hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

6837 Commits

Author SHA1 Message Date
github-actions[bot]
4ce8ccc52b Release preparation for version 2.7.6 2022-01-20 08:21:18 +00:00
Mathias Vorreiter Pedersen
2a02ce137a C++: Fix join orders in 'exprIsSubLeftOrLess'. 
Before:

Tuple counts for UnsignedDifferenceExpressionComparedZero::exprIsSubLeftOrLess#ff/2@i3#a5071w3a after 24s:
  304220    ~2%      {2} r1 = JOIN UnsignedDifferenceExpressionComparedZero::exprIsSubLeftOrLess#ff#prev_delta WITH Expr::BinaryOperation#class#f#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.0 'sub'

  190061335 ~24%     {2} r2 = JOIN r1 WITH DataFlowUtil::localFlowStep#ff ON FIRST 1 OUTPUT Lhs.1 'sub', Rhs.1 'n'

  3956      ~0%      {2} r3 = JOIN r1 WITH DataFlowUtil::localFlowStep#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'sub', Rhs.1 'n'

  407983    ~1%      {2} r4 = JOIN Expr::BinaryOperation#class#f#join_rhs WITH UnsignedDifferenceExpressionComparedZero::exprIsSubLeftOrLess#ff#prev ON FIRST 1 OUTPUT Rhs.1 'n', Lhs.0 'sub'
  380823    ~0%      {2} r5 = JOIN r4 WITH DataFlowUtil::TExprNode#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'sub', Rhs.1
  0         ~0%      {2} r6 = JOIN r5 WITH UnsignedDifferenceExpressionComparedZero::isGuarded#fff#prev_delta ON FIRST 2 OUTPUT Rhs.2, Lhs.0 'sub'
  0         ~0%      {2} r7 = JOIN r6 WITH DataFlowUtil::TExprNode#ff ON FIRST 1 OUTPUT Lhs.1 'sub', Rhs.1 'n'

  3956      ~0%      {2} r8 = r3 UNION r7
  190065291 ~24%     {2} r9 = r2 UNION r8
  ...

After:

Tuple counts for UnsignedDifferenceExpressionComparedZero::interestingSubExpr#f/1@654e29g3 after 228ms:
  370 ~2%     {2} r1 = ComparisonOperation::RelationalOperation::getGreaterOperand_dispred#fb AND NOT Exclusions::isFromMacroDefinition#b(Lhs.1 'sub')
  370 ~0%     {2} r2 = SCAN r1 OUTPUT In.1 'sub', In.0
  370 ~3%     {3} r3 = JOIN r2 WITH Expr::Expr::getFullyConverted_dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0 'sub'
  210 ~1%     {2} r4 = JOIN r3 WITH SimpleRangeAnalysis::SimpleRangeAnalysisCached::exprMightOverflowNegatively#f ON FIRST 1 OUTPUT Lhs.2 'sub', Lhs.1
  210 ~0%     {3} r5 = JOIN r4 WITH Expr::Expr::getFullyConverted_dispred#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.0 'sub', Rhs.1
  210 ~1%     {3} r6 = JOIN r5 WITH ComparisonOperation::RelationalOperation::getLesserOperand_dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'sub', Lhs.2
  59  ~2%     {4} r7 = JOIN r6 WITH Expr::Expr::getValue_dispred#ff ON FIRST 1 OUTPUT Lhs.1 'sub', Lhs.2, Rhs.1, toInt(Rhs.1)
  17  ~0%     {4} r8 = SELECT r7 ON In.3 = 0
  17  ~0%     {2} r9 = SCAN r8 OUTPUT In.1, In.0 'sub'
  8   ~0%     {2} r10 = JOIN r9 WITH Expr::Expr::getUnspecifiedType_dispred#bb ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'sub'
  8   ~0%     {1} r11 = JOIN r10 WITH Type::IntegralType::isUnsigned_dispred#f ON FIRST 1 OUTPUT Lhs.1 'sub'
              return r11

Tuple counts for UnsignedDifferenceExpressionComparedZero::exprIsSubLeftOrLess#ff/2@i2#61800weu after 1ms:
  8  ~0%      {2} r1 = JOIN UnsignedDifferenceExpressionComparedZero::exprIsSubLeftOrLess#ff#prev_delta WITH UnsignedDifferenceExpressionComparedZero::interestingSubExpr#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0 'sub'

  0  ~0%      {2} r2 = JOIN r1 WITH DataFlowUtil::localFlowStep#ff ON FIRST 1 OUTPUT Lhs.1 'sub', Rhs.1 'n'

  1  ~0%      {2} r3 = JOIN r1 WITH DataFlowUtil::localFlowStep#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'sub', Rhs.1 'n'

  0  ~0%      {3} r4 = JOIN UnsignedDifferenceExpressionComparedZero::isGuarded#fff#prev_delta WITH UnsignedDifferenceExpressionComparedZero::interestingSubExpr#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0 'sub', Lhs.2
  0  ~0%      {3} r5 = JOIN r4 WITH DataFlowUtil::TExprNode#ff ON FIRST 1 OUTPUT Lhs.1 'sub', Rhs.1 'n', Lhs.2
  0  ~0%      {2} r6 = JOIN r5 WITH UnsignedDifferenceExpressionComparedZero::exprIsSubLeftOrLess#ff#prev ON FIRST 2 OUTPUT Lhs.2, Lhs.0 'sub'
  0  ~0%      {2} r7 = JOIN r6 WITH DataFlowUtil::TExprNode#ff ON FIRST 1 OUTPUT Lhs.1 'sub', Rhs.1 'n'

  1  ~0%      {2} r8 = r3 UNION r7
  1  ~0%      {2} r9 = r2 UNION r8
  ...
 2022-01-10 17:28:14 +00:00
Mathias Vorreiter Pedersen
f2d6bcd767 C++: Fix join order in 'isGuarded'. 
Before:

Tuple counts for UnsignedDifferenceExpressionComparedZero::isGuarded#bff/3@ec24001m after 1.7s:
  97431    ~0%     {2} r1 = JOIN UnsignedDifferenceExpressionComparedZero::isGuarded#bff#join_rhs WITH project#BasicBlocks::Cached::basic_block_member ON FIRST 1 OUTPUT Rhs.1, Lhs.0 'sub'
  11809769 ~1%     {2} r2 = JOIN r1 WITH Guards::GuardCondition::controls_dispred#fff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'sub', Rhs.1
  11809769 ~0%     {4} r3 = JOIN r2 WITH project#BasicBlocks::Cached::basic_block_member ON FIRST 1 OUTPUT Lhs.1, Rhs.1, false, Lhs.0 'sub'
  629277   ~4%     {7} r4 = JOIN r3 WITH Guards::GuardCondition::ensuresLt_dispred#ffffff_045123#join_rhs ON FIRST 3 OUTPUT Lhs.3 'sub', Lhs.0, Lhs.1, false, Rhs.3 'left', Rhs.4 'right', Rhs.5
  628120   ~4%     {7} r5 = SELECT r4 ON In.6 >= 0
  628120   ~1%     {3} r6 = SCAN r5 OUTPUT In.0 'sub', In.4 'left', In.5 'right'
                    return r6

After:

Tuple counts for UnsignedDifferenceExpressionComparedZero::isGuarded#fff/3@i2#a5071x3a after 392ms:
  103763 ~0%     {2} r1 = SCAN UnsignedDifferenceExpressionComparedZero::exprIsSubLeftOrLess#ff#prev_delta OUTPUT In.0 'sub', 26
  103763 ~0%     {1} r2 = JOIN r1 WITH exprs ON FIRST 2 OUTPUT Lhs.0 'sub'
  97431  ~0%     {3} r3 = JOIN r2 WITH project#BasicBlocks::Cached::basic_block_member ON FIRST 1 OUTPUT Rhs.1, false, Lhs.0 'sub'
  629277 ~0%     {7} r4 = JOIN r3 WITH Guards::GuardCondition::ensuresLt_dispred#ffffff_450123#join_rhs ON FIRST 2 OUTPUT Lhs.2 'sub', Lhs.0, false, Rhs.2, Rhs.3 'left', Rhs.4 'right', Rhs.5
  628120 ~0%     {7} r5 = SELECT r4 ON In.6 >= 0
  628120 ~1%     {6} r6 = SCAN r5 OUTPUT In.0 'sub', In.1, In.3, In.4 'left', In.5 'right', In.6
  628120 ~1%     {6} r7 = r6 AND NOT UnsignedDifferenceExpressionComparedZero::isGuarded#fff#prev(Lhs.0 'sub', Lhs.3 'left', Lhs.4 'right')
  628120 ~0%     {5} r8 = SCAN r7 OUTPUT In.2, In.1, In.0 'sub', In.3 'left', In.4 'right'
  628120 ~1%     {3} r9 = JOIN r8 WITH Guards::GuardCondition::controls_dispred#fff ON FIRST 2 OUTPUT Lhs.2 'sub', Lhs.3 'left', Lhs.4 'right'
                  return r9
 2022-01-10 17:03:40 +00:00
github-actions[bot]
1dfcf427aa Release preparation for version 2.7.5 2022-01-04 14:44:56 +00:00
Erik Krogh Kristensen
b9964799f3 Merge pull request #7458 from erik-krogh/modelling 
QL: add "modelling/modeling" to `ql/non-us-spelling`
 2022-01-04 13:33:54 +01:00
Geoffrey White
344e380fa3 Merge pull request #6949 from ihsinme/ihsinme-patch-073 
CPP: Add query for CWE-266 Incorrect Privilege Assignment
 2022-01-04 11:37:17 +00:00
Dave Bartolomeo
ded3c52a34 Merge pull request #7407 from github/post-release-prep/codeql-cli-2.7.4 
Post-release preparation for codeql-cli-2.7.4
 2022-01-03 17:09:58 -05:00
github-actions[bot]
1334d207fa Post-release version bumps 2022-01-03 20:11:15 +00:00
Mathias Vorreiter Pedersen
dae5af6be8 Merge pull request #7392 from MathiasVP/fix-join-order-in-is-argument-for-parameter 
C++: Fix join order in `isArgumentForParameter`
 2021-12-21 09:29:32 +01:00
Erik Krogh Kristensen
d17879e1f9 run the non-us patch 2021-12-20 16:24:41 +01:00
Mathias Vorreiter Pedersen
aa92fe8c90 Merge pull request #7338 from geoffw0/clrtxt2 
C++: Improvements to cpp/cleartext-transmission
 2021-12-20 16:05:12 +01:00
Nick Rolfe
f18492e39b Merge pull request #7443 from github/nickrolfe/behavior 
QL4QL: catch behaviour/behavior in ql/non-us-spelling
 2021-12-20 13:23:53 +00:00
Tom Hvitved
ed006d7283 Merge pull request #7231 from hvitved/csharp/dataflow/consistency-queries 
C#: Enable data-flow consistency queries
 2021-12-20 08:46:19 +01:00
Anders Schack-Mulligen
c03f189dec Merge pull request #7434 from MathiasVP/fix-join-order-in-phi-node 
C++: Fix join-order in `phi_node` predicate.
 2021-12-17 17:06:57 +01:00
Nick Rolfe
28912c508f Fix non-US spelling of 'behavior' 2021-12-17 15:29:31 +00:00
Mathias Vorreiter Pedersen
45753e519f C++: Fully lock down the join order correctly. 2021-12-17 13:43:56 +00:00
Tom Hvitved
e4d9f5f29e Fix QL doc 2021-12-17 13:14:11 +01:00
Tom Hvitved
ab2e0fdb18 Data flow: Sync files 2021-12-17 13:13:36 +01:00
Mathias Vorreiter Pedersen
c1af8b93c2 C++: Better join-order fix. 2021-12-17 11:50:53 +00:00
Anders Schack-Mulligen
3adc0b57ed Merge pull request #7426 from MathiasVP/fix-join-order-in-http-string-literal-charpred 
C++: Fix join-order in `HttpStringLiteral` charpred
 2021-12-17 11:21:38 +01:00
Mathias Vorreiter Pedersen
d840796494 C++: Fix join-order in 'phi_node' predicate. 2021-12-17 07:50:04 +00:00
Mathias Vorreiter Pedersen
53a1f935b7 C++: Fix join-order in 'HttpStringLiteral' charpred. 2021-12-16 17:12:50 +00:00
Geoffrey White
b142a79a35 C++: Remove unnecessary additional taint step. 2021-12-15 14:35:54 +00:00
Geoffrey White
f82683cdf4 C++: Clean up QLDoc. 2021-12-15 14:08:43 +00:00
Geoffrey White
4891a649a2 C++: Newlines. 2021-12-15 13:52:47 +00:00
Mathias Vorreiter Pedersen
8208f92f59 An alternative design for 'cpp/cleartext-transmission'. 2021-12-15 13:52:15 +00:00
Geoffrey White
9363d64166 Merge pull request #7395 from MathiasVP/fix-fp-in-pointless-self-comparison 
C++: Fix FP in `cpp/comparison-of-identical-expressions`
 2021-12-15 10:47:57 +00:00
Mathias Vorreiter Pedersen
65c301c39f Update cpp/ql/test/query-tests/Likely Bugs/Arithmetic/BadAdditionOverflowCheck/templates.cpp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-12-15 09:22:41 +00:00
github-actions[bot]
59da2cdf69 Release preparation for version 2.7.4 2021-12-14 21:35:09 +00:00
Mathias Vorreiter Pedersen
310353060e C++: Also fix the FP in 'cpp/comparison-canceling-subexpr'. 2021-12-14 17:08:10 +00:00
Dave Bartolomeo
a62f181d42 Move new change notes to appropriate packs 2021-12-14 12:05:15 -05:00
Mathias Vorreiter Pedersen
b2082cc3da C++: Fix false positive in 'cpp/cpp/comparison-of-identical-expressions'. 2021-12-14 16:39:25 +00:00
Mathias Vorreiter Pedersen
9d14a85f3f C++: Add false positive. 2021-12-14 16:38:19 +00:00
Mathias Vorreiter Pedersen
dd6085f0a6 C++/C#: Sync identical files. 2021-12-14 13:56:39 +00:00
Mathias Vorreiter Pedersen
3da1c2bde1 C++: Fix join-order in 'isArgumentForParameter'. 2021-12-14 13:56:31 +00:00
Mathias Vorreiter Pedersen
6fda5e8f5b Merge pull request #7272 from github/redsun82/cpp-overrunning-write-precision-split 
C++: refactor buffer overwrite queries with estimate reasons
 2021-12-14 08:50:30 +00:00
Paolo Tranquilli
0d7d60eebd C++: add small docstring fix 2021-12-14 08:15:45 +00:00
Geoffrey White
041c2c77b3 C++: Separate two test cases slightly so that we get clearer test coverage of the interprocedural / multi-path cases. 2021-12-13 18:18:29 +00:00
Sergey
0f0bd34958 Update IncorrectPrivilegeAssignment.ql 2021-12-13 20:35:13 +03:00
Andrew Eisenberg
0669ef505e Fix semver for upgrades references 
Ensure the version range is flexible enough to handle
future version changes.
 2021-12-13 09:03:33 -08:00
Paolo Tranquilli
5ed7056707 C++: remove deprecation from getMaxData 2021-12-13 11:28:02 +00:00
Paolo Tranquilli
3734e1ca4f C++: auto format 2021-12-13 11:28:02 +00:00
Paolo Tranquilli
06acaef43e C++: fix deprecation comments in BufferWrite 2021-12-13 11:28:02 +00:00
Paolo Tranquilli
a089898220 C++: remove reason from OverrunWrite output 2021-12-13 11:28:02 +00:00
Paolo Tranquilli
85de6dd667 C++: make BufferWrite changes backward compatible 2021-12-13 11:28:02 +00:00
Paolo Tranquilli
2020786fb0 C++: fix format 2021-12-13 11:28:02 +00:00
Paolo Tranquilli
b0242dc55b C++: more idiomatic BufferWriteEstimationReason 2021-12-13 11:28:02 +00:00
Paolo Tranquilli
160635ba3c C++: add missing docs for a toString predicate 2021-12-13 11:28:02 +00:00
Paolo Tranquilli
a6cbe6f94c C++: add missing change note and docs 2021-12-13 11:28:02 +00:00
Paolo Tranquilli
fb03561a31 C++: add docstrings to Printf and BufferWrite 2021-12-13 11:28:02 +00:00