hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,238 Commits 1,672 Branches 157 Tags
codeql-cli-2.7.5
Commit Graph

2321 Commits

Author SHA1 Message Date
Chris Smowton
64a2320be7 Merge pull request #5757 from smowton/smowton/admin/fix-dead-qhelp-links 
Fix all dead qhelp links
 2021-04-27 12:17:08 +01:00
Tom Hvitved
2e266c7ddd Merge pull request #5756 from hvitved/csharp/string-builder-fluent 
C#: Add missing `StringBuilder` flow summaries
 2021-04-27 11:24:56 +02:00
Tom Hvitved
fb606112fa Merge pull request #5754 from hvitved/csharp/guards/performance 
C#: Improve performance of guards library
 2021-04-27 10:53:01 +02:00
Chris Smowton
d717fc7b1f Use Microsoft archive of vijaysk's blog 2021-04-26 10:13:04 +01:00
Tamás Vajk
a7030c7fed Merge pull request #5308 from tamasvajk/feature/flow-sources-sinks 
C#: Add Console.Read* to local flow sources
 2021-04-23 16:36:16 +02:00
Tamás Vajk
c3058f4744 Merge pull request #5749 from tamasvajk/feature/fix-fromsource 
C#: Adjust 'fromSource' to hold only on files passed to the compiler as a source file
 2021-04-23 16:35:40 +02:00
Chris Smowton
455b840712 Fix all dead qhelp links 
For those documents with no obvious new home I've pointed the links to the Internet Archive.
 2021-04-23 15:20:21 +01:00
Tom Hvitved
004450b201 C#: Add missing StringBuilder flow summaries 2021-04-23 16:17:49 +02:00
Jonas Jensen
9b5bb95766 Merge pull request #5696 from jbj/reapply-inconsistency-workaround 
Revert "Revert "C++: Work around extractor issue CPP-383""
 2021-04-23 14:49:32 +02:00
Anders Schack-Mulligen
bc8c55836a Merge pull request #5743 from aschackmull/java/flow-summary-tweaks 
Java/C#: Move a couple of flow summary tweaks to the shared implementation.
 2021-04-23 13:46:04 +02:00
Tamas Vajk
1b4c3c7415 Fix code review findings 2021-04-23 13:44:34 +02:00
Tamas Vajk
e3f10c0e32 Cleanup DiagnosticError classes 2021-04-23 13:37:42 +02:00
Tom Hvitved
4c597dd467 C#: Improve performance of guards library 2021-04-23 10:09:43 +02:00
Jonas Jensen
6de5b3021e C++: Replace Jira ticket reference with GH issue 2021-04-23 09:58:39 +02:00
Dave Bartolomeo
3b04bedee0 Stub out additional bits of Alias model for C# 2021-04-22 17:19:00 -04:00
Tamas Vajk
ed42c878b0 Adjust 'fromSource' to hold only on '.cs' files 2021-04-22 14:17:16 +02:00
Tamas Vajk
b36d35bf1e Revert "C#: Adjust 'fromSource' to hold only on files passed to the compiler as a source file" 
This reverts commit 1dab1590ea.
 2021-04-22 14:16:10 +02:00
edvraa
c9c9758e01 Make similarly named files in tests and qhelp in sync 2021-04-22 12:23:46 +03:00
Tamas Vajk
1dab1590ea C#: Adjust 'fromSource' to hold only on files passed to the compiler as a source file 2021-04-22 10:21:28 +02:00
Tamas Vajk
1a708affbf Include compilation errors in diagnostic check 2021-04-22 10:08:33 +02:00
Tamas Vajk
ff9327a035 Add diagnostic query to get correctly extracted files 2021-04-22 09:21:46 +02:00
Tamas Vajk
353d43a039 Log model errors even in standalone extraction 2021-04-22 09:13:06 +02:00
Tamas Vajk
5149ffdd16 C#: Add extraction error diagnostic query 2021-04-22 09:13:06 +02:00
edvraa
57689df5aa Remove DataFlow::Node 2021-04-21 19:29:30 +03:00
Dave Bartolomeo
0bc4b0421d C++: Remove unnecessary cast 2021-04-21 12:12:01 -04:00
edvraa
a93d6a3ef6 Remove SafeConstructorTrackingConfig 2021-04-21 17:16:54 +03:00
edvraa
9e46ef3cd9 Get rid of getParent 2021-04-21 17:11:40 +03:00
edvraa
808444986d Get rid of UnsafeDeserializerCallable 2021-04-21 17:06:20 +03:00
edvraa
b6952d541a get rid of getParent 2021-04-21 16:55:34 +03:00
edvraa
9cc67e4266 make private where possible 2021-04-21 16:48:05 +03:00
Anders Schack-Mulligen
f9599da32d Java/C#: Move a couple of flow summary tweaks to the shared implementation. 2021-04-21 14:24:15 +02:00
edvraa
8f6411dba3 Simpify with exists 2021-04-21 13:52:41 +03:00
edvraa
0590522e4b a deserializer 2021-04-21 13:29:00 +03:00
edvraa
3ac5f7bb18 Move RemoteSource and LocalSource to UnsafeDeserialization.qll 2021-04-21 13:27:26 +03:00
Tamas Vajk
2a6f979ce6 C# Add line of code metric query 2021-04-21 10:42:06 +02:00
Tom Hvitved
7080b256fb Merge pull request #5715 from hvitved/csharp/ssa/perf-tweaks 
C#: A few minor SSA performance tweaks
 2021-04-21 09:59:12 +02:00
Tom Hvitved
def62e8c22 Merge pull request #5718 from hvitved/csharp/hardcoded-cred-remove-cp 
C#: Remove CP from `HardcodedCredentials::getCredentialSink`
 2021-04-21 09:58:56 +02:00
Tom Hvitved
1ed11b297b Merge pull request #5725 from hvitved/csharp/dataflow/performance 
C#: Various data-flow performance tweaks
 2021-04-21 09:46:15 +02:00
Dave Bartolomeo
1d0cb0407d Merge from main 2021-04-20 23:37:04 -04:00
Dave Bartolomeo
a447b049fc C++: Impoved alias analysis of smart pointers 2021-04-20 19:42:06 -04:00
Dave Bartolomeo
5085e462b0 C++: Allow alias propagation to/from side effects (part 1) 2021-04-20 14:09:41 -04:00
Dave Bartolomeo
01a95316c2 C++: Add Instruction::getAParameterSideEffect(). 2021-04-20 14:03:48 -04:00
Tom Hvitved
3eba5b0aac Merge pull request #5676 from hvitved/csharp/dispatch/get-a-viable-overrider-perf 
C#: Speedup `DispatchMethodOrAccessorCall::getAViableOverrider()`
 2021-04-20 19:57:59 +02:00
Tom Hvitved
dd1bb18938 C#: Various data-flow performance tweaks 
- Cache `DataFlowCall::getEnclosingCallable()`.
- Cache `ParameterNode`.
- Cache `ArgumentNode`.
- Force proper join-orders for uses of `getNodeType()`.
- Inline `localFlow` to prevent calculating full TC.
 2021-04-20 11:56:25 +02:00
Tom Hvitved
1f9239089f Merge pull request #5695 from hvitved/csharp/dispose-not-called-on-exc-perf 
C#: Improve performance of `DisposeNotCalledOnException.ql`
 2021-04-20 11:52:18 +02:00
Tom Hvitved
9128ec72ad C#: A few minor SSA performance tweaks 2021-04-19 15:51:14 +02:00
Tom Hvitved
15e4b7f95d C#: Remove CP from HardcodedCredentials::getCredentialSink 2021-04-19 15:03:11 +02:00
edvraa
c3deb48efa Charpred for InstanceMethodSink 2021-04-16 17:19:42 +03:00
Tom Hvitved
40b74167e0 C#: Improve performance of DisposeNotCalledOnException.ql 2021-04-16 14:34:16 +02:00
Tom Hvitved
946fcf1c82 C#: Speedup DispatchMethodOrAccessorCall::getAViableOverrider() 
In addition to improved performance, the analysis no longer applies a closed-world
assumption to type parameters. That is, if the type of a receiver is a type parameter,
then the call may target any method of a compatible receiver type, not just the
types that actually instantiate the type parameter.
 2021-04-16 10:43:17 +02:00