hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,672 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Marsh
c39de75d3d C++: change in-predicate comment formatting 2019-01-08 09:34:29 -08:00
Robert Marsh
af8a3f2522 C++: expand a comment 2019-01-08 09:34:28 -08:00
Robert Marsh
0040a2d123 C++: respond to further PR comments 2019-01-08 09:34:28 -08:00
Robert Marsh
8c9c316e1b C++: performance and termination fixes 2019-01-08 09:34:27 -08:00
Robert Marsh
567eee1114 C++: allow phi nodes to self-bound 2019-01-08 09:34:27 -08:00
Robert Marsh
b2cd9a29f2 C++: add test for false comparisons 2019-01-08 09:34:26 -08:00
Robert Marsh
2f8ca8802b C++: switch to using ValueNumbers as bounds 
This reduces the number of bounds computed, and will simplify use of the
library. The resulting locations in the tests may be slightly strange,
because the example `Instruction` for a `ValueNumber` is the first
appearing in the IR, regardless of source order, and may not be the most
closely related `Instruction` to the bounded value. I think that's worth
doing for the performance and usability benefits.
 2019-01-08 09:34:26 -08:00
Robert Marsh
89148a9ec7 C++: respond to further PR comments 2019-01-08 09:34:26 -08:00
Robert Marsh
ae4ffd9166 C++: respond to PR comments, add some TODOs 2019-01-08 09:34:25 -08:00
Robert Marsh
fe32aea31f C++: fix/add comments 2019-01-08 09:34:25 -08:00
Robert Marsh
ed68f9150a C++: Initial implementation of new range analysis 2019-01-08 09:34:23 -08:00
Robert Marsh
a06a20dbab C++: move SimpleRangeAnalysis tests 2019-01-08 09:34:23 -08:00
Jonas Jensen
1be91b5df5 C++: Use IPA for Pos and Spec 
This is cleaner than extending `int` and working with magic numbers.
Performance appears to be unaffected.
 2019-01-08 16:23:11 +01:00
Anders Schack-Mulligen
0a9222b772 Java: Add change note. 2019-01-08 15:50:14 +01:00
Anders Schack-Mulligen
51f5198404 Java: Remove old dataflow library. 2019-01-08 13:52:24 +01:00
Asger F
45a5d0ee3a JS: autoformat 2019-01-08 12:30:07 +00:00
Asger F
6816f33a3d JS: Handle case-insensitive lodash imports 2019-01-08 12:29:28 +00:00
Jonas Jensen
dba3351d2c C++: Update comments based on PR feedback 2019-01-08 13:29:03 +01:00
Anders Schack-Mulligen
ab44e5603c Java: Reduce precision of java/user-controlled-bypass. 2019-01-08 13:07:34 +01:00
Anders Schack-Mulligen
06e48ca19f Java: Update test. 2019-01-08 11:57:54 +01:00
Max Schaefer
8951eaead3 JavaScript: Improve caching of getACallee and related predicates. 2019-01-08 09:42:44 +00:00
Max Schaefer
627583fffa JavaScript: Refactor UselessConditional for performance. 2019-01-08 09:40:49 +00:00
Anders Schack-Mulligen
9530eb6cdb Java: Switch to built-in gcd. 2019-01-08 10:07:51 +01:00
Max Schaefer
de429752d1 JavaScript: Restructure implementation of DataFlow::SourceNode. 
It now uses a facade pattern similar to `InvokeNode`: the range of the class is defined by an abstract class `DataFlow::SourceNode::Range`, while the actual behaviour is defined by the (no longer abstract) `SourceNode` class itself.

Clients that want to add new source nodes need to extend `DataFlow::SourceNode::Range`, those that want to refine the behaviour of existing source nodes should extend `DataFlow::SourceNode` itself.

While this is technically a breaking API change, I think separating the two aspects in this way is cleaner and makes it easier to use, and improves performance as well.
 2019-01-08 08:01:20 +00:00
semmle-qlci
8b8b352439 Merge pull request #715 from xiemaisi/js/autoformat 
Approved by asger-semmle
 2019-01-07 22:09:05 +00:00
Raul Garcia
18bb6696e0 Fixing conditional only issue. 
I changed  to detect any logical operation usage (i.e. !, ==), but I kept usage in a conditional directly as a separate detection condition. I found no false positives on the projects you shared with me previously.
 2019-01-07 10:44:11 -08:00
yh-semmle
0b19f41093 Merge pull request #728 from aschackmull/java/qltest-qlpath 
Java: Add .qlpath to the test dir.
 2019-01-07 11:34:45 -05:00
Taus Brock-Nannestad
f9c6b0eedc Add change note for 1.20 2019-01-07 15:35:19 +01:00
Taus Brock-Nannestad
9ac50186f6 Add a few more insecure versions 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
1af503ab84 Address documentation comments. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
46973f4305 Support from ssl import PROTOCOL_.... 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
e8a41f719c Add documentation. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
dfe3fc6d5c Pass pyOpenSSL method as parameter instead of keyword argument. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
d604f5c9c9 Fix insecure_version_name comments. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
a893dca06e Add support for ssl.SSLContext. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
0a839f8468 Python: Check for insecure versions of SSL and TLS. 2019-01-07 15:24:15 +01:00
Anders Schack-Mulligen
203c9fb9d8 Java: Restrict attention to integral types in IntMultToLong. 2019-01-07 14:27:52 +01:00
Anders Schack-Mulligen
e0d3be7dbc Java: Add .qlpath to the test dir. 2019-01-07 13:25:20 +01:00
Calum Grant
6f827140d7 Merge pull request #710 from hvitved/csharp/extractor/standalone-runtimes 
C#: Improve logic for looking up .NET runtime in standalone mode
 2019-01-07 10:22:17 +00:00
Max Schaefer
31bb39a810 JavaScript: Autoformat all QL files. 2019-01-07 10:15:45 +00:00
Max Schaefer
aa6b89dc34 Merge pull request #723 from Semmle/qlucie/master 
Master-to-next merge
 2019-01-07 07:59:54 +00:00
Raul Garcia
880306c621 Removing duplicated results 2019-01-04 10:45:43 -08:00
Pavel Avgustinov
42cf76027a Merge branch 'cs/assembly-labels' of https://github.com/calumgrant/ql into HEAD 2019-01-04 18:23:49 +00:00
Tom Hvitved
6fccfa3b0a C#: Fix CFG for foreach statements with tuple declarations 2019-01-04 18:51:55 +01:00
Tom Hvitved
72b3514970 C#: Add CFG tests for foreach statements with multipe variable declarations 2019-01-04 18:17:48 +01:00
calum
651d207d0d C#: Fix assembly labels. 2019-01-04 16:19:43 +00:00
Jonas Jensen
26f32f0d6d C++: Initial version of CFG.qll 
This implements calculation of the control-flow graph in QL. The new
code is not enabled yet as we'll need more extractor changes first.

The `SyntheticDestructorCalls.qll` file is a temporary solution that can
be removed when the extractor produces this information directly.
 2019-01-04 13:34:36 +01:00
Max Schaefer
b4f400fb23 Merge remote-tracking branch 'upstream/next' into qlucie/master 2019-01-04 10:35:57 +00:00
Tom Hvitved
c962f55cd0 C#: Address review comments 2019-01-04 11:32:23 +01:00
Jonas Jensen
a47faa2272 C++: Add ConditionDeclExpr convenience predicates 
Also expand the QLDoc.
 2019-01-04 10:24:08 +01:00