hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

8549 Commits

Author SHA1 Message Date
Tom Hvitved
c6a471e4b6 C#: Adopt shared data flow implementation 
- General refactoring to fit with the shared data flow implementation.
- Move CFG splitting logic into `ControlFlowReachability.qll`.
- Replace `isAdditionalFlowStepIntoCall()` with `TaintedParameterNode`.
- Redefine `ReturnNode` to be the actual values that are returned, which should
  yield better path information.
- No longer consider overrides in CIL calls.
 2019-05-06 14:54:11 +02:00
Tom Hvitved
a6fa6dfd74 C#: Add shared data flow files 2019-05-06 14:54:11 +02:00
Tom Hvitved
26debb846c C#: Change ImplicitCapturedArgumentNode::toString() 2019-05-06 14:54:11 +02:00
Tom Hvitved
dfdfae8dd6 C#: Add more data flow tests 2019-05-03 09:41:39 +02:00
Tom Hvitved
58babdd425 Merge pull request #1187 from calumgrant/cs/expression-null 
C#: Fix FP in cs/constant-condition
 2019-04-29 09:37:30 +02:00
calum
b628060ddd C#: Address review comments. 2019-04-16 17:38:55 +01:00
calum
b11dce7b8a C#: Fix FP in expressions of the form (a?b:null)??d, where the null has a single successor, but the d is a join node. 2019-04-16 16:44:51 +01:00
calum
3e563f7a11 C#: Add (failing) unit test for cs/constant-condition 2019-04-16 16:44:50 +01:00
Tom Hvitved
006692524b C#: Improve CFG for (potential) dynamic accessor calls 2019-04-09 15:26:42 +02:00
Tom Hvitved
fcad129135 C#: Add CFG tests for (potential) dynamic accessor calls 2019-04-09 15:26:36 +02:00
Tom Hvitved
67ed863c76 Merge pull request #1200 from calumgrant/cs/icryptotransform 
C#: Tidy up cs/thread-unsafe-icryptotransform-field-in-class
 2019-04-05 09:28:24 +02:00
Tom Hvitved
f5d52d0652 Merge pull request #274 from lukecartey/csharp/remove-security-tags 
C#: Remove the 'security' tag from some queries
 2019-04-03 17:04:25 +02:00
calum
42b2f09315 C#: Tidy up query, remove false-positives and add some more test cases. 2019-04-03 12:17:01 +01:00
calum
932961bf19 C#: Remove static SHA1CryptoServiceProvider 2019-04-01 10:46:39 +01:00
semmle-qlci
225c22cca0 Merge pull request #1171 from hvitved/csharp/attributes-named-args 
Approved by calumgrant
 2019-03-28 12:06:13 +00:00
Calum Grant
8012dacd69 Merge pull request #1104 from hvitved/csharp/dispatch/performance 
C#: Dispatch library performance tweaks
 2019-03-28 11:57:19 +00:00
Tom Hvitved
664aa8db47 C#: Address review comment 2019-03-27 13:32:11 +01:00
Tom Hvitved
7634973bb4 C#: Handle named attribute arguments 2019-03-27 11:10:24 +01:00
Tom Hvitved
12843d2b0e C#: Add tests for named attribute arguments 2019-03-27 10:58:37 +01:00
semmle-qlci
59285be0b8 Merge pull request #1167 from hvitved/csharp/icrypto-qhelp 
Approved by aibaars
 2019-03-26 18:49:43 +00:00
Tom Hvitved
273e77e800 C#: Fix qhelp for ICryptoTransform queries 2019-03-26 14:38:29 +01:00
Calum Grant
2229409180 Merge pull request #1088 from hvitved/csharp/no-qname-for-local-scope-vars 
C#: No qualified names for local scope variables
 2019-03-26 12:58:20 +00:00
Calum Grant
01aa4ecf2f Merge pull request #1075 from hvitved/csharp/get-location-to-string 
C#: Simplify dispatch hierarchy for `getLocation()` and `toString()`
 2019-03-26 12:56:29 +00:00
Tom Hvitved
e01246acc8 C#: Autoformat 2019-03-26 13:38:47 +01:00
Tom Hvitved
1994f00495 C#: Introduce isBranch() predicate 
We already have `isJoin()`, so it makes sense to have `isBranch()` for symmetry.
 2019-03-25 09:51:26 +01:00
Tom Hvitved
1d05bccd87 Merge pull request #952 from calumgrant/cs/non-null-functions 
C#: Better call analysis using CIL
 2019-03-23 10:47:22 +01:00
Tom Hvitved
6c182564e7 C#: Adjustments to CIL/nullness analyses 
- Cache predicates in the same stage using a cached module.
- Introduce `DefUse::defUseVariableUpdate()` and use in `CallableReturns.qll`.
  The updated file `csharp/ql/test/library-tests/cil/dataflow/Nullness.expected`
  demonstrates why this is needed.
- Utilize CIL analysis in `Guards::nonNullValue()`.
- Analyze SSA definitions in `AlwaysNullExpr`, similar to `NonNullExpr`.
 2019-03-22 15:11:31 +01:00
Max Schaefer
8c460ae385 Merge remote-tracking branch 'upstream/master' into rc/1.20-merge-master 
Conflict in `javascript/extractor/src/com/semmle/js/extractor/Main.java` resolved
in favour of `master`.
 2019-03-21 14:46:29 +00:00
Tom Hvitved
414b7243c2 C#: More performance tweaks 2019-03-20 15:43:38 +01:00
calum
449e65d467 C#: Update expected outputs. 2019-03-19 15:11:19 +00:00
Max Schaefer
6fbf487524 Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-2019-03-19 2019-03-19 14:09:03 +00:00
calum
d5a4dcebd6 C#: Fix bug in dataflow library. 2019-03-18 17:59:56 +00:00
calum
d76a9805ae C#: Fix assembly labels when public key token is null. 2019-03-18 17:59:56 +00:00
calum
e1e657c1e8 C#: Address review comments and update tests. 2019-03-18 17:59:56 +00:00
calum
dd64cd2dbe C#: Fix CIL::Method::canReturn() to ignore stubs and only consider the best implementation. 2019-03-18 17:59:56 +00:00
calum
d1ada9594c C#: Implement Type::isRefType() and Type::isValueType() 2019-03-18 17:59:48 +00:00
Tom Hvitved
6cd87757f6 C#: Fix a few minor performance regressions 2019-03-18 14:36:41 +01:00
Calum Grant
5a3cf2c5bb Merge pull request #1054 from raulgarciamsft/users/raulga/ICryptoTransformLambda 
2n part of ICryptoTransform.
 2019-03-15 12:55:09 +00:00
Raul Garcia
2521848322 Merging the scenarios. 2019-03-14 10:57:22 -07:00
Tom Hvitved
84c3073c2a C#: Fix performance regression in cs/user-controlled-bypass 2019-03-14 10:36:50 +01:00
Calum Grant
a547fbea14 Merge pull request #1073 from hvitved/csharp/get-an-indexer-call 
C#: Improve performance and correctness of `IndexerProperty::getAnIndexerCall()`
 2019-03-13 17:10:52 +00:00
Tom Hvitved
638af39aa0 C#: Dispatch library performance tweaks 
- Restrict `OverridableCallable::getAnOverrider(ValueOrRefType t)` to types `t`
  that are sub types of the callable's declaring type.
- Use explicit recursion in `OverridableCallable::getInherited()`.
 2019-03-13 13:59:46 +01:00
Robert Brignull
5380e1df68 Merge remote-tracking branch 'upstream/rc/1.20' into merge/rc/1.20 2019-03-13 10:55:30 +00:00
Raul Garcia
af6588eaa9 Replacing tabs for spaces 2019-03-12 11:47:38 -07:00
Raul Garcia
d4825afc79 Updating expected results (I forgot to update them on my previous push) 2019-03-12 10:14:07 -07:00
Raul Garcia
5be19d7da4 Separating some reusable code into QLL libraries. 
Fixing bugs from code review.
 2019-03-12 09:48:15 -07:00
Tom Hvitved
8db983c2ee Merge branch 'rc/1.19' into merge-rc 2019-03-12 17:34:44 +01:00
calum
e00ada443a C#: Improve nullness and control flow by using CIL for null and throwing callables. 2019-03-12 16:13:29 +00:00
calum
3da8d3e82d C#: Identify CIL methods that are stubs, and exclude them from dataflow. 2019-03-12 16:13:29 +00:00
Tom Hvitved
089ad75a7b C#: Do not extend Element in ExternalArtifact.qll 2019-03-12 15:22:04 +01:00