hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,920 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.2
Commit Graph

13732 Commits

Author SHA1 Message Date
Jonas Jensen
b14b65ecf0 C++: Don't use deprecated predicates in test 
This made the `expected` file contain QL line numbers.
 2019-09-09 11:04:04 +02:00
Jonas Jensen
ea3d066661 C++: Add D.cpp, ported from D.java 
The original port of the Java field-flow tests did not include this
file. It's added here for completeness, and the results are the same as
for Java.
 2019-09-09 10:45:06 +02:00
Jonas Jensen
10b69358ae C++: Fix flow from this by ref. 2019-09-09 10:36:58 +02:00
Jonas Jensen
08b63d4342 C++: Test to show lack of flow from this by ref. 
The `test_nonMemberSetA` also shows how the lack of flow through `&` is
a problem for non-member getters, but that's addressed on a separate
branch.
 2019-09-09 10:36:11 +02:00
Jonas Jensen
ef96288303 C++: Make PartialDefinitionNode private 
This class is undocumented and exposes implementation details through
its `getPartialDefinition` member. It does not need to be public.
 2019-09-09 10:34:51 +02:00
Jonas Jensen
d51e5212fb Merge remote-tracking branch 'upstream/master' into dataflow-TTwo 
Conflicts:
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll
      cpp/ql/test/library-tests/dataflow/fields/flow.expected
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl2.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl3.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl4.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl5.qll
 2019-09-08 21:08:43 +02:00
Ian Lynagh
4190a53574 C++: Update test output 2019-09-06 17:31:08 +01:00
Ian Lynagh
a32214d41e C++: Resolve all classes 
We used to only resolve top-level classes.
 2019-09-06 17:31:08 +01:00
Nick Rolfe
09036a3bdf Merge pull request #1760 from ian-semmle/mangling 
C++: Use mangled names to resolve classes
 2019-09-06 16:38:47 +01:00
Jonas Jensen
e4c9dd79ca C++: Hide that IR DataFlow::Node is Instruction 
We haven't come to a conclusion on whether these two types will remain
identical forever. To make sure we're able to change it in the future,
this change makes it impossible to cast between the two types. Callers
must use the `asInstruction` member predicate to convert.
 2019-09-06 15:31:41 +02:00
Anders Schack-Mulligen
ae351be968 C++: Sync files. 2019-09-06 09:05:29 +02:00
Robert Marsh
94c625f03f Merge pull request #1777 from jbj/ast-field-flow-defbyref 
C++: Don't use definitionByReference for data flow
 2019-09-05 10:23:28 -07:00
Ian Lynagh
1d56407c72 C++: Pull some of library-tests/dataflow/dataflow-tests into clang.cpp 
g++ doesn't support this code:

    sorry, unimplemented: non-trivial designated initializers not supported
       twoIntFields sSwapped = { .m2 = source(), .m1 = 0 };

so we need to build it in clang mode.
 2019-09-05 15:12:17 +01:00
Ian Lynagh
99dd8d0c51 C++: Add an upgrade script 2019-09-05 12:01:02 +01:00
Ian Lynagh
acc1d664f6 C++: Updates stats to include mangled_name table 2019-09-05 12:01:02 +01:00
Ian Lynagh
0c09af977c C++: Use mangled_name in ResolveClass.qll 
The old code is still around to handle upgraded databases.
 2019-09-05 12:01:02 +01:00
Jonas Jensen
79c713bd87 C++: Remark in DefinitionByReference charpred 2019-09-05 09:36:46 +02:00
Jonas Jensen
114c2fe0d4 Merge remote-tracking branch 'upstream/master' into ast-field-flow-defbyref 2019-09-05 09:33:45 +02:00
Robert Marsh
1bb57daf6f Merge pull request #1866 from jbj/dataflow-test-alias-nested 
C++: Tests for aliasing of nested structs
 2019-09-04 10:48:20 -07:00
Robert Marsh
a3290503ec Merge pull request #1806 from jbj/localExprFlow 
C++: Add localExprFlow and localExprTaint
 2019-09-04 10:38:46 -07:00
Jonas Jensen
cdcc716675 Merge pull request #1867 from geoffw0/erafix9 
CPP: Add date to JapaneseEraDate.ql
 2019-09-04 13:16:04 +02:00
Jonas Jensen
bd32931f45 Merge pull request #1868 from geoffw0/tinyfix 
CPP: Tiny fixes
 2019-09-04 13:15:38 +02:00
Geoffrey White
707f95c829 CPP: Alignment. 2019-09-04 09:59:21 +01:00
Geoffrey White
13e2109a38 CPP: Remove an unnecessary include. 2019-09-04 09:42:07 +01:00
Jonas Jensen
8579d7d1cf C++: Tests for aliasing of nested structs 
This test shows that local pointers into structs do propagate data flow
like pass-by-reference does in calls.
 2019-09-04 10:26:49 +02:00
Jonas Jensen
3ba650911c Merge pull request #1847 from geoffw0/erafix8 
CPP: Deal with two very similar Japanese era queries
 2019-09-04 09:57:10 +02:00
Jonas Jensen
0e54709d47 Merge pull request #1859 from geoffw0/qldocpartialdef 
CPP: Document PartialDefinitions
 2019-09-04 09:54:55 +02:00
Jonas Jensen
067c55adb9 C++: Fix ConditionDeclExpr data flow 
Data flow probably never worked when a variable declared in a
`ConditionDeclExpr` was modeled with `BlockVar`. That combination did
not come up in testing before the last commit.
 2019-09-04 09:33:00 +02:00
Geoffrey White
3a3bef3a03 CPP: Add the new Japanese era. 2019-09-03 18:28:24 +01:00
Geoffrey White
bac39e6288 CPP: Add test cases. 2019-09-03 17:46:30 +01:00
Nick Rolfe
641232a9d7 Merge pull request #1855 from mgrettondann/cpp-343-lambda-names-simplification 
C++: Update tests for lambda description changes
 2019-09-03 11:45:50 +01:00
Jonas Jensen
d7681bf122 C++: Don't use definitionByReference for data flow 
The data flow library conflates pointers and objects enough for the
`definitionByReference` predicate to be too strict in some cases. It was
too permissive in other cases that are now (or will be) handled better
by field flow.

See also the change note entry.
 2019-09-03 11:49:01 +02:00
Geoffrey White
84da3e3431 CPP: Effect of 'Support nested field flow'. 2019-09-03 09:27:50 +01:00
Geoffrey White
8105d153b1 CPP: Add a test of PartialDefinitions. 2019-09-03 09:27:50 +01:00
Geoffrey White
0f295c65f9 CPP: Add QLDoc to the PartialDefinitions class. 2019-09-03 09:27:50 +01:00
Jonas Jensen
d3a6ae5657 C++: Support nested field flow 
This is the C/C++ side of PR #1766.
 2019-09-03 08:50:15 +02:00
Matthew Gretton-Dann
03eb1ff785 C++: Update taint-tests for changed lambda support 2019-09-02 15:18:27 +01:00
Jonas Jensen
9c9b7ac651 C#/C++/Java: Revert AccessPathNil.toString changes 
This caused too many `*.expected` files to change, also in our internal
repo.
 2019-09-02 15:59:36 +02:00
Jonas Jensen
a98992f0f9 C#/C++/Java: distinguish toString of nil from cons 2019-09-02 14:22:03 +02:00
Jonas Jensen
cdede8744f C#/C++/Java: Prettier PartialAccessPath.toString 2019-09-02 14:05:50 +02:00
Jonas Jensen
c3bc9f8575 C#/C++/Java: Unbreak partial data flow support 
Partial data flow had a semantic merge conflict with this branch. The
problem is that partial data flow doesn't (and shouldn't) cause the
initial pruning steps to run, but the length-2 access paths depend on
the `consCand` information that comes from that initial pruning. The
solution is to restore the old `AccessPath` class, now called
`PartialAccessPath` for use only by partial data flow.

With this change, partial data flow will in some cases allow more field
flow than non-partial data flow.
 2019-09-02 14:02:39 +02:00
Geoffrey White
c4d74c3922 CPP: Replace query paths with @name and @id. 2019-09-02 12:36:36 +01:00
Jonas Jensen
dec0c3a0ee C#/C++/Java: Make AccessPath abstract 
This was requested by @hvitved in code review. There is no difference in
the generated DIL.
 2019-09-02 13:14:30 +02:00
Jonas Jensen
b1be123e31 C#/C++/Java: Prettier AccessPath.toString 
The `ppReprType` predicate should now be `none()` instead of `result=""`
to signal that there is nothing to print. That seems clearer to me.
 2019-09-02 13:14:20 +02:00
Jonas Jensen
9f0f2f7c04 C++: Accept test changes 2019-09-02 13:14:17 +02:00
Jonas Jensen
b2c94cc6b4 C++/C#/Java: Restore the AccessPathCons class 2019-09-02 13:14:13 +02:00
Jonas Jensen
fbe34015f3 C++/C#/Java: AccessPath class names reflect length 
One -> ConsNil
Two -> ConsCons
 2019-09-02 13:13:59 +02:00
Jonas Jensen
e8006bb2cc C++/C#/Java: data flow AccessPath up to length 2 
This commit does not include updates to test results.
 2019-09-02 13:13:46 +02:00
Jonas Jensen
e9a029cba3 C++: Local field flow using global library 
This commit removes fields from the responsibilities of `FlowVar.qll`.
The treatment of fields in that file was slow and imprecise.

It then adds another copy of the shared global data flow library, used
only to find local field flow, and it exposes that local field flow
through `localFlow` and `localFlowStep`.

This has a performance cost. It adds two cached stages to any query that
uses `localFlow`: the stage from `DataFlowImplCommon`, which is shared
with all queries that use global data flow, and a new stage just for
`localFlowStep`.
 2019-09-02 11:17:27 +02:00
Jonas Jensen
4f57f37b31 C++: Test to show false flow through object copy 2019-09-02 11:16:48 +02:00