codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00

Author	SHA1	Message	Date
Alex Ford	d3af687767	Add more encryption algorithms and modes to CryptoAlgorithms::AlgorithmNames Strong encryption algorithms: ARIA, IDEA, SEED, SM4 Strong block modes: CBC, CFB, CTR, OFB	2021-12-22 16:38:15 +00:00
Alex Ford	bdb2d8ba16	Ruby: split OpenSSL parts from CryptoALgorithms.qll and sync with JS/Python version	2021-12-22 16:38:15 +00:00
Alex Ford	0303c279e2	Ruby: add empty ruby file to avoid DataFlowConsistency failure	2021-12-22 16:38:15 +00:00
Alex Ford	1156581b52	Ruby: add CryptoAlgorithms library	2021-12-22 16:38:15 +00:00
Jeff Gran	accfd482d4	autoformat file	2021-12-22 08:44:35 -07:00
Jeff Gran	6acb87d542	add change-notes	2021-12-22 08:42:07 -07:00
Jeff Gran	f21398ce84	changed the name of one of the constants for a better test case	2021-12-22 08:42:07 -07:00
Jeff Gran	445c420a3d	rerun test --learn with rebuilt ruby extractor	2021-12-22 08:42:04 -07:00
Jeff Gran	07c7de5cfd	run test --learn, add a few more constants to constant.rb test case	2021-12-22 08:36:07 -07:00
Jeff Gran	7c032f6cb4	fix docs, fix deprecations	2021-12-22 08:35:55 -07:00
Jeff Gran	f35e866799	Capitalize "Gets" Co-authored-by: Arthur Baars <aibaars@github.com>	2021-12-22 08:35:55 -07:00
Jeff Gran	0c698996aa	use `resolveConstanteWriteAccess` instead, add a few more test cases	2021-12-22 08:35:55 -07:00
Jeff Gran	3df7793803	add more test cases, fix bug by adding getFullName() predicate	2021-12-22 08:35:55 -07:00
Jeff Gran	8e46eeb88c	fix expectations to expect the correct values	2021-12-22 08:35:52 -07:00
Tom Hvitved	55492ef348	Ruby: Update expected test output after rebase	2021-12-22 15:56:20 +01:00
Tom Hvitved	118d0d9ff5	Ruby: Use "Receiver" instead of "Self" in flow summaries Flow summaries use the "outside view", i.e., the call sites, so "receiver" is better than "self", as the latter uses the "inside view", i.e. the callees.	2021-12-22 15:56:20 +01:00
Tom Hvitved	3a30f58f74	Address review comments	2021-12-22 15:56:20 +01:00
Tom Hvitved	400802c5ce	Ruby: Add flow summaries for `Array`/`Enumerable` methods	2021-12-22 15:56:20 +01:00
Tom Hvitved	8c18aaae74	Ruby: Prepare for data flow through arrays	2021-12-22 15:35:34 +01:00
Tom Hvitved	27f786b41e	Merge pull request #7442 from hvitved/ruby/dataflow/keyword-params Ruby: Data flow for keyword arguments/parameters	2021-12-22 15:23:22 +01:00
Tom Hvitved	915c0fdf9b	Shared SSA: Sync files	2021-12-22 13:05:58 +01:00
Tom Hvitved	4133eb15d5	Ruby: Reintroduce old `Argument[_]` restriction to avoid large Cartesian product	2021-12-22 11:37:38 +01:00
Tom Hvitved	d196c77b3d	Ruby: Remove some redundant overrides	2021-12-22 11:25:13 +01:00
Nick Rolfe	9e259b67bb	Merge pull request #7305 from github/nickrolfe/user-controlled-bypass Ruby: query to find user-controlled bypass of sensitive actions	2021-12-21 17:20:20 +00:00
Arthur Baars	a7aff11140	Merge pull request #7394 from aibaars/ruby-cfg-expr-post Ruby: CFG: make all expressions "post-order" nodes	2021-12-21 16:36:42 +01:00
Nick Rolfe	5765f3684c	Ruby: add missing qldoc comment	2021-12-21 15:29:16 +00:00
Nick Rolfe	5db80dac51	Merge remote-tracking branch 'origin/main' into nickrolfe/user-controlled-bypass	2021-12-21 15:26:08 +00:00
Arthur Baars	a86ba3b14e	Ruby: rename WhenExpr to WhenClause	2021-12-21 12:31:24 +01:00
Tom Hvitved	29cd346702	Ruby: Reduce non-linear recursion in CFG completion library Before ``` noinline incremental Completion::nestedEnsureCompletion#ff(/* Completion::Completion / Completion::TCompletion outer, int nestLevel) :- ( ( Completion::TReturnCompletion#f(outer), rec Completion::Completion#class#f(outer) ); ( Completion::TBreakCompletion#f(outer), rec Completion::Completion#class#f(outer) ); ( Completion::TNextCompletion#f(outer), rec Completion::Completion#class#f(outer) ); ( Completion::TRedoCompletion#f(outer), rec Completion::Completion#class#f(outer) ); ( Completion::TRetryCompletion#f(outer), rec Completion::Completion#class#f(outer) ); ( Completion::TRaiseCompletion#f(outer), rec Completion::Completion#class#f(outer) ); ( Completion::TExitCompletion#f(outer), rec Completion::Completion#class#f(outer) ) ), exists(/ ControlFlowGraphImpl::Trees::BodyStmtTree */ cached dontcare AST::Cached::TAstNode _ \| ControlFlowGraphImpl::Trees::BodyStmtTree::getNestLevel_dispred#ff(_, nestLevel) ) \| [base_case] false() \| [delta_order] ( ( Completion::TReturnCompletion#f(outer), delta previous rec Completion::Completion#class#f(outer) ); ( Completion::TBreakCompletion#f(outer), delta previous rec Completion::Completion#class#f(outer) ); ( Completion::TNextCompletion#f(outer), delta previous rec Completion::Completion#class#f(outer) ); ( Completion::TRedoCompletion#f(outer), delta previous rec Completion::Completion#class#f(outer) ); ( Completion::TRetryCompletion#f(outer), delta previous rec Completion::Completion#class#f(outer) ); ( Completion::TRaiseCompletion#f(outer), delta previous rec Completion::Completion#class#f(outer) ); ( Completion::TExitCompletion#f(outer), delta previous rec Completion::Completion#class#f(outer) ) ), project#ControlFlowGraphImpl::Trees::BodyStmtTree::getNestLevel_dispred#ff(nestLevel), not(previous rec Completion::nestedEnsureCompletion#ff(outer, nestLevel)) . ``` After ``` noinline Completion::nestedEnsureCompletion#ff(Completion::TCompletion outer, int nestLevel) :- ( Completion::TReturnCompletion#f(outer); Completion::TBreakCompletion#f(outer); Completion::TNextCompletion#f(outer); Completion::TRedoCompletion#f(outer); Completion::TRetryCompletion#f(outer); Completion::TRaiseCompletion#f(outer); Completion::TExitCompletion#f(outer) ), project#ControlFlowGraphImpl::Trees::BodyStmtTree::getNestLevel_dispred#ff(nestLevel) . ```	2021-12-20 19:22:47 +01:00
Arthur Baars	6c7114804e	Ruby: remove CaseExprChildMapping::getBranch	2021-12-20 19:21:36 +01:00
Arthur Baars	7644d60dae	Revert "Ruby: CFG: make WhenExpr post-order" This reverts commit `cff63fa7d7`.	2021-12-20 18:57:25 +01:00
Erik Krogh Kristensen	8019b52838	run the non-us patch with "modelled/modeled"	2021-12-20 17:47:15 +01:00
Tom Hvitved	06575efce9	Data flow: Fix bad join-order	2021-12-20 15:44:16 +01:00
Tom Hvitved	aa9444b16c	Address review comment	2021-12-20 15:24:14 +01:00
Alex Ford	313e0c63fd	Merge pull request #7399 from github/ruby/stdlib-logger Ruby: Model what is written to the log from stdlib `Logger` methods	2021-12-20 09:52:29 +00:00
Tom Hvitved	1e27ddf7c7	Ruby: Data flow for keyword arguments/parameters	2021-12-17 15:42:29 +01:00
Arthur Baars	46144fe0a3	Ruby: InClause and WhenClause are no longer Expr	2021-12-17 14:04:25 +01:00
Arthur Baars	974ad070d1	Revert "Ruby: CFG make in-clause post-order" This reverts commit 1343ed58a21eec2954876d8d42e877a382ba89c8.	2021-12-17 14:04:25 +01:00
Arthur Baars	560413f94a	Address comments	2021-12-17 14:04:25 +01:00
Tom Hvitved	e4d9f5f29e	Fix QL doc	2021-12-17 13:14:11 +01:00
Tom Hvitved	ab2e0fdb18	Data flow: Sync files	2021-12-17 13:13:36 +01:00
Arthur Baars	83a8a60676	Ruby: CFG: consistency query to check that Expr nodes are post-order	2021-12-17 12:21:18 +01:00
Arthur Baars	ba89653dff	Ruby: CFG: make RescueClause post-order	2021-12-17 12:21:18 +01:00
Arthur Baars	db4b781fef	Ruby: CFG: make RescueModifier post-order	2021-12-17 12:21:18 +01:00
Arthur Baars	cff63fa7d7	Ruby: CFG: make WhenExpr post-order	2021-12-17 12:21:18 +01:00
Arthur Baars	a9286e897b	Ruby: CFG make in-clause post-order	2021-12-17 12:21:18 +01:00
Arthur Baars	f49605569b	Ruby: CFG make more expressions post-order	2021-12-17 12:21:18 +01:00
Arthur Baars	a4ea7129c2	Ruby: CFG: make 'case' a PostOrder node	2021-12-17 12:21:18 +01:00
Nick Rolfe	dba26a92e9	Merge remote-tracking branch 'origin/main' into nickrolfe/user-controlled-bypass	2021-12-16 15:05:01 +00:00
Arthur Baars	3ef707e358	Address comment	2021-12-16 15:38:41 +01:00

... 89 90 91 92 93 ...

4874 Commits