hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,672 Branches 157 Tags
remove-javascript
Commit Graph

2812 Commits

Author SHA1 Message Date
Calum Grant
10181e93e2 C#: Update QLtest output 2020-01-07 18:39:51 +00:00
Calum Grant
a1bedf2e06 C#: Use expression flow state to determine non-null guards 2020-01-07 18:39:51 +00:00
Calum Grant
2eb29224e8 C#: Update guards tests. 2020-01-07 18:39:51 +00:00
Calum Grant
ecb22f1379 C#: Fix typo in dbscheme. 2020-01-07 18:39:51 +00:00
Calum Grant
1036640e24 C#: Update db stats 2020-01-07 18:38:58 +00:00
Calum Grant
8db46bc8ec C#: More tests for nullable flow state. 2020-01-07 18:38:58 +00:00
Calum Grant
6c9ebaba0b C#: Populate expression type nullability and nullable flow state. 2020-01-07 18:38:58 +00:00
Calum Grant
0327b83958 C#: Update nullability tests. 2020-01-07 18:38:58 +00:00
Calum Grant
d8f5450b67 C#: Alert suppression comments can be in C89-style comments 2020-01-07 11:52:52 +00:00
Tom Hvitved
5552c2e912 Merge pull request #2563 from calumgrant/cs/tuple-expr 
C#: Handle tuple expressions
 2020-01-07 09:31:17 +01:00
Anders Schack-Mulligen
9ba169b346 Java: Fix bad join-order. 2020-01-06 16:52:06 +01:00
Calum Grant
c145e32625 C#: Tests for multiline alert suppression comments 2020-01-06 15:45:00 +00:00
Calum Grant
41b4d70504 C#: Refactor, improve documentation and add tests for cs/serialization-check-bypass 2020-01-03 18:46:39 +00:00
Calum Grant
3db900b183 C#: Remove false positive and update test output 
C#: Mark results as GOOD
 2019-12-27 12:07:19 +00:00
Calum Grant
fd0225ca59 C#: Add test 2019-12-27 11:44:39 +00:00
Calum Grant
a059c13f6c C#: Add test for tuple expressions. 2019-12-23 15:18:28 +00:00
Calum Grant
63afb30797 C#: Tests for tuple expressions. 2019-12-23 15:18:21 +00:00
Dave Bartolomeo
5b5d2f2b67 Merge pull request #2154 from rdmarsh2/rdmarsh/cpp/ir-callee-side-effects 
C++: add InitializeIndirection for pointer params
 2019-12-20 13:13:54 -07:00
yo-h
cc7f98e0f6 Merge pull request #2555 from hvitved/csharp/xml-sync 
C#: Sync `XML.qll` with other languages
 2019-12-20 09:03:55 -05:00
Jonas Jensen
de55a6846f Merge pull request #2204 from alexet/cache-to-string 
Cache the computation of core toString predicates for cpp c# and java.
 2019-12-20 14:54:46 +01:00
Jonas Jensen
a13748f484 Merge pull request #2259 from rdmarsh2/rdmarsh/cpp/default-taint-tracking-sources 
C++: move sources into DefaultTaintTracking.qll
 2019-12-19 14:09:41 +01:00
Tom Hvitved
1b6bd7a0fa C#: Update XML.qll for backwards compatibility 2019-12-19 10:27:59 +01:00
Tom Hvitved
82c368e13e C#: Sync XML.qll with other languages 2019-12-19 10:26:08 +01:00
Anders Schack-Mulligen
2443f10823 C#: Update .expected file. 2019-12-18 10:40:18 +01:00
Robert Marsh
e209ed961a Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects 2019-12-17 15:11:02 -08:00
semmle-qlci
8ad11b98d0 Merge pull request #2538 from hvitved/csharp/missing-to-string 
Approved by calumgrant
 2019-12-17 19:23:47 +00:00
Tom Hvitved
9dde1ce76a C#: No taint-tracking steps for ternary conditionals 
Ternary conditionals `b ? x : y` mistakenly had taint-tracking steps from both
`b`, `x`, and `y` to the conditional expression itself. Flow from `b` was not
intented, and flow from `x` and `y` is already part of ordinary data flow.
 2019-12-17 13:53:39 +01:00
Anders Schack-Mulligen
ca08097b56 Java/C++/C#: Fix Java Content.getType and getContainerType to match C# and fix C# tests. 2019-12-17 11:51:58 +01:00
Robert Marsh
3c9d7953b6 Merge branch 'master' into rdmarsh/cpp/default-taint-tracking-sources 2019-12-16 11:49:22 -08:00
Tom Hvitved
f1193d084b C#: Add missing toString() relations 2019-12-16 19:38:46 +01:00
Anders Schack-Mulligen
a97e7bd3b2 Java/C++/C#: Some review fixes. 2019-12-16 16:17:19 +01:00
Anders Schack-Mulligen
0eacadb309 C#: Fix unit test. 2019-12-16 16:17:19 +01:00
Anders Schack-Mulligen
a1a875e3e1 Java/C++/C#: Fix autoformat. 2019-12-16 16:15:48 +01:00
Anders Schack-Mulligen
02068ecdcd Java/C++/C#: Sync. 2019-12-16 16:15:48 +01:00
Calum Grant
a5b2549f6f Merge pull request #2514 from hvitved/csharp/code-contracts 
C#: Recognize Code Contract assertions
 2019-12-16 13:00:01 +00:00
james
f6029bd55c Merge branch 'rc/1.23' into mergeback-123-ql 2019-12-12 15:05:28 +00:00
Tom Hvitved
374b0c063e C#: Autoformat 2019-12-11 20:36:54 +01:00
Tom Hvitved
b7484e63ee C#: Recognize Code Contract assertions 2019-12-11 16:54:42 +01:00
Tom Hvitved
5429448eeb C#: Add tests for Code Contracts 2019-12-11 16:51:42 +01:00
Jonas Jensen
5a8407749f C#: autoformat fixup 2019-12-11 09:10:23 +01:00
Jonas Jensen
66876d0f63 C++: Compute isInCycle only for raw IR 
On wireshark/wireshark, `isInCycle` ran into a low-memory loop on the
`aliased_ssa` stage. It shouldn't be necessary to detect cycles after
the `raw` stage, so this commit moves cycle detection into the
`Construction` modules and makes it a no-op in `SSAConstruction.qll`.
 2019-12-10 16:03:39 +01:00
Tom Hvitved
abcb6b8aab C#: Type-based pruning for data flow 2019-12-10 15:48:48 +01:00
Tom Hvitved
54088248a1 C#: Use source declarations in field flow 2019-12-10 15:46:31 +01:00
Tom Hvitved
a344707baa C#: Add more data flow tests 
Add tests that exhibit missing type pruning.
 2019-12-10 15:46:31 +01:00
Tom Hvitved
78ddb37a8c C#: Track type information in data flow 
This commit adds type information to data flow paths, by mapping node types onto
the smaller set of GVN types, and implementing `ppReprType()`.

The effect is a mere change in `DataFlow::PathNode::toString()`; no type-based
pruning is done yet.
 2019-12-10 15:46:28 +01:00
Calum Grant
3049bf2c85 Merge pull request #2358 from cldrn/ASPNetPagesValidateRequest 
Adds CodeQL query to check for Pages with disabled built-in validation
 2019-12-09 13:05:03 +00:00
Tom Hvitved
25265bddc7 Merge pull request #2494 from calumgrant/cs/roslyn-3.4 
C#: Upgrade Roslyn to 3.4
 2019-12-09 12:21:30 +01:00
Shati Patel
f40b1b570c Fix typo 2019-12-06 15:56:01 +00:00
Jonas Jensen
0012fef504 Merge pull request #2497 from hvitved/csharp/remove-cp 
C#: Remove a Cartesian product
 2019-12-06 13:58:33 +00:00
Calum Grant
964f2f25dc Merge pull request #2462 from hvitved/csharp/localvars-refactor 
C#: Handle tuple patterns in `is` expressions
 2019-12-06 12:59:14 +00:00