hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,500 Commits 1,741 Branches 166 Tags
369c456353a07b6368cbe3771979fca5afb49bcd
Commit Graph

7500 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Calum Grant
369c456353 Merge pull request #2090 from hvitved/csharp/local-function-trap 
C#: Use containing type instead of containing method in local function TRAP label
 2019-10-07 08:29:13 +01:00
Tom Hvitved
8ba94140b1 C#: Use containing type instead of containing method in local function TRAP label 
This is in order to handle the case where the enclosing callable of a local
function is a lambda expression.
 2019-10-06 21:05:34 +02:00
Tom Hvitved
28021d6715 C#: Add test for local function in lambda 2019-10-06 20:50:24 +02:00
Jonas Jensen
6c87d75190 Merge pull request #2088 from geoffw0/swap3 
CPP: Add taint tests.
 2019-10-04 20:44:18 +02:00
Robert Marsh
7fefe4385a Merge pull request #1963 from jbj/predictableInstruction 
C++: Implement predictableInstruction without Expr
 2019-10-04 10:04:52 -07:00
Geoffrey White
050d99fa87 CPP: Add test cases. 2019-10-04 17:44:27 +01:00
ian-semmle
ebc10cf5db Merge pull request #2084 from matt-gretton-dann/cpp-445-synthetic_destructor_call-INVALID_KEY-warnings 
Update keysets for synthetic_destructor_call and *variables tuple
 2019-10-04 16:38:35 +01:00
Tom Hvitved
b55e2948be Merge pull request #1986 from calumgrant/cs/switch-cfg 
C#: Fix CFG for switch statements where the default case is not the last
 2019-10-04 16:54:04 +02:00
Geoffrey White
0e478d1c0e Merge pull request #2066 from jbj/dataflow-conditionAlwaysTrue-perf 
C++: Improve join orders for QL CFG
 2019-10-04 14:16:41 +01:00
Geoffrey White
e465f4cc81 Merge pull request #2064 from jbj/leapyear-extends-abstract 
C++: Avoid `extends Operation` in LeapYear.qll
 2019-10-04 14:15:21 +01:00
Anders Schack-Mulligen
273ef46c22 Merge pull request #2080 from hvitved/dataflow/ap-tostring 
Java/C++/C#: Tweak `AccessPathNil::toString()`
 2019-10-04 14:02:10 +02:00
Tom Hvitved
7f6e253425 Java: Update expected test output 2019-10-04 11:09:44 +02:00
Tom Hvitved
9b58d799cb Java/C++/C#: Tweak AccessPathNil::toString() 
Move the type annotation outside the brackets, to avoid prefixes such as
`[ : T]`.
 2019-10-04 11:09:44 +02:00
Calum Grant
48dee29620 Merge pull request #2021 from hvitved/csharp/local-not-disposed 
C#: Refactor `cs/local-not-disposed` using data flow library
 2019-10-03 15:21:06 +01:00
Matthew Gretton-Dann
d06e3d79c6 C++: Add DB Upgrade script 2019-10-03 15:16:50 +01:00
Matthew Gretton-Dann
618d0a9603 C++: Update DB Stats 2019-10-03 15:16:50 +01:00
Matthew Gretton-Dann
a7f682a9be C++: Update *variables keysets. 2019-10-03 15:16:50 +01:00
Matthew Gretton-Dann
d62730a9f3 C++: Update synthetic_destructor_call keysets. 
Reorder the [ destructor_call, expr ] tuple.
Add a [ expr, i ] tuple.
 2019-10-03 15:16:50 +01:00
Matthew Gretton-Dann
06d1d6ed5d C++: Fix synthetic_destructor_call key uniqueness. 2019-10-03 15:16:50 +01:00
Jonas Jensen
dca39f0fad Merge pull request #2027 from zlaski-semmle/zlaski/memset-model 
[zlaski/memset-model] QL model for `memset` and friends
 2019-10-03 14:31:23 +02:00
AlexTereshenkov
3e6f8fb6be Add bind-socket-all-network-interfaces Python query (#2048) 
Add bind-socket-all-network-interfaces Python query
 2019-10-03 11:23:11 +01:00
semmle-qlci
a019c456e9 Merge pull request #1985 from shati-patel/ql-etudes 
Approved by jf205
 2019-10-03 09:16:22 +01:00
semmle-qlci
a8a7de963c Merge pull request #2070 from shati-patel/hb/updates 
Approved by jf205
 2019-10-03 09:14:58 +01:00
yh-semmle
3313af5189 Merge pull request #2036 from aschackmull/java/eq-ssa-guard 
Java: Improve guards for equal ssa variables.
 2019-10-02 12:00:59 -04:00
Tom Hvitved
e5380aa6a7 Merge pull request #2038 from aschackmull/java/dataflow-fixes 
Java/C++/C#: Misc. dataflow fixes.
 2019-10-02 16:39:01 +02:00
Calum Grant
eb893fbc5d Merge pull request #2024 from hvitved/csharp/conversion-unbound 
C#: Handle unbound types in conversion library
 2019-10-02 15:36:38 +01:00
Tom Hvitved
b66479c028 C#: Add change note 2019-10-02 16:31:26 +02:00
Tom Hvitved
17085dc05c C#: Fix typo 2019-10-02 16:26:38 +02:00
Anders Schack-Mulligen
f87cb4d6ac Java/C++/C#: Address review comments and fix test. 2019-10-02 14:32:17 +02:00
Shati Patel
9c54eef45a QL HB: Update aggregation section 2019-10-02 12:48:16 +01:00
Shati Patel
3dd2a6c325 QL etudes: Add further explanation + link 2019-10-02 12:21:23 +01:00
Anders Schack-Mulligen
0154e31e64 Java: Add change note. 2019-10-02 11:47:53 +02:00
Calum Grant
28c34ad41e C#: Address review comments. 2019-10-02 10:42:06 +01:00
Calum Grant
39f550b6d2 Merge pull request #2054 from hvitved/csharp/autobuilder/log-cleanup 
C#: Cleanup more files after failed autobuilder attempt
 2019-10-01 15:55:58 +01:00
Calum Grant
b4da63b3f2 Merge pull request #2061 from hvitved/csharp/local-function-label 
C#: Prepend enclosing method in local function TRAP labels
 2019-10-01 15:19:04 +01:00
Jonas Jensen
3c7d79481f C++: Autoformat FlowVar.qll 2019-10-01 15:54:41 +02:00
Jonas Jensen
0990ceb09a C++: Remove bbNotInLoop and its caller in FlowVar 
This change is needed when enabling the QL CFG on certain snapshots such
as notaz/picodrive. It removes the `bbNotInLoop` predicate, which was
always a liability because it's inherently quadratic. The real slowdown
came in `skipLoop`, where all true-upon-entry loops were crossed with
all definitions of variables that should take their definition from the
loop body.
 2019-10-01 14:33:28 +02:00
Jonas Jensen
eed24f1933 C++: Improve join orders with QL CFG 
Size estimates are slightly different when we enable the QL CFG, and
this caused bad join orders in these predicates.
 2019-10-01 14:33:28 +02:00
ian-semmle
e048207e2f Merge pull request #2055 from matt-gretton-dann/cpp-439-test-cases 
C++: Add test cases for constant initializers
 2019-10-01 12:43:46 +01:00
Shati Patel
427325b04a QL etudes: Update with Robert's suggestions 2019-10-01 11:23:41 +01:00
Jonas Jensen
34b625900a C++: Avoid extends Operation in LeapYear.qll 
The `Operation` class is abstract, and extending it caused cached stages
to be recomputed all the way down to the AST. This meant that the leap
year queries evaluated their own copy of SSA and data flow.
 2019-10-01 11:50:33 +02:00
Jonas Jensen
7434702958 Merge pull request #1735 from rdmarsh2/rdmarsh/cpp/ir-dataflow-def-by-ref-2 
C++: side effect IR instructions for pointer arguments
 2019-10-01 11:35:19 +02:00
Calum Grant
fdc29aa81d Merge pull request #2062 from hvitved/csharp/suppress-similar-file 
C#: Suppress `cs/similar-file` alerts
 2019-10-01 10:21:55 +01:00
Tom Hvitved
413926f675 C#: Prepend enclosing method in local function TRAP labels 2019-10-01 10:25:18 +02:00
Robert Marsh
d1e2ddcf99 C#: sync unalised_ssa IR stage and add to check 2019-09-30 12:53:00 -07:00
Robert Marsh
ee3b40bd89 C#: sync changes and accept test output 2019-09-30 12:00:55 -07:00
Robert Marsh
a45a6e48f8 C++: remove side effect operands from non-reads 2019-09-30 12:00:55 -07:00
Robert Marsh
9f20cb83c3 C++/C#: Autoformat 2019-09-30 12:00:55 -07:00
Robert Marsh
fcfc11052a C++: add QLDoc to side effect functions 2019-09-30 12:00:54 -07:00
Robert Marsh
8649978a43 C++: add indexes for specific side effects 2019-09-30 12:00:53 -07:00