hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,658 Commits 1,672 Branches 157 Tags
rust-ti-implementing-type-method
Commit Graph

78658 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
2bc0a8d6fb C++: Remove getVariableAccess from def-by-ref node 
This accessor may not be forward-compatible with an IR-based version,
and it's unclear whether it has any use. The `VariableAccess` remains in
the `TDefinitionByReferenceNode` constructor since it's used to
implement `getType`.
 2019-02-28 09:38:40 +01:00
Max Schaefer
02dff4e9d9 JavaScript: Update expected test output. 2019-02-28 08:21:06 +00:00
Jonas Jensen
7ff732d962 C++: Use OO dispatch for getType and getFunction 2019-02-28 08:23:24 +01:00
Raul Garcia
9eca21cb5a Update .gitignore 2019-02-27 18:43:51 -08:00
Raul Garcia
e24ca8ec40 Update .gitignore 2019-02-27 18:43:33 -08:00
Raul Garcia
1ae18974d8 Fixing bugs found during Code Review. 2019-02-27 18:41:23 -08:00
semmle-qlci
6602b4dbda Merge pull request #992 from xiemaisi/js/socket.io 
Approved by asger-semmle
 2019-02-27 18:43:40 +00:00
Tom Hvitved
4cbbe37b1e C#: Updated expected test output 2019-02-27 19:25:14 +01:00
Mark Shannon
9170d85155 Python: Fix falcon sources to only be source if a route is attached. 2019-02-27 16:42:31 +00:00
semmle-qlci
8e485b7972 Merge pull request #996 from xiemaisi/js/first-array-elt-in 
Approved by esben-semmle
 2019-02-27 16:19:21 +00:00
Mark Shannon
d605dfd542 Python delete extractor tests. Duplicates of internal tests. 2019-02-27 15:35:52 +00:00
Mark Shannon
f7d7b8eef2 Merge pull request #785 from taus-semmle/python-unsafe-use-of-mktemp 
Python: Add query for unsafe use of `tempfile.mktemp`.
 2019-02-27 15:01:06 +00:00
Jonas Jensen
972d00822c C++: Generalize std::move data flow 2019-02-27 15:53:00 +01:00
Jonas Jensen
80183464d9 C++: Define DefinitionByReferenceNode 
This enables data flow through `memcpy` and similar functions modeled in
`semmle.code.cpp.model`.
 2019-02-27 15:53:00 +01:00
Asger F
9497199cbd JS: add localFieldStep 2019-02-27 14:20:47 +00:00
Asger F
b6648def19 JS: Add ClassNode.getAReceiverNode 2019-02-27 14:20:47 +00:00
Jonas Jensen
5647a1a658 C++: BlockVar value stops at def by ref (partial) 2019-02-27 15:05:53 +01:00
Geoffrey White
25a5ff5e55 CPP: Similarly update other @deprecated messages. 2019-02-27 13:20:24 +00:00
Geoffrey White
f0356bb83b CPP: Reformat @deprecated message. 2019-02-27 13:18:29 +00:00
Geoffrey White
74f7379ab9 CPP: Change note. 2019-02-27 13:09:10 +00:00
Geoffrey White
3f2e902912 CPP: Remove it from the security dashboard (OverrunWrite.ql is already on there). 2019-02-27 13:09:09 +00:00
Geoffrey White
45315cda90 CPP: Deprecate PotentialBufferOverflow.ql. 2019-02-27 13:09:09 +00:00
Geoffrey White
8a5bc24b36 CPP: Replace PotentialBufferOverflow with OverrunWrite in the test. 2019-02-27 13:09:09 +00:00
Geoffrey White
7194121eae CPP: Expand the test cases covering PotentialBufferOverflow.ql. 2019-02-27 13:09:09 +00:00
Tom Hvitved
996b0efa47 C#: Address review comments 2019-02-27 13:49:15 +01:00
Tom Hvitved
7027cd36c6 C#: Speedup isGuardedByNode() 2019-02-27 13:29:14 +01:00
Tom Hvitved
72384e57e1 C#: Speedup Assertion::strictlyDominates() 2019-02-27 13:29:14 +01:00
Tom Hvitved
baa596ce6c C#: Speedup ControlFlowElement::controlsBlock() 2019-02-27 13:29:14 +01:00
Jonas Jensen
20f3df0d09 C++: Add tests to demo lack dataflow by reference 2019-02-27 13:19:16 +01:00
Max Schaefer
9d77619afc JavaScript: Make file types customisable in AutoBuild. 
Every once in a while we encounter projects using some custom file extension for files that we could in principle extract, but since the extractor doesn't know about the extension the files are skipped.

To handle this, the legacy extractor has a `--file-type` option that one can use to specify a file type to use for all files in that particular extraction. So far, `AutoBuild` has nothing of the sort.

This PR proposes to introduce an environment variable `LGTM_INDEX_FILETYPES` to allow a similar customisation. In the fullness of time, this variable would be set through `lgtm.yml` in the usual way, but for now it is undocumented and for internal use only.

Specifically, `LGTM_INDEX_FILETYPES` is a newline-separated list of ".extension:filetype" pairs, specifying that files with the given `.extension` should be extracted as type `filetype`, where
`filetype` is one of `js`, `html`, `json`, `typescript` or `yaml`.

For example, `.jsm:js` causes all `.jsm` files to be extracted as JavaScript.

This can also be used to override default file types: for example, by specifying `.js:typescript` all JavaScript files will be extracted as TypeScript.
 2019-02-27 12:02:01 +00:00
Asger F
3d400cc57f JS: basic model of closure Promises 2019-02-27 11:58:51 +00:00
Max Schaefer
2ed37903d8 JavaScript: Include list of relevant environment variables in Javadoc for AutoBuild. 2019-02-27 11:54:59 +00:00
Mark Shannon
9e268d77d0 Python: Add responses to Falcon framework support. 2019-02-27 09:56:18 +00:00
Mark Shannon
6a48420191 Python: Basic support for falcon framework; routing and requests. 2019-02-27 09:55:52 +00:00
semmle-qlci
999e0c8b95 Merge pull request #947 from asger-semmle/string-ops-concat 
Approved by xiemaisi
 2019-02-27 09:54:46 +00:00
Mark Shannon
742c1d0fa7 Python: Add test skeleton for falcon web framework. 2019-02-27 09:53:20 +00:00
Max Schaefer
37a3085466 Merge pull request #993 from asger-semmle/getacallee 
JS: document new behavior of overriding InvokeNode.getACallee()
 2019-02-27 09:00:59 +00:00
Max Schaefer
6ecdb0edd5 JavaScript: Allow first expression in array literal to be an in expression. 2019-02-27 08:58:28 +00:00
Max Schaefer
0648d7aa09 JavaScript: Sharpen result type of getAReceivedItem. 2019-02-27 08:51:43 +00:00
semmle-qlci
d857f52c7d Merge pull request #991 from jbj/error-function-returns 
Approved by geoffw0
 2019-02-27 08:01:39 +00:00
Raul Garcia
fb5f220bb6 Merge branch 'users/raulga/ICryptoTransform' of https://github.com/raulgarciamsft/ql into users/raulga/ICryptoTransform 2019-02-26 16:22:54 -08:00
Raul Garcia
f8ae56a27c Improving documentation 2019-02-26 16:22:39 -08:00
Taus
dcaf0f8ba8 Merge pull request #978 from markshannon/python-turbogears 
Python: Add support for turbogears; requests and responses.
 2019-02-26 21:46:01 +01:00
Dave Bartolomeo
84c7f195d6 Merge pull request #994 from geoffw0/msalloc 
CPP: Add lots more allocation functions to Alloc.qll
 2019-02-26 11:59:45 -08:00
Mark Shannon
a480da6ed5 Python: Generalize turbogear response sinks to allow for internally sourced strings. 2019-02-26 18:31:06 +00:00
Calum Grant
5c2804d3ac Merge pull request #968 from hvitved/csharp/dataflow-performance 
C#: Improve join orders in `DataFlow` module
 2019-02-26 17:34:16 +00:00
Geoffrey White
c637bc5fcc CPP: Change note. 2019-02-26 17:17:16 +00:00
Geoffrey White
e32042d69c CPP: Add support for Microsoft functions in Alloc.qll. 2019-02-26 17:11:37 +00:00
Max Schaefer
cd9ccd4c8d Merge pull request #983 from asger-semmle/closure-global-ref 
JS: add closure library in globalObjectRef
 2019-02-26 16:55:58 +00:00
Max Schaefer
db5fbe29a3 Merge pull request #941 from esben-semmle/js/vue-support-2 
JS: Vue security improvements
 2019-02-26 16:49:38 +00:00