codeql

mirror of https://github.com/github/codeql.git synced 2026-06-17 19:01:09 +02:00

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	11194e574c	Swift: Get rid of the unnecessary parameter/argument position for the closure. Instead, we can just reuse the 'this' parameter and argument.	2023-10-25 15:46:10 +01:00
Geoffrey White	354983087e	Swift: this.(PotentialRegexEval) -> super. or this. .	2023-10-25 15:25:12 +01:00
Chad Bentz	53e96e5adf	Merge branch 'main' into patch-1	2023-10-25 10:00:16 -04:00
Rasmus Wriedt Larsen	be494b73d4	Python: Minor cleanup for string pool interaction This doesn't really seem to impact performance, is just a bit cleaner way to write the QL code. In the worst case, since we do string concat with empty string, we would need to load string + attempt to store new string in string pool, which is useless since we can surely just reuse the integer ID. -- Previously Evaluated non-recursive predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0#join_rhs#CSE@5fdc6eia in 1ms (size: 2). Evaluated relational algebra for predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0#join_rhs#CSE@5fdc6eia with tuple counts: 1 ~0% {1} r1 = CONSTANT(unique string)[""] 1 ~0% {1} r2 = CONSTANT(unique string)[".__init__"] 2 ~0% {1} r3 = r1 UNION r2 return r3 Evaluated recursive predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0@b4f54xlv in 72ms on iteration 1 (delta size: 26339). Evaluated relational algebra for predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0@b4f54xlv on iteration 1 running pipeline base with tuple counts: 6382 ~0% {3} r1 = JOIN ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0#join_rhs#CSE WITH Module#68efc075::Module::getFile#0#dispred#ff CARTESIAN PRODUCT OUTPUT Rhs.1, Lhs.0, Rhs.0 6066 ~2% {4} r2 = JOIN r1 WITH Module#68efc075::isPreferredModuleForName#2#ff ON FIRST 1 OUTPUT Lhs.2, _, Lhs.1, Rhs.1 {2} r3 = REWRITE r2 WITH Tmp.1 := "", Out.1 := InverseAppend(Tmp.1,In.2,In.3) KEEPING 2 3721 ~0% {2} r4 = SCAN r3 OUTPUT In.1, In.0 25945 ~2% {2} r5 = JOIN r4 WITH ImportResolution#f829f0f0::ImportResolution::getReferenceToModuleName#1#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 38 ~4% {3} r6 = SCAN SsaDefinitions#9197156e::SsaSource::init_module_submodule_defn#2#ff OUTPUT In.1, _, In.0 38 ~1% {3} r7 = REWRITE r6 WITH Out.1 := -1 38 ~1% {2} r8 = JOIN r7 WITH py_scope_flow_021#join_rhs ON FIRST 2 OUTPUT Rhs.2, Lhs.2 38 ~0% {2} r9 = JOIN r8 WITH Module#68efc075::Module::getPackageName#0#dispred#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1 394 ~2% {2} r10 = JOIN r9 WITH Essa#24e22a14::EssaVariable::getSourceVariable#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1 394 ~0% {3} r11 = JOIN r10 WITH DataFlowPublic#c4b6ce7e::EssaNode#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Rhs.1 394 ~0% {5} r12 = JOIN r11 WITH Essa#24e22a14::EssaVariable::getName#0#dispred#ff ON FIRST 1 OUTPUT _, Lhs.2, Lhs.1, Rhs.1, _ 394 ~0% {2} r13 = REWRITE r12 WITH Tmp.0 := ".", Tmp.4 := "", Out.0 := (In.2 ++ Tmp.0 ++ In.3 ++ Tmp.4) KEEPING 2 394 ~0% {5} r14 = JOIN r11 WITH Essa#24e22a14::EssaVariable::getName#0#dispred#ff ON FIRST 1 OUTPUT _, Lhs.2, Lhs.1, Rhs.1, _ 394 ~1% {2} r15 = REWRITE r14 WITH Tmp.0 := ".", Tmp.4 := ".__init__", Out.0 := (In.2 ++ Tmp.0 ++ In.3 ++ Tmp.4) KEEPING 2 788 ~3% {2} r16 = r13 UNION r15 401 ~2% {2} r17 = JOIN r16 WITH Module#68efc075::isPreferredModuleForName#2#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1 394 ~1% {2} r18 = JOIN r17 WITH Module#68efc075::Module::getFile#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1 26339 ~1% {2} r19 = r5 UNION r18 return r19 -- Now Evaluated recursive predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0@409a0xhe in 8ms on iteration 1 (delta size: 26339). Evaluated relational algebra for predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0@409a0xhe on iteration 1 running pipeline base with tuple counts: 3033 ~0% {2} r1 = JOIN Module#68efc075::Module::getFile#0#dispred#ff_10#join_rhs WITH Module#68efc075::isPreferredModuleForName#2#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 3033 ~0% {4} r2 = JOIN Module#68efc075::Module::getFile#0#dispred#ff_10#join_rhs WITH Module#68efc075::isPreferredModuleForName#2#ff ON FIRST 1 OUTPUT Lhs.1, _, Rhs.1, _ {2} r3 = REWRITE r2 WITH Tmp.1 := "", Tmp.3 := ".__init__", Out.1 := InverseAppend(Tmp.1,Tmp.3,In.2) KEEPING 2 688 ~0% {2} r4 = SCAN r3 OUTPUT In.1, In.0 3721 ~0% {2} r5 = r1 UNION r4 25945 ~2% {2} r6 = JOIN r5 WITH ImportResolution#f829f0f0::ImportResolution::getReferenceToModuleName#1#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 38 ~4% {3} r7 = SCAN SsaDefinitions#9197156e::SsaSource::init_module_submodule_defn#2#ff OUTPUT In.1, _, In.0 38 ~1% {3} r8 = REWRITE r7 WITH Out.1 := -1 38 ~1% {2} r9 = JOIN r8 WITH py_scope_flow_021#join_rhs ON FIRST 2 OUTPUT Rhs.2, Lhs.2 38 ~0% {2} r10 = JOIN r9 WITH Module#68efc075::Module::getPackageName#0#dispred#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1 394 ~2% {2} r11 = JOIN r10 WITH Essa#24e22a14::EssaVariable::getSourceVariable#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1 394 ~0% {3} r12 = JOIN r11 WITH DataFlowPublic#c4b6ce7e::EssaNode#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Rhs.1 394 ~2% {4} r13 = JOIN r12 WITH Essa#24e22a14::EssaVariable::getName#0#dispred#ff ON FIRST 1 OUTPUT _, Lhs.2, Lhs.1, Rhs.1 394 ~0% {2} r14 = REWRITE r13 WITH Tmp.0 := ".", Out.0 := (In.2 ++ Tmp.0 ++ In.3) KEEPING 2 394 ~0% {5} r15 = JOIN r12 WITH Essa#24e22a14::EssaVariable::getName#0#dispred#ff ON FIRST 1 OUTPUT _, Lhs.2, Lhs.1, Rhs.1, _ 394 ~5% {2} r16 = REWRITE r15 WITH Tmp.0 := ".", Tmp.0 := (In.2 ++ Tmp.0 ++ In.3), Tmp.4 := ".__init__", Out.0 := (Tmp.0 ++ Tmp.4) KEEPING 2 788 ~0% {2} r17 = r14 UNION r16 401 ~1% {2} r18 = JOIN r17 WITH Module#68efc075::isPreferredModuleForName#2#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1 394 ~1% {2} r19 = JOIN r18 WITH Module#68efc075::Module::getFile#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1 26339 ~0% {2} r20 = r6 UNION r19 return r20	2023-10-25 14:53:51 +01:00
Mathias Vorreiter Pedersen	951b6beeb1	Swift: Untangle the confusion between 'getParameter' and 'asParameter'.	2023-10-25 14:44:09 +01:00
Jeroen Ketema	990d7161b2	Merge pull request #14337 from aschackmull/cpp/container-not-locatable C++: Remove getLocation from Container.	2023-10-25 15:37:57 +02:00
Mathias Vorreiter Pedersen	78e08cf63c	Swift: Remove irrelevant TODO.	2023-10-25 13:55:07 +01:00
Anders Schack-Mulligen	6882504397	C#: Fix compilation	2023-10-25 14:31:49 +02:00
Anders Schack-Mulligen	5ded55cd9f	C#: Sync Bound.qll	2023-10-25 14:08:48 +02:00
Anders Schack-Mulligen	283d6efdf8	Rangeanalysis/Java/C++: Address some ql4ql findings.	2023-10-25 14:06:35 +02:00
Jeroen Ketema	75a1173d63	C++: Add change note	2023-10-25 14:05:38 +02:00
Jeroen Ketema	dc512728fa	C++: Make `File` extend `Locatable`	2023-10-25 14:05:38 +02:00
Jeroen Ketema	4ea5c13390	C++: Add back `getLocation` in `File`	2023-10-25 14:05:38 +02:00
Anders Schack-Mulligen	7124a53c9c	C++: Remove getLocation from Container.	2023-10-25 14:05:38 +02:00
Jami	53d92d58fc	Merge pull request #14581 from jcogs33/jcogs33/add-internal-to-model-exclusions Java: exclude internal packages globally from MaD models	2023-10-25 08:04:03 -04:00
Michael Nebel	b3e5b86f0a	Java: Cleanup threat models tests.	2023-10-25 14:02:31 +02:00
Mathias Vorreiter Pedersen	05385eb704	Merge pull request #14587 from MathiasVP/fix-indirect-strtok-model C++: Fix `strtok` model for indirections	2023-10-25 12:09:13 +01:00
Owen Mansel-Chan	27646ce971	Merge pull request #14547 from owen-mc/go/enable-data-flow-consistency-checks Go: make data flow consistency checks available (and fix some)	2023-10-25 11:15:44 +01:00
Paolo Tranquilli	fb470e4140	Swift: remove useless commented-out line	2023-10-25 12:15:25 +02:00
Geoffrey White	bf503849ea	Swift: Fixup line numbers after merge.	2023-10-25 11:09:13 +01:00
Geoffrey White	bf6e6a1e68	Merge branch 'main' into stringwith	2023-10-25 10:58:25 +01:00
Geoffrey White	a3d53ba9ec	Merge pull request #14574 from github/geoffw0-patch-2 Swift: Update README.md	2023-10-25 10:56:01 +01:00
Geoffrey White	7029f14651	Merge pull request #14511 from geoffw0/substring Swift: Model Substring	2023-10-25 10:46:47 +01:00
Anders Schack-Mulligen	2592c94c54	Java: Replace range analysis with shared version.	2023-10-25 11:29:55 +02:00
Anders Schack-Mulligen	36082808d3	Java: Implement shared range analysis signatures.	2023-10-25 11:29:55 +02:00
Anders Schack-Mulligen	c1c4a5bfcf	Rangeanalysis: Copy qldoc and simplification from Java.	2023-10-25 11:17:02 +02:00
Anders Schack-Mulligen	cd44d67529	Rangeanalysis: Add temporary Java compatibility flag.	2023-10-25 11:17:02 +02:00
Anders Schack-Mulligen	06fe10bbe9	Rangeanalysis: Bugfix division with float representation.	2023-10-25 11:17:02 +02:00
Anders Schack-Mulligen	7b214a24df	C++: Add division test	2023-10-25 11:17:02 +02:00
Anders Schack-Mulligen	232c147f6b	Rangeanalysis: Port join-order fix from Java version.	2023-10-25 11:17:02 +02:00
Anders Schack-Mulligen	ec39de20d8	C++: Convert to qlpack version of core range analysis.	2023-10-25 11:17:01 +02:00
Anders Schack-Mulligen	38274db205	Rangeanalysis: Parameterise library.	2023-10-25 11:17:01 +02:00
Anders Schack-Mulligen	169ba03778	Rangeanalysis: Copy C++ version verbatim.	2023-10-25 11:17:01 +02:00
Anders Schack-Mulligen	aed830cf1b	Rangeanalysis: Make new qlpack	2023-10-25 11:17:01 +02:00
Paolo Tranquilli	a245d0019e	Swift: tiny cosmetic tweak	2023-10-25 10:56:21 +02:00
Mathias Vorreiter Pedersen	032572b924	C++: Fix 'strtok' model.	2023-10-25 09:39:36 +01:00
Mathias Vorreiter Pedersen	f54379d096	C++: Add failing test.	2023-10-25 09:38:49 +01:00
Paolo Tranquilli	9196939384	Swift: canonicalize all `VarDecl`s	2023-10-25 10:38:17 +02:00
Tony Torralba	4920c7f8b0	Merge pull request #14585 from github/workflow/coverage/update Update CSV framework coverage reports	2023-10-25 10:02:50 +02:00
Stephan Brandauer	cffcc7334d	Java: automodel extraction docs: add two intro sentences	2023-10-25 09:45:00 +02:00
Stephan Brandauer	0f2db1bcdb	Java: automodel extraction docs: use markdown footnote	2023-10-25 09:32:59 +02:00
Stephan Brandauer	3eeb6ffec4	Java: automodel extraction docs: spell out positive and negative	2023-10-25 09:05:22 +02:00
Stephan Brandauer	44c87561b3	Java: review suggestion from adityasharad Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>	2023-10-25 09:00:28 +02:00
Stephan Brandauer	c240c1b3f5	Java: review suggestions from aeisenberg Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>	2023-10-25 08:59:21 +02:00
github-actions[bot]	6cbadece0e	Add changed framework coverage reports	2023-10-25 00:15:35 +00:00
Marcono1234	bf20b8e5a5	Kotlin: Mention `Literal::getLiteral()` difference from source code It appears the Kotlin extractor does not have access to the actual string representation in the source code, and for most literal types uses simply the represented value also as `getLiteral` result, see https://github.com/github/codeql/blob/codeql-cli/v2.15.1/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt#L4443	2023-10-25 02:04:54 +02:00
Geoffrey White	8a5f3e4825	Swift: Fix an issue with RegexTracking.qll using PotentialRegexEval rather than RegexEval.	2023-10-24 22:49:19 +01:00
Jami	7c053ed428	CI: add .strip() to comment/ID file read Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>	2023-10-24 17:48:38 -04:00
Geoffrey White	021ed88a0a	Swift: Add a test revealing unevaluated regexs.	2023-10-24 22:42:15 +01:00
Chris Smowton	12d0f1a84b	Merge pull request #14575 from github/smowton/feature/more-intuitive-java-class-names Java: Replace MethodAccess, LValue, RValue with more intuitive names. Introduce NewClassExpr.	2023-10-24 19:01:37 +01:00

... 534 535 536 537 538 ...

87274 Commits