hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 19:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,672 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
1a6c95c908 TS: update test expectation 2019-03-21 11:06:04 +00:00
Geoffrey White
867f357b36 CPP: Correct the test. 2019-03-21 10:57:44 +00:00
Calum Grant
f20041d41f Merge pull request #1133 from hvitved/csharp/more-performance-tweaks 
C#: More performance tweaks
 2019-03-21 10:46:07 +00:00
Max Schaefer
1835028b93 JavaScript: Show character code when reporting unexpected character. 2019-03-21 10:44:49 +00:00
Max Schaefer
4533e1f6fe JavaScript: Add model of adm-zip library for ZipSlip query. 2019-03-21 08:04:06 +00:00
Ziemowit Laski
5a092d0fed [CPP-340] Create three QL queries: (1) mismatched argument types, 
(2) too few arguments and (3) too many arguments.
    Create new 'UnderspecifiedFunction' folders for both queries and tests.
 2019-03-20 19:42:51 -07:00
Geoffrey White
5a56740ee6 Merge pull request #1124 from jbj/weak-cryptographic-algorithm-perf 
C++: Fix performance of BrokenCryptoAlgorithm.ql
 2019-03-20 18:01:58 +00:00
Taus Brock-Nannestad
391e111189 Use attr instead of getAttribute. 2019-03-20 17:41:23 +01:00
Taus Brock-Nannestad
f14f7b50ed Python: Use ModuleObject::named more consistently. 2019-03-20 17:41:23 +01:00
Taus Brock-Nannestad
c64372886c Fix typo. 2019-03-20 17:15:41 +01:00
Geoffrey White
2fdd33eecd CPP: Change note. 2019-03-20 15:48:02 +00:00
Geoffrey White
91bef02257 CPP: Add a 1.21 CPP change notes file (couldn't find the templates). 2019-03-20 15:48:00 +00:00
Geoffrey White
faeb326bf8 CPP: Use newer dataflow for the fix. 2019-03-20 15:47:48 +00:00
Geoffrey White
7d8886e30c CPP: Fix over-enthusiastic dataflow in allocExprOrIndirect. 2019-03-20 15:40:02 +00:00
Geoffrey White
ea7e8927fe CPP: Add a test similar to the false positive in arvidn/libtorrent. 2019-03-20 15:35:58 +00:00
Tom Hvitved
414b7243c2 C#: More performance tweaks 2019-03-20 15:43:38 +01:00
Taus Brock-Nannestad
a6708572c0 Python: Copy query suites from python2 to python. 2019-03-20 15:33:54 +01:00
Asger F
5768d85c7b TS: fix trap test output 2019-03-20 12:46:52 +00:00
Geoffrey White
8a693699fc Merge pull request #1139 from jbj/return-stack-allocated-typo 
C++: Fix typo in ReturnStackAllocatedMemory.ql
 2019-03-20 11:36:12 +00:00
Taus
20e2f9ee4e Remove extraneous period. 2019-03-20 11:48:02 +01:00
Jonas Jensen
401b5648be C++: Fix typo in ReturnStackAllocatedMemory.ql 2019-03-20 11:27:34 +01:00
Asger F
8201e7ea27 TS: update trap test output 2019-03-20 10:23:28 +00:00
Asger F
aaa8bfb874 TS: allow namespace imports as types 2019-03-20 10:09:18 +00:00
Ziemowit Laski
2def0ee9c1 [CPP-340] Re-work QL query; treat undeclared C functions the same way as 
()-declared functions.
 2019-03-19 16:01:35 -07:00
Ziemowit Laski
5d8b84c22a Refine QL query by requiring that a ()-declaration be present. 2019-03-19 16:00:22 -07:00
Ziemowit Laski
0c350dc504 [CPP-340] Create QL query for function call argument count mismatches. 
Update QHELP file, test and test results.
 2019-03-19 16:00:02 -07:00
zlaski-semmle
241994d1f8 Merge pull request #1107 from zlaski-semmle/cpp355 
Updated query to look for Microsoft-specific '_alloca' and '_malloca'
Merge to Semmle/ql:master.
 2019-03-19 13:40:27 -07:00
Ziemowit Laski
09e729ff59 Turns out that '__builtin_alloca' takes 'unsigned long', not 'unsigned long long'; rename some parameters to align with C11 standard. 2019-03-19 13:27:14 -07:00
Ziemowit Laski
11ed4f3312 Change __builtin_alloca declaration to use an unsigned long long parameter. 2019-03-19 13:12:29 -07:00
Ziemowit Laski
ff3430d8d0 Use '// GOOD' and '// BAD' annotations for query diagnostics. 2019-03-19 12:29:38 -07:00
Max Schaefer
b211a54181 Merge pull request #1132 from xiemaisi/mergeback-2019-03-19 
Merge rc/1.20 into master
 2019-03-19 17:28:52 +00:00
Max Schaefer
23d77f3e6a Merge pull request #1130 from felicity-semmle/1.20/javascript-extractor 
1.20: Update JavaScript extraction notes and supported versions
 2019-03-19 17:09:05 +00:00
Mark Shannon
29c4e274e1 Merge pull request #1127 from felicity-semmle/1.20/python-change-notes 
1.20: finalize python change notes
 2019-03-19 16:53:59 +00:00
Calum Grant
fb9c587c86 Merge pull request #1126 from hvitved/csharp/performance-tweaks 
C#: Fix a few minor performance regressions
 2019-03-19 16:01:49 +00:00
calum
449e65d467 C#: Update expected outputs. 2019-03-19 15:11:19 +00:00
Mark Shannon
9d31d09f08 Python encapsulate extensionals dealing with 'builtin' objects. 2019-03-19 14:45:37 +00:00
Taus Brock-Nannestad
c7c6c83627 Address review comments. 2019-03-19 15:44:11 +01:00
Max Schaefer
6fbf487524 Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-2019-03-19 2019-03-19 14:09:03 +00:00
Taus Brock-Nannestad
129baea835 Add change note for 1.21. 2019-03-19 15:07:50 +01:00
semmle-qlci
17e8b64f59 Merge pull request #1131 from xiemaisi/js/simplify-flow-summary-queries 
Approved by asger-semmle
 2019-03-19 13:35:06 +00:00
semmle-qlci
6fdba626ad Merge pull request #1121 from jbj/return-stack-allocated-1.20-fixes 
Approved by geoffw0
 2019-03-19 13:28:55 +00:00
Jonas Jensen
a31794f20c Merge pull request #1129 from geoffw0/unusedstatic 
CPP: Add to UnusedStaticVariables tests.
 2019-03-19 14:16:30 +01:00
Max Schaefer
77c383aee2 JavaScript: Simplify flow-summary queries. 
Previously, `AllConfigurations.qll` would pull in (almost) all taint
tracking configurations, which has started causing OOMEs during
compilation.

I've pruned it down to only the most interesting configurations. Since
flow summaries are experimental at this point and require a bit of manual
configuration anyway, this shouldn't be much of an issue in practice.
 2019-03-19 10:58:49 +00:00
Jonas Jensen
111a462d16 C++: Recover some of the good results we lost 
My recent changes to suppress FPs in `ReturnStackAllocatedMemory.ql`
caused us to lose all results where there was a `Conversion` at the
initial address escape. We cannot handle conversions in general, but
this commit restores the good results for the trivial types of
conversion that we can handle.
 2019-03-19 11:09:58 +01:00
Jonas Jensen
d864df5b7f C++: Tests for new false negatives 2019-03-19 10:30:14 +01:00
yh-semmle
13cd7d0f15 Merge pull request #1122 from felicity-semmle/1.20/SD-3061-java-versions 
QL 1.20 docs: Be more explicit about Java versions supported
 2019-03-18 18:32:52 -04:00
yh-semmle
23f71714e5 Merge pull request #1117 from felicity-semmle/1.20/java-change-notes 
1.20: minor changes to java change notes
 2019-03-18 18:30:11 -04:00
Ziemowit Laski
566fdc3f70 Change names of parameters to memcpy(), as per Geoff. 2019-03-18 11:15:43 -07:00
calum
d5a4dcebd6 C#: Fix bug in dataflow library. 2019-03-18 17:59:56 +00:00
calum
d76a9805ae C#: Fix assembly labels when public key token is null. 2019-03-18 17:59:56 +00:00