hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 14:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
298 Commits 1,684 Branches 159 Tags
00c552fe2f77cbf9eaecc936d41209bb72ebf05d
Commit Graph

298 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ole Herman Schumacher Elgesem
00c552fe2f Fixed error in gmtime example 
gmtime and gmtime_r take a time_t pointer, so have to store the value
of time(NULL) on the stack.

Signed-off-by: Ole Herman Schumacher Elgesem <oleherman93@gmail.com>
 2018-08-28 11:10:11 -07:00
ian-semmle
1d202dd7cd Merge pull request #24 from nickrolfe/declspec_guard 
C++: test for __declspec(guard(...))
 2018-08-28 16:15:08 +01:00
Jonas Jensen
24567c57db Merge pull request #109 from dave-bartolomeo/dave/Call 
C++: `Invoke` -> `Call`
 2018-08-28 15:28:22 +02:00
Jonas Jensen
f88dc37218 Merge pull request #99 from aschackmull/java/fieldflow-perf 
Java/C: Improve performance when multiple configs use field flow.
 2018-08-28 15:27:29 +02:00
Jonas Jensen
4536d75b2f Merge pull request #93 from ian-semmle/underlyingElement 
C++: Add a missing underlyingElement call
 2018-08-28 15:24:16 +02:00
Nick Rolfe
f44f8d576d C++: test that __declspec(guard(...)) doesn't cause extractor errors 2018-08-28 10:24:53 +01:00
Dave Bartolomeo
6e0fe92434 C++: Fix comments to reference Call instead of Invoke 2018-08-27 11:02:07 -07:00
Dave Bartolomeo
b44c2c72a6 C++: Invoke -> Call 
Now that opcodes are in their own module that isn't imported into the global namespace, `Opcode::Call` no longer conflicts with `Call` from the ASTs. I've renamed `Opcode::Invoke` to `Opcode::Call`.
 2018-08-27 09:22:01 -07:00
Pavel Avgustinov
d0497a5cff Merge pull request #106 from dave-bartolomeo/dave/LF 
Force LF line endings for .ql, .qll, .qlref, and .dbscheme
 2018-08-27 10:04:53 +01:00
Jonas Jensen
dc0f3be753 Merge pull request #102 from ian-semmle/type_variants 
C++: Tweak type_variants test
 2018-08-27 10:34:45 +02:00
Anders Schack-Mulligen
f2760f2547 Java/C: Improve performance when multiple configs use field flow. 2018-08-27 10:00:58 +02:00
Dave Bartolomeo
2af82d9485 LF for .qhelp files too 2018-08-26 21:12:51 -07:00
ian-semmle
bafa3d79fe Merge pull request #101 from nickrolfe/edg5 
C++: test fixes for extractor frontend upgrade
 2018-08-26 19:33:01 +01:00
Dave Bartolomeo
dfb082e34f Add .editorconfig to use LF in .ql/.qlref/.qll/.dbscheme files 2018-08-24 13:20:40 -07:00
Dave Bartolomeo
12631e3fb1 Force LF line endings for .dbscheme files 2018-08-24 12:05:35 -07:00
Dave Bartolomeo
d920fc7d94 Force LF line endings for .ql, .qll, and .qlref files 2018-08-24 11:58:58 -07:00
Nick Rolfe
7cf550a70f C++: regression test for extractor bug with enum in template class 2018-08-24 18:41:37 +01:00
Nick Rolfe
193e013196 C++: accept more extraction of functions in local classes/lambdas 2018-08-24 18:41:37 +01:00
Nick Rolfe
da7d70662b C++: accept more test changes following extractor frontend upgrade 2018-08-24 18:41:37 +01:00
Nick Rolfe
04385a83ba C++: fix tests: frontend no longer optimises dynamic_cast to base type 2018-08-24 18:41:37 +01:00
Nick Rolfe
dd169d1b21 C++: fix test to enable C++11 support in frontend 2018-08-24 18:41:37 +01:00
Nick Rolfe
59ddda881e Merge pull request #104 from dave-bartolomeo/dave/ASTWobble 
C++: Fix wobble in PrintAST test
 2018-08-24 18:40:51 +01:00
Dave Bartolomeo
65ed9afdfb C++: Update test expectations for other PrintAST test 2018-08-24 08:50:35 -07:00
Dave Bartolomeo
c4d6e1b01c C++: Fix wobble in PrintAST test 
PrintAST.ql orders the functions by location, then in lexicographical order of the function signature. This is supposed to ensure a stable ordering, but functions without a location were not getting assigned an order at all.
 2018-08-24 08:36:30 -07:00
Dave Bartolomeo
7cae9be4bf Merge pull request #100 from jbj/sync-identical-files-ql 
C++: Move the identical-files.json spec to ql repo
 2018-08-24 07:31:48 -07:00
Ian Lynagh
01c7fc1c8b C++: Tweak type_variants test 
It's now easier to see what's happening in cases where 2 functions have
the same name, or a function has 2 locations.
 2018-08-24 14:46:02 +01:00
Jonas Jensen
d81e8081be C++: IRBlockConstruction in identical-files.json 
These two files have been identical since dc2283325.
 2018-08-24 11:41:06 +02:00
Jonas Jensen
dabbd83848 C++: Move the identical-files.json spec to ql repo 
This file is used by the `sync-identical-files.py` pull-request check in
our internal repo, which can hopefully soon start running on this repo
as well. This initial commit moves over all the file group definitions
whose files are entirely within this repository.

This change is not synchronized with the internal repo, so the file
groups will appear in both repositories until they sync up. That should
not cause any problems.
 2018-08-24 11:32:29 +02:00
Tom Hvitved
d4551e5897 Merge pull request #81 from lukecartey/csharp/zipslip-reformat 
C#: ZipSlip - Rearrange query, add help and update doc
 2018-08-24 09:40:20 +02:00
semmle-qlci
55ceb9be8b Merge pull request #91 from esben-semmle/js/additional-indexof-sanitizers 
Approved by xiemaisi
 2018-08-24 08:37:41 +01:00
Jonas Jensen
1f844e2a7c Merge pull request #95 from ian-semmle/resolveClass 
C++: Rename resolve to resolveClass, and remove unused isElement
 2018-08-23 22:13:13 +02:00
Jonas Jensen
58e993e877 Merge pull request #82 from dave-bartolomeo/dave/NewDelete2 
C++: IR generation for `new` and `new[]`
 2018-08-23 21:14:07 +02:00
Dave Bartolomeo
72e72357c2 C++: Use glval<Unknown> as type of call target 
Also shared some code between `TranslatedFunctionCall` and `TranslatedAllocatorCall`, and fixed dumps of glval<Unknown> to not print the size.
 2018-08-23 09:43:58 -07:00
calumgrant
04bccd0137 Merge pull request #55 from denislevin/denisl/cs/DontInstallRootCertificate 
cs: Don't Install Root Certificate (CWE-327)
 2018-08-23 17:36:50 +01:00
Luke Cartey
86a7df0ef5 C#: ZipSlip - Address doc team comments. 2018-08-23 15:57:00 +01:00
Ian Lynagh
7ee5efcab0 C++: Rename internal.Type to internal.ResolveClass 2018-08-23 15:40:25 +01:00
Esben Sparre Andreasen
a1d79ef906 JS: make the new .*indexOfSanitizer-classes private 2018-08-23 15:59:27 +02:00
Ian Lynagh
e808560c23 C++: Rename resolve to resolveClass, and remove unused isElement 2018-08-23 14:37:38 +01:00
Esben Sparre Andreasen
2b41f62eb0 JS: introduce RelationalComparison.isInclucive 2018-08-23 14:51:39 +02:00
Ian Lynagh
b76e03ca79 C++: Add a missing underlyingElement call 2018-08-23 13:14:04 +01:00
Pavel Avgustinov
3182274ce8 Merge pull request #87 from lukecartey/csharp/ccyclomatic-kind 
C#: Fix @kind property of CCyclomaticComplexity
 2018-08-23 03:50:36 -07:00
semmle-qlci
3b09ab97bf Merge pull request #92 from jbj/XMLFile-is-File 
Approved by ian-semmle
 2018-08-23 11:15:12 +01:00
Jonas Jensen
fc0330beb6 C++: Make XMLFile extend File again 
Commit a1e44041e made `XMLFile` no longer extend `File`. I'm guessing
this was necessary in the branch where `File` was an IPA-typed `Element`
and `XMLFile` was not, but it broke compilation of some of our internal
queries.
 2018-08-23 10:09:42 +02:00
Max Schaefer
2187b0c245 Merge pull request #89 from esben-semmle/js/sharpen-type-confusion 
JS: remove emptiness checks from the type confusion `x.length` sinks
 2018-08-23 08:04:09 +01:00
Dave Bartolomeo
bba7f16790 C++: Simplify TranslatedExpr hierarchy a bit 
I introduced some unnecessary base classes in the `TranslatedExpr` hierarchy with a previous commit. This commit refactors the hierarchy a bit to align with the following high-level description:
`TranslatedExpr` represents a translated piece of an `Expr`. Each `Expr` has exactly one `TranslatedCoreExpr`, which produces the result of that `Expr` ignoring any lvalue-to-rvalue conversion on its result. If an lvalue-to-rvalue converison is present, there is an additional `TranslatedLoad` for that `Expr` to do the conversion. For higher-level `Expr`s like `NewExpr`, there can also be additional `TranslatedExpr`s to represent the sub-operations within the overall `Expr`, such as the allocator call.
 2018-08-22 17:13:03 -07:00
Max Schaefer
1aa7a2cfc2 Merge pull request #80 from asger-semmle/ts-typescript3.0 
TypeScript: support TypeScript 3.0 features
 2018-08-22 20:19:18 +01:00
calumgrant
7c521708ac Merge pull request #76 from hvitved/csharp/cfg/generic-splitting 
C#: Generic control flow graph splitting
 2018-08-22 18:18:33 +01:00
Esben Sparre Andreasen
20b48a2d24 JS: support relational indexof comparison sanitizers 2018-08-22 15:58:47 +02:00
Esben Sparre Andreasen
b4c77b8344 JS: s/can not/cannot/ 2018-08-22 14:08:14 +02:00
Esben Sparre Andreasen
218c0cb51a JS: address review comments 2018-08-22 13:54:07 +02:00