hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

8876 Commits

Author SHA1 Message Date
Tom Hvitved
4774bc969a C#: Apply static CFG splitting limit 
The predicate `maxSplits()` was previously applied dynamically to ensure that
any control flow node would keep track of at most `maxSplits()` number of splits.
However, there was no guarantee that two different copies of the same AST element
wouldn't contain different splits, so in general the number of copies for a given
AST element `e` could be on the order `$\binom{n}{k}c^k$`, where `n` is the total
number of splits that apply to `e`, `k = maxSplits()`, and `c` is a constant.

With this change, the relevant splits for `e` are instead computed statically,
meaning that the order is instead `$c^k$`.
 2019-08-06 11:38:03 +02:00
Calum Grant
2df05090b5 Merge pull request #1685 from hvitved/csharp/dataflow/out-flow-fix 
C#: Fix data flow for `out`/`ref` parameters
 2019-08-06 09:31:17 +01:00
Anders Schack-Mulligen
a80cb262fc Java/C++/C#: Elaborate qldoc. 2019-08-05 16:28:25 +02:00
Anders Schack-Mulligen
9ebb83497d Java/C++/C#: Fix small mistake. 2019-08-05 15:34:12 +02:00
Anders Schack-Mulligen
2dc83c539c Java/C++/C#: Sync dataflow. 2019-08-05 12:07:32 +02:00
Calum Grant
3e143093f0 Merge pull request #1475 from hvitved/csharp/remove-file 
C#: Remove unused `PasswordInConfigurationFile.config`
 2019-08-05 10:29:50 +01:00
Jonas Jensen
73d8bf38a9 Merge pull request #1680 from aschackmull/cookbook/autoformat 
Cookbook examples: Autoformat
 2019-08-05 10:24:56 +02:00
Luke Cartey
54d01bdeff Merge pull request #1648 from hvitved/csharp/unchecked-return-lambda 
C#: Fix false positives in `cs/unchecked-return-value`
 2019-08-02 21:48:38 -07:00
Tom Hvitved
4d58154ff5 C#: Fix data flow for out/ref parameters 2019-08-02 14:25:38 -07:00
Tom Hvitved
04db1bf3f4 C#: Add data flow test for methods with multiple out/ref parameters 2019-08-02 13:46:18 -07:00
Anders Schack-Mulligen
40f2cec0de C#: Autoformat cookbook examples. 2019-08-02 15:30:32 +02:00
Calum Grant
169dbf1be3 C#: Remove rule CA1022, which caused the analyzer to crash, generating a compilation warning (and possibly, instability). 2019-08-02 12:14:03 +01:00
semmle-qlci
108e5bc431 Merge pull request #1675 from hvitved/csharp/xss-path-problem 
Approved by lukecartey
 2019-08-02 04:17:03 +01:00
Tom Hvitved
b7d6165d42 C#: Convert cs/web/xss to a path-problem 2019-08-01 15:58:57 -07:00
semmle-qlci
1d806971ed Merge pull request #1634 from aibaars/cookbook 
Approved by aschackmull, dave-bartolomeo, hvitved, markshannon, xiemaisi, yh-semmle
 2019-07-31 14:31:28 +01:00
Tom Hvitved
5c127ef20d C#: Fix false positives in cs/unchecked-return-value 2019-07-29 17:32:21 -07:00
Tom Hvitved
b6f3f7866b C#: Add more tests for cs/unchecked-return-value 2019-07-29 15:40:22 -07:00
Tom Hvitved
902825f8ac Merge pull request #1564 from calumgrant/cs/no-logger-writethrough 
C#: Disable logger AutoFlush
 2019-07-29 15:20:00 +00:00
Arthur Baars
ccde7cf6cf Add @id to example queries 2019-07-26 17:47:11 +02:00
Arthur Baars
bdce7d07c1 Move 'snippet' queries to 'snippets' folders 2019-07-26 17:47:11 +02:00
Arthur Baars
30860daac4 Add cookbook queries 2019-07-26 17:47:11 +02:00
Anders Schack-Mulligen
6d022aa359 Java/C++/C#: Sync dataflow. 2019-07-26 13:17:12 +02:00
Anders Schack-Mulligen
cd8d16183c Java/CPP/C#: Sync dataflow. 2019-07-22 15:41:37 +02:00
Felicity Chapman
cb48af7395 Update Python and C# help for commented-out code to use common qhelp 2019-07-15 09:26:17 +01:00
Calum Grant
ce12312ff2 C#: Disable the write-through of the logger, as this is a theoretical slowdown, and results in less readable log files when multiple extractors are running concurrently. 2019-07-08 15:58:49 +01:00
Tom Hvitved
f56c17fc77 C#: Fix bad join-orders in lastNonRec() 2019-07-05 07:21:34 +02:00
Tom Hvitved
e6c258c6ba C#: Restructure Completion::isValidFor() 2019-07-05 07:21:34 +02:00
Tom Hvitved
8a35813e1c C#: Unify goto completions 2019-07-05 07:21:34 +02:00
semmle-qlci
0290c79c54 Merge pull request #1486 from hvitved/csharp/inherited-completions 
Approved by calumgrant
 2019-07-04 19:45:25 +01:00
Tom Hvitved
349e0e8e62 C#: Address more review comments 2019-07-04 16:46:01 +02:00
Tom Hvitved
421e75d4c1 C#: Address review comments 2019-07-04 11:57:48 +02:00
Tom Hvitved
b6bbe1a5c0 C#: Add DB upgrade script 2019-07-02 14:01:41 +02:00
Tom Hvitved
16b6791914 C#: Minor performance rewrite 2019-07-02 13:11:27 +02:00
Tom Hvitved
9a24d3a69c C#: Remove libraries and queries related to version history 
The VCS relations are no longer populated, so there is no reason to keep them,
and the queries/libraries that use the relations.
 2019-07-02 10:43:38 +02:00
semmle-qlci
4f3cbe0029 Merge pull request #1521 from hvitved/csharp/constant-condition-fp 
Approved by calumgrant
 2019-07-01 10:52:14 +01:00
Tom Hvitved
e6e606232d C#: Address review comments 2019-07-01 09:37:15 +02:00
semmle-qlci
ae3a48db58 Merge pull request #1510 from hvitved/csharp/date-queries-remove-precision 
Approved by calumgrant
 2019-07-01 08:28:08 +01:00
yh-semmle
a0dc84010a Merge pull request #1518 from Semmle/rc/1.21 
Merge rc/1.21 into master
 2019-06-28 13:52:18 -04:00
Arthur Baars
af68fd4904 Merge pull request #1408 from calumgrant/cs/suppress-null-expr 
C#: C#8 Nullable expressions and type annotations
 2019-06-28 19:21:46 +02:00
Tom Hvitved
f91e460869 C#: Introduce inherited CFG completions 
When completions are inherited by elements inside `finally` blocks, we previously
threw away the underlying completion. For example, in

```
try
{
    if (b)
        throw new Exception();
}
finally
{
    if (b)
        ...
}
```

the completions for `b` inside the `finally` block are `true` and `throw(Exception)`,
where the latter is inherited from the `try` block, with an underlying `false`
completion. Throwing away the `false` completion meant that we were unable to prune
the `false` edge (Boolean CFG splitting).
 2019-06-28 15:41:49 +02:00
Tom Hvitved
8d7ea2f49f C#: Add CFG test that mixes Boolean/finally/catch splitting 2019-06-28 15:41:49 +02:00
Calum Grant
8130342062 Merge pull request #1520 from hvitved/csharp/mono-tracing 
C#: Generalize `mono` pattern in tracer config
 2019-06-28 14:21:35 +01:00
Calum Grant
4d383001ac C#: Address review comment 2019-06-28 14:17:16 +01:00
Calum Grant
a5543699b2 Merge pull request #1460 from hvitved/csharp/cfg-last 
C#: Refactor `last` predicate
 2019-06-28 14:13:43 +01:00
Tom Hvitved
3d4316da1c C#: Address review comments 2019-06-28 13:00:18 +02:00
Tom Hvitved
db565c5a88 C#: Remove false positives in cs/constant-condition 2019-06-28 11:50:53 +02:00
Tom Hvitved
4da7a17f4b C#: Add more tests for cs/constant-condition 2019-06-28 11:25:18 +02:00
Tom Hvitved
051ec83ae0 C#: Generalize mono pattern in tracer config 2019-06-28 09:16:38 +02:00
Calum Grant
2504754e8e C#: Remove use of deprecated predicates. 2019-06-27 15:35:37 +01:00
Tom Hvitved
481bf77d5f CIL: Speedup consistency tests 
- Make `InstructionViolation` abstract to avoid computing `getInstructionsUpTo()`
  for all instructions in the database.
- Enable `consistency.ql`, which reports all consistency violations, and remove
  all other specialized tests.
 2019-06-27 13:40:07 +02:00