hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,672 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
02fd63ce20 Merge branch 'main' of github.com:github/codeql into python/port-modification-of-default-value 
To get the subpaths.
 2021-09-10 14:03:02 +02:00
Rasmus Lerchedahl Petersen
5d137ce9c5 Python: Update test expectations 2021-09-10 13:35:49 +02:00
Rasmus Wriedt Larsen
db78e3a7da Merge pull request #6274 from tausbn/python-api-graphs-import-star 
Python: Support `import *` in API graphs
 2021-09-10 13:25:41 +02:00
Rasmus Wriedt Larsen
b45743b562 Merge pull request #6312 from tausbn/python-deprecate-importnode 
Python: Deprecate `importNode`
 2021-09-10 13:12:56 +02:00
CodeQL CI
27f2d417c1 Merge pull request #6652 from asgerf/js/type-tracking-through-callback 
Approved by erik-krogh
 2021-09-10 04:11:14 -07:00
Rasmus Lerchedahl Petersen
7cfa08abc8 Python: Do not use BarrierGuards 
They are simply not right for this problem.
We should not even make them available as an extension point.
 2021-09-10 12:48:24 +02:00
Tom Hvitved
649c2ce188 Merge pull request #6586 from hvitved/dataflow/stage2-precise-call-ctx-take2 
Data flow: Add precise call contexts to stage 2
 2021-09-10 11:34:35 +02:00
Tom Hvitved
af0b9abab7 C#: Handle dotnet exec csc.dll compiler calls on Windows 2021-09-10 11:26:43 +02:00
Anders Fugmann
2c93bce9ad C++: Refactor code to use predicate isGuardPhi/4 2021-09-10 10:53:48 +02:00
CodeQL CI
0673355f31 Merge pull request #6649 from rhysd/discussion-untrusted-inputs 
Approved by erik-krogh
 2021-09-10 01:44:54 -07:00
Rasmus Lerchedahl Petersen
b20232db3c Python: Simplify guards as suggested 2021-09-10 10:31:48 +02:00
Anders Peter Fugmann
1bbadb57a2 Merge pull request #6568 from andersfugmann/andersfugmann/improve_upper_bound 
C++: Improve predicate upperBound in SimpleRangeAnalysis
 2021-09-10 09:49:48 +02:00
Erik Krogh Kristensen
a756ffa3a6 use the new instanceof syntax for NodeJSClientRequest 2021-09-10 09:30:37 +02:00
Tom Hvitved
296d10fe2a Data flow: Adjust callMayFlowThroughFwd pragmas 2021-09-10 09:21:24 +02:00
Felicity Chapman
3b3350e648 Correct the Qllexer path for slides 2021-09-10 08:04:07 +01:00
Anders Schack-Mulligen
3e17fdcaa3 Merge pull request #6407 from bmuskalla/charSeqSubSeq 
Java: Track taint for CharSequence#subSequence
 2021-09-10 09:01:29 +02:00
Felicity Chapman
32b3e416b3 Update version numbers for LGTM E 1.28 2021-09-10 06:54:36 +01:00
rhysd
97ed9edd32 JS: Detect untrusted inputs in 'discussion' and 'discussion_comment' payloads 2021-09-10 10:42:58 +09:00
Chris Smowton
5b8b27a2aa Merge pull request #6651 from smowton/smowton/admin/functional-interface-tests 
Add tests for functional interfaces
 2021-09-09 22:02:16 +01:00
Nick Rolfe
b51e741439 Merge pull request #289 from github/rust_warnings 
Fix 'unused borrow that must be used' warnings.
 2021-09-09 17:27:05 +01:00
Nick Rolfe
cf72bada3d Fix 'unused borrow that must be used' warnings. 
I don't remember seeing this warning before upgrading to Rust 1.55
 2021-09-09 17:03:10 +01:00
Tamás Vajk
ad04099ac2 Merge pull request #6630 from tamasvajk/feature/interface-runtimecallable 
C# Extend runtime callables to cover interface members with default implementation
 2021-09-09 17:24:55 +02:00
Andrew Eisenberg
4c74709019 Merge pull request #6606 from github/aeisenberg/docs 
Update the docs about qlpacks
 2021-09-09 07:42:24 -07:00
Anders Schack-Mulligen
13c4b93d3d Merge pull request #6648 from aschackmull/java/func-interface 
Java: Fix FunctionalInterface.
 2021-09-09 16:14:14 +02:00
Benjamin Muskalla
9d5e48430e Merge branch 'main' into charSeqSubSeq 2021-09-09 16:04:36 +02:00
Chris Smowton
a0bf170d02 Add test for functional interfaces 2021-09-09 15:00:42 +01:00
Anders Schack-Mulligen
ec3990c619 Java: Fix FunctionalInterface. 2021-09-09 15:04:22 +02:00
Anders Schack-Mulligen
c4956a4ade Merge pull request #6376 from bmuskalla/thirdpartyapitelemtry 
Java: Introduce queries to capture information about 3rd party API usage
 2021-09-09 13:55:47 +02:00
Rasmus Lerchedahl Petersen
6c5596d17e Python: rewrite test 2021-09-09 13:45:44 +02:00
Anders Fugmann
270dbd2bf7 C++: Revert peer review suggestion. 
The suggested change has a severe impact on row counts, as cpp does not cache
the results for `bbDominates`. Since the `getGuardedUpperBound` predicate the
cost of runtime complexity is considered higher than the benefit of this change.
 2021-09-09 13:26:42 +02:00
Anders Fugmann
6c44b0e6e7 C++: Add test case where a guarded block has two predecessors which are both in the dominance domain of the guard 2021-09-09 13:18:49 +02:00
Benjamin Muskalla
c0e65e71b4 Revert "Java: Fix external flow perofrmance with future optimiser." 
This reverts commit be1d4c04f2.
 2021-09-09 13:06:23 +02:00
Benjamin Muskalla
eef044f4d0 Add test to capture expected parameter format 2021-09-09 13:05:15 +02:00
Tamas Vajk
abe6c90829 Update change note 2021-09-09 13:04:47 +02:00
Tamas Vajk
0a17ab9325 Merge branch 'main' into feature/service-stack 2021-09-09 13:01:43 +02:00
Tamas Vajk
cc7471f37d Fix package separator in timeseries report 2021-09-09 12:53:59 +02:00
Rasmus Lerchedahl Petersen
e27b3162e5 Python: rewrite simpleLocalFlowStep 
to take into account the split between
import time and runtime.
 2021-09-09 12:43:08 +02:00
Nick Rolfe
6dbf6d7e82 Merge pull request #278 from github/aibaars/revert-hotfix 
Revert "Use hotfixed version of `codeql/suite-helpers` with workaround for bug in released CLI"
 2021-09-09 11:21:20 +01:00
Harry Maclean
b4c29425ea Make barrier guards more specific 
Following examples from the other libraries, this change introduces a
member predicate `checks(CfgNode expr, boolean branch)` to
`BarrierGuard`, which holds if the guard validates `expr` for a
particular value of `branch`, which represents the value of the
condition in the guard.

For example, in the following guard...

    if foo == "foo"
      do_something foo
    else
      do_something_else foo
    end

...the variable `foo` is validated when the condition `foo == "foo"` is
true.

We also introduce the concept that a guard "controls" a code block based
on the value of `branch`. In the example above, the "then" branch of the
if statement is controlled when `branch` is true. The else branch is
not controlled because `foo` can take (almost) any value in that branch.

Based on these concepts, we define a guarded node to be a read of a
validated variable in a controlled block.

In the above example, the `foo` in `do_something foo` is guarded, but
the `foo` in `do_something_else foo` is not.
 2021-09-09 11:04:52 +01:00
Tamas Vajk
cbb37f70c4 Change timeseries CSV report to only include dates when values changed 2021-09-09 11:34:38 +02:00
Benjamin Muskalla
a1b7437f8d Merge branch 'main' into thirdpartyapitelemtry 2021-09-09 11:11:42 +02:00
Tamas Vajk
1fe9e9262f Fix CSV timeseries script to create DB with scheme from correct git SHA 2021-09-09 10:59:52 +02:00
Marcono1234
a173d9593b Java: Detect spurious param Javadoc tag of generic classes 2021-09-09 00:11:02 +02:00
Andrew Eisenberg
fb90bb4241 Remove outdated section 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2021-09-08 10:45:50 -07:00
Nick Rolfe
2ddca2c0db Document and test YAML.safe_load 2021-09-08 18:22:31 +01:00
Nick Rolfe
760dbd739d Add test for rb/unsafe-deserialization 2021-09-08 17:49:23 +01:00
Nick Rolfe
9b9fc18605 Add taint step for Base64.decode64 2021-09-08 17:49:23 +01:00
Nick Rolfe
adceb0a2a1 Add query rb/unsafe-deserialization 2021-09-08 17:49:23 +01:00
Andrew Eisenberg
ec5435befd Apply suggestions from code review 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2021-09-08 08:13:15 -07:00
Philip Ginsbach
55c605998c Update docs/codeql/ql-language-reference/types.rst 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-09-08 15:35:40 +01:00