hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,734 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.0
Commit Graph

834 Commits

Author SHA1 Message Date
Tom Hvitved
cd1ff6a176 Rust: Fix a bad join 
Before
```
[2025-01-31 14:40:10] Evaluated non-recursive predicate SsaImpl::capturedCallRead/4#1f9b0af4@6f60dcog in 10553ms (size: 372366).
Evaluated relational algebra for predicate SsaImpl::capturedCallRead/4#1f9b0af4@6f60dcog with tuple counts:
        1992868487   ~4%    {6} r1 = JOIN `_BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::get__#shared` WITH `SsaImpl::variableWriteInOuterScope/4#aca2ef34` ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Rhs.1, Rhs.2, Rhs.3
                            {6}    | REWRITE WITH TEST InOut.3 < InOut.2
         998449075   ~0%    {5}    | SCAN OUTPUT In.4, In.5, In.0, In.1, In.2

          12205909   ~1%    {4} r2 = JOIN `_BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::get__#shared` WITH `boundedFastTC:BasicBlocks::BasicBlock.getAPredecessor/0#dispred#268ed41b:_BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::get__#higher_order_body` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0, Lhs.2
          34440992   ~9%    {5}    | JOIN WITH `project#SsaImpl::variableWriteInOuterScope/4#aca2ef34` ON FIRST 1 OUTPUT Rhs.1, Rhs.2, Lhs.1, Lhs.2, Lhs.3

        1032890067   ~0%    {5} r3 = r1 UNION r2
            680217  ~74%    {4}    | JOIN WITH `SsaImpl::hasCapturedRead/2#847e9f91` ON FIRST 2 OUTPUT Lhs.2, Lhs.3, Lhs.4, Lhs.0
                            return r3
```

After
```
[2025-01-31 14:43:05] Evaluated non-recursive predicate SsaImpl::capturedCallRead/4#1f9b0af4@15fdf34h in 74ms (size: 373835).
Evaluated relational algebra for predicate SsaImpl::capturedCallRead/4#1f9b0af4@15fdf34h with tuple counts:
        1106129   ~0%    {3} r1 = SCAN `project#SsaImpl::variableWriteInOuterScope/4#aca2ef34` OUTPUT In.1, In.2, In.0
          25209  ~20%    {2}    | JOIN WITH `SsaImpl::hasCapturedRead/2#847e9f91` ON FIRST 2 OUTPUT Lhs.2, Lhs.0
         339364   ~6%    {2}    | JOIN WITH `boundedFastTC:BasicBlocks::BasicBlock.getAPredecessor/0#dispred#268ed41b_10#higher_order_body:_SsaImpl::hasCapturedRead/2#847e9f91_project#SsaImpl::variableWriteInOuterScope/4#aca2ef34#higher_order_body` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
        2095088   ~0%    {4}    | JOIN WITH `BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::getNode/2#4226f9fe` ON FIRST 1 OUTPUT Lhs.0, Rhs.1, Rhs.2, Lhs.1

        1121531   ~0%    {4} r2 = SCAN `SsaImpl::variableWriteInOuterScope/4#aca2ef34` OUTPUT In.2, In.3, In.0, In.1
          25820  ~22%    {3}    | JOIN WITH `SsaImpl::hasCapturedRead/2#847e9f91` ON FIRST 2 OUTPUT Lhs.2, Lhs.0, Lhs.3
         505208   ~1%    {5}    | JOIN WITH `BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::getNode/2#4226f9fe` ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Rhs.1, Rhs.2
                         {5}    | REWRITE WITH TEST InOut.2 < InOut.3
         344294   ~6%    {4}    | SCAN OUTPUT In.1, In.3, In.4, In.0

        2439382   ~0%    {4} r3 = r1 UNION r2
        2434485   ~7%    {4}    | JOIN WITH `BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::getNode/2#4226f9fe` ON FIRST 3 OUTPUT Lhs.2, Lhs.3, Lhs.0, Lhs.1
        2393182   ~3%    {4}    | JOIN WITH ControlFlowGraphImpl::CfgImpl::Cached::TAstNode#8f9a3aff_31#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3
         380879   ~0%    {4}    | JOIN WITH `SsaImpl::isControlFlowJump/1#c535656e` ON FIRST 1 OUTPUT Lhs.0, Lhs.2, Lhs.3, Lhs.1
                         return r3
```
 2025-01-31 14:45:36 +01:00
Tom Hvitved
d56bf657b9 Rust: Use PathResolution module in data flow 2025-01-31 13:29:15 +01:00
Tom Hvitved
1cb524f76f Rust: Remove useTreeIsGlobImport workaround 2025-01-31 10:10:58 +01:00
Tom Hvitved
9d06f80902 Rust: Elaborate QL doc on PathResolution.qll 2025-01-31 10:10:57 +01:00
Tom Hvitved
8eb5792f3b Address review comments 2025-01-31 10:10:55 +01:00
Tom Hvitved
0aee2e6fb2 Rust: Implement path resolution in QL 2025-01-31 10:07:08 +01:00
Simon Friis Vindum
f76647fc00 Rust: Initial model generation setup 2025-01-30 11:45:21 +01:00
Arthur Baars
54efb0a4a6 Merge pull request #18611 from github/aibaars/use-tree-star 
Rust: add UseTree::is_star
 2025-01-29 14:42:03 +01:00
Geoffrey White
3b5397f3b0 Rust: Model Iterator.collect. 2025-01-29 09:19:20 +00:00
Geoffrey White
de149a9623 Rust: Model Iterator.nth. 2025-01-29 09:19:19 +00:00
Geoffrey White
80e50f9b04 Rust: Make sources more accurate (iterator contents). 2025-01-29 09:19:18 +00:00
Arthur Baars
8d96c87abe Rust: add UseTree::is_star 2025-01-28 16:12:25 +01:00
Tom Hvitved
8b82eaa633 Rust: Fix data flow through callbacks passed to library functions 2025-01-28 13:44:27 +01:00
Geoffrey White
dfd1865b96 Rust: Add some basic flow models. 2025-01-28 08:47:15 +00:00
Geoffrey White
9d42be8305 Rust: Alphabetize lang-core.model.yml. 2025-01-28 08:47:14 +00:00
Geoffrey White
a1980d4d08 Rust: Make sources more accurate (Option / Result contents). 2025-01-28 08:43:05 +00:00
Geoffrey White
9ea9f3ae19 Update rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-01-27 21:09:21 +00:00
Geoffrey White
23ac35e5ca Rust: Model more Reqwest methods (.await still doesn't work though). 2025-01-27 20:52:31 +00:00
Geoffrey White
f32fd38f74 Merge pull request #18582 from geoffw0/logging 
Rust: Query for cleartext logging of sensitive information
 2025-01-27 10:37:17 +00:00
Simon Friis Vindum
e13a7a224f Merge branch 'main' into shared-basic-block-library 2025-01-24 09:54:26 +01:00
Simon Friis Vindum
b84adec407 Merge pull request #18568 from paldepind/rust-container 
Rust: Change array element content type into a general collection element content type
 2025-01-24 09:40:46 +01:00
Simon Friis Vindum
e7ad091b0f Rust: Remove unnecessary characteristic predicate 2025-01-24 08:56:41 +01:00
Tom Hvitved
10f55133fe Merge pull request #18482 from hvitved/rust/nested-functions 
Rust: Take nested functions into account when resolving variables
 2025-01-24 08:41:34 +01:00
Geoffrey White
814118d3e8 Merge remote-tracking branch 'upstream/main' into logging 2025-01-23 19:04:25 +00:00
Geoffrey White
951d1fc9e0 Rust: Add missing file. 2025-01-23 18:38:48 +00:00
Geoffrey White
78c58aa5f1 Rust: Allow implicit taint reads from tuple contents at sinks. 2025-01-23 17:17:05 +00:00
Geoffrey White
64444940a6 Rust: Add taint sinks for target and key-value arguments. 2025-01-23 17:17:04 +00:00
Geoffrey White
2bbf493991 Rust: Model assert_failed. 2025-01-23 17:17:03 +00:00
Geoffrey White
484331c303 Rust: Model StdoutLock, StderrLock methods and String.as_bytes. 2025-01-23 17:17:02 +00:00
Geoffrey White
1d2950c70c Rust: Add some sinks. 2025-01-23 17:17:00 +00:00
Simon Friis Vindum
9a6d651fee Rust: More renaming and adjusting for generic element content type 2025-01-23 18:15:17 +01:00
Tom Hvitved
33e07edcbf Rust: Translate more MaD IDs in tests 2025-01-23 14:45:33 +01:00
Mathew Payne
788ae2ae21 Merge branch 'main' into rust-rusqlite 2025-01-23 13:34:29 +00:00
Mathew Payne
e205a6811f feat(rust:) Add initial rusqlite support 2025-01-23 13:09:25 +00:00
Simon Friis Vindum
66b6ae70c2 Rust: Change array element content type into a general collection 
element type
 2025-01-23 09:49:23 +01:00
Geoffrey White
b9e523a4b2 Merge branch 'main' into sourcemodels2 2025-01-22 09:10:47 +00:00
Geoffrey White
ab9ab0e22f Merge pull request #18536 from GeekMasher/rust-postgres 
Rust: Add Postgres crate Models
 2025-01-21 11:17:15 +00:00
github-actions[bot]
fbb7f0a0c6 Post-release preparation for codeql-cli-2.20.2 2025-01-20 21:11:14 +00:00
github-actions[bot]
a0512a50f2 Release preparation for version 2.20.2 2025-01-20 21:11:12 +00:00
Mathew Payne
7edb397de1 Merge branch 'main' into rust-postgres 2025-01-20 15:01:00 +00:00
Mathew Payne
39239fbeef fix(rust): Update formatting 2025-01-20 12:25:12 +00:00
Mathew Payne
cba1c58dd7 feat(rust): Add ModelsAsDataSinks for SQL Injection 2025-01-20 12:14:34 +00:00
Mathew Payne
121f0584e4 feat(rust): Add models + tests 2025-01-20 12:06:09 +00:00
Geoffrey White
d970fe7768 Rust: remote-source -> remote. 2025-01-20 09:20:44 +00:00
Geoffrey White
d6c5c00ca9 Rust: Autoformat. 2025-01-17 21:16:02 +00:00
Geoffrey White
0ce1a1bef0 Rust: Make the qldoc for hasher-input MAD sinks a bit clearer. 2025-01-17 13:52:29 +00:00
Geoffrey White
ce982143fb Rust: Remove the now empty files. 2025-01-17 13:52:27 +00:00
Geoffrey White
b8aa518931 Rust: Re-model reqwest sources using models-as-data. 2025-01-17 13:52:22 +00:00
Geoffrey White
1a000c39c9 Rust: Remove QL models for reqwest sources. 2025-01-17 13:42:27 +00:00
Geoffrey White
5a73e0bd09 Rust: Re-model std::env sources using models-as-data. 2025-01-17 13:39:04 +00:00