hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,658 Commits 1,672 Branches 157 Tags
rust-ti-implementing-type-method
Commit Graph

78658 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yh-semmle
23e94c23e3 Merge pull request #786 from aschackmull/java/double-checked-locking 
Java: Fix FP in DoubleCheckedLocking.ql
 2019-01-22 17:39:54 -05:00
Mark Shannon
547b3eb973 Python: Fix 'unused import' to no longer give alerts for imported modules used in typehints. 2019-01-22 17:38:09 +00:00
calum
790db3ab67 C#: Address review comments. 2019-01-22 17:29:58 +00:00
Geoffrey White
175ff9644a CPP: Change * to +. 2019-01-22 16:41:57 +00:00
Geoffrey White
fccf30eff5 Merge pull request #803 from jbj/commented-out-code-const 
C++: Recognize more function decls as code
 2019-01-22 16:40:08 +00:00
Geoffrey White
feeb391737 Merge pull request #769 from jbj/fully-converted-perf 
C++: Speed up Expr.getFullyConverted slightly
 2019-01-22 14:02:22 +00:00
Mark Shannon
19c43510a3 Python: Make test 2/3 compatible. 2019-01-22 14:01:44 +00:00
Mark Shannon
a3b5769c2c Python: Weak file permissions query. 2019-01-22 11:33:19 +00:00
Mark Shannon
21299493c9 Python tests: Hide special ESSA variables in tests, to ease transition from '*' to '$' variable. 2019-01-22 11:02:36 +00:00
Mark Shannon
28bea69882 Python: ESSA definitions; make '*' special variable into its own class. 2019-01-22 10:51:36 +00:00
Geoffrey White
aba73f4aac Merge pull request #801 from jbj/mergeback-20190121 
C++: Merge rc/1.19 and #777
 2019-01-22 08:54:26 +00:00
Geoffrey White
fab8e526f3 CPP: Replace call to getEnclosingAccessHolder() with getEnclosingElement(). 2019-01-21 18:30:20 +00:00
Esben Sparre Andreasen
00ef80dfc5 Merge pull request #741 from asger-semmle/this-access-path 
JS: support 'this' as the root of an access path
 2019-01-21 16:48:34 +01:00
Mark Shannon
61d8319b4e Fix compilation warning in test. 2019-01-21 14:38:12 +00:00
Mark Shannon
5e8ab92cc6 Add test for attribute points-to extension. 2019-01-21 14:38:12 +00:00
Mark Shannon
01a2add73b Python: Internal points-to extension enhancement. Use it handle re module constants. 2019-01-21 14:38:07 +00:00
Mark Shannon
5dd0123f0d Python tests: Remove useless duplicate test. 2019-01-21 14:31:15 +00:00
Anders Schack-Mulligen
50ce961c06 Merge pull request #791 from hmakholm/pr/ODASA-6859 
Fix ODASA-6859
 2019-01-21 13:23:26 +01:00
Mark Shannon
6bbbb85a73 Python: Remove some negation from points-to, in preparation for ADT Objects. 2019-01-21 11:56:39 +00:00
Asger F
10db0d53a8 JS: copy changes to TrackedNode 2019-01-21 10:49:27 +00:00
Max Schaefer
43f4fe1a7e Update DoubleEscaping.qhelp 
Somewhat ironic, considering the object of the query.
 2019-01-21 18:48:22 +08:00
Jonas Jensen
7bb9deeb34 C++: Recognize more function decls as code 2019-01-21 11:47:35 +01:00
Asger F
3a6e6f95b9 JS: autoformat 2019-01-21 10:39:35 +00:00
Asger F
77d748aa00 JS: "return" flow through callbacks 2019-01-21 10:39:35 +00:00
Geoffrey White
821a7bfadd Merge pull request #779 from jbj/commented-out-code-braces 
C++: Relax commented-out code heuristic for `}`
 2019-01-21 09:37:30 +00:00
Jonas Jensen
b30c9bc571 Merge remote-tracking branch 'upstream/source/pr/777/head' into mergeback-20190121 2019-01-21 09:59:04 +01:00
Jonas Jensen
7912c8106b Merge remote-tracking branch 'upstream/rc/1.19' into mergeback-20190121 2019-01-21 09:58:37 +01:00
Jonas Jensen
9561fdaabf Merge pull request #672 from geoffw0/lgtm1605 
CPP: Fix function pointer/lambda related false positives in 'Resource not released in destructor'
 2019-01-21 09:35:30 +01:00
Jonas Jensen
169bbcdfa0 Merge pull request #682 from geoffw0/suspiciousaddsizeof 
CPP: Fix false positive in SuspiciousAddWithSizeof.ql
 2019-01-21 09:06:18 +01:00
Esben Sparre Andreasen
9e4613094a JS: sharpen js/unneeded-defensive-code for negations and sequences 2019-01-21 09:00:35 +01:00
semmle-qlci
0432b01e3b Merge pull request #764 from asger-semmle/dataflow-classnode 
Approved by esben-semmle, xiemaisi
 2019-01-21 06:47:57 +00:00
semmle-qlci
dd84b6063b Merge pull request #794 from xiemaisi/js/parallel-extraction 
Approved by asger-semmle, esben-semmle
 2019-01-20 00:22:38 +00:00
Mark Shannon
261cd36b8c Merge pull request #781 from kevinbackhouse/HashedButNoHash 
Python: fix false positive result.
 2019-01-18 21:56:12 +00:00
Kevin Backhouse
9e79e1bc8c Simplify the logic with theTypeErrorType(). 2019-01-18 16:33:48 +00:00
Geoffrey White
bff23f546d CPP: Clearer naming. 2019-01-18 16:21:28 +00:00
calum
63653cd0f7 C#: Analysis change notes. 2019-01-18 15:49:05 +00:00
calum
c9ffb38e4b C#: Add sources and sinks in Winforms. Update some queries with new sources and sinks. 2019-01-18 15:42:44 +00:00
Asger F
4b4daa645f JS: handle accessors separately 2019-01-18 15:42:05 +00:00
Asger F
e18b635314 JS: add getADirectSuperClass() 2019-01-18 15:42:05 +00:00
Asger F
c82690f4c1 JS: address comments 2019-01-18 15:42:05 +00:00
Asger F
cc1204acef JS: remove isAmbient() check 2019-01-18 15:42:05 +00:00
Asger F
1eb0ca4b4a JS: make ClassNode::Range abstract 2019-01-18 15:42:05 +00:00
Geoffrey White
458fddd28e CPP: Use strictconcat. 2019-01-18 15:01:47 +00:00
Taus
bcc65dbad3 Merge pull request #554 from markshannon/python-named-module-utility 
Python: named module utility
 2019-01-18 16:01:36 +01:00
Asger F
3cb2341e63 JS: split ClassNode into two classes 2019-01-18 14:46:38 +00:00
Asger F
5b7675d972 JS: introduce DataFlow::ClassNode 2019-01-18 14:46:38 +00:00
Taus
8d99186d74 Merge pull request #795 from markshannon/remove-builtin-class-test 
Python: Remove fragile and unnecessary test.
 2019-01-18 15:17:39 +01:00
Taus
92d2e18bf2 Merge pull request #712 from markshannon/python-fix-odasa-7307 
Python: Detect a wider range of generated files.
 2019-01-18 14:38:08 +01:00
Tom Hvitved
ceb9ccf811 C#: Add change note 2019-01-18 13:56:27 +01:00
Tom Hvitved
dd99525566 C#: Redefine AccessorCall 
The syntactic node assiociated with accessor calls was previously always the
underlying member access. For example, in

```
x.Prop = y.Prop;
```

the implicit call to `x.set_Prop()` was at the syntactic node `x.Prop`, while the
implicit call to `y.get_Prop()` was at the syntactic node `y.Prop`.

However, this breaks the invariant that arguments to calls dominate the call itself,
as the argument `y.Prop` for the implicit `value` parameter in `x.set_Prop()` will
be evaluated after the call (the left-hand side in an assignment is evaluated before
the right-hand side).

The solution is to redefine the access call to `x.set_Prop()` to point to the whole
assignment `x.Prop = y.Prop`, instead of the access `x.Prop`. For reads, we still want
to associate the accessor call with the member access.

A corner case arises when multiple setters are called in a tuple assignment:

```
(x.Prop1, x.Prop2) = (0, 1)
```

In this case, we cannot associate the assignment with both `x.set_Prop1()` and
`x.set_Prop2()`, so we instead revert to using the underlying member accesses as
before.
 2019-01-18 13:56:23 +01:00