hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,672 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mark Shannon
2995b023fa Python: Fix handling of turbogears' 'expose' decorator. 2019-02-26 16:40:21 +00:00
Asger F
eaf3f52372 JS: document new behavior of overriding InvokeNode.getACallee() 2019-02-26 16:09:19 +00:00
Max Schaefer
cc6ca8bc62 JavaScript: Add change note. 2019-02-26 15:53:29 +00:00
Max Schaefer
739705865b JavaScript: Add basic model of socket.io. 2019-02-26 15:53:29 +00:00
Jonas Jensen
07bd85e9fa C++: Function error doesn't always exit 
The configuration in `DefaultOptions.qll` assumed that a call to any
top-level function named `error` would exit the program. This is not
true.

The assumption was probably about `error(3)`, which is a GNU extension.
It only exits if its first argument it not 0. Furthermore, projects such
as openssh may define their own function named `error` with different
behaviour. Because the GNU `error` function is non-standard, it's
perfectly fine to shadow it with a project-specific definition.

This change removes two FPs from `PointlessComparison.qll` on
https://github.com/openssh/openssh-portable.
 2019-02-26 16:31:34 +01:00
Taus Brock-Nannestad
e47b391329 Fix interpolation. 2019-02-26 16:27:04 +01:00
Taus Brock-Nannestad
7daaf77183 Make query alert refer to AST nodes rather than CFG nodes. 2019-02-26 15:56:37 +01:00
Tom Hvitved
8abf76b618 C#: Reduce size of getAThrownException() 
In the precense of multiple core libraries, `getAThrownException()` would return
multiple copies of the same exception, say `System.OverflowException`, one for each
core library. With this change we try to identify which core library a given control
flow element was compiled against, and only return the corresponding version.
 2019-02-26 15:11:45 +01:00
semmle-qlci
86e646beb4 Merge pull request #975 from asger-semmle/global-closure-dataflow 
Approved by esben-semmle
 2019-02-26 13:57:39 +00:00
Taus Brock-Nannestad
504cb648d1 Change query description. 2019-02-26 13:26:20 +01:00
Taus Brock-Nannestad
8d774cd354 Merge branch 'master' into python-unsafe-use-of-mktemp 2019-02-26 13:23:38 +01:00
Asger F
29d2d620e4 JS: add taint step through object/array spread operators 2019-02-26 11:43:59 +00:00
Taus
9d7877907b Merge pull request #964 from markshannon/python-locations-for-packages 
Python: Make sure packages have locations.
 2019-02-26 11:55:27 +01:00
Mark Shannon
3854050d57 Python: Update documentation for new web frameworks. 2019-02-26 10:17:29 +00:00
Mark Shannon
7d0943f30d Python: Add tests for turbogears. 2019-02-26 10:15:37 +00:00
Mark Shannon
26c5ebde54 Python: Basic support for TurboGears: requests and responses. 2019-02-26 10:15:36 +00:00
Esben Sparre Andreasen
f9111f68e9 Update javascript/ql/src/semmle/javascript/dataflow/TypeInference.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-02-26 11:11:44 +01:00
Asger F
6b9157540b JS: mark globalFlowPred as internal 2019-02-26 09:56:22 +00:00
semmle-qlci
681ff0f39c Merge pull request #977 from asger-semmle/extend-test-version 
Approved by xiemaisi
 2019-02-26 09:55:41 +00:00
Jonas Jensen
f12dfda28f Merge pull request #985 from rdmarsh2/rdmarsh/ir-call-side-effect 
C++: fix PrimaryInstruction for call side effects
 2019-02-26 10:36:18 +01:00
semmle-qlci
74a4103857 Merge pull request #976 from asger-semmle/closure-import-deep 
Approved by esben-semmle
 2019-02-26 09:34:04 +00:00
semmle-qlci
00d490e84d Merge pull request #945 from asger-semmle/extensible-module-import 
Approved by xiemaisi
 2019-02-26 09:26:28 +00:00
Esben Sparre Andreasen
9511bdf6ae JS: address review comment 2019-02-26 10:07:00 +01:00
Max Schaefer
c2a5350bf2 Merge pull request #982 from asger-semmle/closure-string-lib 
JS: model string functions from closure library
 2019-02-26 08:26:14 +00:00
Nick Rolfe
53de2d8d3e Merge pull request #830 from ian-semmle/constexpr 
C++: Add Function.{isDeclaredConstexpr,isConstexpr}() predicates
 2019-02-25 22:11:24 +00:00
Robert Marsh
af490a9b3e C++: fix PrimaryInstruction for call side effects 2019-02-25 11:41:40 -08:00
Asger F
93440014a0 JS: only propagate through first argument of truncate() 2019-02-25 17:11:55 +00:00
Asger F
d45f670646 JS: remove duplicate modelling of urlDecode/urlEncode 2019-02-25 17:04:56 +00:00
Asger F
29de1411b7 JS: remove restriction on truncate calls 2019-02-25 17:00:47 +00:00
Asger F
50e8f83ad5 JS: use globalVarRef/SourceNode instead 2019-02-25 16:54:45 +00:00
Asger F
8354909d46 JS: add closure library in globalObjectRef 2019-02-25 16:45:47 +00:00
Asger F
d70d0e21cc JS: add format function 2019-02-25 16:30:44 +00:00
Asger F
fab0afd755 JS: model string functions from closure library 2019-02-25 16:08:47 +00:00
Max Schaefer
bea75e2d1c Merge pull request #981 from esben-semmle/js/fix-docstring 
JS: fix docstring: s/node1/pred + s/node2/succ
 2019-02-25 16:04:15 +00:00
Ian Lynagh
ad126b93cf C++: Remove a use of deprecated Function.getFullSignature() 2019-02-25 15:51:39 +00:00
Esben Sparre Andreasen
8e01ccd892 JS: fix docstring: s/node1/pred + s/node2/succ 2019-02-25 16:51:30 +01:00
Mark Shannon
c48ab48dbc Merge pull request #971 from felicity-semmle/ql/SD-3009-add-files 
Move support information to QL repository for easier maintenance
 2019-02-25 15:36:18 +00:00
semmle-qlci
58cc8d0ecc Merge pull request #936 from xiemaisi/js/revive-electron-support 
Approved by esben-semmle
 2019-02-25 15:23:20 +00:00
Esben Sparre Andreasen
ab1b1c1431 JS: update docstring 2019-02-25 16:11:35 +01:00
Esben Sparre Andreasen
4dc147d506 JS: rename CapturedSource -> LocalObject (files) 2019-02-25 16:09:07 +01:00
Asger F
050626aca0 JS: remove audit alerts from package.json 2019-02-25 15:04:47 +00:00
Esben Sparre Andreasen
66367987af JS: rename CapturedSource -> LocalObject 2019-02-25 16:04:37 +01:00
Esben Sparre Andreasen
65fb1423b7 JS: format test case (update expected output) 2019-02-25 15:55:44 +01:00
Esben Sparre Andreasen
1150f4c02b JS: add documentation to test case 2019-02-25 15:52:23 +01:00
Esben Sparre Andreasen
0d94fe3f54 JS: analyze assignments in with correctly 2019-02-25 15:32:17 +01:00
Esben Sparre Andreasen
047b69a4c2 JS: address review comments 2019-02-25 15:19:00 +01:00
Esben Sparre Andreasen
46a1c75549 Merge pull request #973 from xiemaisi/js/remove-package-json 
JavaScript: Delete an unused `package.json` in a test.
 2019-02-25 14:05:22 +01:00
Ian Lynagh
f02a4ce63e C++: Accept test changes following new *constexpr specifiers 2019-02-25 12:48:48 +00:00
Ian Lynagh
133e2d04be C++: Add a changenote for Function.{isDeclaredConstexpr,isConstexpr}() 2019-02-25 12:48:48 +00:00
Ian Lynagh
4bd03d52f1 C++: Add constexpr support for functions 2019-02-25 12:48:48 +00:00