hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,115 Commits 1,671 Branches 157 Tags
esbena/push-testing
Commit Graph

31115 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
11420a060b commit 1 2021-12-20 20:58:51 +01:00
Tom Hvitved
f66a08155b Merge pull request #7460 from hvitved/ruby/cfg/nested-completion-non-linear-rec 
Ruby: Reduce non-linear recursion in CFG completion library
 2021-12-20 20:11:00 +01:00
Tom Hvitved
29cd346702 Ruby: Reduce non-linear recursion in CFG completion library 
Before

```
noinline
incremental
Completion::nestedEnsureCompletion#ff(/* Completion::Completion */ Completion::TCompletion outer,
                                      int nestLevel)
:-
  (
    (
      Completion::TReturnCompletion#f(outer),
      rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TBreakCompletion#f(outer),
      rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TNextCompletion#f(outer),
      rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TRedoCompletion#f(outer),
      rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TRetryCompletion#f(outer),
      rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TRaiseCompletion#f(outer),
      rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TExitCompletion#f(outer),
      rec Completion::Completion#class#f(outer)
    )
  ),
  exists(/* ControlFlowGraphImpl::Trees::BodyStmtTree */ cached dontcare AST::Cached::TAstNode _ |
    ControlFlowGraphImpl::Trees::BodyStmtTree::getNestLevel_dispred#ff(_,
                                                                       nestLevel)
  )
| [base_case] false()
| [delta_order]
  (
    (
      Completion::TReturnCompletion#f(outer),
      delta previous rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TBreakCompletion#f(outer),
      delta previous rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TNextCompletion#f(outer),
      delta previous rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TRedoCompletion#f(outer),
      delta previous rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TRetryCompletion#f(outer),
      delta previous rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TRaiseCompletion#f(outer),
      delta previous rec Completion::Completion#class#f(outer)
    );
    (
      Completion::TExitCompletion#f(outer),
      delta previous rec Completion::Completion#class#f(outer)
    )
  ),
  project#ControlFlowGraphImpl::Trees::BodyStmtTree::getNestLevel_dispred#ff(nestLevel),
  not(previous rec Completion::nestedEnsureCompletion#ff(outer, nestLevel))
.
```

After

```
noinline
Completion::nestedEnsureCompletion#ff(Completion::TCompletion outer,
                                      int nestLevel)
:-
  (
    Completion::TReturnCompletion#f(outer);
    Completion::TBreakCompletion#f(outer);
    Completion::TNextCompletion#f(outer);
    Completion::TRedoCompletion#f(outer);
    Completion::TRetryCompletion#f(outer);
    Completion::TRaiseCompletion#f(outer);
    Completion::TExitCompletion#f(outer)
  ),
  project#ControlFlowGraphImpl::Trees::BodyStmtTree::getNestLevel_dispred#ff(nestLevel)
.
```
 2021-12-20 19:22:47 +01:00
Mathias Vorreiter Pedersen
aa92fe8c90 Merge pull request #7338 from geoffw0/clrtxt2 
C++: Improvements to cpp/cleartext-transmission
 2021-12-20 16:05:12 +01:00
Nick Rolfe
f18492e39b Merge pull request #7443 from github/nickrolfe/behavior 
QL4QL: catch behaviour/behavior in ql/non-us-spelling
 2021-12-20 13:23:53 +00:00
Erik Krogh Kristensen
9ffdfb263f Merge pull request #7441 from erik-krogh/ql-for-ql-next 
QL-for-QL: Followup changes
 2021-12-20 10:58:13 +01:00
Alex Ford
313e0c63fd Merge pull request #7399 from github/ruby/stdlib-logger 
Ruby: Model what is written to the log from stdlib `Logger` methods
 2021-12-20 09:52:29 +00:00
Erik Krogh Kristensen
8b53cca3e8 QL: use environment instead of dynamic shell script construction 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-12-20 09:56:10 +01:00
Tom Hvitved
ed006d7283 Merge pull request #7231 from hvitved/csharp/dataflow/consistency-queries 
C#: Enable data-flow consistency queries
 2021-12-20 08:46:19 +01:00
Erik Krogh Kristensen
af47cba09a QL: fix the remaining code-scanning errors for QL-for-QL 2021-12-17 21:34:13 +01:00
Erik Krogh Kristensen
30f8894854 QL: run the redundat inline cast patch 2021-12-17 20:50:15 +01:00
Erik Krogh Kristensen
571995c929 QL: run the implicit this patch 2021-12-17 20:49:32 +01:00
Erik Krogh Kristensen
31c8e4ed2a QL: Fix the autobuilder (temporary bad fix) 2021-12-17 20:23:02 +01:00
Erik Krogh Kristensen
7a9e41c97d QL: split out analysis of each CodeQL language 2021-12-17 20:22:59 +01:00
Erik Krogh Kristensen
f44f33788f QL: cache the compiled extractor 2021-12-17 20:22:55 +01:00
Erik Krogh Kristensen
380d238c31 QL: run the QL-for-QL tests when a nested folder is changed 2021-12-17 20:22:30 +01:00
Erik Krogh Kristensen
8fbd056b4e QL: add the QL-for-QL label automatically 2021-12-17 20:22:27 +01:00
Erik Krogh Kristensen
d612687ae7 QL: don't require change notes for QL-for-QL 2021-12-17 20:22:23 +01:00
Erik Krogh Kristensen
f7f9b4d3f4 QL: use erik-krogh/ql codeql-action 2021-12-17 20:22:20 +01:00
Erik Krogh Kristensen
ea1ee68fe1 QL: fix join order of ql/override-swapped-name 2021-12-17 20:22:20 +01:00
Erik Krogh Kristensen
5717a216d3 QL: fix bad join 2021-12-17 20:22:20 +01:00
Erik Krogh Kristensen
4d12d8dd5e QL: update the stats file 2021-12-17 20:22:20 +01:00
Henry Mercer
bebf4ca8fc Merge pull request #7357 from github/henrymercer/js-atm-only-featurize-with-flow 
JS: Only featurize endpoints that are part of a flow path
 2021-12-17 18:03:40 +00:00
Henry Mercer
d058d36b1f Merge pull request #7445 from github/henrymercer/bump-atm-pack-version 
Bump ATM pack version to 0.0.2
 2021-12-17 17:54:50 +00:00
Henry Mercer
055432530f Bump ATM pack version to 0.0.2 2021-12-17 16:49:59 +00:00
Henry Mercer
c1864531cd JS: Push FeaturizationConfig context into more predicates 2021-12-17 16:31:56 +00:00
Henry Mercer
383437c571 JS: Only featurize endpoints that are part of a flow path 2021-12-17 16:31:56 +00:00
Nick Rolfe
dd12eab29b Merge pull request #7444 from github/nickrolfe/ql-autobuilder 
QL for QL: add autobuilder that respects LGTM_INDEX_FILTERS
 2021-12-17 16:22:42 +00:00
Anders Schack-Mulligen
c03f189dec Merge pull request #7434 from MathiasVP/fix-join-order-in-phi-node 
C++: Fix join-order in `phi_node` predicate.
 2021-12-17 17:06:57 +01:00
Nick Rolfe
e6c60ebd41 QL for QL: add autobuilder that respects LGTM_INDEX_FILTERS 2021-12-17 16:05:21 +00:00
Nick Rolfe
28912c508f Fix non-US spelling of 'behavior' 2021-12-17 15:29:31 +00:00
CodeQL CI
5054d5b555 Merge pull request #7420 from RasmusWL/ssrf-new 
Approved by yoff
 2021-12-17 15:20:49 +00:00
Nick Rolfe
9ad9b81327 QL4QL: catch behaviour/behavior in ql/non-us-spelling 2021-12-17 14:30:33 +00:00
Rasmus Wriedt Larsen
83f87f0272 Python: Adjust .expected based on new comment 
That was changed in 9866214
 2021-12-17 15:29:41 +01:00
CodeQL CI
de4b655ddb Merge pull request #7327 from asgerf/js/handlebars-more-raw-interpolation 
Approved by erik-krogh
 2021-12-17 14:07:57 +00:00
Mathias Vorreiter Pedersen
45753e519f C++: Fully lock down the join order correctly. 2021-12-17 13:43:56 +00:00
Rasmus Wriedt Larsen
626009ea60 Python: Fix typo 2021-12-17 14:29:38 +01:00
yoff
9866214ebe Update python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/full_partial_test.py 2021-12-17 14:26:43 +01:00
CodeQL CI
39ec7132af Merge pull request #7049 from asgerf/js/routing-trees 
Approved by erik-krogh
 2021-12-17 12:26:38 +00:00
Tony Torralba
f3819e7b06 Merge pull request #7435 from github/atorralba/log4j-CVE-2021-45046 
Java: New sinks for Log4j CloseableThreadContext
 2021-12-17 13:19:51 +01:00
Tom Hvitved
77fcb8a18f C#: Remove unused predicate 2021-12-17 13:14:11 +01:00
Tom Hvitved
e4d9f5f29e Fix QL doc 2021-12-17 13:14:11 +01:00
Tom Hvitved
a0311609d0 C#: Add missing post-update nodes for reverse array stores a[i].f = x 2021-12-17 13:14:11 +01:00
Tom Hvitved
e47e824e16 C#: Restrict ExplicitParameterNode to those that belong to unbound callables 2021-12-17 13:14:11 +01:00
Tom Hvitved
4a331814a2 C#: Avoid overlap in getCSharpType 2021-12-17 13:14:11 +01:00
Tom Hvitved
f5a47126b1 C#: Fix DataFlow::Node::getEnclosingCallable for field initializer expressions 2021-12-17 13:14:11 +01:00
Tom Hvitved
5bdfcc8436 C#: Update QL doc 2021-12-17 13:14:11 +01:00
Tom Hvitved
c13d83ce40 C#: Restrict some call-back flow summaries 2021-12-17 13:14:08 +01:00
Tom Hvitved
0c9ca4546c C#: Avoid overlap for () and System.ValueTuple in unification library 2021-12-17 13:13:36 +01:00
Tom Hvitved
7af9d75abc C#: Add locations for more CIL methods 2021-12-17 13:13:36 +01:00