hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,064 Commits 1,741 Branches 165 Tags
39c5e0d487e2a6c9bf73309dae575d7acbf2eafc
Commit Graph

18064 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
14136154d6 Python: Fix bad join order in TypeTracker::callStep 
From a local evaluation against flask DB, after
https://github.com/github/codeql/pull/4649 was merged we would get:

```
Tuple counts for TypeTracker::callStep#ff/2@a21b71:
9876     ~0%     {3} r1 = SCAN DataFlowPrivate::DataFlowCall::getArg_dispred#fff AS I OUTPUT I.<2>, I.<0>, I.<1>
9876     ~2%     {3} r2 = JOIN r1 WITH project#DataFlowPrivate::DataFlowCall::getArg_dispred#fff AS R ON FIRST 1 OUTPUT r1.<2>, R.<0>, r1.<1>
72388997 ~0%     {4} r3 = JOIN r2 WITH DataFlowPublic::ParameterNode::isParameterOf_dispred#fff_201#join_rhs AS R ON FIRST 1 OUTPUT r2.<2>, R.<2>, r2.<1>, R.<1>
4952     ~0%     {2} r4 = JOIN r3 WITH DataFlowPrivate::DataFlowCall::getCallable_dispred#ff AS R ON FIRST 2 OUTPUT r3.<2>, r3.<3>
                     return r4
```
 2020-11-18 09:17:31 +01:00
Dave Bartolomeo
ab715ec302 Merge pull request #4680 from criemen/printast-performance 
C++: Improve PrintAST performance.
 2020-11-17 23:13:26 -05:00
Aditya Sharad
9a65962912 Merge pull request #4647 from github/codeql-docs-reorg-2 
Update CodeQL docs directory structure
 2020-11-17 11:07:54 -08:00
Cornelius Riemenschneider
a92f7a4563 C++: Include trailing whitespace in Type.getSpecifierString(). 2020-11-17 18:50:34 +01:00
Cornelius Riemenschneider
5c3de06b6d C++: Improve PrintAST performance. 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-11-17 17:47:16 +01:00
Aditya Sharad
b9b6a35564 Merge pull request #4629 from pwntester/improve_bean_validation_query 
Java: add some improvements to the bean validation query
 2020-11-17 08:35:49 -08:00
Mathias Vorreiter Pedersen
52bbb326ca QLDoc: Wrap lines and disambiguate explanation. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
d93d3c8699 C++: Use the getSourceType predicate on RemoteFlowSources for better alert messages. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
d1272d3a79 C++: Use strictcount instead of count. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
4cb25d8e18 C++: Add isParameterDerefOrQualifierObject helper predicate to FunctionInput and FunctionOutput. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
dea16d4d62 QLDoc/C++: Rename {IR}ExternalAPIsUsedWithUntrustedData to {IR}CountUntrustedDataToExternalAPI 2020-11-17 16:23:13 +01:00
Mathias Vorreiter Pedersen
eabc69b98e C++: Autoformat 2020-11-17 16:09:25 +01:00
Matthew Gretton-Dann
62767e7e0d Update expected results for `constinit' support 2020-11-17 14:01:00 +00:00
Mathias Vorreiter Pedersen
5d2b85fcf5 Update cpp/ql/src/semmle/code/cpp/models/implementations/Getenv.qll 
Co-authored-by: hubwriter <hubwriter@github.com>
 2020-11-17 13:02:28 +01:00
Tom Hvitved
7f0ad2d232 Merge pull request #4646 from hvitved/csharp/cfg/post-order-exprs 
C#: Represent all expressions in post-order in the CFG
 2020-11-17 13:01:35 +01:00
Mathias Vorreiter Pedersen
c37093f4bc C++: Add copies of qhelp files for IR. 2020-11-17 12:28:31 +01:00
Mathias Vorreiter Pedersen
3b8580efaf C++: Add qhelp and example files (modeled after the Java examples). 2020-11-17 12:27:53 +01:00
Mathias Vorreiter Pedersen
c3c29b8dd0 C++: Add qldoc to new library files. 2020-11-17 12:27:53 +01:00
Mathias Vorreiter Pedersen
5c9b8f1cff C++: Update sync-identical-files. 2020-11-17 12:27:53 +01:00
Mathias Vorreiter Pedersen
5ad18eb748 C++: Add ExternalAPI query files (for AST and IR). 2020-11-17 12:27:40 +01:00
Jonas Jensen
55a38803cb Merge pull request #4673 from MathiasVP/ir-post-dominance 
C++: IR post dominance
 2020-11-17 09:35:51 +01:00
Tamás Vajk
f2259de5f1 Merge pull request #4666 from tamasvajk/feature/roslyn-3.8.0 
C#: Upgrade Roslyn dependencies to 3.8.0
 2020-11-17 08:59:55 +01:00
Rasmus Lerchedahl Petersen
71830abda0 Python: remaining c# tests, except lambdas 
both via nonlocal and via dict
 2020-11-17 08:28:11 +01:00
Mathias Vorreiter Pedersen
057bb14eee C++: Add ExternalAPI library files (for AST and IR). 2020-11-16 22:59:54 +01:00
Robert Marsh
a94826dc81 C++: common superclass for Remote/LocalFlowSource 2020-11-16 18:05:17 +01:00
Robert Marsh
31d3e94cec C++: Grammar/style fixes from code review 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-11-16 18:03:44 +01:00
Robert Marsh
74e05c111e C++: add local flow sources 2020-11-16 18:02:19 +01:00
Rasmus Lerchedahl Petersen
27b4c67b9f Python: Start of tests for captured variables 2020-11-16 17:25:39 +01:00
Tamas Vajk
8bef5f417e C#: Upgrade Roslyn dependencies to 3.8.0 2020-11-16 16:44:14 +01:00
Mathias Vorreiter Pedersen
27aab4062a C++/C#: Sync identical files. 2020-11-16 15:05:59 +01:00
Mathias Vorreiter Pedersen
088d5863fc C++: Implement IR post-dominance predicates. 2020-11-16 15:04:40 +01:00
Anders Schack-Mulligen
4be731d2ab Java: Adjust reference to static method and add test. 2020-11-16 11:47:58 +01:00
Anders Schack-Mulligen
80ee92ae97 Java: Add support for FastJson in unsafe deserialization. 2020-11-16 11:47:58 +01:00
CodeQL CI
09cfb24afa Merge pull request #4648 from erik-krogh/regexpParse 
Approved by asgerf
 2020-11-16 08:20:40 +00:00
CodeQL CI
13edc3713d Merge pull request #4638 from erik-krogh/jwt 
Approved by asgerf
 2020-11-16 08:19:58 +00:00
james
45a3024440 Merge branch 'codeql-docs-reorg-2' of github.com:github/codeql into codeql-docs-reorg-2 2020-11-15 08:35:51 +00:00
james
8262435d4b further changes following review 2020-11-15 08:33:52 +00:00
James Fletcher
a4a47bf88d Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-11-15 08:31:40 +00:00
james
52d6503fe0 fix link to cli manual 2020-11-13 16:54:05 +00:00
Jonas Jensen
8bb9e8a4af Merge pull request #4592 from geoffw0/varnotused 
C++: Work around two false positive issues with the UnusedLocals.ql query
 2020-11-13 14:53:58 +01:00
yoff
f7361cae31 Merge pull request #4667 from RasmusWL/python-add-code-snippets 
Python: Add code snippets for VS Code
 2020-11-13 13:48:37 +01:00
Rasmus Wriedt Larsen
9f1d8cd1bb Python: Convert indentation to spaces for VS Code snippets 2020-11-13 13:05:23 +01:00
Rasmus Wriedt Larsen
5200af5244 Python: Add code snippets for VS Code 
Notice that in this form, the filename doesn't matter, and you need to specify
`scope` to limit the snippet to only trigger for `ql`.
 2020-11-13 10:57:17 +01:00
Tom Hvitved
708fca4a2f C#: Update ConstantCondition.ql 2020-11-13 10:23:09 +01:00
Erik Krogh Kristensen
7f68b07665 Merge branch 'main' into regexpParse 2020-11-13 09:33:16 +01:00
Tamás Vajk
19fac60e6d Merge pull request #4661 from tamasvajk/feature/fix-var-decl-type-mention 
C#: Fix parent of 'TypeMention' for some variable declaration
 2020-11-13 09:08:21 +01:00
Erik Krogh Kristensen
7cf7a44fda autoformat 2020-11-12 22:33:00 +01:00
Erik Krogh Kristensen
49be7e959f Merge branch 'main' into jwt 2020-11-12 21:36:09 +01:00
Erik Krogh Kristensen
99d03bab24 only flag the secret key in JWT 2020-11-12 21:36:05 +01:00
Tom Hvitved
94deed39a2 C#: Represent all expressions in post-order in the CFG 2020-11-12 20:04:48 +01:00