hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,612 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.7
Commit Graph

705 Commits

Author SHA1 Message Date
Simon Friis Vindum
670ecb3298 Merge pull request #18673 from paldepind/rust-higher-order-function-model-generation 
Rust: Higher order function model generation
 2025-02-05 09:15:46 +01:00
Geoffrey White
0cdef97276 Merge branch 'main' into sourcemodels4 2025-02-04 14:30:37 +00:00
Tom Hvitved
f1140530c0 Merge pull request #18656 from hvitved/rust/record-destruct-shorthand 
Rust: Shorthand record pattern destructuring in data flow
 2025-02-04 15:25:12 +01:00
Simon Friis Vindum
ece5557f3d Apply suggestions from code review 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2025-02-04 15:10:32 +01:00
Arthur Baars
2a32e8865d Merge pull request #18668 from github/post-release-prep/codeql-cli-2.20.4 
Post-release preparation for codeql-cli-2.20.4
 2025-02-04 14:22:53 +01:00
Simon Friis Vindum
b0a3cdc68c Rust: Generate flow summaries for higher-order functions 2025-02-04 14:03:19 +01:00
Geoffrey White
ff53d422cb Rust: Model some sources in hyper. 2025-02-04 10:28:05 +00:00
Simon Friis Vindum
cf4f6575d1 Merge branch 'main' into rust-flow-summary-generation 2025-02-04 10:42:11 +01:00
github-actions[bot]
f1b05a79a4 Post-release preparation for codeql-cli-2.20.4 2025-02-04 09:25:09 +00:00
Simon Friis Vindum
07413315a1 Rust: Address PR comments 2025-02-04 10:19:04 +01:00
Tom Hvitved
90944d5252 Merge pull request #18609 from hvitved/rust/dataflow-path-resolution 
Rust: Use `PathResolution` module in data flow
 2025-02-04 10:11:54 +01:00
Simon Friis Vindum
fc15c0d3b2 Merge branch 'main' into rust-flow-summary-generation 2025-02-04 10:10:33 +01:00
Tom Hvitved
acd31dd701 Merge pull request #18657 from hvitved/rust/dataflow-node-api 
Rust: Hide internal implementation details from `DataFlow::Node`
 2025-02-04 09:41:44 +01:00
Tom Hvitved
5a24440e59 Update rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-02-04 09:38:16 +01:00
github-actions[bot]
573e53e454 Release preparation for version 2.20.4 2025-02-03 15:19:35 +00:00
Tom Hvitved
45fc1daa74 Rust: Hide internal implementation details from DataFlow::Node 2025-02-03 14:12:56 +01:00
Tom Hvitved
f1050c4988 Rust: Shorthand record pattern destructuring in data flow 2025-02-03 13:00:52 +01:00
Tom Hvitved
4923156d0d Address review comments 2025-02-03 12:52:31 +01:00
Tom Hvitved
3d3b785400 Rust: Remove redundant infix casts 2025-02-03 09:12:09 +01:00
Tom Hvitved
ebe2084507 Rust: Run codegen 2025-02-03 09:11:10 +01:00
Simon Friis Vindum
0a9b864738 Rust: Fix model generation test 2025-02-03 09:06:07 +01:00
Tom Hvitved
cd1ff6a176 Rust: Fix a bad join 
Before
```
[2025-01-31 14:40:10] Evaluated non-recursive predicate SsaImpl::capturedCallRead/4#1f9b0af4@6f60dcog in 10553ms (size: 372366).
Evaluated relational algebra for predicate SsaImpl::capturedCallRead/4#1f9b0af4@6f60dcog with tuple counts:
        1992868487   ~4%    {6} r1 = JOIN `_BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::get__#shared` WITH `SsaImpl::variableWriteInOuterScope/4#aca2ef34` ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Rhs.1, Rhs.2, Rhs.3
                            {6}    | REWRITE WITH TEST InOut.3 < InOut.2
         998449075   ~0%    {5}    | SCAN OUTPUT In.4, In.5, In.0, In.1, In.2

          12205909   ~1%    {4} r2 = JOIN `_BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::get__#shared` WITH `boundedFastTC:BasicBlocks::BasicBlock.getAPredecessor/0#dispred#268ed41b:_BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::get__#higher_order_body` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0, Lhs.2
          34440992   ~9%    {5}    | JOIN WITH `project#SsaImpl::variableWriteInOuterScope/4#aca2ef34` ON FIRST 1 OUTPUT Rhs.1, Rhs.2, Lhs.1, Lhs.2, Lhs.3

        1032890067   ~0%    {5} r3 = r1 UNION r2
            680217  ~74%    {4}    | JOIN WITH `SsaImpl::hasCapturedRead/2#847e9f91` ON FIRST 2 OUTPUT Lhs.2, Lhs.3, Lhs.4, Lhs.0
                            return r3
```

After
```
[2025-01-31 14:43:05] Evaluated non-recursive predicate SsaImpl::capturedCallRead/4#1f9b0af4@15fdf34h in 74ms (size: 373835).
Evaluated relational algebra for predicate SsaImpl::capturedCallRead/4#1f9b0af4@15fdf34h with tuple counts:
        1106129   ~0%    {3} r1 = SCAN `project#SsaImpl::variableWriteInOuterScope/4#aca2ef34` OUTPUT In.1, In.2, In.0
          25209  ~20%    {2}    | JOIN WITH `SsaImpl::hasCapturedRead/2#847e9f91` ON FIRST 2 OUTPUT Lhs.2, Lhs.0
         339364   ~6%    {2}    | JOIN WITH `boundedFastTC:BasicBlocks::BasicBlock.getAPredecessor/0#dispred#268ed41b_10#higher_order_body:_SsaImpl::hasCapturedRead/2#847e9f91_project#SsaImpl::variableWriteInOuterScope/4#aca2ef34#higher_order_body` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
        2095088   ~0%    {4}    | JOIN WITH `BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::getNode/2#4226f9fe` ON FIRST 1 OUTPUT Lhs.0, Rhs.1, Rhs.2, Lhs.1

        1121531   ~0%    {4} r2 = SCAN `SsaImpl::variableWriteInOuterScope/4#aca2ef34` OUTPUT In.2, In.3, In.0, In.1
          25820  ~22%    {3}    | JOIN WITH `SsaImpl::hasCapturedRead/2#847e9f91` ON FIRST 2 OUTPUT Lhs.2, Lhs.0, Lhs.3
         505208   ~1%    {5}    | JOIN WITH `BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::getNode/2#4226f9fe` ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Rhs.1, Rhs.2
                         {5}    | REWRITE WITH TEST InOut.2 < InOut.3
         344294   ~6%    {4}    | SCAN OUTPUT In.1, In.3, In.4, In.0

        2439382   ~0%    {4} r3 = r1 UNION r2
        2434485   ~7%    {4}    | JOIN WITH `BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::getNode/2#4226f9fe` ON FIRST 3 OUTPUT Lhs.2, Lhs.3, Lhs.0, Lhs.1
        2393182   ~3%    {4}    | JOIN WITH ControlFlowGraphImpl::CfgImpl::Cached::TAstNode#8f9a3aff_31#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3
         380879   ~0%    {4}    | JOIN WITH `SsaImpl::isControlFlowJump/1#c535656e` ON FIRST 1 OUTPUT Lhs.0, Lhs.2, Lhs.3, Lhs.1
                         return r3
```
 2025-01-31 14:45:36 +01:00
Tom Hvitved
d56bf657b9 Rust: Use PathResolution module in data flow 2025-01-31 13:29:15 +01:00
Tom Hvitved
1cb524f76f Rust: Remove useTreeIsGlobImport workaround 2025-01-31 10:10:58 +01:00
Tom Hvitved
9d06f80902 Rust: Elaborate QL doc on PathResolution.qll 2025-01-31 10:10:57 +01:00
Tom Hvitved
8eb5792f3b Address review comments 2025-01-31 10:10:55 +01:00
Tom Hvitved
0aee2e6fb2 Rust: Implement path resolution in QL 2025-01-31 10:07:08 +01:00
Simon Friis Vindum
f76647fc00 Rust: Initial model generation setup 2025-01-30 11:45:21 +01:00
Arthur Baars
54efb0a4a6 Merge pull request #18611 from github/aibaars/use-tree-star 
Rust: add UseTree::is_star
 2025-01-29 14:42:03 +01:00
Geoffrey White
3b5397f3b0 Rust: Model Iterator.collect. 2025-01-29 09:19:20 +00:00
Geoffrey White
de149a9623 Rust: Model Iterator.nth. 2025-01-29 09:19:19 +00:00
Geoffrey White
80e50f9b04 Rust: Make sources more accurate (iterator contents). 2025-01-29 09:19:18 +00:00
Arthur Baars
8d96c87abe Rust: add UseTree::is_star 2025-01-28 16:12:25 +01:00
Tom Hvitved
8b82eaa633 Rust: Fix data flow through callbacks passed to library functions 2025-01-28 13:44:27 +01:00
Geoffrey White
dfd1865b96 Rust: Add some basic flow models. 2025-01-28 08:47:15 +00:00
Geoffrey White
9d42be8305 Rust: Alphabetize lang-core.model.yml. 2025-01-28 08:47:14 +00:00
Geoffrey White
a1980d4d08 Rust: Make sources more accurate (Option / Result contents). 2025-01-28 08:43:05 +00:00
Geoffrey White
9ea9f3ae19 Update rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-01-27 21:09:21 +00:00
Geoffrey White
23ac35e5ca Rust: Model more Reqwest methods (.await still doesn't work though). 2025-01-27 20:52:31 +00:00
Geoffrey White
f32fd38f74 Merge pull request #18582 from geoffw0/logging 
Rust: Query for cleartext logging of sensitive information
 2025-01-27 10:37:17 +00:00
Simon Friis Vindum
e13a7a224f Merge branch 'main' into shared-basic-block-library 2025-01-24 09:54:26 +01:00
Simon Friis Vindum
b84adec407 Merge pull request #18568 from paldepind/rust-container 
Rust: Change array element content type into a general collection element content type
 2025-01-24 09:40:46 +01:00
Simon Friis Vindum
e7ad091b0f Rust: Remove unnecessary characteristic predicate 2025-01-24 08:56:41 +01:00
Tom Hvitved
10f55133fe Merge pull request #18482 from hvitved/rust/nested-functions 
Rust: Take nested functions into account when resolving variables
 2025-01-24 08:41:34 +01:00
Geoffrey White
814118d3e8 Merge remote-tracking branch 'upstream/main' into logging 2025-01-23 19:04:25 +00:00
Geoffrey White
951d1fc9e0 Rust: Add missing file. 2025-01-23 18:38:48 +00:00
Geoffrey White
78c58aa5f1 Rust: Allow implicit taint reads from tuple contents at sinks. 2025-01-23 17:17:05 +00:00
Geoffrey White
64444940a6 Rust: Add taint sinks for target and key-value arguments. 2025-01-23 17:17:04 +00:00
Geoffrey White
2bbf493991 Rust: Model assert_failed. 2025-01-23 17:17:03 +00:00
Geoffrey White
484331c303 Rust: Model StdoutLock, StderrLock methods and String.as_bytes. 2025-01-23 17:17:02 +00:00