hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
44,806 Commits 1,672 Branches 157 Tags
38a3476d37e61bb452c2bc0e8702aecd33ffad12
Commit Graph

2091 Commits

Author SHA1 Message Date
Asger F
38a3476d37 Ruby: add local field step to type tracking 
fixup local field steps
 2022-10-11 09:03:51 +02:00
Asger F
d55925d8d4 Ruby: support splat type-tracking step 2022-10-11 09:03:51 +02:00
Erik Krogh Kristensen
8cc52a4b55 Merge pull request #10704 from erik-krogh/rbMeta 
RB: add some more meta queries for Ruby evaluations
 2022-10-10 14:57:37 +02:00
Tom Hvitved
60fe370f2a Merge pull request #10744 from hvitved/dataflow/has-flow-to-no-fast-tc 
Data flow: Avoid call to `pathSuccPlus` in `Configuration::hasFlowTo(Expr)`
 2022-10-10 14:02:39 +02:00
Tom Hvitved
099251a30a Merge pull request #10741 from hvitved/ruby/no-full-fast-tc 
Ruby: Avoid computing full `fastTC` for `AstNode::getParent`
 2022-10-10 14:01:56 +02:00
erik-krogh
38c17c5d0c Merge branch 'main' into rbMeta 2022-10-10 12:22:56 +02:00
Tom Hvitved
efa6b3c0c6 Ruby: Cache uses of DataFlowImplForHttpClientLibraries 2022-10-09 19:59:56 +02:00
Tom Hvitved
9f34bf80fd Ruby: Cache use of DataFlowImplForPathname 2022-10-09 19:59:05 +02:00
Tom Hvitved
296ec94a2a Data flow: Sync files 2022-10-09 19:48:45 +02:00
Tom Hvitved
d1c8c40c17 Data flow: Avoid call to pathSuccPlus in Configuration::hasFlowTo(Expr) 2022-10-09 19:48:44 +02:00
Tom Hvitved
02192acd5f Ruby: Avoid computing full fastTC for AstNode::getParent 
DIL before
```
                                                   /* AST::AstNode */ AST#87953007::Cached::TAstNode result) =
  fastTC(AST#a6718388::AstNode::getAChild#0#dispred#ff/2)
.

Synthesis#d9ff06b1::Desugared::getADescendant#0#dispred#ff(/* Synthesis::Desugared */ AST#87953007::Cached::TAstNode this,
                                                           /* AST::AstNode */ AST#87953007::Cached::TAstNode result)
:-
  (
    exists(int arg1,
           /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
      arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, this)
    ),
    result = this
  );
  (
    exists(int arg1,
           /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
      arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, this)
    ),
    #AST#a6718388::AstNode::getAChild#0#dispredPlus#ff(this, result)
  )
.
```

DIL after
```
incremental
Synthesis#d9ff06b1::Desugared::getADescendant#ff(/* Synthesis::Desugared */ AST#87953007::Cached::TAstNode this,
                                                 /* AST::AstNode */ AST#87953007::Cached::TAstNode result)
:-
  (
    exists(int arg1,
           /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
      arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, this)
    ),
    result = this
  );
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode call_result#2 |
    exists(int arg1,
           /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
      arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, this)
    ),
    rec Synthesis#d9ff06b1::Desugared::getADescendant#ff(this, call_result#2),
    exists(cached dontcare string _ |
      AST#a6718388::AstNode::getAChild#1#dispred(call_result#2, _, result)
    )
  )
| [base_case]
  exists(int arg1, /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
    arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, this)
  ),
  result = this
| [delta_order]
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode call_result#2 |
    exists(int arg1,
           /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
      arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, this)
    ),
    delta previous rec Synthesis#d9ff06b1::Desugared::getADescendant#ff(this,
                                                                        call_result#2),
    project#AST#a6718388::AstNode::getAChild#1#dispred(call_result#2, result)
  ),
  not(
    previous rec Synthesis#d9ff06b1::Desugared::getADescendant#ff(this, result)
  )
| [delta_order_up_to_500000]
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode call_result#2 |
    delta previous rec Synthesis#d9ff06b1::Desugared::getADescendant#ff(this,
                                                                        call_result#2),
    exists(int arg1,
           /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
      arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, this)
    ),
    project#AST#a6718388::AstNode::getAChild#1#dispred(call_result#2, result)
  ),
  not(
    previous rec Synthesis#d9ff06b1::Desugared::getADescendant#ff(this, result)
  )
.
```
 2022-10-09 11:12:24 +02:00
Tom Hvitved
d39b0fd3f4 Ruby: Avoid computing full fastTC for AstNode::getParent 
DIL before
```
                                                   /* AST::AstNode */ AST#87953007::Cached::TAstNode result) =
  fastTC(AST#a6718388::AstNode::getAChild#0#dispred#ff/2)
.

Synthesis#d9ff06b1::isInDesugaredContext#1#f(/* AST::AstNode */ unique AST#87953007::Cached::TAstNode n)
:-
  exists(int arg1, /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
    arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, n)
  );
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode call_result#2 |
    exists(int arg1,
           /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
      arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, call_result#2)
    ),
    #AST#a6718388::AstNode::getAChild#0#dispredPlus#ff(call_result#2, n)
  )
.
```

DIL after
```
incremental
Synthesis#d9ff06b1::isInDesugaredContext#1#f(/* AST::AstNode */ unique AST#87953007::Cached::TAstNode n)
:-
  exists(int arg1, /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
    arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, n)
  );
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode any#expr##2 |
    rec Synthesis#d9ff06b1::isInDesugaredContext#1#f(any#expr##2),
    exists(cached dontcare string _ |
      AST#a6718388::AstNode::getAChild#1#dispred(any#expr##2, _, n)
    )
  )
| [base_case]
  exists(int arg1, /* AST::AstNode */ dontcare AST#87953007::Cached::TAstNode _ |
    arg1 = -1, AST#87953007::Cached::getSynthChild#2(_, arg1, n)
  )
| [delta_order]
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode any#expr##2 |
    delta previous rec Synthesis#d9ff06b1::isInDesugaredContext#1#f(any#expr##2),
    project#AST#a6718388::AstNode::getAChild#1#dispred(any#expr##2, n)
  ),
  not(previous rec Synthesis#d9ff06b1::isInDesugaredContext#1#f(n))
.
``
 2022-10-09 11:11:48 +02:00
Tom Hvitved
262a74d03d Ruby: Avoid computing full fastTC for AstNode::getParent 
DIL before
```
                                                   /* AST::AstNode */ AST#87953007::Cached::TAstNode result) =
  fastTC(AST#a6718388::AstNode::getAChild#0#dispred#ff/2)
.

Completion#445d5844::mayRaise#1#f(/* Call::Call */ unique AST#87953007::Cached::TAstNode c)
:-
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode call_result#2 |
    exists(/* ControlFlowGraphImpl::Trees::BodyStmtTree */ AST#87953007::Cached::TAstNode bst |
      (
        (
          project#Expr#6fb2af19::BodyStmt::getRescue#1#dispred#fff(bst),
          ControlFlowGraphImpl#288ae92e::Trees::BodyStmtTree#class#f(bst)
        );
        (
          exists(/* Expr::StmtSequence */ dontcare AST#87953007::Cached::TAstNode _ |
            Expr#6fb2af19::BodyStmt::getEnsure#0#dispred#ff(bst, _)
          ),
          ControlFlowGraphImpl#288ae92e::Trees::BodyStmtTree#class#f(bst)
        )
      ),
      ControlFlowGraphImpl#288ae92e::Trees::BodyStmtTree#class#f(bst),
      project#ControlFlowGraphImpl#288ae92e::Trees::StmtSequenceTree::getBodyChild#2#dispred#ffff(bst,
                                                                                                  call_result#2)
    ),
    (
      (c = call_result#2, Call#841c84e8::Call#f(c));
      (
        #AST#a6718388::AstNode::getAChild#0#dispredPlus#ff(call_result#2, c),
        Call#841c84e8::Call#f(c)
      )
    )
  )
.
```

DIL after
```
incremental
Completion#445d5844::getARescuableBodyChild#0#f(/* AST::AstNode */ unique AST#87953007::Cached::TAstNode result)
:-
  exists(/* ControlFlowGraphImpl::Trees::BodyStmtTree */ AST#87953007::Cached::TAstNode bst |
    (
      (
        exists(dontcare int _,
               /* Expr::RescueClause */ dontcare AST#87953007::Cached::TAstNode _1 |
          Expr#6fb2af19::BodyStmt::getRescue#1#dispred#fff(bst, _, _1)
        ),
        ControlFlowGraphImpl#288ae92e::Trees::BodyStmtTree#class#f(bst)
      );
      (
        exists(/* Expr::StmtSequence */ dontcare AST#87953007::Cached::TAstNode _ |
          Expr#6fb2af19::BodyStmt::getEnsure#0#dispred#ff(bst, _)
        ),
        ControlFlowGraphImpl#288ae92e::Trees::BodyStmtTree#class#f(bst)
      )
    ),
    ControlFlowGraphImpl#288ae92e::Trees::BodyStmtTree#class#f(bst),
    exists(boolean arg2, dontcare int _ |
      arg2 = true,
      ControlFlowGraphImpl#288ae92e::Trees::StmtSequenceTree::getBodyChild#2#dispred#ffff(bst,
                                                                                          _,
                                                                                          arg2,
                                                                                          result)
    )
  );
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode call_result#5 |
    rec Completion#445d5844::getARescuableBodyChild#0#f(call_result#5),
    exists(cached dontcare string _ |
      AST#a6718388::AstNode::getAChild#1#dispred(call_result#5, _, result)
    )
  )
| [base_case]
  exists(/* ControlFlowGraphImpl::Trees::BodyStmtTree */ AST#87953007::Cached::TAstNode bst |
    (
      (
        project#Expr#6fb2af19::BodyStmt::getRescue#1#dispred#fff(bst),
        ControlFlowGraphImpl#288ae92e::Trees::BodyStmtTree#class#f(bst)
      );
      (
        exists(/* Expr::StmtSequence */ dontcare AST#87953007::Cached::TAstNode _ |
          Expr#6fb2af19::BodyStmt::getEnsure#0#dispred#ff(bst, _)
        ),
        ControlFlowGraphImpl#288ae92e::Trees::BodyStmtTree#class#f(bst)
      )
    ),
    ControlFlowGraphImpl#288ae92e::Trees::BodyStmtTree#class#f(bst),
    project#ControlFlowGraphImpl#288ae92e::Trees::StmtSequenceTree::getBodyChild#2#dispred#ffff(bst,
                                                                                                result)
  )
| [delta_order]
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode call_result#5 |
    delta previous rec Completion#445d5844::getARescuableBodyChild#0#f(call_result#5),
    project#AST#a6718388::AstNode::getAChild#1#dispred(call_result#5, result)
  ),
  not(previous rec Completion#445d5844::getARescuableBodyChild#0#f(result))
.
```
 2022-10-09 11:10:39 +02:00
Tom Hvitved
d707c526e5 Ruby: Avoid computing full fastTC for AstNode::getParent 
DIL before
```
                                  /* AST::AstNode */ AST#87953007::Cached::TAstNode result) =
  fastTC(Module#fe82a56b::parent#1#ff/2)
.

Module#fe82a56b::enclosingModule#1#ff(/* AST::AstNode */ AST#87953007::Cached::TAstNode node,
                                      /* Module::ModuleBase */ AST#87953007::Cached::TAstNode result)
:-
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode call_result#2 |
    Module#2a43f566::ModuleBase#f(result),
    project#AST#a6718388::AstNode::getAChild#1#dispred(result, call_result#2),
    (
      node = call_result#2;
      #Module#fe82a56b::parent#1Plus#ff(node, call_result#2)
    )
  )
.
```

DIL after
```
incremental
Module#fe82a56b::enclosingModule#1#ff(/* AST::AstNode */ AST#87953007::Cached::TAstNode node,
                                      /* Module::ModuleBase */ AST#87953007::Cached::TAstNode result)
:-
  (
    Module#2a43f566::ModuleBase#f(result),
    exists(cached dontcare string _ |
      AST#a6718388::AstNode::getAChild#1#dispred(result, _, node)
    )
  );
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode mid |
    Module#2a43f566::ModuleBase#f(result),
    rec Module#fe82a56b::enclosingModule#1#ff(mid, result),
    not(Module#2a43f566::ModuleBase#f(mid)),
    not(Method#8b49e67f::Block#f(mid)),
    exists(cached dontcare string _ |
      AST#a6718388::AstNode::getAChild#1#dispred(mid, _, node)
    )
  )
| [base_case]
  Module#2a43f566::ModuleBase#f(result),
  project#AST#a6718388::AstNode::getAChild#1#dispred(result, node)
| [delta_order]
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode mid |
    Module#2a43f566::ModuleBase#f(result),
    delta previous rec Module#fe82a56b::enclosingModule#1#ff(mid, result),
    not(Module#2a43f566::ModuleBase#f(mid)),
    not(Method#8b49e67f::Block#f(mid)),
    project#AST#a6718388::AstNode::getAChild#1#dispred(mid, node)
  ),
  not(previous rec Module#fe82a56b::enclosingModule#1#ff(node, result))
| [delta_order_up_to_500000]
  exists(/* AST::AstNode */ AST#87953007::Cached::TAstNode mid |
    delta previous rec Module#fe82a56b::enclosingModule#1#ff(mid, result),
    Module#2a43f566::ModuleBase#f(result),
    not(Module#2a43f566::ModuleBase#f(mid)),
    not(Method#8b49e67f::Block#f(mid)),
    project#AST#a6718388::AstNode::getAChild#1#dispred(mid, node)
  ),
  not(previous rec Module#fe82a56b::enclosingModule#1#ff(node, result))
.
```
 2022-10-09 11:10:33 +02:00
Dave Bartolomeo
5ee7986649 Merge pull request #10736 from github/post-release-prep/codeql-cli-2.11.1 
Post-release preparation for codeql-cli-2.11.1
 2022-10-07 14:23:31 -04:00
github-actions[bot]
b8ef9e0ddc Post-release preparation for codeql-cli-2.11.1 2022-10-07 15:59:45 +00:00
Nick Rolfe
a6674a5313 Ruby: fix uses of deprecated class name 2022-10-07 13:17:05 +01:00
Tom Hvitved
b065d2d3ab Merge pull request #10705 from hvitved/ruby/singleton-overrides 
Ruby: Take overrides into account for singleton methods defined on modules
 2022-10-07 13:33:59 +02:00
erik-krogh
5d9c68c962 remove the taint-steps meta query 2022-10-07 13:21:24 +02:00
Harry Maclean
75cb0efecb Merge pull request #10538 from hmac/hmac/actioncontroller-parameters 
Ruby: Model flow through ActionController::Parameters
 2022-10-07 22:21:40 +13:00
Tom Hvitved
69fc59930f Ruby: Add ql doc to lookupSingletonMethod 2022-10-07 10:55:30 +02:00
github-actions[bot]
a02dcdc5e1 Release preparation for version 2.11.1 2022-10-07 02:20:28 +00:00
erik-krogh
c1fae91a1f have rb/meta/taint-steps print only one for each file, to limit the size of the output 2022-10-06 15:19:11 +02:00
Henry Mercer
7a7d164b07 Merge pull request #10698 from github/henrymercer/successfully-extracted-files-tag 
Tag successfully extracted files queries
 2022-10-06 13:21:52 +01:00
erik-krogh
169965cfb9 make rb/meta/taint-steps into a @kind problem query 2022-10-06 13:28:10 +02:00
Tom Hvitved
48bdf13c89 Ruby: Take overrides into account for singleton methods defined on modules 2022-10-06 11:56:26 +02:00
Tom Hvitved
7608276397 Ruby: Add more call graph tests 2022-10-06 10:38:02 +02:00
erik-krogh
db056aae1b add some more meta queries for Ruby evaluations 2022-10-06 10:14:28 +02:00
Tom Hvitved
0e6735b804 Merge pull request #10691 from hvitved/dataflow/conjunctive-clears 
Data flow: Take conjunctive `With(out)Contents` into account in `prohibitsUseUseFlow`
 2022-10-06 09:03:30 +02:00
Henry Mercer
d80d39504f Tag successfully extracted files queries 
Tag the successfully extracted files queries with
`successfully-extracted-files` to make them easier to identify
programmatically in a language-independent way.
This follows the prior art for lines of code queries, which are tagged
`lines-of-code`.
 2022-10-05 19:19:43 +01:00
Asger F
387e57546b Merge pull request #10650 from asgerf/rb/summarize-more 
Ruby: more type-tracking steps
 2022-10-05 19:16:56 +02:00
Tom Hvitved
0beea9fd1a Fix typos 2022-10-05 15:54:52 +02:00
Asger F
decd4c93c7 Ruby: update type tracking test 2022-10-05 15:15:52 +02:00
Asger F
c9c36985b2 Ruby: address review comments 2022-10-05 14:59:37 +02:00
Arthur Baars
6509c19aad Merge pull request #10692 from aibaars/fix-splats 
Ruby: fix CFG and toString for anonymous '*' and '**'
 2022-10-05 13:25:29 +02:00
Tom Hvitved
3f0f16afc4 Ruby: Update flow summary for Hash#except 2022-10-05 12:58:29 +02:00
Tom Hvitved
e51c20bfc7 Data flow: Take conjunctive With(out)Contents into account in prohibitsUseUseFlow 2022-10-05 12:58:29 +02:00
Arthur Baars
a080f498be Ruby: fix CFG and toString for anonymous '*' and '**' 2022-10-05 11:50:37 +02:00
Tom Hvitved
9d23742ed6 Ruby: Add test that illustrates issue with conjunctive WithoutContents 2022-10-05 11:26:23 +02:00
Asger F
f664a77a02 Ruby: ensure Hash flow works again 2022-10-05 11:07:55 +02:00
Arthur Baars
4ff85d5275 Ruby: add test case 2022-10-05 10:57:53 +02:00
Nick Rolfe
525fe12671 Merge pull request #10585 from github/nickrolfe/libxml-xxe 
Ruby: detect uses of LibXML with entity substitution enabled by default
 2022-10-05 09:51:39 +01:00
Asger F
7cf969f9c8 Ruby: remove mention of PairValueContent 2022-10-05 10:32:09 +02:00
Asger F
6f74a52542 Merge branch 'main' into rb/summarize-more 2022-10-05 09:55:23 +02:00
Asger F
8b7ec20573 Merge branch 'main' into rb/summarize-more 2022-10-05 09:43:52 +02:00
Tom Hvitved
1496c4f0e2 Merge pull request #10686 from hvitved/ruby/remove-value-pair-content 
Ruby: Remove `PairValueContent`
 2022-10-05 09:41:14 +02:00
Asger F
93e8434e08 Ruby: fix content restriction in type trackers 2022-10-05 09:36:42 +02:00
Asger F
f5f351e26c Ruby: make flowsToLoadStoreStep private 2022-10-05 09:35:11 +02:00
Asger F
a9a99c5b18 Ruby: nomagic on unary hasAdjacentTypeCheckedReads 2022-10-05 09:34:36 +02:00
Asger F
4c19d2d71e Ruby: make getAStaticHashCall private again 2022-10-05 09:32:56 +02:00