hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,672 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mark Shannon
d514fc543d Python: Add responses to bottle framework support. 2019-02-12 14:26:06 +00:00
Mark Shannon
8d525e5295 Python: Add support for bottle framework routing and requests. 2019-02-12 14:26:06 +00:00
Anders Schack-Mulligen
15a6044445 Javascript: Autoformat qlls 2019-02-12 14:41:31 +01:00
Taus
9caa9c10bc Merge pull request #928 from markshannon/python-points-to-through-callsites 
Python: Points-to should flow through call-sites if not assigned out of scope.
 2019-02-12 14:41:12 +01:00
Asger F
3290c174c3 JS: Add DataFlow::Node.getAFunctionValue 2019-02-12 13:38:46 +00:00
Asger F
2fd1ee60a2 JS: add DataFlow::Node.getIntValue() 2019-02-12 13:38:46 +00:00
Asger F
0fd9d157f8 JS: add DataFlow::Node.getStringValue() 2019-02-12 13:38:45 +00:00
Anders Schack-Mulligen
fc9c7ea55a CSharp: Autoformat qls 2019-02-12 14:38:42 +01:00
Anders Schack-Mulligen
bcaaebfe7e CSharp: Autoformat qlls 2019-02-12 14:38:42 +01:00
Anders Schack-Mulligen
1182fca665 Javascript: Autoformat qls 2019-02-12 14:38:42 +01:00
Anders Schack-Mulligen
25469637db Java: Autoformat qls. 2019-02-12 14:38:08 +01:00
Anders Schack-Mulligen
63a4dd09ad Java: Autoformat qlls. 2019-02-12 14:38:08 +01:00
calum
884af9bd7f C#: Fix alert. 2019-02-12 13:34:33 +00:00
semmle-qlci
c133362660 Merge pull request #910 from xiemaisi/js/regexp-taint 
Approved by esben-semmle
 2019-02-12 13:15:16 +00:00
calum
e18eeb8d2a C#: Address review comments. 2019-02-12 12:56:58 +00:00
calum
1e1784239c C#: Alert suppression comments for lgtm[cs/catch-of-all-exceptions 2019-02-12 12:45:22 +00:00
Asger F
0444fa307d TS: update test expectations 2019-02-12 12:33:09 +00:00
Taus
583358bee3 Merge pull request #911 from markshannon/python-add-special-operation 
Python: Add 'special operation' pseudo-expression type
 2019-02-12 13:32:20 +01:00
Felicity Chapman
8c5b495c97 Merge pull request #917 from markshannon/python-extractor-change-note 
Python: Add change note for unified parser.
 2019-02-12 12:24:07 +00:00
Asger F
7a813cfb84 TS: disable type expansion by default 2019-02-12 12:21:11 +00:00
Taus
5b127eb676 Merge pull request #914 from markshannon/python-add-2-3-query-tests 
Python: Add 2/3 specific query tests.
 2019-02-12 12:54:29 +01:00
Taus
abc71cba4c Merge pull request #913 from markshannon/python-add-3-library-tests 
Python add 2/3 specific library tests
 2019-02-12 12:54:15 +01:00
calum
33e6b5e55f C#: Fix tests 2019-02-12 10:59:31 +00:00
semmle-qlci
ac3f413b87 Merge pull request #920 from xiemaisi/js/field-as-prop-write 
Approved by asger-semmle
 2019-02-12 10:48:13 +00:00
Calum Grant
0513828000 Merge pull request #922 from hvitved/csharp/cfg/remove-exception-edges 
C#: Remove some impossible CFG exception edges
 2019-02-12 10:42:07 +00:00
Calum Grant
e10ea73a07 Merge pull request #901 from hvitved/csharp/conditional-assign-join-order 
C#: Improve join order in `conditionalAssign()`
 2019-02-12 10:39:49 +00:00
Mark Shannon
220b881096 Python: Points-to should flow through call-sites if not assigned outside of scope. 2019-02-12 09:57:45 +00:00
Mark Shannon
384fa5db3f Python: clarfiy change note. 2019-02-12 09:53:00 +00:00
Calum Grant
b557b7b438 Merge pull request #895 from hvitved/csharp/get-a-thrown-exception 
C#: Avoid using `ExceptionClass` in deliberate Cartesian products
 2019-02-12 09:49:03 +00:00
Dave Bartolomeo
c224bbd767 C++: Fix Operand.getSize() 2019-02-11 17:48:59 -08:00
calum
b51eb2cb92 C#: Fix tags in documentation. 2019-02-11 17:52:55 +00:00
Dave Bartolomeo
bd46c43067 C++: Add sanity test for missing operand type 2019-02-11 09:47:00 -08:00
Dave Bartolomeo
a54d86423a C++: Add Operand.getType() 2019-02-11 09:47:00 -08:00
Dave Bartolomeo
fa2ef620ac C++: Rationalize RegisterOperand vs. MemoryOperand 
This change does some shuffling to make the distinction between memory operands and register operands more clear in the IR API. First, any given type that extends `Operand` is now either always a `MemoryOperand` or always a `RegisterOperand`. This required getting rid of `CopySourceOperand`, which was used for both the `CopyValue` instruction (as a `RegisterOperand`) and for the `Load` instruction (as a `MemoryOperand`). `CopyValue` is now just a `UnaryInstruction`, `Store` has a `StoreValueOperand` (`RegisterOperand`), and all of the instructions that read a value from memory indirectly (`Load`, `ReturnValue`, and `ThrowValue`) all now have a `LoadOperand` (`MemoryOperand`).

There are no diffs in the IR output for this commit, but this change is required for a subsequent commit that will make each `MemoryOperand` have a `Type`, which in turn is needed to fix a critical bug in aliased SSA construction.
 2019-02-11 09:47:00 -08:00
calum
8bb1af884a C# extractor: Limit string literals to 1MB. This is made more complicated by the fact that we need to limit the number of bytes to output, rather than the number of characters. 2019-02-11 17:36:23 +00:00
Tom Hvitved
8cb8c967d2 C#: Remove some impossible CFG exception edges 2019-02-11 16:17:01 +01:00
Tom Hvitved
6ff4206d53 C#: Add CFG test 2019-02-11 16:03:25 +01:00
Tom Hvitved
14bdea1cf2 Merge pull request #847 from calumgrant/cs/json.net 
C#: Model Json.NET dataflow
 2019-02-11 15:48:01 +01:00
Anders Schack-Mulligen
be3191aa6b Merge pull request #871 from nickrolfe/vim 
Vim syntax highlighting and file-type detection
 2019-02-11 13:10:48 +01:00
Anders Schack-Mulligen
52ad816074 Merge pull request #904 from rneatherway/zipslip-fix 
Java: Add a flow step for `Path::toFile` in ZipSlip
 2019-02-11 13:08:38 +01:00
Nick Rolfe
7db2f643cc Vim syntax: add missing annotations and annotation arguments 2019-02-11 11:42:53 +00:00
semmle-qlci
10b00254ec Merge pull request #915 from asger-semmle/closure-uri-methods 
Approved by xiemaisi
 2019-02-11 10:51:07 +00:00
Anders Schack-Mulligen
e4ba5ce608 Merge pull request #787 from hmakholm/pr/fix-useless-parameter 
Fix false positives in java/unused parameter
 2019-02-11 11:49:21 +01:00
Robin Neatherway
409733838b Java: Add a flow step for Path::toFile in ZipSlip 2019-02-11 10:33:44 +00:00
Taus
fb8d0f5b1f Merge pull request #850 from markshannon/python-improve-import-analysis 
Python improve import analysis
 2019-02-11 10:28:37 +01:00
Max Schaefer
10ef945b51 JavaScript: Restrict InstanceFieldAsPropWrite to fields with initializers. 2019-02-11 08:17:53 +00:00
Robert Marsh
184e65d8a1 Merge pull request #919 from dave-bartolomeo/dave/SSATests 
C++: Split out SSA IR tests
 2019-02-08 18:18:01 -08:00
Dave Bartolomeo
bda00bbff2 C++: Split out SSA IR tests 
The IR tests were getting kind of unwieldy. We were using "ir.cpp" to contain test cases that covered both IR construction (every language construct imaginable) and SSA construction. We would then build and dump all three flavors of IR. For IR construction tests, examining the SSA dumps when you add a new test case is tedious.

To make this easier to manage, I've split the SSA-specific test cases out into a separate directory. "ir.cpp" should now contain only IR construction test cases, and "ssa.cpp" should contain only SSA construction test cases. We dump just the raw IR for "ir.cpp", and just the two SSA flavors for "ssa.cpp". We still run all three flavors of the IR sanity tests for "ir.cpp", though.

I also removed the "ssa_block_count.ql" test, which wasn't really adding any coverage, because any change to the block count would be reflected in the dump as well.
 2019-02-08 15:28:06 -08:00
semmle-qlci
986afa1b1b Merge pull request #909 from xiemaisi/js/improve-incomplete-sanitization-alerts 
Approved by esben-semmle
 2019-02-08 17:39:36 +00:00
semmle-qlci
232d81a4ed Merge pull request #908 from xiemaisi/js/enable-ms-queries 
Approved by esben-semmle
 2019-02-08 17:38:27 +00:00