hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-11 13:40:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,280 Commits 1,679 Branches 158 Tags
035d8ea24c5e86180e1397bbb7cfdc4ff96deeea
Commit Graph

1743 Commits

Author SHA1 Message Date
Calum Grant
5e021c24c1 Merge pull request #3652 from hvitved/csharp/dataflow/impl-layer 
C#: Refactor data-flow predicates defined by dispatch
 2020-06-11 10:01:50 +01:00
Calum Grant
cd914deeff Merge pull request #3666 from hvitved/csharp/ir-experimental 
C#: Move IR code into 'experimental' folder
 2020-06-10 19:50:37 +01:00
Tom Hvitved
70c3ff36f8 C#: Adjust IR imports 2020-06-10 09:54:56 +02:00
Tom Hvitved
3c8735f43f C#: Move IR code into 'experimental' folder 2020-06-10 09:37:30 +02:00
Tom Hvitved
a371205db1 Data flow: Sync files 2020-06-09 13:55:12 +02:00
Tom Hvitved
8c9f85d04f Data flow: Allow nodes to be hidden from path explanations 2020-06-09 13:53:19 +02:00
Tom Hvitved
8006866370 C#: Refactor data-flow predicates defined by dispatch 2020-06-09 11:25:07 +02:00
Calum Grant
00078d14b9 Merge pull request #3601 from hvitved/csharp/overlapping-configs 
C#: Avoid multiple taint-tracking configurations
 2020-06-08 10:21:40 +01:00
Mathias Vorreiter Pedersen
1a33a3b7e1 Merge branch 'master' into remove-initialize-this-from-value-numbering 2020-06-05 15:03:54 +02:00
Mathias Vorreiter Pedersen
d49c0f7b67 C++: Sync identical files 2020-06-05 15:01:18 +02:00
Mathias Vorreiter Pedersen
7328429ef1 C++: Sync identical files 2020-06-04 11:31:32 +02:00
Tom Hvitved
1e8b7ed367 C#: Avoid multiple taint-tracking configurations 
The taint-tracking configuration in `ExposureOfPrivateInformation.ql`
overlaps with the XSS taint-tracking configuration, as witnessed by this import chain:

```
semmle.code.csharp.security.dataflow.ExposureOfPrivateInformation.qll imports
semmle.code.csharp.security.dataflow.flowsinks.ExternalLocationSink imports
semmle.code.csharp.security.dataflow.flowsinks.Remote imports
semmle.code.csharp.security.dataflow.XSS
```

(The same for `CleartextStorage.qll` and `LogForging.ql`.)

The fix is to use `TaintTracking2` for the XSS configuration.
 2020-06-02 14:42:35 +02:00
Calum Grant
b099f13f55 Merge pull request #3514 from hvitved/csharp/remove-more-deprecated 
C#: Remove more deprecated classes and predicates
 2020-06-02 10:35:14 +01:00
Dave Bartolomeo
476f27e427 Merge from master 2020-05-28 17:27:08 -04:00
Robert Marsh
0d8472bd9e Merge pull request #3571 from rdmarsh2/ir-this-parameter 
Treat `this` as a parameter in IR generation
 2020-05-28 14:16:12 -07:00
Calum Grant
2b90b50587 Merge pull request #3528 from hvitved/csharp/cfg/cs6-initializers 
C#: Fix CFG for C# 6 initializers
 2020-05-28 21:40:52 +01:00
Calum Grant
499e349bff Merge pull request #3529 from hvitved/csharp/cs6-nested-initializer-type 
C#: Fix extracted type for nested object initializers
 2020-05-28 21:25:57 +01:00
Robert Marsh
693789c2cc Merge branch 'master' into ir-this-parameter 
Bring in new tests so their output can be fixed
 2020-05-28 08:32:10 -07:00
Dave Bartolomeo
533eeff7e8 C++: Fix MemoryLocation with multiple VirtualVariables 
While investigating a bug with `TInstruction` sharing, I discovered that we had a case where alias analysis could create two `VirtualVariable`s for the same `Allocation`. For an indirect parameter allocation, we were using the type of the pointer variable as the type of the indirect allocation, instead of just `Unknown`. If the `IRType` of the pointer variable was the same type as the type of at least one access to the indirect allocation, we'd create both an `EntireAllocationVirtualVariable` and a `VariableVirtualVariable` for the allocation.

I added a new consistency test to guard against this in the future. This also turned out to be the root cause of the one existing known consistency failure in the IR tests.
 2020-05-27 14:06:59 -04:00
Tom Hvitved
1c5da67cd8 C#: Fix performance issue in unification library 2020-05-27 15:26:03 +02:00
Robert Marsh
43520b8f9b C++/C#: Fix copy/pasted qldoc 2020-05-26 09:47:30 -07:00
Jonas Jensen
5deeda0337 Merge pull request #3387 from geoffw0/tostringperf 
C++: Eliminate recursion from toString().
 2020-05-26 13:24:43 +02:00
Calum Grant
f0499451d3 Merge pull request #3513 from hvitved/csharp/deprecate-override 
C#: Remove two deprecated predicates
 2020-05-26 12:22:41 +01:00
Jonas Jensen
3d58e6f7af Merge pull request #3515 from hvitved/dataflow/remove-deprecated 
Data flow: Remove deprecated predicates
 2020-05-25 15:08:28 +02:00
Robert Marsh
1fa1bd5e36 C#: fix compilation error in IR 2020-05-22 16:08:11 -07:00
Robert Marsh
8a53dc882d C++: treat this as a parameter in IR 2020-05-22 15:35:34 -07:00
Tom Hvitved
011a95dcfa C#: Fix extracted type for nested object initializers 2020-05-20 14:20:41 +02:00
Tom Hvitved
70d47b76b1 C#: Add test for the type of an object initializer 2020-05-20 14:18:16 +02:00
Tom Hvitved
7a54a90e61 C#: Fix CFG for C# 6 initializers 2020-05-20 12:01:22 +02:00
Tom Hvitved
36e29e0f75 C#: Add CFG tests for C# 6 initializers 2020-05-20 09:33:51 +02:00
Tom Hvitved
e9839198f4 Merge pull request #3484 from calumgrant/cs/index-initializers 
C#: Extract indexed initializers correctly
 2020-05-20 09:22:47 +02:00
Tom Hvitved
97080731ad Merge pull request #3486 from h3ku/master 
CSHARP: Add experimental query for tainted WebClient
 2020-05-20 08:17:05 +02:00
Hector Cuesta
66d77a43bd Fix typo in comment and TaintTrackingConfiguration name 2020-05-19 15:15:03 +01:00
Hector Cuesta
e18d8c5234 Remove duplicated CWE in security tag 2020-05-19 15:12:43 +01:00
Hector Cuesta
7d1ef92fbf Remove unnecessary CWE reference. 2020-05-19 15:09:17 +01:00
Tom Hvitved
431403f5db Data flow: Remove deprecated predicates 2020-05-19 15:42:59 +02:00
Tom Hvitved
2519e8a5f1 C#: Remove more deprecated classes and predicates 2020-05-19 15:39:17 +02:00
Tom Hvitved
9db8b993a9 C#: Remove two deprecated predicates 2020-05-19 15:32:29 +02:00
Dave Bartolomeo
01c2f0ce01 C++/C#: Fix formatting 2020-05-18 18:02:00 -04:00
Dave Bartolomeo
42c659b8f2 C++/C#: Remove UnmodeledDefinition instruction 2020-05-18 15:08:50 -04:00
Dave Bartolomeo
35868d4e5b C++/C#: Change dump of unmodeled use to m? 
This is kind of inconsequential on its own, but will make the test diffs easier to understand once the next commit removes `UnmodeledDefinition`.
 2020-05-18 10:47:43 -04:00
Mathias Vorreiter Pedersen
a42d80aa14 Merge pull request #3481 from dbartol/github/codeql-c-analysis-team/69 
C++/C#: Allow memory operands to lack a definition
 2020-05-16 11:53:00 +02:00
Dave Bartolomeo
96c87b309b C++/C#: Use unique to get a better join order 
The previous changes made the optimizer choose a bad join order for the RHS of the antijoin in `addressOperandAllocationAndOffset`. Once again, `unique` to the rescue.
 2020-05-15 17:36:43 -04:00
Hector Cuesta
16e39414bc Reword of help file 2020-05-15 18:14:52 +01:00
Hector Cuesta
ef53e443b7 Fix typo in comment 2020-05-15 17:17:42 +01:00
Hector Cuesta
a022086498 Add experimental query for Tainted WebClient 2020-05-15 16:30:10 +01:00
Calum Grant
da6c37d7dc C#: Update test output. 2020-05-15 15:40:49 +01:00
Calum Grant
5787871734 Merge pull request #3351 from hvitved/csharp/unification-nested-types 
C#: Teach unification library about nested types
 2020-05-15 14:11:00 +01:00
Calum Grant
cc844648ff Merge pull request #3365 from hvitved/csharp/format-queries-path-problem 
C#: Convert `string.format()` queries to path queries
 2020-05-15 14:08:54 +01:00
Dave Bartolomeo
89ec60c948 C++/C#: Add missing QLDoc 2020-05-15 09:01:16 -04:00