hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
55,105 Commits 1,673 Branches 157 Tags
2daa9577bbbcdf762fb00c96dcd20849245e75b0
Commit Graph

758 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
2daa9577bb ruby/python: implement shared module 
ruby:
- create new shared file `SummaryTypeTracker.qll`
- move much logic into the module
- instantiate the module
- remove old logic, now provided by module

python:
- clone shared file
- instantiate module
- use (some of the) steps provided by the module
 2023-05-30 13:31:24 +02:00
Rasmus Lerchedahl Petersen
47b2d48da2 python: add tests 
- add `getACallSimple` to `SummarizedCallable`
  (by adding it to `LibraryCallable`)
 2023-05-30 13:16:04 +02:00
Rasmus Lerchedahl Petersen
5d68473d12 python: elide nodes without location from basic 2023-05-16 14:38:51 +02:00
Rasmus Lerchedahl Petersen
5b4f98d6c4 python: Add summaries for container constructors 
Also:
- turn on flow summaries for taint
- do not restrict node type
  (as now we need summary nodes)
 2023-05-16 14:38:51 +02:00
Rasmus Lerchedahl Petersen
145eaf3947 python: remove steps for container constructors 2023-05-16 10:35:10 +02:00
Rasmus Lerchedahl Petersen
81adf5aad4 python: remember to adjust annotation 2023-05-12 14:28:41 +02:00
Rasmus Lerchedahl Petersen
1b848bb510 python: fix tests 2023-05-12 13:51:50 +02:00
yoff
6a5fc3c1b1 Update python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/test_collections.py 2023-05-12 13:06:08 +02:00
yoff
62b60f490c Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-12 12:54:17 +02:00
Rasmus Lerchedahl Petersen
0a9515dbcd python: add tests for built-in collections 
- constructors: list, tuple, set, dict
- methods:
  - general: copy, pop
  - list: append
  - set: add
  - dict: keys, values, items, get, popitem
- functions: sorted, reversed, iter, next
 2023-05-10 18:10:05 +02:00
yoff
9cc7cdef4c Merge branch 'main' into python/update-taint-debug 2023-05-10 10:26:19 +02:00
yoff
25899c15c9 Merge pull request #13098 from hvitved/python/update-consistency-expected 
Python: Update expected test output
 2023-05-10 08:58:27 +02:00
Tom Hvitved
4d84f92e8c Python: Update expected test output 2023-05-10 08:15:15 +02:00
yoff
4849f43d16 Merge branch 'main' into python/update-taint-debug 2023-05-09 21:35:56 +02:00
yoff
1a57f81aca Merge pull request #12537 from yoff/python/captured-variables-for-typetracking 
Python: Captured variables for type tracking and the API graph
 2023-05-09 12:34:22 +02:00
yoff
42090b55fa Merge branch 'main' into python/captured-variables-for-typetracking 2023-05-04 13:52:23 +02:00
Mathias Vorreiter Pedersen
77001a070b Merge branch 'main' into identity-consistency-check 2023-05-03 22:01:06 +01:00
Mathias Vorreiter Pedersen
e650df810d Python: Accept consistency changes. 2023-05-03 20:33:00 +01:00
Rasmus Lerchedahl Petersen
6d9fd24f1b python: update comments 2023-05-03 18:10:15 +02:00
yoff
e49f7a5d33 Update python/ql/test/experimental/dataflow/variable-capture/by_value.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-03 18:03:39 +02:00
yoff
a905917123 Merge pull request #12937 from RasmusWL/fix-module-variable-node 
Python: Hide `ModuleVariableNode` in data-flow paths
 2023-05-03 17:58:26 +02:00
Rasmus Wriedt Larsen
c89b57997a Python: Change variable capture tests to use fresh variable names 
Instead of reusing `nonSink0` for both captureOut1NotCalled and
captureOut2NotCalled tests (I used 1/2 naming scheme to match things up
nicely).

I also added a comment highlighting that `m` is the function that is not
called (since I overlooked that initially :O)
 2023-05-02 14:13:56 +02:00
Rasmus Lerchedahl Petersen
e65ff68547 python: update debug queries 2023-05-01 14:58:42 +02:00
Rasmus Wriedt Larsen
aa216e6535 Python: Update inline expectations 2023-04-27 12:04:05 +02:00
Rasmus Wriedt Larsen
d73289ac4e Python: Accept .expected changes 2023-04-27 11:54:39 +02:00
Rasmus Lerchedahl Petersen
00b85cbfb9 python: remove blank line 2023-04-26 16:26:26 +02:00
Rasmus Lerchedahl Petersen
20cbc08627 python: we want empty expected files 
(thanks @RasmusWL)
 2023-04-26 15:54:23 +02:00
Rasmus Lerchedahl Petersen
843329f2fb python: no longer missing 2023-04-26 15:06:03 +02:00
Rasmus Lerchedahl Petersen
66fdf6b241 python: add test for capturing by value 2023-04-26 15:05:03 +02:00
Rasmus Lerchedahl Petersen
003fece490 python: add test for capturing via global 2023-04-26 14:52:40 +02:00
Rasmus Lerchedahl Petersen
4d95b2023e python: remember to update validTest.py 2023-04-26 14:36:52 +02:00
Rasmus Wriedt Larsen
abc1d658e0 Python: More .expected accepting 2023-04-26 14:10:13 +02:00
Rasmus Lerchedahl Petersen
824d4d5413 python: fix test expectations 
also rename `collections.py` so it does not
clash with the standard library name.
This clash is an issue when testing locally.
 2023-04-26 13:31:37 +02:00
Rasmus Wriedt Larsen
b178c9cfe6 Python: Accept dataflow/basic/*.expected 2023-04-26 13:30:11 +02:00
Rasmus Wriedt Larsen
3f39648065 Python: Remove duplicated test 2023-04-26 13:30:11 +02:00
Rasmus Wriedt Larsen
1a97e8f329 Python: Add flow-step for arg[1] to dict.setdefault 2023-04-26 13:30:11 +02:00
Rasmus Lerchedahl Petersen
0338d4ef9c This was the case locally, but not in CI.. 🤷 
Revert "python: no longer missing"

This reverts commit f796177b69.
 2023-04-25 21:34:27 +02:00
Rasmus Lerchedahl Petersen
f796177b69 python: no longer missing 2023-04-25 14:24:26 +02:00
Rasmus Wriedt Larsen
7453533ba4 Python: Expand setdefault tests 2023-04-24 12:29:58 +02:00
Rasmus Lerchedahl Petersen
a25c7f7549 Merge branch 'main' of https://github.com/github/codeql into python/captured-variables-for-typetracking 2023-04-24 11:50:32 +02:00
Rasmus Wriedt Larsen
f80a0916ac Python: Don't report get/setdefault as unresolved calls for dict tests 2023-04-21 14:42:20 +02:00
Rasmus Wriedt Larsen
b56869551d Python: Support more dictionary read/store steps 
The `setdefault` behavior is kinda strange, but no reason not to support
it.
 2023-04-21 14:18:50 +02:00
Rasmus Wriedt Larsen
6e31f64aaa Python: Add test for dictionary flow 2023-04-21 14:18:46 +02:00
Taus
c0eb611dae Merge pull request #12244 from RasmusWL/import-refined 
Python: Fix import of refined variable
 2023-03-24 13:22:19 +01:00
Rasmus Wriedt Larsen
b2f34ef4b1 Merge branch 'main' into import-refined 2023-03-21 15:12:11 +01:00
yoff
e21e630316 Merge branch 'main' into python/add-test-to-valid 2023-03-21 14:47:17 +01:00
Rasmus Wriedt Larsen
e90559b86d Python: Add missing options files 
I could not for the life of me figure out why the tests were failing,
when they were working for me locally 🤦
 2023-03-21 10:24:28 +01:00
Rasmus Wriedt Larsen
346086524b Python: Accept dataflow-consistency test changes 
To PRs must have had a conflict when merged separately
 2023-03-21 10:09:01 +01:00
Rasmus Wriedt Larsen
2ee09cc5d1 Merge branch 'main' into import-refined 2023-03-20 15:42:01 +01:00
Rasmus Wriedt Larsen
93c9f59e86 Python: Extract version specific coverage/classes.py tests 
Since we can analyze operator.py from Python3, but not in Python 2
(since it's implemented in C), we get a difference for the index tests.

note: `operator.length_hint` is only available in Python 3.4 and later,
so would always fail under Python 2.
 2023-03-20 15:39:20 +01:00