codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Author	SHA1	Message	Date
Cornelius Riemenschneider	812a0bcb16	Address some parts of Anders' review.	2019-10-07 15:17:17 +02:00
Cornelius Riemenschneider	0f5dd5d7c7	Add one more test with a more complicated guard.	2019-10-07 15:14:42 +02:00
Cornelius Riemenschneider	393fb02dfa	Fix undesirable join order.	2019-10-07 15:14:41 +02:00
Tom Hvitved	eabfa31767	Synchronize data flow files	2019-10-07 15:13:48 +02:00
Tom Hvitved	46933ef65e	Java: Autoformat	2019-10-07 15:12:13 +02:00
Cornelius Riemenschneider	d79eaffd3a	Prune unreachable paths in the Java dataflow library based on call context. We now detect patterns like f(bool cond){ if(cond) then A else B and prune branches for calls like f(true) or f(false). This pruning is done both in the local (bigstep) flow graph as well as in the inter-procedural dataflow graph.	2019-10-07 15:10:54 +02:00
Cornelius Riemenschneider	dba93b30e7	Add tests exhibiting false positives in the dataflow library, where call context is not used to prune branches.	2019-10-07 14:59:55 +02:00
Anders Schack-Mulligen	066a2f0d12	Java: Add another overflow check pattern to UselessComparisonTest.	2019-10-04 15:04:40 +02:00
Tom Hvitved	7f6e253425	Java: Update expected test output	2019-10-04 11:09:44 +02:00
Tom Hvitved	9b58d799cb	Java/C++/C#: Tweak `AccessPathNil::toString()` Move the type annotation outside the brackets, to avoid prefixes such as `[ : T]`.	2019-10-04 11:09:44 +02:00
yh-semmle	3313af5189	Merge pull request #2036 from aschackmull/java/eq-ssa-guard Java: Improve guards for equal ssa variables.	2019-10-02 12:00:59 -04:00
Anders Schack-Mulligen	f87cb4d6ac	Java/C++/C#: Address review comments and fix test.	2019-10-02 14:32:17 +02:00
Anders Schack-Mulligen	f97958296d	Java/C++/C#: Sync.	2019-09-26 17:12:08 +02:00
Anders Schack-Mulligen	0afea80d53	Java: Improve guards for equal ssa variables.	2019-09-26 16:29:13 +02:00
Anders Schack-Mulligen	4221639155	Java: Improve taint/value distinction for flow through with fields.	2019-09-26 16:25:15 +02:00
Anders Schack-Mulligen	7c1594df13	Java: Slight precision improvement for getter/setter detection.	2019-09-25 10:14:49 +02:00
Anders Schack-Mulligen	f8f3a4b25f	Java: Minor additional type pruning.	2019-09-23 11:07:10 +02:00
Anders Schack-Mulligen	42a970b905	Java: Update qldoc.	2019-09-20 16:21:03 +02:00
Anders Schack-Mulligen	d9aa46d3b0	Java: Add missing field pruning.	2019-09-20 16:13:48 +02:00
Anders Schack-Mulligen	648335d46d	Java: Remove two unnecessary unbinds.	2019-09-20 16:12:56 +02:00
Tom Hvitved	6318cc9a71	Java: Update expected test output	2019-09-18 13:36:15 +02:00
Tom Hvitved	d8074ddfa6	Sync files	2019-09-18 13:36:15 +02:00
Anders Schack-Mulligen	2d620698d8	Java: Adjust qltest expected output.	2019-09-12 11:00:49 +02:00
Anders Schack-Mulligen	95e2f162d9	Java/C++/C#: Adjust toString of empty accesspath.	2019-09-12 11:00:49 +02:00
Anders Schack-Mulligen	0a4b15d40b	Java/C++/C#: Add nodes predicate to PathGraph.	2019-09-12 11:00:49 +02:00
Jonas Jensen	d51e5212fb	Merge remote-tracking branch 'upstream/master' into dataflow-TTwo Conflicts: cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll cpp/ql/test/library-tests/dataflow/fields/flow.expected csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl.qll java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl2.qll java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl3.qll java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl4.qll java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl5.qll	2019-09-08 21:08:43 +02:00
Anders Schack-Mulligen	6b85fe087a	Java: Restrict the output of Range Analysis to the best bounds.	2019-09-06 15:39:46 +02:00
Anders Schack-Mulligen	aa07020d9d	Java: Autoformat.	2019-09-06 09:03:45 +02:00
Jonas Jensen	9c9b7ac651	C#/C++/Java: Revert AccessPathNil.toString changes This caused too many `*.expected` files to change, also in our internal repo.	2019-09-02 15:59:36 +02:00
Jonas Jensen	a98992f0f9	C#/C++/Java: distinguish toString of nil from cons	2019-09-02 14:22:03 +02:00
Jonas Jensen	cdede8744f	C#/C++/Java: Prettier PartialAccessPath.toString	2019-09-02 14:05:50 +02:00
Jonas Jensen	c3bc9f8575	C#/C++/Java: Unbreak partial data flow support Partial data flow had a semantic merge conflict with this branch. The problem is that partial data flow doesn't (and shouldn't) cause the initial pruning steps to run, but the length-2 access paths depend on the `consCand` information that comes from that initial pruning. The solution is to restore the old `AccessPath` class, now called `PartialAccessPath` for use only by partial data flow. With this change, partial data flow will in some cases allow more field flow than non-partial data flow.	2019-09-02 14:02:39 +02:00
Jonas Jensen	dec0c3a0ee	C#/C++/Java: Make AccessPath abstract This was requested by @hvitved in code review. There is no difference in the generated DIL.	2019-09-02 13:14:30 +02:00
Jonas Jensen	b1be123e31	C#/C++/Java: Prettier AccessPath.toString The `ppReprType` predicate should now be `none()` instead of `result=""` to signal that there is nothing to print. That seems clearer to me.	2019-09-02 13:14:20 +02:00
Jonas Jensen	6c96a8d339	Java: Accept test changes Note: the results in `partial` have regressed and will need to be fixed in a follow-up commit.	2019-09-02 13:14:17 +02:00
Jonas Jensen	b2c94cc6b4	C++/C#/Java: Restore the AccessPathCons class	2019-09-02 13:14:13 +02:00
Jonas Jensen	fbe34015f3	C++/C#/Java: AccessPath class names reflect length One -> ConsNil Two -> ConsCons	2019-09-02 13:13:59 +02:00
Jonas Jensen	e8006bb2cc	C++/C#/Java: data flow AccessPath up to length 2 This commit does not include updates to test results.	2019-09-02 13:13:46 +02:00
yh-semmle	c359675fa9	Merge pull request #1802 from aschackmull/java/taint-step-extension-point Java: Add a global extension point for taint steps.	2019-08-30 17:19:58 -04:00
Anders Schack-Mulligen	8a318ce4e7	Java: Extend test with graph.	2019-08-30 14:35:21 +02:00
Anders Schack-Mulligen	6582734733	Java: Add test.	2019-08-30 14:32:55 +02:00
Anders Schack-Mulligen	5e6326d1d5	Java/C++/C#: Add support for dataflow exploration by partial paths.	2019-08-30 14:32:55 +02:00
Luke Cartey	dfa371c65b	Java: Add missing SQL query APIs. * executeLargeUpdate * prepareCall	2019-08-30 10:40:49 +01:00
Anders Schack-Mulligen	ae98d4fd8e	Java: Change extension point to use a unit type.	2019-08-29 11:05:45 +02:00
Tom Hvitved	853a3aa998	Merge pull request #1799 from aschackmull/java/fieldflow-perf Java/C++/C#: Improve performance of data flow with fields.	2019-08-28 16:30:25 +02:00
Luke Cartey	1669d283fe	Merge pull request #1795 from aschackmull/java/localexprflow Java: Add localExprFlow and localExprTaint.	2019-08-28 14:04:49 +01:00
Anders Schack-Mulligen	2bea0a459a	Java/C++/C#: Sync.	2019-08-23 11:34:17 +02:00
Anders Schack-Mulligen	6e97f22b43	Java/C++/C#: Improve performance of pruning in field flow.	2019-08-23 11:32:45 +02:00
Pavel Avgustinov	cc854dd937	Merge branch 'master' of github.com:Semmle/ql into attribute	2019-08-23 09:55:35 +01:00
Calum Grant	ff20a2ceb9	Merge pull request #1761 from hvitved/csharp/dataflow/fields C#: Data flow through fields	2019-08-22 20:46:00 +01:00

... 272 273 274 275 276 ...

14042 Commits