hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,658 Commits 1,671 Branches 157 Tags
rust-ti-implementing-type-method
Commit Graph

1242 Commits

Author SHA1 Message Date
github-actions[bot]
dc9092c9ec Post-release preparation for codeql-cli-2.16.4 2024-03-06 22:19:33 +00:00
github-actions[bot]
2f058ffb4d Release preparation for version 2.16.4 2024-03-06 20:56:51 +00:00
Angela P Wen
ce31f8641a Revert "Release preparation for version 2.16.4" 2024-03-06 12:07:33 -08:00
Geoffrey White
0edfafeb06 Shared: Correct and clarify doc for SemBound.getExpr. 2024-03-06 16:00:36 +00:00
Anders Schack-Mulligen
caa45058ae Dataflow: Improve join-order. 
Join with the functional getApprox before filtering with revFlow as this
is always better.
 2024-03-06 11:29:08 +01:00
Anders Schack-Mulligen
55e6255e05 Dataflow: Extend the first join to also include argApa. 
Improves from
2024-03-04 13:29:20] Evaluated non-recursive predicate DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowThroughIntoCall/6#b44155c7@6dd478n9 in 126ms (size: 398332).
Evaluated relational algebra for predicate DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowThroughIntoCall/6#b44155c7@6dd478n9 with tuple counts:
              1  ~0%    {2} r1 = SCAN `DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::TAccessPathApproxNone#dom#04382804` OUTPUT _, _
              1  ~0%    {0}    | REWRITE WITH Tmp.0 := true, Tmp.1 := false, TEST Tmp.0 != Tmp.1 KEEPING 0
          83798  ~0%    {4}    | JOIN WITH `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::returnFlowsThrough/8#ffafcf14` CARTESIAN PRODUCT OUTPUT Rhs.0, Rhs.3, Rhs.1, Rhs.2
        4044102  ~3%    {7}    | JOIN WITH `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowIntoCallApaTaken/6#d989a8d1#cpe#12346_2013#join_rhs` ON FIRST 1 OUTPUT Rhs.2, Lhs.2, Lhs.3, Rhs.3, Lhs.1, Lhs.0, Rhs.1
         398332  ~3%    {6}    | JOIN WITH `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::fwdFlow/9#00ae2fc8#2` ON FIRST 4 OUTPUT Lhs.6, Lhs.0, Lhs.5, _, Lhs.2, Lhs.4
         398332  ~1%    {6}    | REWRITE WITH Out.3 := true
                        return r1
to
[2024-03-04 15:20:26] Evaluated non-recursive predicate DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowThroughIntoCall/6#b44155c7@97bd358u in 35ms (size: 398332).
Evaluated relational algebra for predicate DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowThroughIntoCall/6#b44155c7@97bd358u with tuple counts:
         83798   ~0%    {7} r1 = SCAN `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::returnFlowsThrough/9#53894c55` OUTPUT In.0, In.1, In.2, In.3, In.4, _, _
                        {5}    | REWRITE WITH Tmp.5 := true, Tmp.6 := false, TEST Tmp.5 != Tmp.6 KEEPING 5
         83798   ~3%    {5}    | SCAN OUTPUT In.0, In.3, In.4, In.1, In.2
        416847   ~2%    {7}    | JOIN WITH `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::flowIntoCallApaTaken/6#d989a8d1#cpe#12346_2301#join_rhs` ON FIRST 2 OUTPUT Rhs.3, Lhs.3, Lhs.4, Lhs.1, Lhs.2, Lhs.0, Rhs.2
        398332   ~3%    {6}    | JOIN WITH `project#DataFlowImpl::Impl<TaintedPath::TaintedPath::C>::Stage5::fwdFlow/9#00ae2fc8#2` ON FIRST 4 OUTPUT Lhs.6, Lhs.0, Lhs.5, _, Lhs.2, Lhs.4
        398332   ~1%    {6}    | REWRITE WITH Out.3 := true
                        return r1
 2024-03-06 11:29:08 +01:00
github-actions[bot]
661e68dab5 Release preparation for version 2.16.4 2024-03-05 18:13:58 +00:00
Angela P Wen
967963a653 Revert "Release preparation for version 2.16.4" 2024-03-05 08:53:33 -08:00
Tom Hvitved
d5c34264ad Data flow: Prune call-context sensitivity relations 2024-03-05 10:44:12 +01:00
github-actions[bot]
a67218a027 Release preparation for version 2.16.4 2024-03-04 17:42:08 +00:00
Geoffrey White
50ad45944c Update shared/dataflow/codeql/dataflow/DataFlow.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2024-03-04 12:02:01 +00:00
Geoffrey White
5def2887e7 Shared: Add an example for SemBound.getExpr. 2024-03-04 11:59:52 +00:00
Geoffrey White
cb1c68260e Shared: QLDoc for ContentApprox and getContentApprox. 2024-03-01 17:36:53 +00:00
Geoffrey White
c663809cc7 Update shared/rangeanalysis/codeql/rangeanalysis/RangeAnalysis.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2024-03-01 17:06:48 +00:00
Geoffrey White
0e24ed14da Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2024-03-01 17:04:34 +00:00
Geoffrey White
1fece75f15 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2024-03-01 11:10:26 +00:00
Geoffrey White
a499919239 Shared: More helpful QLDoc for simpleLocalFlowStep. 2024-02-29 17:13:40 +00:00
Geoffrey White
f834768720 Shared: Improve QLDoc for forceHighPrecision. 2024-02-29 17:09:31 +00:00
Geoffrey White
9d2dc7a3cc Shared: Format. 2024-02-29 17:09:16 +00:00
Geoffrey White
88e3bc6865 Update shared/dataflow/codeql/dataflow/DataFlow.qll 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-02-29 17:03:30 +00:00
Geoffrey White
445b82b4e1 Shared: Explain 'guard'. 2024-02-29 16:07:20 +00:00
Geoffrey White
70465b22c7 Shared: Remove @ annotations. 2024-02-29 16:00:43 +00:00
Geoffrey White
98289b52d6 Shared: Explain SsaPhiNode a bit more. 2024-02-29 15:45:43 +00:00
Geoffrey White
8151f3024d Shared: Pinch better doc for isEquality from a related Guards class in csharp. 2024-02-29 15:41:51 +00:00
Mathias Vorreiter Pedersen
2fd57f6ee7 Shared: Remove cached annotation. 2024-02-28 16:24:21 +00:00
Anders Schack-Mulligen
699dddcfbe Merge pull request #15725 from aschackmull/dataflow/summary-join-fix 
Dataflow: Prevent bad join in FlowSummaryImpl::Private::Steps::summaryLocalStep.
 2024-02-27 10:32:38 +01:00
Tom Hvitved
bbeee8f38d Merge pull request #15717 from hvitved/csharp/view-cfg 
Shared `View CFG` implementation
 2024-02-27 09:13:18 +01:00
Mathias Vorreiter Pedersen
690fdc076d Shared: Add change note. 2024-02-26 17:13:32 +00:00
Mathias Vorreiter Pedersen
9ec17e6338 Shared: Pull out the shared parts of Java's type flow library into a shared module. 2024-02-26 17:13:27 +00:00
Anders Schack-Mulligen
20bb631456 Dataflow: Prevent bad join. 2024-02-26 13:45:19 +01:00
Tom Hvitved
5b6e76c030 Move View CFG implementation from Ruby/Swift into shared library 2024-02-26 11:23:49 +01:00
Rasmus Wriedt Larsen
07223031e8 Merge branch 'main' into lgtm_index_filter_handling 2024-02-26 09:56:02 +01:00
Tom Hvitved
2683e40038 Merge pull request #15708 from hvitved/share-ide-contextual 
Share `getFileBySourceArchiveName` implementation
 2024-02-23 19:56:33 +01:00
Erik Krogh Kristensen
a0f91fbc15 Merge pull request #15706 from erik-krogh/pol-reg 
ReDoS: Restrict some edges related to upper/lower-case when constructing possible attack strings for polynomial-redos.
 2024-02-23 12:06:17 +01:00
Tom Hvitved
62b16c0fa3 Share getFileBySourceArchiveName implementation 2024-02-23 11:25:49 +01:00
Geoffrey White
573763a4b3 Shared: More revisions, manual and aided by further discussion with Copilot. 2024-02-22 18:59:35 +00:00
erik-krogh
e74e5b3613 try to restrict the edges we follow (related to upper/lower-case) when contructing possible attack-strings for polynomial-redos 2024-02-22 13:15:17 +01:00
Tom Hvitved
ebee35b385 Ruby: No fieldFlowBranchLimit for SummarizedCallables 2024-02-22 10:27:25 +01:00
Geoffrey White
7b85bb4c95 Shared: Autoformat. 2024-02-21 17:54:00 +00:00
Geoffrey White
4367b7813c Shared: Use more standard QLDoc phrasing. 2024-02-21 17:54:00 +00:00
Geoffrey White
d1c0294551 Shared: Delete hallucinated return values. 2024-02-21 17:54:00 +00:00
Geoffrey White
5e401abccb Shared: Undo changes to existing QLDoc. 2024-02-21 17:53:59 +00:00
Geoffrey White
2f1d4b923e Shared: Generate some QLDoc using the "GitHub Copilot: Generate Docs" command. 2024-02-21 17:53:59 +00:00
Anders Schack-Mulligen
71f8ccf45f Merge pull request #15654 from aschackmull/java/static-init-vec-query-perf 
Java: Switch helper flow from Global to SimpleGlobal in StaticInitializationVectorQuery.
 2024-02-21 10:51:16 +01:00
github-actions[bot]
37f8fa3413 Post-release preparation for codeql-cli-2.16.3 2024-02-20 16:50:47 +00:00
github-actions[bot]
6d061fbc35 Release preparation for version 2.16.3 2024-02-20 14:26:23 +00:00
Anders Schack-Mulligen
5a348a5048 Dataflow: SimpleGlobal / Typetracker perf fix. 2024-02-20 14:40:28 +01:00
Tony Torralba
1704bfe2bf Merge pull request #15585 from atorralba/atorralba/go/promote-jwt-unsafe-verification 
Go: Promote `go/missing-jwt-signature-check` from experimental
 2024-02-19 15:35:44 +01:00
Anders Schack-Mulligen
2fa8c2f992 Merge pull request #15634 from aschackmull/dataflow/simpleglobal-fixreads 
Dataflow: Bugfix for field reads in SimpleGlobal.
 2024-02-19 14:02:38 +01:00
Anders Schack-Mulligen
53801e8efb Dataflow: Bugfix for field reads in SimpleGlobal. 2024-02-16 14:00:04 +01:00