hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-22 02:44:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,184 Commits 1,685 Branches 158 Tags
25dc2ad273cbbe9768c2193ec2c1c3da36c18fc7
Commit Graph

9184 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
25dc2ad273 C++: Support '__builtin_alloca'. 2019-12-16 14:19:33 +00:00
Geoffrey White
acca39bfc7 C++: Repair following merge. 2019-12-16 14:12:32 +00:00
Geoffrey White
0da826f0c3 Merge branch 'master' into overflowcalc 2019-12-16 13:48:38 +00:00
Jonas Jensen
8b1892d900 Merge pull request #2533 from m00nbsd/master 
Add NetBSD/Solaris allocation functions.
 2019-12-16 14:42:12 +01:00
Calum Grant
a5b2549f6f Merge pull request #2514 from hvitved/csharp/code-contracts 
C#: Recognize Code Contract assertions
 2019-12-16 13:00:01 +00:00
Jonas Jensen
5cea452123 Merge pull request #2491 from rdmarsh2/rdmarsh/cpp/ir-taintedIncludingGlobalVars 
C++: handle global vars in DefaultTaintTracking
 2019-12-16 11:00:34 +01:00
m00nbsd
f7484171c9 Add NetBSD/Solaris allocation functions. 
* kmem_{z}alloc is used by Solaris and NetBSD
 * pool_{cache_}get is used by NetBSD
 2019-12-16 10:32:18 +01:00
Jonas Jensen
648c19978a Merge pull request #2528 from geoffw0/hiddenqueries 
CPP: Resolve some hidden queries
 2019-12-14 09:39:13 +01:00
Geoffrey White
91af51cf46 CPP: Change note. 2019-12-13 16:58:37 +00:00
semmle-qlci
9b6c394ac7 Merge pull request #2520 from max-schaefer/js/fix-2517 
Approved by esbena
 2019-12-13 12:59:37 +00:00
Geoffrey White
d1530ddef9 CPP: Reduce precision of ClassesWithManyFields.ql. 2019-12-13 08:40:59 +00:00
Geoffrey White
49b5d9283f CPP: Reduce precision of FeatureEnvy.ql. 2019-12-13 08:40:59 +00:00
Geoffrey White
896ec9de72 CPP: Reduce precision of InappropriateIntimacy.ql. 2019-12-13 08:40:58 +00:00
Geoffrey White
acb011de04 CPP: Reduce precision of JapaneseEraDate.ql. 2019-12-13 08:40:58 +00:00
Jonas Jensen
12c11d079b Merge pull request #2523 from jf205/mergeback-123-ql 
Mergeback 1.23 -> master
 2019-12-13 09:08:27 +01:00
Robert Marsh
53988b4b6c Merge pull request #2527 from Semmle/fix-labeler-yaml-escaping 
Actions: Fix broken escaping in PR labeller action.
 2019-12-12 16:00:17 -08:00
Taus
c1b5389d96 Actions: Fix broken escaping in PR labeler action. 
TL;DR: YAML escaping is complicated. I think this should fix the problems.
 2019-12-12 22:24:23 +01:00
Rasmus Wriedt Larsen
43301505f5 Merge pull request #2521 from tausbn/automatically-label-pull-requests 
Actions: Automatically add language-specific labels to pull requests.
 2019-12-12 15:35:51 +00:00
Taus Brock-Nannestad
2fec0d0294 Escape labels with potentially problematic characters. 2019-12-12 16:29:04 +01:00
james
f6029bd55c Merge branch 'rc/1.23' into mergeback-123-ql 2019-12-12 15:05:28 +00:00
Geoffrey White
73446ea610 Merge pull request #2511 from jbj/isInCycle-raw-only 
C++: Compute isInCycle only for raw IR
 2019-12-12 14:22:00 +00:00
Taus Brock-Nannestad
51315217ff Add documentation label to docs/**/*. 2019-12-12 15:10:21 +01:00
Taus Brock-Nannestad
558c0a440e Actions: Automatically add language-specific labels to pull requests. 2019-12-12 14:42:45 +01:00
Rasmus Wriedt Larsen
e3b502085b Merge pull request #2515 from tausbn/python-fix-bad-join-order-in-statement-no-effect 
Python: Fix bad join order in `py/ineffectual-statement`.
 2019-12-12 13:41:18 +00:00
Max Schaefer
dfeca63677 JavaScript: Fix characteristic predicate of XMLParent. 
The database type `@xmlparent` is defined a bit too loosely in that it includes all of `@file`, not just XML files. Fixing that would involve fiddling with the extractor/dbscheme, so I have opted to fix it at the QL level instead.
 2019-12-12 12:38:29 +00:00
Tom Hvitved
374b0c063e C#: Autoformat 2019-12-11 20:36:54 +01:00
Taus Brock-Nannestad
d5cc42e34c Python: Fix bad join order in py/ineffectual-statement. 
This used to take 30s on `cpython`.
```
Tuple counts for StatementNoEffect::side_effecting_binary#f:
46522     ~0%     {2} r1 = ClassObject::ClassObject::hasAttribute_dispred#fb AS L AND NOT StatementNoEffect::side_effecting_binary#f#antijoin_rhs AS R(L.<0>, L.<1>)
46522     ~2%     {2} r2 = SCAN r1 OUTPUT r1.<1>, r1.<0>
950960    ~2%     {2} r3 = JOIN r2 WITH Operations::Operator::getSpecialMethodName_dispred#ff_10#join_rhs AS R ON FIRST 1 OUTPUT R.<1>, r2.<1>
950960    ~2%     {2} r4 = JOIN r3 WITH py_operators AS R ON FIRST 1 OUTPUT R.<2>, r3.<1>
950960    ~0%     {3} r5 = JOIN r4 WITH AstGenerated::BinaryExpr_::getLeft_dispred#ff AS R ON FIRST 1 OUTPUT R.<1>, r4.<1>, r4.<0>
122934382 ~0%     {2} r6 = JOIN r2 WITH Operations::Cmpop::getSpecialMethodName_dispred#ff_10#join_rhs AS R ON FIRST 1 OUTPUT R.<1>, r2.<1>
122934382 ~3%     {3} r7 = JOIN r6 WITH project#Operations::Compare::compares_dispred#ffff#3_201#join_rhs AS R ON FIRST 1 OUTPUT R.<2>, r6.<1>, R.<1>
123885342 ~3%     {3} r8 = r5 \/ r7
300       ~8%     {1} r9 = JOIN r8 WITH project#Exprs::Expr::refersTo_dispred#ffff AS R ON FIRST 2 OUTPUT r8.<2>
                  return r9
```
With this commit, it takes a few milliseconds.
 2019-12-11 17:58:30 +01:00
semmle-qlci
3d8c35e523 Merge pull request #2509 from asger-semmle/typescript-full-json 
Approved by max-schaefer
 2019-12-11 16:31:26 +00:00
Tom Hvitved
78f63a3679 C#: Add change note 2019-12-11 16:57:35 +01:00
Tom Hvitved
b7484e63ee C#: Recognize Code Contract assertions 2019-12-11 16:54:42 +01:00
Tom Hvitved
5429448eeb C#: Add tests for Code Contracts 2019-12-11 16:51:42 +01:00
shati-patel
f2d1e534c9 Merge pull request #1914 from jf205/query-debugging 
docs: make a start on query debugging topic
 2019-12-11 14:31:55 +00:00
James Fletcher
ff4a604119 Update docs/language/learn-ql/writing-queries/debugging-queries.rst 
Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
 2019-12-11 14:29:10 +00:00
James Fletcher
b2db72d336 Apply suggestions from code review 
Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
 2019-12-11 14:13:56 +00:00
James Fletcher
2ce1c2bfee Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-11 12:44:35 +00:00
james
d6202da876 docs: address max's comments 2019-12-11 12:25:35 +00:00
James Fletcher
61576caede Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-12-11 12:20:38 +00:00
Asger F
063abb5cbc TS: Avoid name clash between tsconfig.json and type table 2019-12-11 12:15:44 +00:00
semmle-qlci
cb8e5fa3fc Merge pull request #2411 from asger-semmle/regexp-sanitizer-guards 
Approved by esbena, max-schaefer
 2019-12-11 12:00:21 +00:00
james
d56c02b1b7 docs: start work on debugging queries topic 2019-12-11 10:42:54 +00:00
Jonas Jensen
5a8407749f C#: autoformat fixup 2019-12-11 09:10:23 +01:00
yo-h
837b1e2f9b Merge pull request #2501 from hmakholm/test-extractors 
Prepare for `codeql test`:
 2019-12-10 16:49:14 -05:00
Calum Grant
3e0045f435 Merge pull request #2308 from hvitved/csharp/dataflow/types 
C#: Type-based pruning for data flow
 2019-12-10 20:16:20 +00:00
Geoffrey White
5ecfaed6b1 Merge pull request #2510 from jbj/getTempVariable-perf 
C++: Fix getTempVariable join order in IR
 2019-12-10 16:06:52 +00:00
Jonas Jensen
66876d0f63 C++: Compute isInCycle only for raw IR 
On wireshark/wireshark, `isInCycle` ran into a low-memory loop on the
`aliased_ssa` stage. It shouldn't be necessary to detect cycles after
the `raw` stage, so this commit moves cycle detection into the
`Construction` modules and makes it a no-op in `SSAConstruction.qll`.
 2019-12-10 16:03:39 +01:00
Tom Hvitved
abcb6b8aab C#: Type-based pruning for data flow 2019-12-10 15:48:48 +01:00
Tom Hvitved
54088248a1 C#: Use source declarations in field flow 2019-12-10 15:46:31 +01:00
Tom Hvitved
a344707baa C#: Add more data flow tests 
Add tests that exhibit missing type pruning.
 2019-12-10 15:46:31 +01:00
Tom Hvitved
78ddb37a8c C#: Track type information in data flow 
This commit adds type information to data flow paths, by mapping node types onto
the smaller set of GVN types, and implementing `ppReprType()`.

The effect is a mere change in `DataFlow::PathNode::toString()`; no type-based
pruning is done yet.
 2019-12-10 15:46:28 +01:00
Jonas Jensen
7c151644f5 C++: Fix getTempVariable join order in IR 
This join order seems to have broken so it took forever on
wireshark/wireshark.
 2019-12-10 13:43:36 +01:00