hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

1366 Commits

Author SHA1 Message Date
Tom Hvitved
bbf082b285 C#: Extract stackalloc information 2020-02-10 20:32:52 +01:00
Calum Grant
803cb3f4d1 C#: Address review comment 
- Flow from expressions with a value is excluded.
 2020-02-10 16:02:29 +00:00
Calum Grant
5fef77bf44 C#: Handle expressions of typeImplicitStackAllocArrayCreationExpressionSyntax 2020-02-10 11:30:12 +00:00
Tom Hvitved
85e6b24c49 C#: Remove false positives for cs/useless-assignment-to-local 2020-02-05 20:12:39 +01:00
Tom Hvitved
d9f9fc510f C#: Add more tests for cs/useless-assignment-to-local 2020-02-05 20:11:22 +01:00
Tom Hvitved
fed6dd5324 C#: Generalize data-flow flow-through summaries 
The predicate

```
argumentValueFlowsThrough(ArgumentNode arg, OutNode out, CallContext cc)
```

has been generalized to

```
argumentValueFlowsThrough(
  DataFlowCall call, ArgumentNode arg, Node out, ContentOption contentIn,
  ContentOption contentOut
)
```

This enables us to summarize normal flow-through (as before), getters, setters,
as well as getter-setters.
 2020-02-04 14:09:12 +01:00
Tom Hvitved
00fdc70155 Merge pull request #2710 from calumgrant/cs/short-circuit-out 
C#: Remove false positive in cs/non-short-circuit
 2020-02-04 12:09:17 +01:00
Tom Hvitved
c31f0e955d C#: Add more flow-through data-flow tests 2020-01-31 13:48:08 +01:00
Calum Grant
7caae01ad1 C#: Exclude fields that are created 2020-01-29 15:47:12 +00:00
Anders Schack-Mulligen
726a873c3e C#: Autoformat. 2020-01-29 13:15:00 +01:00
Calum Grant
0b3821c828 C#: Remove false positive for out params 2020-01-28 13:59:33 +00:00
Calum Grant
f23438ea65 C#: Add test showing false positive 2020-01-28 11:48:59 +00:00
Tom Hvitved
7e042da4f5 Merge pull request #2665 from calumgrant/cs/zipslip-alert 
C#: ZipSlip query reports alert at source
 2020-01-23 11:05:57 +01:00
Calum Grant
a868456628 C#: Address review comments 2020-01-22 14:21:12 +00:00
Calum Grant
3d460aeb44 C#: ZipSlip query reports alert at source 2020-01-21 15:17:06 +00:00
Calum Grant
9d7c9e0ba4 C#: Default parameter values are maybe null 
C#: Update test output
 2020-01-20 14:37:20 +00:00
Calum Grant
631b4248b5 C#: Add a nullness test 2020-01-20 11:13:31 +00:00
Tom Hvitved
e5abaa79ae Merge pull request #2585 from calumgrant/cs/serialization-check-bypass 
C#: Improvements to cs/serialization-check-bypass
 2020-01-15 20:40:51 +01:00
Robert Marsh
a91f10fe40 Merge pull request #2629 from dbartol/dbartol/missing-vvars 
C++/C#: Fix missing virtual variables
 2020-01-15 08:32:43 -08:00
Tom Hvitved
f7278d36e1 Merge pull request #2498 from aschackmull/java/taint-getter 
Java/C++/C#: Add support for taint-getter/setter summaries in data flow.
 2020-01-15 09:55:19 +01:00
Dave Bartolomeo
e60f902c36 C++/C#: Fix missing virtual variables 
The aliased SSA code was assuming that, for every automatic variable, there would be at least one memory access that reads or writes the entire variable. We've encountered a couple cases where that isn't true due to extractor issues. As a workaround, we now always create the `VariableMemoryLocation` for every local variable.

I've also added a sanity test to detect this condition in the future.

Along the way, I had to fix a perf issue in the PrintIR code. When determining the ID of a result based on line number, we were considering all `Instruction`s generated for a particular line, regardless of whether they were all in the same `IRFunction`. In addition, the predicate had what appeared to be a bad join order that made it take forever on large snapshots. I've scoped it down to just consider `Instruction`s in the same function, and outlined that predicate to fix the join order issue. This causes some numbering changes, but they're for the better. I don't think there was actually any nondeterminism there before, but now the numbering won't depend on the number of instantiations of a template, either.
 2020-01-14 17:57:15 -07:00
Tom Hvitved
5a4be67d81 Merge pull request #2597 from calumgrant/cs/multiline-alert-suppression 
C#: Alert suppression through single-line /* */ style comments
 2020-01-14 10:35:11 +01:00
Calum Grant
bc1b2c3ead C#: Address review comment 2020-01-07 18:39:52 +00:00
Calum Grant
d0d7ed620c C#: Update comments in test file to reflect fixed test output. 2020-01-07 18:39:52 +00:00
Calum Grant
359dea2c2b C#: Fixed test output. 2020-01-07 18:39:52 +00:00
Calum Grant
85c9459b35 C#: Add more tests showing incorrect extraction. 2020-01-07 18:39:51 +00:00
Calum Grant
10181e93e2 C#: Update QLtest output 2020-01-07 18:39:51 +00:00
Calum Grant
a1bedf2e06 C#: Use expression flow state to determine non-null guards 2020-01-07 18:39:51 +00:00
Calum Grant
2eb29224e8 C#: Update guards tests. 2020-01-07 18:39:51 +00:00
Calum Grant
8db46bc8ec C#: More tests for nullable flow state. 2020-01-07 18:38:58 +00:00
Calum Grant
6c9ebaba0b C#: Populate expression type nullability and nullable flow state. 2020-01-07 18:38:58 +00:00
Calum Grant
0327b83958 C#: Update nullability tests. 2020-01-07 18:38:58 +00:00
Calum Grant
d8f5450b67 C#: Alert suppression comments can be in C89-style comments 2020-01-07 11:52:52 +00:00
Tom Hvitved
5552c2e912 Merge pull request #2563 from calumgrant/cs/tuple-expr 
C#: Handle tuple expressions
 2020-01-07 09:31:17 +01:00
Calum Grant
c145e32625 C#: Tests for multiline alert suppression comments 2020-01-06 15:45:00 +00:00
Calum Grant
41b4d70504 C#: Refactor, improve documentation and add tests for cs/serialization-check-bypass 2020-01-03 18:46:39 +00:00
Calum Grant
3db900b183 C#: Remove false positive and update test output 
C#: Mark results as GOOD
 2019-12-27 12:07:19 +00:00
Calum Grant
fd0225ca59 C#: Add test 2019-12-27 11:44:39 +00:00
Calum Grant
a059c13f6c C#: Add test for tuple expressions. 2019-12-23 15:18:28 +00:00
Calum Grant
63afb30797 C#: Tests for tuple expressions. 2019-12-23 15:18:21 +00:00
Anders Schack-Mulligen
2443f10823 C#: Update .expected file. 2019-12-18 10:40:18 +01:00
semmle-qlci
8ad11b98d0 Merge pull request #2538 from hvitved/csharp/missing-to-string 
Approved by calumgrant
 2019-12-17 19:23:47 +00:00
Tom Hvitved
9dde1ce76a C#: No taint-tracking steps for ternary conditionals 
Ternary conditionals `b ? x : y` mistakenly had taint-tracking steps from both
`b`, `x`, and `y` to the conditional expression itself. Flow from `b` was not
intented, and flow from `x` and `y` is already part of ordinary data flow.
 2019-12-17 13:53:39 +01:00
Anders Schack-Mulligen
ca08097b56 Java/C++/C#: Fix Java Content.getType and getContainerType to match C# and fix C# tests. 2019-12-17 11:51:58 +01:00
Tom Hvitved
f1193d084b C#: Add missing toString() relations 2019-12-16 19:38:46 +01:00
Anders Schack-Mulligen
0eacadb309 C#: Fix unit test. 2019-12-16 16:17:19 +01:00
Tom Hvitved
b7484e63ee C#: Recognize Code Contract assertions 2019-12-11 16:54:42 +01:00
Tom Hvitved
5429448eeb C#: Add tests for Code Contracts 2019-12-11 16:51:42 +01:00
Tom Hvitved
abcb6b8aab C#: Type-based pruning for data flow 2019-12-10 15:48:48 +01:00
Tom Hvitved
54088248a1 C#: Use source declarations in field flow 2019-12-10 15:46:31 +01:00