hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,658 Commits 1,672 Branches 157 Tags
rust-ti-implementing-type-method
Commit Graph

4333 Commits

Author SHA1 Message Date
Paolo Tranquilli
0d32f00020 Swift: update ExtensionDecl test results 2023-01-17 12:58:02 +01:00
Paolo Tranquilli
d6e0ef9ff9 Swift: extract ExtensionDecl protocols 2023-01-17 12:56:09 +01:00
Paolo Tranquilli
f6e26211f9 Swift: add protocols to ExtensionDecl schema 2023-01-17 12:54:50 +01:00
Geoffrey White
74a37475db Swift: Model RNCryptor. 2023-01-17 11:54:12 +00:00
Paolo Tranquilli
8906e101cb Swift: add ExtensionDecl QL test 2023-01-17 12:49:53 +01:00
Mathias Vorreiter Pedersen
77a9cea737 Merge pull request #11901 from github/redsun82/swift-ql-internal 
Swift: introduce `@ql.internal` pragma for classes
 2023-01-17 10:46:56 +00:00
Paolo Tranquilli
6106edd5e2 Swift: add INTERNAL doc marker to ql.internal classes 2023-01-17 10:30:59 +01:00
Paolo Tranquilli
b22da25e05 Swift: remove ql.internal classes from global import 2023-01-17 10:18:03 +01:00
Paolo Tranquilli
48825442c3 Swift: add ql.internal pragma in schema definitions 2023-01-17 10:10:35 +01:00
Paolo Tranquilli
cdc99b5240 Swift: simplify pragma definition 2023-01-17 10:10:02 +01:00
Geoffrey White
449ebb8a12 Swift: Add tests for RNCryptor library. 2023-01-17 09:03:07 +00:00
Paolo Tranquilli
e3502e2e5f Merge branch 'main' into redsun82/swift-open-redirection 2023-01-17 09:43:00 +01:00
Alex Denisov
63b4e5ef5c Swift: do not trace lsregister 2023-01-17 09:26:31 +01:00
Tony Torralba
bd5619147d Merge pull request #11590 from atorralba/atorralba/swift/sensitive-info-logs 
Swift: Add Cleartext Logging query
 2023-01-16 16:22:20 +01:00
Tony Torralba
0017461e2d Update swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-01-16 15:35:58 +01:00
Paolo Tranquilli
874fe2b8f9 Swift: introduce an in-memory file hash cache 
File hashing is now done internally in `SwiftFileInterception` (and
exported as a `getHashOfRealFile` function for future use in linkage
awareness), and using a per-process in-memory cache. The persistent
caching of paths is removed, so the solution is now robust against input
file changes during the build.

For the same reason, the hash to artifact mapping have the symlinks
reversed now. The artifacts themselves are stored using the hash as
filenames, and the original paths of the artifacts are reacreated in the
scratch dir with symlinks mostly for debugging purposes (to understand
what artifact each hash corresponds to, and to follow what was built by
the extractor).
 2023-01-16 12:05:36 +01:00
Tony Torralba
fdb3b65bce Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-01-16 11:57:37 +01:00
Paolo Tranquilli
738412260f Merge branch 'main' into redsun82/swift-open-redirection 2023-01-16 09:09:10 +01:00
Mathias Vorreiter Pedersen
2dbacbc302 Merge pull request #11841 from MathiasVP/swift-add-integral-types 
Swift: Add integral type classes
 2023-01-13 17:30:57 +00:00
Geoffrey White
c9a0067705 Swift: Remove flow in cases with multiple variables. 2023-01-13 16:37:23 +00:00
Geoffrey White
2c35af51cd Swift: Move logic into Ssa::WriteDefinition.assigns. 2023-01-13 15:19:33 +00:00
Geoffrey White
8a77906296 Swift: Use Ssa::Definition rather than ConcreteVarDecl. 2023-01-13 15:01:20 +00:00
Geoffrey White
7f31c9c7e5 Swift: Add a test. 2023-01-12 15:19:57 +00:00
Geoffrey White
3d1b2fdbda Swift: Rename NumericOrCharType.qll -> Numer> NumericType.qll. 2023-01-12 11:46:51 +00:00
Geoffrey White
418d593a97 Swift: Replace NumericOrCharType with a more basic NumericType, and rename classes for consistency with other static languages. 2023-01-12 11:43:20 +00:00
Geoffrey White
d0eb167d47 Swift: Merge FloatingPointType.qll into NumericOrCharType.qll, because it is a numeric type and other stuff like CharacterType is there. 2023-01-12 11:42:36 +00:00
Geoffrey White
4e5483744f Swift: Add a test case we're discussing. 2023-01-12 10:52:03 +00:00
Paolo Tranquilli
4f5f0aad45 Merge branch 'main' into redsun82/swift-open-redirection 2023-01-12 10:54:04 +01:00
Michael Nebel
18a815ca8b Merge pull request #11721 from michaelnebel/csharpjava/refactorprovenance 
C#/Java: Re-factor provenance related predicates.
 2023-01-12 10:50:31 +01:00
Geoffrey White
994ea704da Swift: Clean up the QL a little. 2023-01-12 09:31:48 +00:00
Geoffrey White
6a0b56bf40 Swift: Fix for extensions. 2023-01-11 18:32:07 +00:00
Geoffrey White
2622de9747 Swift: Improve Core Data coverage. 2023-01-11 18:26:34 +00:00
Geoffrey White
82f9903bf0 Swift: Additional test cases for swift/cleartext-storage-database on Core Data. 2023-01-11 18:22:32 +00:00
Pierre
c3116b3f0f Merge branch 'main' into turbo/experimental/combined 2023-01-11 18:02:55 +01:00
Michael Nebel
7e4f7a0c17 C#: Address review comments and sync files. 2023-01-11 16:29:24 +01:00
Michael Nebel
67cbe38255 Sync files. 2023-01-11 16:20:55 +01:00
Michael Nebel
80a4197604 Swift: Re-factor provenance related predicates for summarized callable. 2023-01-11 16:20:55 +01:00
Michael Nebel
ea173f9516 Sync files. 2023-01-11 16:20:55 +01:00
Tony Torralba
c115a9fee4 Add more path injection sinks 2023-01-11 14:28:24 +01:00
Tony Torralba
a4f813183e Merge pull request #11785 from atorralba/atorralba/swift/grdb-sinks 
Swift: Add sinks for the GRDB library
 2023-01-11 11:49:37 +01:00
Paolo Tranquilli
0ad585cfe6 Merge pull request #11860 from github/redsun82/swift-clang-14 
Swift: make compilation with newer STL possible
 2023-01-10 17:17:56 +01:00
Paolo Tranquilli
2fb5621527 Swift: replace $(CC) with clang 
On macOS `$(CC)` points to a wrapper that requires `DEVELOPER_DIR` to be
set in the environment. Using `clang` is slightly less generic, but
that's our default any way. Even if we do set a different clang version
somewhere, the selected version of GCC would not change, and the test
is targeting that.
 2023-01-10 14:58:21 +01:00
Paolo Tranquilli
943763a026 Swift: add -Wno-pragma-once-outside-header to check 2023-01-10 14:30:35 +01:00
Paolo Tranquilli
28d79eeb77 Swift: make compilation with different STL versions possible 
Previous to this patch the code contained a workaround for the standard
defect

https://cplusplus.github.io/LWG/issue3657

where `std::filesystem::path` did not have a `std::hash` implementation.

This patch allows compiling against versions of the STL that contain the
fix to the above issue. This is done by running the compiler against
code defining `std::hash<std::filesystem::path>`: if compilation
succeeds, it means the fix is not there and we need to use the
workaround, contained in `PathHash.h.workaround`. Otherwise, the fix is
there and we use `PathHash.h.fixed` instead, which only includes the
standard headers included by `PathHash.h.workaround`, so that one is a
drop-in replacement of the other.
 2023-01-10 14:14:33 +01:00
Tony Torralba
50cd40ed20 Swift: Remove omittable exists variables 2023-01-10 13:39:50 +01:00
Mathias Vorreiter Pedersen
7f5344e025 Update swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-01-09 17:08:27 +00:00
Tony Torralba
8e0a018673 Consider Int8 and UInt8 as OsLogNonRedactedTypes 2023-01-09 18:05:18 +01:00
Tony Torralba
49a41c98ee Test that hashed passwords are 'safe' to log 
This doesn't seem completely right, but the heuristic approach we have regarding sensitive expressions has to draw the line somewhere.
 2023-01-09 18:01:07 +01:00
Tony Torralba
160d89fb4e Add qhelp examples 2023-01-09 18:01:07 +01:00
Tony Torralba
33029b0ed8 Fix sanitizer QLDoc 2023-01-09 18:01:07 +01:00