hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-03 09:40:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,205 Commits 1,673 Branches 157 Tags
441fbe32154b93702eaba6c8ad23658aaa0812fc
Commit Graph

16205 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
441fbe3215 Add Java test file for sign analysis 2020-09-21 15:07:09 +02:00
Anders Schack-Mulligen
4a3118b13e Merge pull request #4246 from RasmusWL/java-fix-ssa-varBlockReaches 
Java: Minor fixup for SSA AdjacentUsesImpl::varBlockReaches
 2020-09-21 13:28:20 +02:00
CodeQL CI
016e6d2001 Merge pull request #4275 from erik-krogh/CVE760-indirect 
Approved by esbena
 2020-09-21 04:09:51 -07:00
Rasmus Wriedt Larsen
233dd43635 Java: Port varBlockReaches fix to BaseSSA.qll 2020-09-21 12:11:25 +02:00
Erik Krogh Kristensen
9e7a1934ea add express and HTTP to change-notes 2020-09-21 10:45:43 +02:00
Erik Krogh Kristensen
4dfc0680e2 support non SourceNode receiver for partialInvoke in routeHandlerStep 2020-09-21 10:42:19 +02:00
Erik Krogh Kristensen
4cde48cfb8 change comma to dot in qldoc 2020-09-21 10:23:21 +02:00
Erik Krogh Kristensen
edebbd640e revert change to return-type 2020-09-21 10:18:22 +02:00
Erik Krogh Kristensen
6c050d3160 revert change of return-type 2020-09-20 22:21:42 +02:00
Erik Krogh Kristensen
ae228cb5b2 move new predicates to a more fitting location 2020-09-20 22:15:03 +02:00
Erik Krogh Kristensen
5fd4c7a422 use PartialInvokeNode 2020-09-20 22:06:48 +02:00
Erik Krogh Kristensen
bef09254ee rename forwardingCall to isAForwardingRouteHandlerCall 2020-09-20 21:59:33 +02:00
Erik Krogh Kristensen
62332121b2 remove getNumParameter constraint 2020-09-20 21:57:55 +02:00
Erik Krogh Kristensen
3aaa2d11a7 rename decoratedRouteHandler to isDecoratedCall 2020-09-20 21:54:56 +02:00
Tom Hvitved
d867172d27 Merge pull request #4300 from hvitved/csharp/runtime-checks-bypass-bad-magic 
C#: Avoid bad magic in `RuntimeChecksBypass.ql`
 2020-09-18 19:40:34 +02:00
Tom Hvitved
dff9f8264b Merge pull request #4296 from hvitved/csharp/useless-upcast-nomagic 
C#: Avoid bad magic in `UselessUpcast.ql`
 2020-09-18 16:24:20 +02:00
Anders Schack-Mulligen
b3bf570fb7 Merge pull request #4301 from lcartey/java/update-cwe-claims 
Java: Update some CWE claims
 2020-09-18 16:08:40 +02:00
Mathias Vorreiter Pedersen
b4edbe4773 Merge pull request #4298 from MathiasVP/field-conflation-with-array-content 
C++: Add test demonstrating field conflation after merging #4230
 2020-09-18 15:16:33 +02:00
Anders Schack-Mulligen
4f9d2f118d Merge pull request #4288 from joefarebrother/printAST-java 
Java: Add a container node for Imports in the PrintAst view
 2020-09-18 14:17:26 +02:00
Tom Hvitved
aac2e0ebfb C#: Avoid bad magic in RuntimeChecksBypass.ql 
Before:

```
[2020-09-18 14:03:57] (2587s) Tuple counts for RuntimeChecksBypass::uncheckedWrite#bbf#antijoin_rhs#1:
                      1270       ~8%     {2} r1 = SCAN RuntimeChecksBypass::uncheckedWrite#bbf#shared AS I OUTPUT I.<1>, I.<0>
                      188197390  ~0%     {3} r2 = JOIN r1 WITH #Callable::Callable::calls_dispred#bfPlus AS R ON FIRST 1 OUTPUT R.<1>, r1.<1>, r1.<0>
                      2425784042 ~1%     {3} r3 = JOIN r2 WITH Expr::Expr::getEnclosingCallable_dispred#ff_10#join_rhs AS R ON FIRST 1 OUTPUT r2.<1>, R.<1>, r2.<2>
                      58         ~9%     {2} r4 = JOIN r3 WITH project#RuntimeChecksBypass::checkedWrite#bfff AS R ON FIRST 2 OUTPUT r3.<0>, r3.<2>
                                         return r4
```

After:

```
[2020-09-18 14:08:48] (5s) Tuple counts for RuntimeChecksBypass::uncheckedWrite#fff#antijoin_rhs:
                      24704473 ~2%      {2} r1 = SCAN DataFlowPublic::localExprFlow#ff AS I OUTPUT I.<1>, I.<0>
                      23784154 ~6%      {4} r2 = JOIN r1 WITH Expr::Expr::getEnclosingCallable_dispred#ff AS R ON FIRST 1 OUTPUT r1.<1>, 28, R.<0>, R.<1>
                      201391   ~2%      {2} r3 = JOIN r2 WITH expressions AS R ON FIRST 2 OUTPUT r2.<2>, r2.<3>
                      23784154 ~0%      {3} r4 = JOIN r1 WITH Expr::Expr::getEnclosingCallable_dispred#ff AS R ON FIRST 1 OUTPUT r1.<1>, R.<0>, R.<1>
                      1065242  ~20%     {2} r5 = JOIN r4 WITH expr_value AS R ON FIRST 1 OUTPUT r4.<1>, r4.<2>
                      1266633  ~16%     {2} r6 = r3 \/ r5
                                        return r6
```
 2020-09-18 14:15:30 +02:00
Jonas Jensen
6463a94258 Merge pull request #4297 from github/igfoo/compileTimeConstantInt 
C++: Improve `compileTimeConstantInt`
 2020-09-18 13:58:16 +02:00
lcartey@github.com
2c6f587ee9 Java: Add coverage claim for CWE 193 (off by one) 2020-09-18 12:51:24 +01:00
lcartey@github.com
39200566c3 Java: Update CWE claims for XXE. 
This matches the claims in the C# equivalent.
 2020-09-18 12:30:52 +01:00
Mathias Vorreiter Pedersen
b40941b89c C++: Add test demonstrating field conflation after merging #4230 2020-09-18 13:23:23 +02:00
Tom Hvitved
4090859207 C#: Avoid bad magic in UselessUpcast.ql 2020-09-18 12:14:52 +02:00
Joe
3258134098 Java: Remove superfluous conjunct 2020-09-18 10:41:06 +01:00
lcartey@github.com
32f43a84be Java: Add CWE 564 (SQL Injection: Hibernate) 2020-09-18 10:20:21 +01:00
Jonas Jensen
c67605f15c Merge pull request #4230 from MathiasVP/mathiasvp/array-field-flow 
C++: Replace `field -> object` taint rule with `ArrayContent` dataflow
 2020-09-18 10:56:51 +02:00
Mathias Vorreiter Pedersen
8c615ece8a Merge pull request #4292 from MathiasVP/mathiasvp/cache-simpleLocalFlowStep 
C++: Cache simpleLocalFlowStep instead of simpleInstructionLocalFlowStep
 2020-09-18 10:18:21 +02:00
Mathias Vorreiter Pedersen
3ef6e8a580 Merge pull request #4283 from geoffw0/stringstream4 
C++: Model getline
 2020-09-18 10:17:47 +02:00
Erik Krogh Kristensen
0b16f81f8b improve performance by using RouteHandlerCandidate 2020-09-18 09:29:13 +02:00
Erik Krogh Kristensen
b4e75bf567 update expected output 2020-09-18 09:29:13 +02:00
Erik Krogh Kristensen
1f95311342 further loosen the RouteHandlerCandidate heuristic 2020-09-18 09:29:13 +02:00
Erik Krogh Kristensen
3eaa56ed60 support containers with decorated route handlers 2020-09-18 09:29:08 +02:00
Erik Krogh Kristensen
c087e94d47 add additional indirect route-handler steps 2020-09-18 09:26:33 +02:00
Erik Krogh Kristensen
02c1d689e4 support indirect route-handlers for NodeJS 2020-09-18 09:26:33 +02:00
Erik Krogh Kristensen
dafcd59148 add another indirect route-handler test 2020-09-18 09:26:33 +02:00
Erik Krogh Kristensen
43e5c0212c add basic support for indirect route handlers 2020-09-18 09:26:33 +02:00
Mathias Vorreiter Pedersen
c6ff805a07 C++: Cache simpleLocalFlowStep instead of simpleInstructionLocalFlowStep 2020-09-17 21:13:02 +02:00
Robert Marsh
3d07ba9d0b Merge pull request #4290 from MathiasVP/mathiasvp/fix-join-order-in-single-field-flow 
C++: Fix bad join order introduced by #4270
 2020-09-17 14:52:59 -04:00
Mathias Vorreiter Pedersen
8e1d9e0996 C++: Fix bad join order introduced by #4270 2020-09-17 19:23:01 +02:00
Joe
2da6234317 Java: Fix QLDoc 2020-09-17 17:31:24 +01:00
Joe
6d0df7cb3a Java: Add a container node for Imports in the PrintAst view 2020-09-17 17:29:36 +01:00
Ian Lynagh
c7b6374e55 C++: Improve compileTimeConstantInt 
It is possible for the frontend to make
    (bool)e
where e has a constant value 0, but the (implicit) cast has no constant
value. This was causing us to not understand assume(0) correctly.

Now compileTimeConstantInt will handle casts itself if necessary.
 2020-09-17 14:51:50 +01:00
Geoffrey White
5cc11f1c44 C++: Additional model for 'this' flow through chains. 2020-09-17 14:12:30 +01:00
Geoffrey White
73399cb5f7 C++: Model GetLine. 2020-09-17 14:05:43 +01:00
Geoffrey White
2c15e6f934 C++: Add test cases. 2020-09-17 13:43:07 +01:00
Mathias Vorreiter Pedersen
63afe1da78 Merge pull request #4276 from geoffw0/stringstream3 
C++: More stringstream models.
 2020-09-17 14:19:52 +02:00
Geoffrey White
4d6125841d C++: Clean up multiply defined functions. 2020-09-17 11:48:26 +01:00
Geoffrey White
c17ae3ad6c C++: Correct dataflow for return (*this). 2020-09-17 11:34:10 +01:00