:59 -05:00
Dave Bartolomeo
7d48220a76 C++/C#: Make QLDoc conform to style guide 2019-11-25 11:26:45 -07:00
Dave Bartolomeo
521fbb125e C++/C#: Fix formatting 2019-11-25 11:12:23 -07:00
Tom Hvitved
fede9aed04 Merge pull request #2355 from cldrn/AspNetMaxRequestLength 
CodeQL query to check for insecure MaxLengthRequest values in ASP.NET applications
 2019-11-25 17:02:22 +01:00
Tom Hvitved
71fd5379c9 C#: Remove tabs from qhelp file 2019-11-25 13:40:44 +01:00
Tom Hvitved
a26efdf4c1 Java/C++/C#: Rename DataFlowErasedType back to DataFlowType 2019-11-25 11:43:58 +01:00
Dave Bartolomeo
bd78f68975 C++/C#: Fix formatting 2019-11-22 16:08:49 -07:00
Dave Bartolomeo
df21835759 C++/C#: Refactor some integer constant code 
Make `bitsToBytesAndBits` omit the leftover bits if zero.
 2019-11-22 13:23:00 -07:00
Dave Bartolomeo
51ff262cbc C++/C#: Add IR SSA sanity tests 2019-11-22 13:16:05 -07:00
Dave Bartolomeo
bc48c25690 C++/C#: Make IRVariable and its derived classes non-abstract 2019-11-22 12:13:39 -07:00
Dave Bartolomeo
12daa76b70 C++: Make duplicateOperand query report function name 2019-11-22 11:00:01 -07:00
Dave Bartolomeo
27cc6b1e4f C++/C#: Fix compilation error in PrintSSA.qll 
We were privately importing `semmle.code.<lang>.ir.internal.Overlap`, but `PrintSSA.qll` was depending on it being public. This is made a little more complicated by the presence of cross-langage pyrameterized modules.
 2019-11-21 13:18:25 -07:00
Robert Marsh
34593701b2 Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects 2019-11-20 10:03:32 -08:00
Tom Hvitved
acc7d5298d Data flow: Sync files 2019-11-20 14:10:02 +01:00
Tom Hvitved
d0b4653e32 C#: Introduce DataFlowErasedType 2019-11-20 14:09:46 +01:00
Paulino Calderon
63884c1a86 Mixed spaces and tabs 2019-11-19 13:06:55 -05:00
Paulino Calderon
96a02aba3f Adds quotes on name and additional info tags 2019-11-19 12:39:10 -05:00
semmle-qlci
ed4657c201 Merge pull request #2340 from hvitved/csharp/nunit-assertions 
Approved by calumgrant
 2019-11-18 13:02:49 +00:00
Tom Hvitved
3d1ce55642 C#: Address review comments 2019-11-18 10:53:02 +01:00
Paulino Calderon
56c12adab7 Adds check for insecure MaxLengthRequest values 2019-11-16 14:21:39 -05:00
yh-semmle
de65f023d6 Merge pull request #2167 from aschackmull/java/dataflow-out-of-arg-refactor 
Java/C++/C#: Refactor dataflow to simplify return flow.
 2019-11-15 11:10:06 -05:00
Tom Hvitved
20a1cb6fc8 C#: Teach assertion library about (classical) NUnit assertions 
This commit adds support for (classical) NUnit assertions (see
https://github.com/nunit/docs/wiki/Assertions). Modern constraint-based assertions,
such as `Assert.That(o, Is.Not.Null)` are currently not supported, because they
would require a restructuring of the assertion library.
 2019-11-15 14:07:28 +01:00
Tom Hvitved
f9bff172d4 C#: Add missing assignment data flow steps 2019-11-15 11:36:05 +01:00
Robert Marsh
facbd32062 Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects 2019-11-14 11:09:13 -08:00
Calum Grant
09356a377f C#: Improved CIL instruction types to pass type consistency checks 2019-11-14 17:14:51 +00:00
Anders Schack-Mulligen
106b8cfbca Java/C++/C#: Fix bad magic and bad join-order. 2019-11-14 13:17:17 +01:00
Tom Hvitved
94583cde10 Merge pull request #2245 from calumgrant/cs/nullability-refactor 
C#: Store nullability on the side
 2019-11-14 11:44:39 +01:00
Dave Bartolomeo
08620046ab Merge pull request #2068 from rdmarsh2/rdmarsh/cpp/ir-constructor-side-effects 
C++: side effect instrs for constructor qualifiers
 2019-11-13 14:56:24 -07:00
Calum Grant
38f82d8377 Merge remote-tracking branch 'upstream/master' into cs/nullability-refactor 2019-11-13 15:31:45 +00:00
Tom Hvitved
46bc804562 Merge pull request #2286 from calumgrant/cs/windows-tests 
C#: Make qltests pass on all platforms
 2019-11-13 16:21:08 +01:00
Calum Grant
6e24a92179 Merge remote-tracking branch 'upstream/master' into cs/nullability-refactor 2019-11-13 14:58:58 +00:00
Calum Grant
18d6138320 C#: Address review comment. 2019-11-13 14:47:06 +00:00
Calum Grant
3b775a9ecb Merge pull request #2095 from hvitved/csharp/type-unification 
C#: Type unification library
 2019-11-13 09:48:59 +00:00
Robert Marsh
47f87c214c Merge branch 'master' into rdmarsh/cpp/ir-constructor-side-effects 2019-11-12 10:31:04 -08:00
Calum Grant
7c21ebb526 C#: Change dbscheme from nullability_member to nullability_parent 2019-11-12 13:40:58 +00:00
Calum Grant
41b441614b C#: Address review comments part 1. 2019-11-12 13:40:58 +00:00
Calum Grant
fe83bac0fb C#: Fix up test output 
C#: Fix a qltest whereby a tuple type having multiple underlying types was causing an issue with the IR sanity checks.
C#: Revert more changes.
C#: Fix tests and remove dead code.
 2019-11-12 13:40:58 +00:00
Calum Grant
657c839e2b C#: Change varchar to string in the dbscheme. 2019-11-12 13:40:58 +00:00
Calum Grant
58e14af9cd C#: Address review comments. Create a TNullability type annotation and restructure TAnnotation. 2019-11-12 13:40:58 +00:00
Calum Grant
a0fa7dad79 C#: Autoformat 2019-11-12 13:40:58 +00:00
Calum Grant
163b931d49 C#: Update db stats 2019-11-12 13:40:58 +00:00
Calum Grant
9fd4a9ceb6 C#: Implement NullabilityEntity to model structured nullability on the side 2019-11-12 13:40:57 +00:00
Calum Grant
61ab9431ab C#: Fix DB inconsistencies, and rework id generation. 2019-11-12 13:40:57 +00:00
Tom Hvitved
28141c9d4d C#: Teach unification library about tuple types 2019-11-12 12:09:58 +01:00
Dave Bartolomeo
303bab61b5 Merge pull request #2289 from jbj/ConvertToNonVirtualBaseInstruction 
C++ IR: clearly distinguish between virtual and non-virtual base conversions
 2019-11-11 13:37:07 -07:00
Felicity Chapman
c4f958d396 Merge pull request #2263 from sauyon/master 
Update links to OWASP cheat sheet
 2019-11-11 08:51:52 +00:00
Jonas Jensen
7758b43e34 C++: Add ConvertToBase{Opcode,Instruction} classes 
These should make it easy to match base-class conversions when it's not
important whether the base class is virtual.
 2019-11-10 11:09:54 +01:00
Jonas Jensen
279fc16b60 C++: ConvertToBase -> ConvertToNonVirtualBase 
This rename was done with

    perl -p -i -e's/ConvertToBase/ConvertToNonVirtualBase/g' **/*.ql* **/*.expected

followed by re-running the affected tests.
 2019-11-10 10:35:53 +01:00