hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,824 Commits 1,671 Branches 157 Tags
ginsbach/EnableJavaOverlayCompilation
Commit Graph

3504 Commits

Author SHA1 Message Date
Tom Hvitved
9031e19c88 C#: Recognize ref assignments through delegate calls 2019-01-16 15:53:31 +01:00
Tom Hvitved
b2f99dbbc7 C#: Teach data flow library about CFG splitting 
Data flow nodes for expressions do not take CFG splitting into account. Example:

```
if (b)
    x = tainted;
x = x.ToLower();
if (!b)
    Use(x);
```

Flow is incorrectly reported from `tainted` to `x` in `Use(x)`, because the step
from `tainted` to `x.ToLower()` throws away the information that `b = true`.

The solution is to remember the splitting in data flow expression nodes, that is,
to represent the exact control flow node instead of just the expression. With that
we get flow from `tainted` to `[b = true] x.ToLower()`, but not from `tainted` to
`[b = false] x.ToLower()`.

The data flow API remains unchanged, but in order for analyses to fully benefit from
CFG splitting, sanitizers in particular should be CFG-based instead of expression-based:

```
if (b)
   x = tainted;
   if (IsInvalid(x))
       return;
Use(x);
```

If the call to `IsInvalid()` is a sanitizer, then defining an expression node to be
a sanitizer using `GuardedExpr` will be too conservative (`x` in `Use(x)` is in fact
not guarded). However, `[b = true] x` in `[b = true] Use(x)` is guarded, and to help
defining guard-based sanitizers, the class `GuardedDataFlowNode` has been introduced.
 2019-01-16 10:39:27 +01:00
Tom Hvitved
abb3f71ec8 C#: Add GuardedControlFlowNode 2019-01-16 10:29:26 +01:00
Tom Hvitved
f323049b9d C#: CFG for expressions without enclosing callables, e.g. field initializers 2019-01-16 10:29:26 +01:00
Calum Grant
6cc4c2d31f Merge pull request #762 from hvitved/csharp/autoformat/libraries 
C#: Autoformat QLL files
 2019-01-15 12:19:50 +00:00
Calum Grant
d4d5c47adb Merge pull request #749 from hvitved/csharp/remove-def-use 
C#: Remove `DefUse.qll`
 2019-01-15 10:52:39 +00:00
Tom Hvitved
f90b0fd16f C#: Convert some multi-line comments 2019-01-14 14:08:54 +01:00
Tom Hvitved
b81d2ca8fa C#: Autoformat QLL files 2019-01-14 14:08:54 +01:00
semmle-qlci
b78fcd39be Merge pull request #745 from hvitved/csharp/query/missed-readonly-modifier 
Approved by calumgrant
 2019-01-14 08:43:59 +00:00
semmle-qlci
3fe9f92817 Merge pull request #746 from hvitved/csharp/is-valid-explicit-params-type 
Approved by calumgrant
 2019-01-14 08:43:30 +00:00
Tom Hvitved
36e4b879e9 C#: Remove comment 2019-01-11 14:32:34 +01:00
Tom Hvitved
390ebc96ae C#: Autoformat QL files 2019-01-11 13:55:28 +01:00
Tom Hvitved
c06fc2af09 C#: Remove DefUse.qll 2019-01-11 09:35:38 +01:00
Tom Hvitved
0f7dc51e89 C#: Fix performance issue in isValidExplicitParamsType() 2019-01-10 21:19:23 +01:00
Tom Hvitved
2197736128 C#: Speedup cs/missed-readonly-modifier 2019-01-10 20:57:36 +01:00
Calum Grant
89becbce9a Merge pull request #726 from hvitved/csharp/cfg/foreach-multi-variables 
C#: Fix CFG for `foreach` statements with tuple declarations
 2019-01-09 14:47:01 +00:00
Calum Grant
bd9a2d71ba Merge pull request #719 from hvitved/csharp/autoformat/queries 
C#: Autoformat QL queries
 2019-01-09 10:48:22 +00:00
Tom Hvitved
6fccfa3b0a C#: Fix CFG for foreach statements with tuple declarations 2019-01-04 18:51:55 +01:00
Max Schaefer
b4f400fb23 Merge remote-tracking branch 'upstream/next' into qlucie/master 2019-01-04 10:35:57 +00:00
Tom Hvitved
f187e7444c C#: Autoformat follow-up changes 2019-01-02 13:51:30 +01:00
Tom Hvitved
daa45322b1 C#: Autoformat QL queries 2019-01-02 12:59:07 +01:00
Tom Hvitved
2427f0ada9 C#: Remove redundant cast 2019-01-02 10:09:24 +01:00
Tom Hvitved
5879e58741 C#: Account for CFG splitting in AssignableDefinition::getAFirstRead() and AssignableRead::getANextRead() 2019-01-02 09:50:13 +01:00
calumgrant
a6003533a4 Merge pull request #692 from hvitved/csharp/maybe-null-as-expression 
C#: Consider `as` expressions as maybe-`null` in `cs/dereferenced-value-may-be-null`
 2018-12-20 18:49:33 +00:00
calumgrant
7dd263b413 Merge pull request #689 from hvitved/csharp/remove-get-url 
C#: Remove `getUrl()` predicates
 2018-12-20 18:49:15 +00:00
Tom Hvitved
33fcbc958d C#: Consider as expressions as maybe-null in cs/dereferenced-value-may-be-null 2018-12-20 14:54:48 +01:00
Tom Hvitved
c66f67dfac C#: Address review comment 2018-12-20 14:49:56 +01:00
Tom Hvitved
546d750045 C#: Reintroduce getURL() 
It turns out that we still need `getURL()` to account for cases where there is no
`getLocation()`. Not having `getURL()` for entities without a `getLocation()` results
in a `file://0:0:0:0` URL, which is not rendered in QL4E, unlike a `""` URL.
 2018-12-19 20:47:33 +01:00
Tom Hvitved
b2500a0c26 Merge branch 'master' into csharp/maybe-null-path-query 2018-12-19 20:22:19 +01:00
semmle-qlci
83ccddff7a Merge pull request #707 from hvitved/csharp/bounded-fast-tc 
Approved by calumgrant
 2018-12-19 19:20:42 +00:00
calum
efe2fb502e C#: Convert libraries to use matchesHandle instead of getLabel. 2018-12-19 15:22:53 +00:00
calum
2acde22f43 C#: Add QL and tests for handles. 2018-12-19 15:22:53 +00:00
calum
0ee209e6a4 C#: Update db stats. 2018-12-19 15:22:53 +00:00
calum
fb8895bdc7 C#: Extract metadata handle information. 2018-12-19 15:22:53 +00:00
Tom Hvitved
10627738d0 C#: Introduce Ssa::Definition::getElement() and AssignableDefinition::getElement() 2018-12-19 14:56:56 +01:00
calumgrant
e15481a622 Merge pull request #702 from hvitved/csharp/remove-deprecated 
C#: Remove deprecated predicates
 2018-12-19 12:10:49 +00:00
Tom Hvitved
e5cbac5c13 C#: Replace a use of boundedFastTC with fastTC 2018-12-19 11:37:22 +01:00
calumgrant
b051b7546d Merge pull request #638 from hvitved/csharp/split-dominance-performance 
C#: Speedup `Assertions::strictlyDominates()` and `ControlFlowElement::controlsBlock()`
 2018-12-18 13:05:36 +00:00
Tom Hvitved
d9ae5933d4 C#: Remove deprecated predicates 2018-12-17 16:20:41 +01:00
Tom Hvitved
e822510d6b C#: Fix typo 2018-12-17 15:33:05 +01:00
calumgrant
6648c8414f Merge pull request #680 from hvitved/csharp/data-flow-performance-tweaks 
C#: Minor data flow performance tweaks
 2018-12-17 14:25:51 +00:00
calumgrant
dbd0c7e80a Merge pull request #674 from hvitved/csharp/cache-get-label 
C#: Cache `NamedElement::getLabel()`
 2018-12-17 14:24:01 +00:00
Tom Hvitved
ada0115d6a C#: Remove getUrl() predicates 
As described on https://lgtm.com/help/ql/locations#providing-location-information,
there is no need to provide a `getUrl()` predicate, when there is a `getLocation()`
predicate. Not only is it redundant, but it can also be slow because of string
construction.
 2018-12-17 10:52:24 +01:00
Tom Hvitved
91e4f7ad83 C#: Make cs/dereferenced-value-may-be-null a path query 2018-12-14 12:07:16 +00:00
Tom Hvitved
e2f271bddb C#: Add more guard implication steps 2018-12-14 12:03:32 +00:00
Tom Hvitved
078dc7b6c0 C#: Fix false positives in cs/dereferenced-value-may-be-null 2018-12-14 12:03:32 +00:00
Tom Hvitved
56b80ae13a C#: Add getALocation() for namespaces and namespace declarations 2018-12-14 10:16:20 +00:00
Aditya Sharad
f71e5ac338 Merge master into next. 2018-12-13 17:57:31 +00:00
calumgrant
16c065274d Merge pull request #666 from hvitved/csharp/useless-upcast-performance 
C#: Improve performance of `cs/useless-upcast`
 2018-12-13 12:04:12 +00:00
Tom Hvitved
b155a0f5fb C#: Avoid computing CIL strings and non-PDB locations in data flow library 
Computing strings and locations for CIL instructions can be quite time consuming.
The CIL `toString()`s are not very helpful in path explanations, and their locations
are only useful when a PDB source file exists. Therefore, produce a simple constant
`toString()`, and restrict locations to those in PDB files.
 2018-12-12 21:58:16 +01:00