Geoffrey White
5101a5bc3d
Merge pull request #1056 from jbj/SimpleRangeAnalysis-use-after-cast
...
C++: Fix use-after-cast bug in SimpleRangeAnalysis
2019-04-10 11:04:20 +01:00
Jonas Jensen
01fc721497
C++: Fixup test annotation
2019-04-10 09:28:06 +02:00
Robert Marsh
75ab311c3a
Merge pull request #1223 from geoffw0/commentedoutcode
...
CPP: Detect commented out preprocessor logic
2019-04-09 16:16:19 -04:00
Robert Marsh
c9fbbfe7d8
Merge pull request #984 from rdmarsh2/rdmarsh/cpp/ir-stmtexpr
...
C++: add support for GNU StmtExpr in IR
2019-04-09 12:54:35 -04:00
Tom Hvitved
006692524b
C#: Improve CFG for (potential) dynamic accessor calls
2019-04-09 15:26:42 +02:00
Tom Hvitved
fcad129135
C#: Add CFG tests for (potential) dynamic accessor calls
2019-04-09 15:26:36 +02:00
Esben Sparre Andreasen
e70413922b
Update javascript/ql/src/semmle/javascript/frameworks/Cheerio.qll
...
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com >
2019-04-09 14:25:33 +01:00
Esben Sparre Andreasen
2113e6e4d3
Update javascript/ql/src/semmle/javascript/frameworks/Cheerio.qll
...
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com >
2019-04-09 14:25:19 +01:00
Esben Sparre Andreasen
ad119dae21
Update javascript/ql/src/semmle/javascript/frameworks/jQuery.qll
...
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com >
2019-04-09 14:25:11 +01:00
Esben Sparre Andreasen
b72c678b2c
Update javascript/ql/src/semmle/javascript/frameworks/jQuery.qll
...
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com >
2019-04-09 14:25:01 +01:00
Mark Shannon
97a9954e72
Merge pull request #1222 from taus-semmle/python-unify-old-and-new-query-suites
...
Python: Make old query suites point to new query suites.
2019-04-09 14:04:21 +01:00
Geoffrey White
13ed50f049
CPP: Improve the regexp.
2019-04-09 13:08:31 +01:00
Geoffrey White
d70e7ceafe
CPP: Additional test cases.
2019-04-09 13:04:32 +01:00
Jonas Jensen
ca71ac7c36
C++: Accept improved test output
2019-04-09 13:38:52 +02:00
Geoffrey White
ddb1b0ac1c
CPP: Declaration -> definition.
2019-04-09 12:35:20 +01:00
Asger F
39bafa354e
JS: Add change note
2019-04-09 12:22:20 +01:00
Asger F
bd1d9ed810
JS: Add test
2019-04-09 12:21:54 +01:00
Asger F
0fcdf91d4a
JS: Add model of cheerio
2019-04-09 12:21:54 +01:00
Jonas Jensen
fd4967e6f1
C++: Fix SnprintfOverflow issues
...
Requiring strict inclusion between types turned out to cause false
positives in `SnprintfOverflow`, which relied indirectly on
`RangeAnalysisUtils::linearAccessImpl` to identify acceptable bounds
checks. This query was particularly affected because `snprintf` returns
`int` (signed) but takes `size_t` (unsigned), so conversions are bound
to happen.
2019-04-09 11:05:14 +02:00
Esben Sparre Andreasen
e7adb62288
Merge pull request #1221 from asger-semmle/contextual-typing
...
TS: Extract contextual type for object/array literals
2019-04-09 10:43:01 +02:00
Esben Sparre Andreasen
9d1f511ca0
JS: fixup missing space
2019-04-09 10:39:26 +02:00
Esben Sparre Andreasen
89596052cf
JS: autoformat TypeTracking.qll
2019-04-09 10:39:26 +02:00
Taus
adf8cdcde5
Merge pull request #1203 from markshannon/python-taint-tracking-configuration-2
...
Python: Use taint tracking configuration for queries.
2019-04-09 10:01:35 +02:00
Tom Hvitved
3f403b8f0d
Merge pull request #1208 from felicity-semmle/support/SD-3189-move
...
Documentation: move support information into a version-neutral location
2019-04-09 10:01:14 +02:00
semmle-qlci
92acd322fc
Merge pull request #1218 from esben-semmle/js/whitelist-typeconfusion-lt1-checks
...
Approved by asger-semmle
2019-04-09 01:11:34 +01:00
Robert Marsh
fd7512c447
C++: accept test change in SignAnalysis
2019-04-08 14:10:37 -04:00
Geoffrey White
5bd5b1b6ce
CPP: Change note.
2019-04-08 18:19:30 +01:00
Geoffrey White
48fff334da
CPP: Detect commented preprocessor code.
2019-04-08 18:17:23 +01:00
Geoffrey White
4d67bd32dd
CPP: Move comments explaining implementation details into the body of 'looksLikeCode'.
2019-04-08 18:14:54 +01:00
Rebecca Valentine
c120cca9d3
better explanation of null sensitive contexts
2019-04-08 10:12:04 -07:00
Geoffrey White
f432f1a03a
CPP: Autoformat CommentedOutCode.qll.
2019-04-08 18:00:49 +01:00
Geoffrey White
92241132b5
CPP: Add test cases.
2019-04-08 18:00:34 +01:00
Taus Brock-Nannestad
98e9edc27c
Delete unnecessary files.
2019-04-08 18:27:30 +02:00
Taus Brock-Nannestad
e227078953
Add note about backwards compatibility.
2019-04-08 17:55:48 +02:00
Mark Shannon
52b3f77f4f
Fix typo.
2019-04-08 15:47:49 +01:00
Asger F
db9fd3f721
TS: update test change
2019-04-08 15:17:40 +01:00
Taus Brock-Nannestad
2e6291270b
Python: Make old query suites point to new.
2019-04-08 14:02:34 +02:00
Taus
f5ccd3c228
Merge pull request #1210 from markshannon/python-dataflow-config
...
Python: Make DataFlow::Configuration act more like other languages
2019-04-08 13:46:35 +02:00
semmle-qlci
f54366bf95
Merge pull request #1214 from asger-semmle/taint-addexpr-phi
...
Approved by esben-semmle, xiemaisi
2019-04-08 11:55:06 +01:00
Anders Schack-Mulligen
6e7ae8a0a9
Merge pull request #1217 from jbj/mergeback-20190408
...
Mergeback rc/1.20 to master
2019-04-08 12:44:19 +02:00
Jonas Jensen
93286aabdf
C++: Test for FP introduced by relOp changes
2019-04-08 11:19:57 +02:00
Esben Sparre Andreasen
52d86471af
JS: whitelist another emptiness check for the type-confusion query
2019-04-08 09:52:27 +02:00
semmle-qlci
662ad4b2ca
Merge pull request #1205 from asger-semmle/prefix-sanitizer
...
Approved by esben-semmle
2019-04-08 08:29:04 +01:00
Jonas Jensen
fedd652de8
Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-20190408
2019-04-08 08:39:44 +02:00
semmle-qlci
0bd4fde34d
Merge pull request #1216 from geoffw0/revert-microsoft
...
Approved by dave-bartolomeo, jbj
2019-04-06 01:02:17 +01:00
Ziemowit Laski
ef54b012e0
[CPP-340] Fixed .expected file to match new query.
2019-04-05 15:43:38 -07:00
Robert Marsh
8087cb5040
C++: add CopyValueInstruction for StmtExpr result
2019-04-05 11:27:19 -07:00
Asger F
50c2921625
TS: Use contextual typing for literals
2019-04-05 18:43:51 +01:00
Asger F
d7bfeeefd0
TS: add test case with nested literals
2019-04-05 18:40:24 +01:00
Rebecca Valentine
40e3a241a1
Revert "Update javascript/ql/src/semmle/javascript/Expr.qll"
...
This reverts commit 78407f85ee
2019-04-05 09:47:56 -07:00
