hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-18 11:21:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
4,950 Commits 1,778 Branches 169 Tags
3097037a6f545f9b81d1d02e3f736d07a1f2bfcd
Commit Graph

4950 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
3097037a6f Merge pull request #1290 from esben-semmle/js/semver-lib 
JS: add SemVer library
 2019-05-31 08:09:24 +01:00
Calum Grant
5b8c6d4789 Merge pull request #1377 from hvitved/csharp/useless-upcast 
C#: Teach `cs/useless-upcast` about disambiguating constructor calls
 2019-05-31 06:51:39 +01:00
Robert Marsh
6167a556fd Merge pull request #1380 from dave-bartolomeo/dave/RangeFor 
C++: IR support for range-based `for` loops
 2019-05-30 17:21:42 -07:00
semmle-qlci
0fa06e5c8d Merge pull request #1180 from asger-semmle/tainted-path-squashed 
Approved by xiemaisi
 2019-05-30 17:20:19 +01:00
semmle-qlci
b17eb5cc9d Merge pull request #1384 from asger-semmle/typescript-3.5 
Approved by xiemaisi
 2019-05-30 15:53:27 +01:00
semmle-qlci
9614a1a039 Merge pull request #1385 from xiemaisi/js/lgtm-yml-change-notes 
Approved by mc-semmle
 2019-05-30 15:25:49 +01:00
Asger F
be5173680d Merge pull request #2 from xiemaisi/tainted-path-squashed 
JavaScript: Update expected test output.
 2019-05-30 15:16:19 +01:00
Max Schaefer
a3be6be17d JavaScript: Add change notes for newly added lgtm.yml properties. 2019-05-30 15:11:35 +01:00
Max Schaefer
3c8aea26da JavaScript: Update expected test output. 2019-05-30 15:05:43 +01:00
Asger F
9b28a3adf0 Merge pull request #1 from xiemaisi/tainted-path-squashed 
JavaScript: Remove a few more configurations from AllConfigurations.qll.
 2019-05-30 13:26:42 +01:00
Max Schaefer
5ac408d641 JavaScript: Remove a few more configurations from AllConfigurations.qll. 
This works around BDD node exhaustion we get due to the complex type
hierarchy caused by importing many configurations at once. I've also
renamed the library accordingly.
 2019-05-30 13:13:16 +01:00
Asger F
320f484e7e TS: Rephrase change note 2019-05-30 12:48:05 +01:00
Asger F
d6010d7be7 TS: Update supported compiler version range 2019-05-30 12:45:26 +01:00
Asger F
72c0925967 TS: Bump to TypeScript 3.5.1 2019-05-30 11:40:25 +01:00
Geoffrey White
d672a6e13e Merge pull request #1376 from jbj/getName-direct 
C++: Use Definition.qll's getName
 2019-05-30 10:01:12 +01:00
Dave Bartolomeo
aff85c5b24 C++: IR support for range-based for loops 
IR construction was missing support for C++ 11 range-based `for` loops. The extractor generates ASTs for the compiler-generated implementation already, so I had enough information to generate IR. I've expanded on some of the predicates in `RangeBasedForStmt` to access the desugared information.

One complication was that the `DeclStmt`s for the compiler-generated variables seem to have results for `getDeclaration()` but not for `getDeclarationEntry()`. This required handling these slightly differently than we do for other `DeclStmt`s.

The flow for range-based `for` is actually easier than for a regular `for`, because all three components (init, condition, and update) are always present.
 2019-05-29 14:40:29 -07:00
Calum Grant
59a006e59e Merge pull request #1368 from hvitved/csharp/cil-nullness 
CIL: Account for multiple `VariableUpdate::getSource()`s in nullness analysis
 2019-05-29 20:55:08 +01:00
Felicity Chapman
a782585d74 Merge pull request #1374 from jf205/update-readme/sd-3458 
docs: add link to style guides in readme
 2019-05-29 14:42:46 +01:00
Jonas Jensen
241ef3c873 Merge pull request #1315 from geoffw0/ctime 
CPP: Split PotentiallyDangerousFunction.ql
 2019-05-29 15:40:34 +02:00
Tom Hvitved
abc7cf2ef1 C#: Add change note 2019-05-29 15:18:45 +02:00
Tom Hvitved
6b99e1a1bf C#: Teach cs/useless-upcast about disambiguating constructor calls 2019-05-29 15:16:08 +02:00
Tom Hvitved
d8482083b9 C#: Add tests for disambiguated constructor calls 2019-05-29 15:14:30 +02:00
Jonas Jensen
f8644b1023 C++: Use Definition.qll's getName 
It turns out we didn't have to move the `getName` implementation into
the mirror classes in `QualifiedName`. Doing so only made it harder for
the optimiser to specialize calls to `getName` on various kinds of
`Declaration`.
 2019-05-29 14:18:10 +02:00
Jonas Jensen
b4f19eebdd C++: Revert the getName() changes 
This reverts the `getName()` parts of 56e88cbac0 and 0a2e28858a.
 2019-05-29 14:15:45 +02:00
Tom Hvitved
884ef4c960 Merge pull request #1362 from calumgrant/cs/cs8/testing 
C#: Various small C#8 features
 2019-05-29 14:00:43 +02:00
james
59bca9026c docs: address review comments 2019-05-29 11:53:53 +01:00
Geoffrey White
6c267f4957 CPP: Fix qhelp. 2019-05-29 10:35:49 +01:00
Geoffrey White
76d18b42b8 CPP: Repair getQualifiedName changes from elsewhere. 2019-05-29 10:35:49 +01:00
Geoffrey White
2e932b6675 CPP: Change notes. 2019-05-29 10:35:49 +01:00
Geoffrey White
eb880c3f9f CPP: Reference URLs. 2019-05-29 10:35:49 +01:00
Geoffrey White
dc44d686d4 CPP: Update CWE tag. 2019-05-29 10:35:49 +01:00
Geoffrey White
34444ace8b CPP: Update the query name and description. 2019-05-29 10:35:49 +01:00
Geoffrey White
2ae38a54af CPP: Adjust query tags. 2019-05-29 10:35:49 +01:00
Geoffrey White
9da2ead1f7 CPP: Remove redundant tests. 2019-05-29 10:35:49 +01:00
Geoffrey White
fc5e7e5e91 CPP: Test the new query. 2019-05-29 10:35:48 +01:00
Geoffrey White
88f363d564 CPP: Update the ql, qhelp and example. 2019-05-29 10:35:48 +01:00
Geoffrey White
1f80dea375 CPP: Clone PotentiallyDangerousFunction query as DangerousUseOfGets. 2019-05-29 10:35:48 +01:00
Geoffrey White
574a1d8501 Merge pull request #1037 from kevinbackhouse/RangeAnalysisAssignAddOverflow 
Better overflow detection for AssignAdd/AssignSub
 2019-05-29 09:54:06 +01:00
Tom Hvitved
23ce5bc7bf Merge pull request #1353 from calumgrant/cs/diagnostic-queries3 
C#: Add internal queries for extractor and compiler diagnostics
 2019-05-29 10:26:41 +02:00
Kevin Backhouse
b7ac03d07b Merge pull request #2 from geoffw0/assignadd2 
CPP: Minor corrections to: Better overflow detection for AssignAdd/AssignSub
 2019-05-29 08:36:29 +01:00
Tom Hvitved
428ad72694 C#: Improve performance of always[Not]NullMethod() 2019-05-29 09:34:54 +02:00
Calum Grant
1b264f73b4 C#: Fix test settings. 2019-05-29 08:15:51 +01:00
Calum Grant
cd41f4f415 C#: Analysis change notes. 2019-05-29 08:15:50 +01:00
Calum Grant
573646fe6a C#: Various C#8 features: 
- Async streams (test only)
 - Unmanaged generic structs (extractor support)
 - Alternate interpolated strings (test only)
 - static local function (test only)
 2019-05-29 08:12:11 +01:00
semmle-qlci
5bbbd26787 Merge pull request #1372 from xiemaisi/js/fail-if-no-code 
Approved by esben-semmle
 2019-05-29 08:06:44 +01:00
james
29e46cf347 docs: add link to style guides in readme 2019-05-28 21:33:36 +01:00
Jonas Jensen
b0a7f207e4 Merge pull request #1343 from rdmarsh2/rdmarsh/cpp/getUnspecifiedType 
C++: add getUnspecifiedType() for exprs and decls
 2019-05-28 20:10:28 +01:00
Calum Grant
85f275ce73 Merge pull request #1347 from hvitved/csharp/dataflow/this-flow 
C#: Data flow through `this` parameter
 2019-05-28 19:58:01 +01:00
Robert Marsh
b4ef532039 C++: change note for getUnspecifiedType() 2019-05-28 07:58:23 -07:00
Robert Marsh
d20efe49dd C++: respond to PR comments 2019-05-28 07:51:59 -07:00