hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-12 02:09:27 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,048 Commits 1,754 Branches 167 Tags
0329327f9f3cf93cd7ad3a1e56edbc5fead3a64b
Commit Graph

11048 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Bartolomeo
0329327f9f C++: Move VarArgs utilities location 2020-03-18 11:24:44 -04:00
Dave Bartolomeo
fed1bce015 C++: Make vararg utilities internal for now. 2020-03-18 11:18:38 -04:00
Dave Bartolomeo
4fce20116e C++: Fix formatting 2020-03-18 09:53:01 -04:00
Dave Bartolomeo
26ea93af58 Merge remote-tracking branch 'upstream/master' into dbartol/VarArgIR 2020-03-18 09:52:21 -04:00
Jonas Jensen
f1ad0dafdc Merge pull request #2849 from geoffw0/model-gets 
C++: Model for gets
 2020-03-18 11:06:23 +01:00
Jonas Jensen
93c6f8f1f7 Merge pull request #3056 from dbartol/dbartol/static-locals 
C++: Model dynamic initialization of static local variables in IR
 2020-03-18 08:16:21 +01:00
Dave Bartolomeo
309ccf3daf C++: Factor out common code to avoid recursion 2020-03-17 18:44:29 -04:00
Dave Bartolomeo
772324fafa C++: Add comment with IR for dynamic init of static var 2020-03-17 18:44:00 -04:00
Dave Bartolomeo
709757f7f2 Merge remote-tracking branch 'upstream/master' into dbartol/static-locals 2020-03-17 18:35:13 -04:00
Taus
46567a5842 Merge pull request #3029 from BekaValentine/python-objectapi-to-valueapi-handles 
Python: ObjectAPI to ValueAPI: Handles
 2020-03-17 22:37:27 +01:00
Rebecca Valentine
f351916418 Merge branch 'master' into testmerge 2020-03-17 12:32:45 -07:00
Taus
ca26feefbf Merge pull request #2978 from BekaValentine/python-objectapi-to-valueapi-illegalexceptionhandlertype 
Python: ObjectAPI to ValueAPI: IllegalExceptionHandlerType
 2020-03-17 17:56:34 +01:00
Rebecca Valentine
a7a64952e2 Python: ObjectAPI.qll: Fixes docstring 2020-03-17 09:48:54 -07:00
Robert Marsh
84a74f406a Merge pull request #3002 from theopolis/cpp-linux-drop-privileges-outoforder 
CPP: Add query for CWE-273 that detects out-of-order setuid
 2020-03-17 09:10:51 -07:00
Dave Bartolomeo
9cc3cda58e C++: Model varargs in IR, Part I 
This change introduces a new synthesized `IRVariable` in every varargs function. This variable represents the entire set of arguments passed to the ellipsis by the caller. We give it an opaque type big enough hold all of the arguments passed by the largest vararg call in the database. It is treated just like any other parameter. It is initialized the same, it has indirect buffers, etc.

I had to introduce a couple new APIs to `Call` and `Function`. The QLDoc comments should explain these. I added tests for these new APIs as well.

The next step will be to change the IR generation for the `va_*` macros to manipulate the ellipsis parameter.
 2020-03-17 11:11:48 -04:00
semmle-qlci
8792d0d248 Merge pull request #3070 from erik-krogh/DataPerf 
Approved by asgerf
 2020-03-17 13:47:09 +00:00
semmle-qlci
fa08258c14 Merge pull request #3036 from erik-krogh/CustomTrack 
Approved by asgerf
 2020-03-17 13:44:51 +00:00
semmle-qlci
ea46873bfe Merge pull request #3065 from erik-krogh/PathSinks 
Approved by esbena
 2020-03-17 13:00:00 +00:00
Pavel Avgustinov
1472bf0c11 Merge pull request #3078 from jbj/contributing-supported-2 
Docs: refactor guidelines for new queries
 2020-03-17 12:46:28 +00:00
Erik Krogh Kristensen
9403026fff add change note 2020-03-17 11:48:02 +01:00
Erik Krogh Kristensen
1dfe9e9c2a changes based on review 2020-03-17 11:28:29 +01:00
Erik Krogh Kristensen
9a3176d3cc Apply suggestions from code review 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-03-17 11:26:35 +01:00
Erik Krogh Kristensen
095d4d711a change import to an absolute import to fix warning 2020-03-17 11:21:46 +01:00
Erik Krogh Kristensen
d7b69fcfea autoformat 2020-03-17 09:52:08 +01:00
Jonas Jensen
9899d46999 Docs: refactor guidelines for new queries 2020-03-17 08:24:03 +01:00
Rebecca Valentine
c7a2925620 Python: Exceptions.qll: Clean up handleObject again 2020-03-16 14:52:51 -07:00
Rebecca Valentine
34ab4efeda Python: ObjectAPI.qll: getOrigin now returns a CFG 2020-03-16 14:52:23 -07:00
Rebecca Valentine
45e47b92a0 Python: IllegalExceptionHandlerType.ql: Autoformats 2020-03-16 14:48:05 -07:00
Esben Sparre Andreasen
7dc80664e6 Merge pull request #3045 from Semmle/esbena-patch-2 
JS: loosen qldoc for `barrierGuardIsRelevant`
 2020-03-16 22:28:22 +01:00
Rebecca Valentine
5d55db116b Python: Exceptions.qll: Updates handledObject to use getOrigin 2020-03-16 11:24:55 -07:00
Rebecca Valentine
787b80f9ae Python: ObjectAPI.qll: Adds getOrigin predicate 2020-03-16 11:24:22 -07:00
Erik Krogh Kristensen
7145a57db3 refactor StepSummary into an internal .qll 2020-03-16 17:52:04 +01:00
Jonas Jensen
b7dc26e27d Merge pull request #3072 from geoffw0/gezero2 
C++: Improvement to cpp/unsigned-comparison-zero
 2020-03-16 17:00:38 +01:00
Geoffrey White
44c66a3b09 C++: Fixup test .expected files after merge. 2020-03-16 15:45:29 +00:00
Erik Krogh Kristensen
cd6fe8115d Update javascript/ql/src/semmle/javascript/Promises.qll 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-03-16 16:27:50 +01:00
Geoffrey White
034f7cc948 Merge branch 'master' into model-gets 2020-03-16 15:12:36 +00:00
Calum Grant
945418869d Merge pull request #3022 from hvitved/csharp/autobuild/dotnet-clean-try 
C#: Ignore `dotnet clean` exit code in autobuilder
 2020-03-16 15:10:32 +00:00
Geoffrey White
40db92bfd1 C++: Change note. 2020-03-16 13:22:00 +00:00
Geoffrey White
2cee756587 C++: Support the mirror case with <=. 2020-03-16 13:22:00 +00:00
Geoffrey White
3c96b09d47 C++: Behaviour preserving transform. 2020-03-16 13:22:00 +00:00
Geoffrey White
dcf2f7f19c C++: Add some test cases for the mirror case, with <=. 2020-03-16 13:22:00 +00:00
Geoffrey White
3d8633f701 C++: Additional test cases for the recursive bit of UnsignedGEZero. 2020-03-16 13:22:00 +00:00
Nick Rolfe
17c57dcb4c Merge pull request #2971 from matt-gretton-dann/codeql-c-extractor/40-spaceship 
C++20 Add DB Support for the <=> operator
 2020-03-16 12:07:58 +00:00
semmle-qlci
eb7d8092a6 Merge pull request #3064 from asger-semmle/js/typescript-semantic-errors 
Approved by erik-krogh
 2020-03-16 11:57:55 +00:00
Erik Krogh Kristensen
f2548aa3b1 add more models for file related sinks and sources 2020-03-16 11:07:23 +01:00
Erik Krogh Kristensen
557b642a8e add isRelevant check on flowStep predicate 2020-03-16 11:01:20 +01:00
Matthew Gretton-Dann
3465c96c12 C++: Update DB Stats 2020-03-16 09:58:02 +00:00
Matthew Gretton-Dann
b325bce4c6 C++: Add upgrade script 2020-03-16 09:58:02 +00:00
Matthew Gretton-Dann
06accfe72b C++: Add support for the spaceship operator 2020-03-16 09:58:02 +00:00
Matthew Gretton-Dann
c5b3df1eb2 C++: Update expression precedences 
The spaceship (<=>) operator adds a new row to the C++ precendence
table.  In preparation for that shift the necessary precedences up one
to create a suitable hole.

Note: In investigations I belive precedence 14 was not used.  However,
in order to make review easier I have kept that gap.
 2020-03-16 09:54:59 +00:00