hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 19:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,371 Commits 1,689 Branches 160 Tags
4075f693bd94d8e7e230ac705403d3a4ebe65615
Commit Graph

48371 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeroen Ketema
4075f693bd C++: Make cpp/path-injection work with use-use dataflow 2022-12-14 13:38:55 +01:00
Mathias Vorreiter Pedersen
973aad5c17 Merge pull request #11677 from jketema/argv-flow-source 
C++: Recognize indirect `argv` accesses as flow sources for use-use dataflow
 2022-12-14 12:36:18 +00:00
Jeroen Ketema
628f92a9fb C++: Fix QL-for-QL warnings 2022-12-13 16:24:55 +01:00
Jeroen Ketema
3be0b3e6c7 C++: Recognize indirect argv accesses as flow sources for use-use dataflow 
This fixes the test regression on `cpp/command-line-injection`.
 2022-12-13 16:18:17 +01:00
Mathias Vorreiter Pedersen
69155cb691 Merge pull request #11664 from jketema/alloca-in-loop-fix 
C++: Fix `cpp/alloca-in-loop` regressions with use-use dataflow
 2022-12-13 11:59:38 +00:00
Jeroen Ketema
b10ed976cc Update cpp/ql/src/Likely Bugs/Memory Management/AllocaInLoop.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-12-13 10:57:34 +01:00
Jeroen Ketema
18dea55071 C++: Fix cpp/alloca-in-loop regressions with use-use dataflow 2022-12-12 19:15:50 +01:00
Jeroen Ketema
b2091e8632 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-12-12 11:40:36 +01:00
Jeroen Ketema
cb1dacfef1 C++: Fix QL-for-QL warnings 2022-12-12 11:23:29 +01:00
Mathias Vorreiter Pedersen
b2fcf87e6a Merge pull request #11638 from jketema/rewrite-tainted-path-v2 
C++: Use `FlowSource` in `cpp/path-injection`
 2022-12-12 10:08:15 +00:00
Chris Smowton
77004f3e15 Merge pull request #11258 from smowton/smowton/feature/kotlin-annotation-extraction 
Kotlin: extract annotations
 2022-12-12 09:52:49 +00:00
Michael Nebel
e0f1b38439 Merge pull request #11580 from michaelnebel/renamenegativemodels 
C#/Java: Rename Negative Summary Model to Neutral Model
 2022-12-12 07:59:06 +01:00
Harry Maclean
6c8896d83f Merge pull request #11337 from hmac/actionmailbox 
Ruby: Model ActionMailbox
 2022-12-12 10:29:23 +13:00
Jeroen Ketema
beb66d027e C++: Use FlowSource in cpp/path-injection 2022-12-10 20:27:56 +01:00
Jeroen Ketema
d5acd310ce Merge pull request #11644 from jketema/lower-case-flow-source-description 
C++: Make all flow source descriptions start with a lower case letter
 2022-12-10 20:23:14 +01:00
Mathias Vorreiter Pedersen
9e7b73ab4a Merge pull request #11645 from MathiasVP/more-caching 2022-12-10 18:04:48 +00:00
Mathias Vorreiter Pedersen
bea67abd64 Merge pull request #11643 from jketema/generalize-argv 2022-12-10 16:03:20 +00:00
Mathias Vorreiter Pedersen
9f9ffef697 C++: Make the Node IPA type private. 2022-12-10 14:51:21 +00:00
Mathias Vorreiter Pedersen
de70cbfee9 C++: Change caching for dataflow. 2022-12-09 23:30:47 +00:00
Jeroen Ketema
ce92ba640a C++: Accept test changes 2022-12-09 23:38:03 +01:00
Jeroen Ketema
9dc2614012 C++: Make all flow source descriptions start with a lower case letter 
In every context where we use the description a lower case letter makes more
sense.
 2022-12-09 23:18:58 +01:00
Jeroen Ketema
1e1974c9fb C++: Add change note 2022-12-09 23:17:36 +01:00
Jeroen Ketema
331fab5ac0 C++: Generalize the ArgvSource flow source 
This matches `isUserInput` and handles cases where `argv` has a different name,
which is allowed.
 2022-12-09 23:12:31 +01:00
Chris Smowton
5282c86158 Apply review feedback 2022-12-09 18:07:14 +00:00
Mathias Vorreiter Pedersen
2ad61df9df Merge pull request #11640 from MathiasVP/local-expr-step-should-step 
C++: Prevent an `Expr` from stepping to itself in IR dataflow
 2022-12-09 17:31:19 +00:00
Mathias Vorreiter Pedersen
52bf39bcf9 C++: Use a 'fastTC' instead of '*' to improve performance. 2022-12-09 14:21:09 +00:00
Mathias Vorreiter Pedersen
a3285653ae C++: Prevent an expression to stepping to itself. 2022-12-09 14:20:27 +00:00
Michael Nebel
4835d14865 Java/C#: Delete the deprecated NeutralModelCsv class. 2022-12-09 15:11:49 +01:00
Ian Lynagh
1bf82cecfa Merge pull request #11602 from igfoo/igfoo/diaglimits 
Kotlin: Improve diagnostic limit message
 2022-12-09 14:05:47 +00:00
Michael Nebel
67732cbfa0 Java: Remove unneeded import for RegenerateModels.py. 2022-12-09 15:04:43 +01:00
Michael Nebel
1a226a15bf C#/Java: Cleanup up printing of generated models. 2022-12-09 15:04:43 +01:00
Michael Nebel
1d103f57a0 C#/Java: Rename CaptureNegativeSummaryModels test to CaptureNeutralModels. 2022-12-09 15:04:43 +01:00
Michael Nebel
2cb88037a4 C#/Java: Rename Negative Summary Model to Neutral Model in conversion and generator tooling. 2022-12-09 15:04:43 +01:00
Michael Nebel
ac2d55880c Go: Rename Negative Summary Model to Neutral Model. 2022-12-09 15:04:43 +01:00
Michael Nebel
d13307e417 Swift: Rename Negative Summary Model to Neutral Model. 2022-12-09 15:04:43 +01:00
Michael Nebel
a14df1ca61 Ruby: Rename Negative Summary Model to Neutral Model. 2022-12-09 15:04:43 +01:00
Michael Nebel
f4f7d83349 Python: Rename Negative Summary Model to Neutral Model. 2022-12-09 15:04:43 +01:00
Michael Nebel
3af00a8f3f Java: Rename Negative Summary Model to Neutral Model. 2022-12-09 15:04:43 +01:00
Michael Nebel
079d48c42a Sync files. 2022-12-09 15:04:42 +01:00
Michael Nebel
ad90e58120 C#: Rename Negative Summary Model to Neutral Model. 2022-12-09 15:04:42 +01:00
Chris Smowton
b8ed3b7dbf Accept annotation test changes 
These are notnull annotations that no longer get inappropriately attached to constructors
 2022-12-09 12:57:20 +00:00
Tamás Vajk
357e460cf2 Merge pull request #11588 from tamasvajk/kotlin-extension-defaults 
Kotlin: Fix extraction of `$default` extension functions
 2022-12-09 13:56:47 +01:00
Mathias Vorreiter Pedersen
7d1f10bc78 Merge pull request #11627 from jketema/getaddrinfo 
C++: Model `getaddrinfo` as flow source
 2022-12-09 12:38:43 +00:00
Chris Smowton
40e902eca9 Look through generic annotation types extracted from Kotlin 2022-12-09 11:52:28 +00:00
Chris Smowton
65dc0dc326 Add dummy extensible predicate definition to integration test 2022-12-09 11:17:37 +00:00
Mathias Vorreiter Pedersen
b9c9f65f0f Merge pull request #11633 from MathiasVP/accept-consistency-failures 
C++: Accept dataflow consistency changes
 2022-12-09 11:03:03 +00:00
Chris Smowton
a161d79cd8 Remove no-longer-needed expected diagnostics 2022-12-09 10:33:06 +00:00
Chris Smowton
93ea433c49 Add missing imports 2022-12-09 10:33:06 +00:00
Chris Smowton
251513c1d3 Format ql 2022-12-09 10:33:06 +00:00
Chris Smowton
78234c52fd Ensure constructors don't get nullability annotations 2022-12-09 10:33:06 +00:00