hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-13 19:16:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,033 Commits 1,708 Branches 162 Tags
30ba7aedfeff417f697515b6de699d45d317e795
Commit Graph

3033 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
30ba7aedfe JS: split SourceType.MODULE into two 2019-02-04 14:21:34 +00:00
Asger F
f00b16e500 JS: recognize Closure modules files as modules 2019-02-04 14:21:34 +00:00
semmle-qlci
e195ac996e Merge pull request #868 from xiemaisi/js/discard-tokens-early 
Approved by esben-semmle
 2019-02-04 11:32:03 +00:00
Taus
32cc7c7cd9 Merge pull request #858 from markshannon/python-a-few-more-unknowns 
Python: Slight improvement to reachability in points-to
 2019-02-04 12:14:50 +01:00
Max Schaefer
7be3336aaf JavaScript: Document per-function caches in CFG extractor. 2019-02-04 08:17:21 +00:00
Max Schaefer
6ad45b2451 JavaScript: Temporarily remove unstable test. 2019-02-04 08:10:39 +00:00
jf205
6243c722c6 Merge pull request #861 from jbj/revert-dbscheme-docs 
C++: Revert doc-related changes to dbscheme
 2019-02-01 10:59:18 +00:00
Max Schaefer
9bfde9553d Merge pull request #839 from asger-semmle/field-propwrite 
JS: add PropWrites cases for instance fields initialization
 2019-02-01 10:56:25 +00:00
semmle-qlci
222738072d Merge pull request #840 from esben-semmle/js/propagate-sound-avalue 
Approved by xiemaisi
 2019-02-01 09:23:43 +00:00
Jonas Jensen
e81d197ebd C++: Revert doc-related changes to dbscheme 
These changes to the dbscheme were made in 7cc1442ecb and a98aae0a24
without a corresponding upgrade script in the internal repo.
 2019-02-01 10:01:29 +01:00
Jonas Jensen
ee4526687d Merge pull request #859 from rdmarsh2/rdmarsh/cpp/ir-performance-1 
C++: use field overrides in TranslatedElement and subclasses
 2019-02-01 08:43:20 +01:00
Robert Marsh
e1d289ffb4 Merge pull request #759 from calumgrant/cs/interface-tostring 
C#: Remove FPs from cs/call-to-object-tostring
 2019-01-31 12:03:49 -08:00
Robert Marsh
f3b4cb4640 Merge pull request #848 from calumgrant/cs/lgtm-suppress-alerts 
C#: Suppress cs/catch-of-all-exceptions
 2019-01-31 12:03:26 -08:00
Robert Marsh
5327ca7f77 Merge pull request #812 from jbj/ir-backedge 
C++: IR back-edge detection based on TranslatedStmt
 2019-01-31 11:28:21 -08:00
Dave Bartolomeo
bbe8e7ebfc C++: fix typo, ThrowExpr -> ReThrowExpr 
Co-Authored-By: rdmarsh2 <rdmarsh2@gmail.com>
 2019-01-31 10:47:17 -08:00
Dave Bartolomeo
ab1f96fb2c Merge pull request #770 from jbj/cfg-static-init-pr 
C++: Add addresses to `Expr.isConstant`
 2019-01-31 10:24:48 -08:00
Dave Bartolomeo
b0b2fc80c1 Merge pull request #855 from jbj/ir-getRealParent 
C++: Simplify TranslatedElement.getRealParent
 2019-01-31 10:15:30 -08:00
Dave Bartolomeo
8896d3bf88 Merge pull request #856 from jbj/ir-getInstructionOperandDefinition 
C++: Speed up `getInstructionOperandDefinition`
 2019-01-31 10:11:59 -08:00
Robert Marsh
ffb46638b0 C++: use more field overrides in IR generation 2019-01-31 07:47:21 -08:00
Robert Marsh
fa56981bce C++: use field overrides in TranslatedExpr 2019-01-31 07:47:21 -08:00
Mark Shannon
24d678b869 Python: Points-to; let values with no boolean constant value flow through pi-nodes. 2019-01-31 15:15:49 +00:00
Mark Shannon
f190f83406 Python: Give most non-self instance attributes the 'unknown' value; improves reachability analysis. 2019-01-31 15:05:13 +00:00
Jonas Jensen
be2a480394 Merge pull request #843 from geoffw0/strtoul 
CPP: Improve ArithmeticTainted.ql
 2019-01-31 07:04:17 -08:00
Jonas Jensen
b55573ebe3 C++: Accept test changes in ir_gvn.expected 2019-01-31 10:08:16 +01:00
Jonas Jensen
947634f66f C++: Speed up getInstructionOperandDefinition 
A part of `SSAConstruction.getInstructionOperandDefinition` was more
expensive than it had to be. On a ChakraCore snapshot, this changes the
tuple counts from

    3020569 ~2%       {3} r40 = JOIN OperandTag::TUnmodeledUseOperand#f WITH Instruction::Instruction::getFunction_dispred#ff CARTESIAN PRODUCT OUTPUT FIELDS {Instruction::Instruction::getFunction_dispred#ff.<0>,OperandTag::TUnmodeledUseOperand#f.<0>,Instruction::Instruction::getFunction_dispred#ff.<1>}
    62405   ~0%       {3} r41 = JOIN r40 WITH Instruction::UnmodeledUseInstruction#class#fffffff ON r40.<0>=Instruction::UnmodeledUseInstruction#class#fffffff.<0> OUTPUT FIELDS {r40.<2>,r40.<1>,r40.<0>}
    2868421 ~1%       {3} r42 = JOIN r41 WITH Instruction::Instruction::getFunction_dispred#ff_10#join_rhs ON r41.<0>=Instruction::Instruction::getFunction_dispred#ff_10#join_rhs.<0> OUTPUT FIELDS {Instruction::Instruction::getFunction_dispred#ff_10#join_rhs.<1>,r41.<1>,r41.<2>}
    62405   ~0%       {3} r43 = JOIN r42 WITH Instruction::UnmodeledDefinitionInstruction#class#fffffff ON r42.<0>=Instruction::UnmodeledDefinitionInstruction#class#fffffff.<0> OUTPUT FIELDS {r42.<2>,r42.<1>,r42.<0>}

to

    (0s) Starting to evaluate predicate SSAConstruction::Cached::getUnmodeledUseInstruction#ff
    (0s) Tuple counts:
    62405   ~0%     {2} r1 = JOIN Instruction::UnmodeledUseInstruction#class#fffffff WITH Instruction::Instruction::getFunction_dispred#ff ON Instruction::UnmodeledUseInstruction#class#fffffff.<0>=Instruction::Instruction::getFunction_dispred#ff.<0> OUTPUT FIELDS {Instruction::Instruction::getFunction_dispred#ff.<1>,Instruction::Instruction::getFunction_dispred#ff.<0>}
                                      return r1
    ...
    75716   ~0%       {3} r40 = JOIN OperandTag::TUnmodeledUseOperand#f WITH FunctionIR::FunctionIR::getUnmodeledDefinitionInstruction#ff CARTESIAN PRODUCT OUTPUT FIELDS {FunctionIR::FunctionIR::getUnmodeledDefinitionInstruction#ff.<0>,OperandTag::TUnmodeledUseOperand#f.<0>,FunctionIR::FunctionIR::getUnmodeledDefinitionInstruction#ff.<1>}
    62405   ~0%       {3} r41 = JOIN r40 WITH FunctionIR::FunctionIR::getUnmodeledUseInstruction#ff ON r40.<0>=FunctionIR::FunctionIR::getUnmodeledUseInstruction#ff.<0> OUTPUT FIELDS {FunctionIR::FunctionIR::getUnmodeledUseInstruction#ff.<1>,r40.<1>,r40.<2>}
 2019-01-31 08:43:00 +01:00
Jonas Jensen
5b685383c8 C++: Simplify TranslatedElement.getRealParent 
Now that we have `Expr.getParentWithConversions`, we can implement
`TranslatedElement.getRealParent` simpler. This implementation also
avoids recursion.
 2019-01-31 08:41:29 +01:00
Asger F
720f442ea5 JS: Rename to StaticClassMemberAsPropWrite 2019-01-30 15:49:21 +00:00
semmle-qlci
fc5b9dd55e Merge pull request #837 from asger-semmle/hardcoded-empty-string 
Approved by esben-semmle
 2019-01-30 13:40:39 +00:00
semmle-qlci
24c8a47bb1 Merge pull request #841 from asger-semmle/private-higher-order-call 
Approved by esben-semmle
 2019-01-30 13:34:04 +00:00
Max Schaefer
17ce21c481 JavaScript: Remove an unused import in TrapTests.java. 2019-01-30 12:29:20 +00:00
Max Schaefer
5eba486d34 JavaScript: Clear per-function CFG caches after each function. 2019-01-30 12:29:20 +00:00
Felicity Chapman
54242f4009 Merge pull request #849 from jf205/locations 
Update links to QL help topics in GH repo files (SD-2999)
 2019-01-30 11:06:22 +00:00
Calum Grant
9b7f4a8ce5 Merge pull request #845 from hvitved/csharp/get-type-non-null 
C#: Teach guards library about `object.GetType()`
 2019-01-30 10:08:05 +00:00
Calum Grant
722402fc89 Merge pull request #825 from hvitved/csharp/cfg/splitting-performance 
C#: Improve performance of CFG split set computation
 2019-01-30 10:05:25 +00:00
james
7cc1442ecb Update link text 2019-01-30 09:44:07 +00:00
james
a98aae0a24 update links to lgtm.com/docs 2019-01-30 08:02:03 +00:00
james
81137aa7b4 update links to locations in .ql files 2019-01-30 08:02:02 +00:00
james
9d1a050f35 update links to locations in .qll files 2019-01-30 08:01:49 +00:00
calum
f39daaeeab C#: Suppress cs/catch-of-all-exceptions 2019-01-29 18:22:12 +00:00
calum
d63df71a8a C#: Fix merge conflict. 2019-01-29 18:15:33 +00:00
calum
423513169f C#: Address review comments. Introduce Member::isEffectivelyPublic() because isEffectivelyPrivate and isEffectivelyInternal are almost always used together. 2019-01-29 18:05:29 +00:00
calum
26365c82f7 C#: Update change notes. 2019-01-29 18:04:52 +00:00
calum
931b6b4ee5 C#: Exclude interfaces and abstract classes from cs/call-to-object-tostring 2019-01-29 18:04:26 +00:00
Taus
83e2689645 Merge pull request #844 from markshannon/python-hide-magic-variables-in-test 
Python tests: Further hiding of special ESSA variables in tests
 2019-01-29 18:51:06 +01:00
Taus
3d7821c83a Merge pull request #820 from markshannon/python-incomplete-url-sanitize 
Python: Two new queries for URL and hostname sanitization (CWE-020).
 2019-01-29 17:48:42 +01:00
Tom Hvitved
16d3399039 C#: Teach guards library about object.GetType() 2019-01-29 16:40:36 +01:00
Tom Hvitved
87bb4a1d56 C#: Add null guard test involving GetType() 2019-01-29 16:32:13 +01:00
Mark Shannon
9820249c71 Python tests: Further hiding of special ESSA variables in tests, to ease transition from '*' to '$' variable. 2019-01-29 15:06:47 +00:00
Taus
9adb19f3a9 Merge branch 'master' into python-incomplete-url-sanitize 2019-01-29 14:17:37 +01:00
Max Schaefer
e9500e8b75 JavaScript: Update trap tests. 2019-01-29 13:01:03 +00:00