hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,882 Commits 1,741 Branches 165 Tags
4617940eeebfcbbe6e033bad935507e68ff3fc89
Commit Graph

9882 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Marsh
4617940eee Merge branch 'master' into connect-ir-dataflow-models 2020-01-30 08:49:42 -08:00
Robert Marsh
b2a87f64eb Merge pull request #2696 from dbartol/dbartol/Indirections 
C++/C#: Alias analysis of indirect parameters
 2020-01-30 11:43:26 -05:00
yo-h
dd517a433a Merge pull request #2671 from aschackmull/java/null-flow 
Java: Allow null literals as sources in data flow.
 2020-01-30 09:47:46 -05:00
Taus
b89273402d Merge pull request #2701 from RasmusWL/python-modernise-metrics 
Python: modernise import related queries
 2020-01-30 14:37:39 +01:00
semmle-qlci
3158b8401a Merge pull request #2705 from erik-krogh/CVE75 
Approved by asgerf
 2020-01-30 13:07:05 +00:00
semmle-qlci
120b50f497 Merge pull request #2708 from asger-semmle/js/react-flow-through-imports 
Approved by esbena
 2020-01-30 13:05:07 +00:00
Jonas Jensen
d0ac846cac Merge pull request #2721 from aschackmull/java/taintgetter-changenote 
Java/C++/C#: Add change note for taint-getters.
 2020-01-30 11:42:37 +01:00
Jonas Jensen
148e87c61d C++: Put AliasedSSA.qll in new qlformat style 2020-01-30 11:38:16 +01:00
Anders Schack-Mulligen
b7a8d0e903 Apply suggestions from code review 
Co-Authored-By: Jonas Jensen <jbj@github.com>
 2020-01-30 10:41:13 +01:00
Jonas Jensen
f0f752844e Merge remote-tracking branch 'upstream/master' into dbartol/Indirections 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll
	csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/internal/AliasAnalysis.qll
 2020-01-30 10:26:44 +01:00
Jonas Jensen
c4d2163321 Merge pull request #2673 from aschackmull/ql/autoformat-comparisonterm 
Java/C++/C#: Autoformat comparison terms
 2020-01-30 08:47:50 +01:00
Dave Bartolomeo
790cbf0d6b C#: Fix bad merge 2020-01-29 17:32:15 -07:00
Dave Bartolomeo
6249446ba0 Merge remote-tracking branch 'upstream/master' into dbartol/Indirections 2020-01-29 17:29:44 -07:00
Dave Bartolomeo
46c414b53f C++: Document regular expressions in InlineExpectationsTest 2020-01-29 13:24:55 -07:00
Dave Bartolomeo
1277881294 C++: Document InlineExpectationsTest 2020-01-29 13:07:34 -07:00
Robert Marsh
37570c7750 Merge pull request #2676 from jbj/dataflow-partial-chi 
C++: data flow through partial chi operands where type is known
 2020-01-29 13:44:06 -05:00
Jonas Jensen
52d2bebd1c C++: Taint through most partial chi operands 
This changes the flow to be taint rather than data flow, and it extends
it to include chi instructions with unknown type as long as they're not
for the `AliasedVirtualVariable`.

We're losing three good test results because these tests are not
affected by `DefaultTaintTracking.qll`. The taint step added here can
later be ported to `TaintTrackingUtil.qll` to recover these results, but
we probably want a better API than transitive-closure search through
instructions before doing that.
 2020-01-29 18:02:03 +01:00
Geoffrey White
f673791fe8 Merge pull request #2717 from jbj/DefaultTaintTracking-memcpy 
C++: Add taint from gets through memcpy
 2020-01-29 16:28:45 +00:00
Mathias Vorreiter Pedersen
bbb0e212e3 Merge pull request #2720 from jbj/taint-diff-import 
C++: Always use the old library for the diff test
 2020-01-29 17:20:31 +01:00
Anders Schack-Mulligen
2039ec37e5 Java/C++/C#: Add change note for taint-getters. 2020-01-29 16:26:23 +01:00
Tom Hvitved
474815bf57 Merge pull request #2660 from calumgrant/cs/release-notes 
C#: Add release notes and precisions to queries
 2020-01-29 16:05:45 +01:00
Jonas Jensen
0436caecdc C++: Always use the old library for the diff test 
This change ensures that the diff test will show the difference between
the old and the new library even after we switch the default
implementation of `security.TaintTracking` to be the new one.
 2020-01-29 16:03:35 +01:00
Jonas Jensen
7bed6ad63b C++: Add taint from gets through memcpy 2020-01-29 15:42:43 +01:00
Jonas Jensen
d7e8ea7cc5 Merge pull request #2641 from marcrepo/master 
Documentation update for Issue #2623
 2020-01-29 13:37:00 +01:00
Jonas Jensen
386e8e87d1 Merge pull request #2645 from geoffw0/typo 
CPP: Fix typo.
 2020-01-29 13:35:55 +01:00
Anders Schack-Mulligen
743b612d0d Javascript/Python: Sync XML.qll 2020-01-29 13:31:25 +01:00
Anders Schack-Mulligen
0d4b2e4bf7 C#/C++: Autoformat post rebase. 2020-01-29 13:16:46 +01:00
Anders Schack-Mulligen
726a873c3e C#: Autoformat. 2020-01-29 13:15:00 +01:00
Anders Schack-Mulligen
96e4a57edd C++: Autoformat. 2020-01-29 13:11:50 +01:00
Jonas Jensen
02cb8e9cc7 Merge remote-tracking branch 'upstream/master' into dataflow-partial-chi 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
 2020-01-29 13:03:40 +01:00
Calum Grant
c0379cc3f1 C#: Address review comment: an SQL 2020-01-29 11:46:28 +00:00
Calum Grant
aff0a7534c Update change-notes/1.24/analysis-csharp.md 
Fix indentation

Co-Authored-By: James Fletcher <42464962+jf205@users.noreply.github.com>
 2020-01-29 11:44:17 +00:00
Anders Schack-Mulligen
9b7a728609 Java: Autoformat. 2020-01-29 12:16:25 +01:00
semmle-qlci
fb90c2ba52 Merge pull request #2681 from asger-semmle/csrf-only-session-cookie-access 
Approved by erik-krogh, max-schaefer
 2020-01-29 10:46:48 +00:00
Jonas Jensen
27b5902258 Merge pull request #2707 from geoffw0/taint-format 
C++: Add TaintFunction model to FormattingFunction
 2020-01-29 08:20:34 +01:00
Robert Marsh
9504da54d1 Merge pull request #2713 from MathiasVP/dynamic-cast-taint-propagation 
C++: Taint propagation through dynamic_cast
 2020-01-28 15:09:49 -05:00
Dave Bartolomeo
60a0eff4d7 Merge remote-tracking branch 'upstream/master' into dbartol/Indirections 2020-01-28 12:06:43 -07:00
yo-h
97069a7988 Merge pull request #2683 from aschackmull/java/lshift32 
Java: Add new query for large left shifts and bugfix ConstantExpAppearsNonConstant.
 2020-01-28 13:30:26 -05:00
Dave Bartolomeo
542579de7f C++: Accept dataflow test changes due to new alias analysis 2020-01-28 10:58:27 -07:00
Dave Bartolomeo
dda32359fa C++: Accept IR dump test results changes due to new alias analysis 2020-01-28 10:58:05 -07:00
Dave Bartolomeo
7013bc6bf4 C++: Update escape analysis tests to new API 2020-01-28 10:57:07 -07:00
Dave Bartolomeo
bb9485d548 C++: Update points_to tests to use new framework 2020-01-28 10:56:49 -07:00
Dave Bartolomeo
af9d90cf46 C++: New test framework that allows expected results as comments in source code 2020-01-28 10:56:13 -07:00
Dave Bartolomeo
d12b140921 C++/C#: Update shared file list 2020-01-28 10:55:38 -07:00
Dave Bartolomeo
976b564b68 C++: Update AliasedSSA to use Allocation instead of IRVariable 
This introduces a new type of `MemoryLocation`: `EntireAllocationMemoryLocation`, representing an entire contiguous allocation whose size is not known. This is used to model the memory accesses on `InitializeIndirection` and `ReturnIndirection`.
 2020-01-28 10:55:24 -07:00
Dave Bartolomeo
165a45d9b5 C++/C#: Update SimpleSSA to use Allocation instead of IRVariable 2020-01-28 10:53:18 -07:00
Dave Bartolomeo
1bbc875442 C++/C#: Parameterize alias analysis based on AliasConfiguration 
Instead of tracking `IRVariable`s directly, alias analysis now tracks instances of the `Allocation` type provided by its `Configuration` parameter. For unaliased SSA, an `Allocation` is just an `IRAutomaticVariable`. For aliased SSA, an `Allocation` is either an `IRVariable` or the memory pointed to by an indirect parameter.
 2020-01-28 10:51:21 -07:00
Dave Bartolomeo
b15dd82732 C++/C#: Share alias analysis between C++ and C# 2020-01-28 10:47:37 -07:00
Dave Bartolomeo
1b1fded535 C++/C#: Add new MemoryAccessKind to represent entire allocation 2020-01-28 10:41:53 -07:00
Mathias Vorreiter Pedersen
67d29e31cc C#: Sync identical files 2020-01-28 17:52:45 +01:00