hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,220 Commits 1,747 Branches 166 Tags
0a2ca553744eebcc466d5a2f69330c466485deed
Commit Graph

10220 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
a5e183bde3 Merge pull request #2619 from asger-semmle/ts-monorepo-deps 
Approved by erik-krogh, max-schaefer
 2020-02-05 10:57:55 +00:00
semmle-qlci
53763c789f Merge pull request #2741 from esbena/js/split-and-slice-for-tainted-path 
Approved by erik-krogh
 2020-02-05 10:53:39 +00:00
Jonas Jensen
2928f9e5b2 Merge pull request #2703 from rdmarsh2/connect-ir-dataflow-models 
C++: IR dataflow through modeled functions
 2020-02-05 11:28:48 +01:00
semmle-qlci
52f34d7178 Merge pull request #2715 from erik-krogh/PrivateFields 
Approved by asgerf
 2020-02-05 10:20:28 +00:00
Asger F
cf18bd7bb8 Update javascript/ql/src/Security/CWE-400/PrototypePollutionUtility.ql 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-02-05 09:48:16 +00:00
Asger Feldthaus
fd9975db85 JS: Address comments 2020-02-05 09:47:51 +00:00
Esben Sparre Andreasen
f6ad22dd1f Merge pull request #2758 from asger-semmle/js/string-concat-concat 
JS: Model concat() calls as string concatenation
 2020-02-05 10:41:02 +01:00
Matthew Gretton-Dann
b601908577 CPP: Update for changes in EDG IL. 2020-02-05 09:11:23 +00:00
Matthew Gretton-Dann
1b67f47918 C++: Update with improved location information 
EDG 6.0 gives better location in some circumstances changing the results
of these tests for the better.
 2020-02-05 09:11:23 +00:00
Matthew Gretton-Dann
cec6646846 C++: Update for EDG 6.0 behaviour change 
EDG 6.0 has changed how much information it gives about invalid
expressions.  Changing the output of this test.
 2020-02-05 09:11:23 +00:00
Anders Schack-Mulligen
7d19eb7c05 Java: Add LICENSE.txt 2020-02-05 09:38:16 +01:00
Dave Bartolomeo
73ad2e9658 Merge from master 2020-02-04 18:33:10 -07:00
Dave Bartolomeo
a23d5afc6c C++: Add test case to demonstrate string literl aliasing change 
Also fixed a minor bug where we should have been treating `AllNonLocalMemory` as _totally_ overlapping an access to a non-local variable, rather than _partially_ overlapping it. This fix is exhibited both in the new test case and in a couple existing test functions in `ssa.cpp`.
 2020-02-04 18:24:08 -07:00
Jonathan Leitschuh
832a4f2e07 Add DefaultFullHttpResponse to Netty Check 2020-02-04 15:40:59 -05:00
Robert Marsh
1576bcfa3f C++: remove unused predicates 2020-02-04 12:08:03 -08:00
Jonas Jensen
c77a921b06 Merge pull request #2695 from rdmarsh2/default-taint-tracking-diff-test 
C++: add diff tests for DefaultTaintTracking
 2020-02-04 20:57:55 +01:00
Robert Marsh
ac2e89317b C++: autoformat 2020-02-04 10:41:30 -08:00
Robert Marsh
861d5eb86b C++: update tests after merge 2020-02-04 10:29:52 -08:00
Robert Marsh
785d54ac67 Merge branch 'master' into default-taint-tracking-diff-test 2020-02-04 09:50:05 -08:00
Asger Feldthaus
b4df03767d JS: Ignore obvious Array.prototype.concat calls 2020-02-04 16:36:41 +00:00
Asger Feldthaus
db2212e33e TS: Only print number of errors if there were any 2020-02-04 15:31:30 +00:00
Anders Schack-Mulligen
cf815351a9 Java: Elaborate change note. 2020-02-04 16:18:35 +01:00
Asger Feldthaus
3ccdaa94ad JS: Expose argumentPassing as DataFlow::argumentPassingStep 2020-02-04 15:06:45 +00:00
Asger Feldthaus
c185cededf JS: More pruning and more data flow 2020-02-04 15:06:42 +00:00
semmle-qlci
4b89eee683 Merge pull request #2757 from max-schaefer/js/resolveMainModule-extensions 
Approved by asgerf
 2020-02-04 13:07:08 +00:00
Erik Krogh Kristensen
15e26666cd add declaration for private field in syntax error test 2020-02-04 14:05:09 +01:00
Rasmus Wriedt Larsen
de63eb1450 Merge pull request #2592 from tausbn/python-remove-manual-tc-in-ssashortcut 
Python: Remove manual TC from `ssaShortCut`.
 2020-02-04 14:04:25 +01:00
Anders Schack-Mulligen
2b1723dd88 Java: Move some taint tests. 2020-02-04 13:21:31 +01:00
Tom Hvitved
00fdc70155 Merge pull request #2710 from calumgrant/cs/short-circuit-out 
C#: Remove false positive in cs/non-short-circuit
 2020-02-04 12:09:17 +01:00
Mathias Vorreiter Pedersen
0276c97b9c Merge pull request #2755 from jbj/BarrierGuard-SSA 
C++: Don't use GVN in AST DataFlow BarrierNode
 2020-02-04 12:00:12 +01:00
Asger Feldthaus
bf2c944b4f JS: Model concat() calls as string concatenation 2020-02-04 10:20:37 +00:00
Esben Sparre Andreasen
8a2c81b41c JS: address review comments about duplicated logic 2020-02-04 10:49:23 +01:00
Max Schaefer
43e4ed1e18 JavaScript: Teach resolveMainModule to try adding extensions. 2020-02-04 09:39:04 +00:00
Max Schaefer
e21c24c60e JavaScript: Add failing test case. 2020-02-04 09:39:04 +00:00
semmle-qlci
bd51ef35b7 Merge pull request #2731 from erik-krogh/CVE527 
Approved by esbena
 2020-02-04 08:38:26 +00:00
Jonas Jensen
b4385c6e60 C++: Don't use GVN in AST DataFlow BarrierNode 
It turns out that the evaluator will evaluate the GVN stage even when no
predicate from it is needed after optimization of the subsequent stages.
The GVN library is expensive to evaluate, and it'll become even more
expensive when we switch its implementation to IR.

This PR disables the use of GVN in `DataFlow::BarrierNode` for the AST
data-flow library, which should improve performance when evaluating a
single data-flow query on a snapshot with no cache. Precision decreases
slightly, leading to a new FP in the qltests.

There is no corresponding change for the IR data-flow library since IR
GVN is not very expensive.
 2020-02-04 08:40:36 +01:00
Robert Marsh
eafd7b6045 C++: accept test output 2020-02-03 15:27:34 -08:00
Robert Marsh
931c0e982e Merge pull request #2748 from MathiasVP/value-numbering-indirection 
C++: Indirection for ValueNumbering
 2020-02-03 14:41:58 -05:00
Robert Marsh
f51841ac37 Merge pull request #2736 from jbj/buffer-type-size 
C++: Workaround for problem with memcpy flow
 2020-02-03 14:31:28 -05:00
Robert Marsh
3bfcf0bf46 Merge branch 'master' into connect-ir-dataflow-models 2020-02-03 11:06:45 -08:00
Cornelius Riemenschneider
36479d3fd6 Support to keep bounds derived on implicit integer casts. 2020-02-03 17:33:06 +01:00
Cornelius Riemenschneider
cf8efbb5a0 Add testcase. 2020-02-03 17:23:24 +01:00
Robert Marsh
2b10cd6228 Merge pull request #2737 from jbj/DefaultTaintTracking-indirect-parameters 
C++: Interprocedural indirections in DefaultTaintTracking.qll
 2020-02-03 11:12:38 -05:00
Esben Sparre Andreasen
bbd60f52ba JS: add additional flow steps to js/path-injection 2020-02-03 16:36:25 +01:00
Mathias Vorreiter Pedersen
8aae2990d0 C++: Formatting 2020-02-03 16:15:49 +01:00
Mathias Vorreiter Pedersen
a8b3bcb87d C++: Indirection for value numbering 2020-02-03 16:13:32 +01:00
Erik Krogh Kristensen
e3189aaa47 raise syntax error on declaration of private method, and add syntax tests for private fields 2020-02-03 16:00:25 +01:00
semmle-qlci
3a7845e7fc Merge pull request #2653 from erik-krogh/exceptionFPs 
Approved by esbena
 2020-02-03 14:15:24 +00:00
Erik Krogh Kristensen
183dd68d6a add qldoc to isPrivateField 2020-02-03 14:23:27 +01:00
Cornelius Riemenschneider
1b68f86d5b Fix bug in CPP range analysis. 2020-02-03 14:16:48 +01:00