codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00

Author	SHA1	Message	Date
Jonas Jensen	8bb9e8a4af	Merge pull request #4592 from geoffw0/varnotused C++: Work around two false positive issues with the UnusedLocals.ql query	2020-11-13 14:53:58 +01:00
Geoffrey White	498177ce02	C++: Autoformat.	2020-11-12 13:30:58 +00:00
Geoffrey White	2aa6ff6239	C++: Add comments about the temporary exclusions.	2020-11-11 17:33:16 +00:00
Mathias Vorreiter Pedersen	8d4b948acf	Merge branch 'main' into interleave-op-instr-field-flow	2020-11-10 21:15:50 +01:00
Jonas Jensen	fc764db8e1	Merge pull request #4643 from nickrolfe/getFileBySourceArchiveName Replace getEncodedFile with shared getFileBySourceArchiveName predicate	2020-11-10 17:36:29 +01:00
Mathias Vorreiter Pedersen	884554692f	Merge pull request #4645 from geoffw0/oddsends2 C++: Odds and ends	2020-11-10 16:59:10 +01:00
Mathias Vorreiter Pedersen	618d9c33a1	Merge pull request #4642 from geoffw0/memberfn C++: Improve MemberFunction.qll data flows	2020-11-10 16:54:42 +01:00
Nick Rolfe	ac4a1f1d9b	Update comment to be a QLDoc comment	2020-11-10 14:14:27 +00:00
Geoffrey White	be537a8021	C++: Move ThrowExpr, ReThrowExpr definitions to a more logical location.	2020-11-10 14:06:58 +00:00
Nick Rolfe	1e1eb7ee33	Replace getEncodedFile with shared getFileBySourceArchiveName predicate While also making it work with paths for databases created on Windows.	2020-11-10 13:55:27 +00:00
Geoffrey White	2beb7824ec	C++: Backticks.	2020-11-10 13:35:05 +00:00
Geoffrey White	599034668f	C++: Fix typo.	2020-11-10 13:32:31 +00:00
Geoffrey White	f109e8ccbc	C++: Remove duplicate import.	2020-11-10 13:31:47 +00:00
Geoffrey White	c4fe8df04c	C++: Support data flow from parameter deref to return value.	2020-11-10 13:17:34 +00:00
Geoffrey White	4563e32e92	C++: Remove data flows we shouldn't need in MemberFunction.	2020-11-10 13:17:24 +00:00
Anders Schack-Mulligen	89ef6ea4eb	C++/C#/Java/JavaScript/Python: Autoformat set literals.	2020-11-10 13:32:27 +01:00
Mathias Vorreiter Pedersen	3c2fb5a93f	Merge branch 'main' into interleave-op-instr-field-flow	2020-11-09 09:58:19 +01:00
Jonas Jensen	b8b1f0c617	C++: pragma[noinline] parameter index predicates A performance regression in `definitionByReferenceNodeFromArgument#ff` was ultimately caused by a join on parameter indexes in `DefinitionByReferenceNode.getArgument`. Joining on numbers in QL is always fragile, and somehow the changes in #4432 had caused the join order here to break. Instead of tweaking the join order in the slow predicate itself, I added `pragma[noinline]` to one of the predicates involved in the join on parameter indexes. This should prevent us from getting similar performance problems in the future when we write code that joins on parameter numbers. Joining on indexes is always risky, but it's even more risky when one of the predicates in the join is inlined by the compiler and expands to further joins. I tested performance by running `CgiXss.ql` on a ChakraCore snapshot. Tuple counts before (I interrupted execution after five minutes or so): (626s) Tuple counts for DataFlowUtil::definitionByReferenceNodeFromArgument#ff: 58162 ~0% {3} r1 = SCAN DataFlowUtil::DefinitionByReferenceNode#class#ff AS I OUTPUT I.<1>, -1, I.<0> 26934 ~0% {2} r2 = JOIN r1 WITH Instruction::IndexedInstruction#ff AS R ON FIRST 2 OUTPUT r1.<0>, r1.<2> 26934 ~1% {2} r3 = JOIN r2 WITH Instruction::SideEffectInstruction::getPrimaryInstruction_dispred#3#ff AS R ON FIRST 1 OUTPUT R.<1>, r2.<1> 26850 ~1% {2} r4 = JOIN r3 WITH Instruction::CallInstruction::getThisArgumentOperand_dispred#ff AS R ON FIRST 1 OUTPUT R.<1>, r3.<1> 26850 ~0% {2} r5 = JOIN r4 WITH Operand::Operand::getDef_dispred#3#ff AS R ON FIRST 1 OUTPUT R.<1>, r4.<1> 26850 ~1% {2} r6 = JOIN r5 WITH Instruction::Instruction::getUnconvertedResultExpression_dispred#ff AS R ON FIRST 1 OUTPUT R.<1>, r5.<1> 58162 ~0% {2} r7 = SCAN DataFlowUtil::DefinitionByReferenceNode#class#ff AS I OUTPUT I.<1>, I.<0> 58162 ~4% {3} r8 = JOIN r7 WITH Instruction::IndexedInstruction#ff AS R ON FIRST 1 OUTPUT R.<1>, r7.<1>, r7.<0> 4026581120 ~0% {4} r9 = JOIN r8 WITH Instruction::CallInstruction::getPositionalArgumentOperand_dispred#fff_102#join_rhs AS R ON FIRST 1 OUTPUT r8.<2>, R.<1>, r8.<1>, R.<2> 31154 ~4% {2} r10 = JOIN r9 WITH Instruction::SideEffectInstruction::getPrimaryInstruction_dispred#3#ff AS R ON FIRST 2 OUTPUT r9.<3>, r9.<2> 31154 ~8% {2} r11 = JOIN r10 WITH Operand::Operand::getDef_dispred#3#ff AS R ON FIRST 1 OUTPUT R.<1>, r10.<1> 31154 ~0% {2} r12 = JOIN r11 WITH Instruction::Instruction::getUnconvertedResultExpression_dispred#ff AS R ON FIRST 1 OUTPUT R.<1>, r11.<1> 58004 ~0% {2} r13 = r6 \/ r12 return r13 Tuple counts after: (0s) Tuple counts for DataFlowUtil::definitionByReferenceNodeFromArgument#ff: 385785 ~6% {2} r1 = SCAN DataFlowUtil::DefinitionByReferenceNode#class#ff AS I OUTPUT I.<1>, I.<0> 385785 ~0% {3} r2 = JOIN r1 WITH Instruction::IndexedInstruction#ff AS R ON FIRST 1 OUTPUT r1.<0>, r1.<1>, R.<1> 385785 ~1% {3} r3 = JOIN r2 WITH Instruction::SideEffectInstruction::getPrimaryInstruction_dispred#3#ff AS R ON FIRST 1 OUTPUT R.<1>, r2.<2>, r2.<1> 198736 ~4% {2} r4 = JOIN r3 WITH Instruction::CallInstruction::getPositionalArgument#fff AS R ON FIRST 2 OUTPUT R.<2>, r3.<2> 198736 ~0% {2} r5 = JOIN r4 WITH Instruction::Instruction::getUnconvertedResultExpression_dispred#ff AS R ON FIRST 1 OUTPUT R.<1>, r4.<1> 385785 ~1% {3} r6 = SCAN DataFlowUtil::DefinitionByReferenceNode#class#ff AS I OUTPUT I.<1>, -1, I.<0> 186891 ~1% {2} r7 = JOIN r6 WITH Instruction::IndexedInstruction#ff AS R ON FIRST 2 OUTPUT r6.<0>, r6.<2> 186891 ~2% {2} r8 = JOIN r7 WITH Instruction::SideEffectInstruction::getPrimaryInstruction_dispred#3#ff AS R ON FIRST 1 OUTPUT R.<1>, r7.<1> 183201 ~3% {2} r9 = JOIN r8 WITH Instruction::CallInstruction::getThisArgumentOperand_dispred#ff AS R ON FIRST 1 OUTPUT R.<1>, r8.<1> 183201 ~0% {2} r10 = JOIN r9 WITH Operand::Operand::getDef_dispred#3#ff AS R ON FIRST 1 OUTPUT R.<1>, r9.<1> 175449 ~8% {2} r11 = JOIN r10 WITH Instruction::Instruction::getUnconvertedResultExpression_dispred#ff AS R ON FIRST 1 OUTPUT R.<1>, r10.<1> 374185 ~3% {2} r12 = r5 \/ r11 return r12	2020-11-09 09:01:22 +01:00
Robert Marsh	2f204869e7	Merge pull request #4604 from criemen/ir-block-sort-order C++, C# IR: Stabilize sort order for basic blocks.	2020-11-04 18:22:23 -05:00
Cornelius Riemenschneider	78d885ee7d	C++: Accept test output.	2020-11-04 16:45:07 +01:00
Cornelius Riemenschneider	44d6584fa2	C++, C#: Auto-format.	2020-11-04 16:26:56 +01:00
Cornelius Riemenschneider	a13947424a	C++, C# IR: Stabilize sort order for basic blocks.	2020-11-04 16:26:56 +01:00
Cornelius Riemenschneider	e7e5754270	C++: Add taint model for std::vector::emplace/_back.	2020-11-04 16:20:01 +01:00
Cornelius Riemenschneider	62a02cde73	C++: Add test to show missing taint steps for std::vector::emplace/_back	2020-11-04 16:07:15 +01:00
Cornelius Riemenschneider	081ab1e2bb	C++: Add std::vector::emplace/_back to our STL model.	2020-11-04 16:07:08 +01:00
Dave Bartolomeo	4cc9110dbd	Fix test expectation	2020-11-03 13:39:33 -05:00
Dave Bartolomeo	f0b9794907	Merge remote-tracking branch 'upstream/main' into work	2020-11-03 11:33:44 -05:00
Anders Schack-Mulligen	92494441a7	Merge pull request #4554 from aschackmull/dataflow/reverse-partial Dataflow: Add support reverse partial flow exploration.	2020-11-03 15:34:30 +01:00
Anders Schack-Mulligen	2971784f9c	Dataflow: Add missing qldoc and sync.	2020-11-03 09:21:48 +01:00
Anders Schack-Mulligen	7eb64aa998	Dataflow: Code review fixes.	2020-11-03 09:16:20 +01:00
Anders Schack-Mulligen	1ae76a80aa	Dataflow: Fix qldoc.	2020-11-03 09:16:20 +01:00
Anders Schack-Mulligen	d5be4d7b92	Dataflow: Add support reverse partial flow exploration.	2020-11-03 09:16:19 +01:00
Dave Bartolomeo	0d1fbd1bdc	Fix annotations	2020-11-02 18:03:40 -05:00
Geoffrey White	e9bde9b711	C++: Work around issue with ConditionalDeclExpr.	2020-11-02 15:46:38 +00:00
Geoffrey White	79bda0055c	C++: Work around issue with 'Unknown literal'.	2020-11-02 15:46:36 +00:00
Geoffrey White	35f4646ee0	C++: Add test cases for UnusedLocals.	2020-11-02 10:40:42 +00:00
Mathias Vorreiter Pedersen	fc80ef2ed8	C++: Sync identical file.	2020-10-31 18:02:12 +01:00
Mathias Vorreiter Pedersen	ed9ad8b5e3	Merge branch 'main' into better-syntax-for-false-positives-and-negatives-inline-expectation	2020-10-31 16:52:16 +01:00
Dave Bartolomeo	69dee154f3	Fix PR feedback	2020-10-31 09:03:51 -04:00
Dave Bartolomeo	be180aac25	Fixup after merge	2020-10-30 12:52:58 -04:00
Dave Bartolomeo	ec398b2a67	Merge remote-tracking branch 'upstream/main' into work	2020-10-30 12:36:33 -04:00
Dave Bartolomeo	42373417e2	Merge from `main`	2020-10-30 12:02:56 -04:00
Mathias Vorreiter Pedersen	ee77e988b2	C++: Allow strings in inline-expectation tests	2020-10-30 16:49:14 +01:00
Cornelius Riemenschneider	e7d995313e	C++: Address review.	2020-10-30 16:30:57 +01:00
Mathias Vorreiter Pedersen	177f94368e	C++: Respond to review comments and accept test changes.	2020-10-30 15:59:39 +01:00
Cornelius Riemenschneider	84fe7ba199	C++: Add support for StmtExpr to Print AST.	2020-10-30 15:53:54 +01:00
Cornelius Riemenschneider	d3631d8f2e	Merge pull request #4562 from criemen/printast-labels C++: Change PrintAST to provide the predicates that can be used to traverse the AST.	2020-10-30 15:48:46 +01:00
Dave Bartolomeo	36b27add24	Simplify ordering of children with conversions using `rank` In `getChild(int childIndex)`, the actual values of `childIndex` don't matter, as long as they are in the correct order. Rather than doing complicated math to compute the indices for the synthesized `.getFullyConverted()` children, just use the `rank` aggregate to order all children first by whether or not the child is a conversion, then by the original child index.	2020-10-30 10:00:23 -04:00
Cornelius Riemenschneider	cf8f802310	C++: Rename predicate.	2020-10-30 12:51:19 +01:00
Cornelius Riemenschneider	ab42ddb0dc	C++: Adjust code for the conversions PR, provide correct childIndexes for the new nodes.	2020-10-30 12:48:53 +01:00

1 2 3 4 5 ...

5053 Commits