hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,540 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.8
Commit Graph

9615 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
2416cac8f4 Python: Modernise StringKind files 2020-03-06 14:45:03 +01:00
semmle-qlci
3ae1aada37 Merge pull request #2995 from tausbn/python-fix-nested-sequence-assign-cp 
Approved by RasmusWL
 2020-03-06 09:43:24 +00:00
Taus Brock-Nannestad
2face94fa5 Python: Mitigate CP in nested_sequence_assign. 
The problem here was that in the base case, there was no relationship between
`left_parent` and `right_parent`. These could be any two tuples or lists, even
if they were not part of an assignment statement.

To fix this, we add a bit of manual "magic", requiring that both of these
arguments must belong to the left and right-hand sides of the same assignment
statement.

(Note that this is in principle _still_ a gross overapproximation, but since
assignment statements are usually quite restricted in size, I don't expect this
to be a major problem.)
 2020-03-05 14:09:50 +01:00
Rasmus Wriedt Larsen
fb1e993c0f Merge pull request #2963 from BekaValentine/python-objectapi-to-valueapi-advancedformatting 
Python: ObjectAPI to ValueAPI: AdvancedFormatting
 2020-03-05 13:40:02 +01:00
Rebecca Valentine
d535246703 Python: Modernizes query 2020-03-04 17:28:44 -08:00
Rebecca Valentine
646bc29e76 Python: Modernizes query 2020-03-04 17:22:21 -08:00
Rebecca Valentine
b09ab67e75 Python: Modernizes query 2020-03-04 17:10:32 -08:00
semmle-qlci
c4b961c8af Merge pull request #2973 from tausbn/python-fix-or-disable-cps 
Approved by BekaValentine
 2020-03-04 10:36:47 +00:00
Rebecca Valentine
2bcd8c8cb8 Python: Moves query over to modernized predicates 2020-03-03 17:05:47 -08:00
Rebecca Valentine
fa59fc607c Python: Adds modernized predicates 2020-03-03 17:05:29 -08:00
Rebecca Valentine
0f26734e9a Python: Moves more predicates over to suffixed form 2020-03-03 17:04:12 -08:00
Rebecca Valentine
a0cf2cbb13 Python: Moves old predicates to suffixed form 2020-03-03 16:53:56 -08:00
Rebecca Valentine
400a0f5741 Python: Adds preliminary modernization 2020-03-03 16:52:12 -08:00
Rebecca Valentine
b33b222db8 Python: Modernizes query 2020-03-03 16:41:52 -08:00
Rebecca Valentine
88daf65854 Python: Removes obsolete predicates 2020-03-03 16:03:27 -08:00
Rebecca Valentine
3bedd5cb58 Python: Adds modernized predicates and moves query over to them 2020-03-03 16:02:25 -08:00
Rebecca Valentine
5fea31eed1 Python: Moves predicates over to suffixed form 2020-03-03 15:55:40 -08:00
Rebecca Valentine
e39a0c9121 Python: Moves non_local_control_flow to new API, and fixes bug in ClassValue implementation 2020-03-03 15:38:35 -08:00
Taus
02ae0fbda6 Merge pull request #2965 from BekaValentine/python-objectapi-to-valueapi-raising 
Python: ObjectAPI to ValueAPI: Raising
 2020-03-04 00:03:17 +01:00
Rebecca Valentine
ce204ac949 Python: Moves statement out of quantifier that it didnt need to be in 2020-03-03 14:57:30 -08:00
Rebecca Valentine
8e1c089ff3 Python: Removes unused import 2020-03-03 14:38:26 -08:00
Taus Brock-Nannestad
48a47e1b54 Python: Fix broken test output. 2020-03-03 19:45:13 +01:00
Taus
8bd4f6d136 Merge pull request #2945 from BekaValentine/python-objectapi-to-valueapi-calltosuperwrongclass 
Python: ObjectAPI to ValueAPI: CallToSuperWrongClass
 2020-03-03 18:38:58 +01:00
Taus
9068040097 Merge pull request #2964 from BekaValentine/python-objectapi-to-valueapi-notimplemented 
Python: ObjectAPI to ValueAPI: NotImplemented
 2020-03-03 18:36:14 +01:00
Calum Grant
464a034c7d Merge pull request #2894 from BekaValentine/python-objectapi-to-valueapi-iscomparisons 
Python: ObjectAPI to ValueAPI: IsComparisons
 2020-03-03 17:25:24 +00:00
Taus Brock-Nannestad
eecace788f Python: Fix or disable CPs introduced by #2700 and #2875. 2020-03-03 18:18:03 +01:00
Rebecca Valentine
2bbe4759ba Python: Removes obsolete predicate 2020-03-02 18:53:06 -08:00
Rebecca Valentine
e481ddf99e Python: Adds modernized predicate and moves queries over to it 2020-03-02 18:52:45 -08:00
Rebecca Valentine
a8ae843059 Python: Removes now obsolete original predicate 2020-03-02 18:46:19 -08:00
Rebecca Valentine
7161ca57c8 Python: Adds modernizations and moves query over to them 2020-03-02 18:45:41 -08:00
Rebecca Valentine
31fc0f2240 Python: Moves library and queries over to the new predicates, removes old ones 2020-03-02 18:08:10 -08:00
Rebecca Valentine
c058e17089 Python: Moves dependent queries to suffixed predicate names 2020-03-02 17:37:11 -08:00
Rebecca Valentine
0dcd52bd87 Python: Moves dependent query over to suffixed predicate names 2020-03-02 17:35:13 -08:00
Rebecca Valentine
8ee2587997 Python: Moves library predicates to suffixed names 2020-03-02 17:04:32 -08:00
Rebecca Valentine
7930037bb6 Python: Move AdvancedFormatting dependents over to suffixed API 2020-03-02 16:39:02 -08:00
Rebecca Valentine
48bcde8e0f Python: Move objectapi code to suffixed name 2020-03-02 16:31:06 -08:00
Rebecca Valentine
de6ea63fae Python: Adds preliminary modernization. 2020-03-02 15:43:57 -08:00
Taus
f3b62e106d Merge pull request #2840 from BekaValentine/python-objectapi-to-valueapi-useofapply 
Python: ObjectAPI to ValueAPI: UseofApply
 2020-03-02 21:40:35 +01:00
Rebecca Valentine
d5f689e041 Adds preliminary modernization 2020-02-28 10:42:27 -08:00
Rasmus Wriedt Larsen
ee4190e0d9 Python: Add example if urlsplit(url).path: => missing points-to 
I wanted to highlight that it's not the call to `urlsplit` that is a problem, so
that's why I inserted a `check` in-between.
 2020-02-28 13:43:10 +01:00
Rasmus Wriedt Larsen
8dd19ca6cd Python: Add example of re.compile missing points-to 2020-02-28 13:41:26 +01:00
Taus Brock-Nannestad
10bacfe8fd Python: Use subscriptUnknown instead of instance check. 
Also adds a test for decomposing the unknown value of `a`.
 2020-02-28 13:38:54 +01:00
Rasmus Wriedt Larsen
2e7807718f Python: Add a bit of regex docs 
and use the canonical way of specifying a ModuleValue
 2020-02-28 11:45:39 +01:00
semmle-qlci
ec90627a64 Merge pull request #2909 from yo-h/experimental 
Approved by aschackmull, jbj, max-schaefer, tausbn
 2020-02-28 03:15:58 +00:00
Rebecca Valentine
19c1ee5427 Adds preliminary modernization 2020-02-27 15:46:51 -08:00
Rebecca Valentine
9601c41fe5 Update python/ql/src/Expressions/IsComparisons.qll 
Co-Authored-By: Taus <tausbn@github.com>
 2020-02-27 10:46:07 -08:00
Rebecca Valentine
d19957f09d Puts use_of_apply example back into expressions_test to avoid messing up other tests 2020-02-27 10:44:46 -08:00
Taus Brock-Nannestad
5bbf93241b Python: Add test for tuple unpacking with "complicated" value. 2020-02-27 17:34:32 +01:00
Taus Brock-Nannestad
7a3895d661 Python: Fix points-to for a, b = some_unknown_object. 
Also rewrites `multi_assignment_points_to` to be a bit more readable.

I'm not entirely sure that we want an unknown instance of `object` rather than
just `UnknownInternal`. The latter gets filtered out in the characteristic
predicate for `Value`, though, so I opted for the slightly more permissive
variant.
 2020-02-27 17:26:54 +01:00
Rasmus Wriedt Larsen
24e9f65a2f Python: Fix documentation of MultiAssignmentDefinition.indexOf 
As discussed in person
 2020-02-27 14:12:33 +01:00