hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-03 09:40:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,270 Commits 1,673 Branches 157 Tags
4faeede5cd60ea2ec114b5865ca1f62798400801
Commit Graph

16270 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
4faeede5cd C++: Remove unnecessary comment on import 2020-09-22 16:55:25 +02:00
Jonas Jensen
9fd8b0431a C++: Add a SimpleRangeAnalysisDefinition test def 2020-09-22 15:54:54 +02:00
Jonas Jensen
826632d6a9 C++: Add a test of def overrides 
The def used in this test is not overridden yet.
 2020-09-22 15:54:54 +02:00
Jonas Jensen
d1f453be36 C++: import SimpleRangeAnalysisInternal 
This ensures that `getFullyConverted{Lower,Upper}Bounds` are available
where they need to be called.
 2020-09-22 15:54:54 +02:00
Jonas Jensen
8065bf15ad C++: Per-variable overrides 
Without these changes, there was no way to tell which variables were
overridden by a given instance of `SimpleRangeAnalysisDefinition`. All
four overrides are needed because they fit into different mutual
recursions of the `SimpleRangeAnalysis` implementation.
 2020-09-22 15:53:22 +02:00
Jonas Jensen
7dce4d0a6e C++: Rename: name the file the same as the class 2020-09-22 15:48:36 +02:00
Jonas Jensen
ee211b02fb Merge remote-tracking branch 'lcartey/cpp/range-analysis-custom-defs' into range-analysis-custom-defs 2020-09-22 13:27:56 +02:00
Anders Schack-Mulligen
47506a859e Merge pull request #4287 from joefarebrother/exectainted-array 
Java: Improve the ExecTainted query
 2020-09-22 13:16:05 +02:00
Jonas Jensen
269b7101c0 Merge pull request #4273 from lcartey/cpp/custom-range-analysis-override 
C++: Support overriding existing simple range analysis bounds
 2020-09-22 13:15:05 +02:00
Jonas Jensen
e86bc0c6ac C++: Autoformat fixup 2020-09-22 11:53:05 +02:00
Jonas Jensen
5cbf498a2d Merge pull request #4302 from MathiasVP/fix-field-conflation-after-4230 
C++: Fix field conflation after #4230
 2020-09-22 10:23:17 +02:00
Jonas Jensen
c56d5eb90e Merge pull request #4295 from rdmarsh2/rdmarsh2/cpp/ir-qualifier-flow 
C++: Improved qualifier flow in IR taint tracking
 2020-09-22 09:23:10 +02:00
Robert Marsh
947ad02db9 C++: autoformat 2020-09-21 11:38:57 -07:00
Taus
724baaf26a Merge pull request #4308 from RasmusWL/python-private-import-of-DataFlowPrivate 
Python: Make import of DataFlowPrivate private
 2020-09-21 17:13:48 +02:00
Rasmus Wriedt Larsen
2f9f51dbd8 Python: Fix tests that use DataFlowPrivate 2020-09-21 16:08:17 +02:00
yoff
557db3381d Merge pull request #4265 from tausbn/python-add-global-flow-steps 
Python: Add `ModuleVariableNode` to keep track of global reads and writes
 2020-09-21 15:51:19 +02:00
Tom Hvitved
d3ea20cd2c Merge pull request #4271 from github/matt-gretton-dann/csharp-dont-trace-macos-pkill 
Don't trace through pkill or pgrep on macOS.
 2020-09-21 15:44:48 +02:00
Mathias Vorreiter Pedersen
873e871620 C++: Handle more cases in arrayReadStep. 2020-09-21 14:35:37 +02:00
Mathias Vorreiter Pedersen
73cd5ceb80 C++: Accept tests. Due to the removal of overlap between the reads steps there are fewer repeated edges in path explanations. 2020-09-21 14:17:49 +02:00
Rasmus Wriedt Larsen
6aca82fa82 Python: Make import of DataFlowPrivate private 
Otherwise you are able to use `DataFlow::isExpressionNode` where
`isExpressionNode` is defined in `DataFlowPrivate.qll`.
 2020-09-21 13:52:58 +02:00
Taus
9d7a2d2b5d Merge branch 'main' into python-add-global-flow-steps 2020-09-21 13:50:20 +02:00
Anders Schack-Mulligen
4a3118b13e Merge pull request #4246 from RasmusWL/java-fix-ssa-varBlockReaches 
Java: Minor fixup for SSA AdjacentUsesImpl::varBlockReaches
 2020-09-21 13:28:20 +02:00
CodeQL CI
016e6d2001 Merge pull request #4275 from erik-krogh/CVE760-indirect 
Approved by esbena
 2020-09-21 04:09:51 -07:00
Mathias Vorreiter Pedersen
62d42f20d9 C++: use(x) is no longer an array read. 2020-09-21 12:46:03 +02:00
Rasmus Wriedt Larsen
233dd43635 Java: Port varBlockReaches fix to BaseSSA.qll 2020-09-21 12:11:25 +02:00
Taus Brock-Nannestad
1d6558b4e8 Python: Add a bit more documentation to ModuleVariableNode 2020-09-21 11:46:18 +02:00
Mathias Vorreiter Pedersen
c560c7584c C++: Add QLDoc for BufferMayWriteSideEffectFieldStoreQualifierNode 2020-09-21 11:08:06 +02:00
Mathias Vorreiter Pedersen
49dd576352 C++: Add more tests 2020-09-21 10:59:16 +02:00
Erik Krogh Kristensen
9e7a1934ea add express and HTTP to change-notes 2020-09-21 10:45:43 +02:00
Erik Krogh Kristensen
4dfc0680e2 support non SourceNode receiver for partialInvoke in routeHandlerStep 2020-09-21 10:42:19 +02:00
Erik Krogh Kristensen
4cde48cfb8 change comma to dot in qldoc 2020-09-21 10:23:21 +02:00
Erik Krogh Kristensen
edebbd640e revert change to return-type 2020-09-21 10:18:22 +02:00
Mathias Vorreiter Pedersen
6dd7675a97 Update cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-09-21 09:31:30 +02:00
Erik Krogh Kristensen
6c050d3160 revert change of return-type 2020-09-20 22:21:42 +02:00
Erik Krogh Kristensen
ae228cb5b2 move new predicates to a more fitting location 2020-09-20 22:15:03 +02:00
Erik Krogh Kristensen
5fd4c7a422 use PartialInvokeNode 2020-09-20 22:06:48 +02:00
Erik Krogh Kristensen
bef09254ee rename forwardingCall to isAForwardingRouteHandlerCall 2020-09-20 21:59:33 +02:00
Erik Krogh Kristensen
62332121b2 remove getNumParameter constraint 2020-09-20 21:57:55 +02:00
Erik Krogh Kristensen
3aaa2d11a7 rename decoratedRouteHandler to isDecoratedCall 2020-09-20 21:54:56 +02:00
Robert Marsh
6b3557ec58 C++: cache localAdditionalTaintStep 2020-09-18 15:42:14 -07:00
Robert Marsh
bc3e74f7d6 Merge branch 'main' into rdmarsh2/cpp/ir-qualifier-flow 
Fix test conflicts
 2020-09-18 15:40:43 -07:00
Robert Marsh
12be90a6af C++: remove unneeded cast 2020-09-18 15:00:01 -07:00
Robert Marsh
c179a07fc7 C++: fix constructor models 2020-09-18 14:43:39 -07:00
Tom Hvitved
d867172d27 Merge pull request #4300 from hvitved/csharp/runtime-checks-bypass-bad-magic 
C#: Avoid bad magic in `RuntimeChecksBypass.ql`
 2020-09-18 19:40:34 +02:00
Taus Brock-Nannestad
11c85f0fb5 Python: Clean up various jump/local data flow steps 
Removes steps from `ModuleVariableNode`s from `essaFlowStep`, and
instead puts them only in `jumpStep`. This cleans up the logic a bit.

This slightly broke the type tracker implementation (as it relied on
`essaFlowStep` being fairly liberal), so I have rewritten it to
explicitly rely on just familiar predicates for local and jump steps.

Additionally, we disallow Essa-to-Essa steps where exactly one of the
two nodes corresponds to a global variable (i.e. only local-local and
global-global steps).
 2020-09-18 18:14:47 +02:00
Mathias Vorreiter Pedersen
53da751b15 C++: Accept tests 2020-09-18 17:12:27 +02:00
Mathias Vorreiter Pedersen
b6b17fe95e C++: Add a read and store step that replace ArrayContent with FieldContent when we realize that the target of a store is a field. 2020-09-18 17:12:09 +02:00
Joe
9baf2b9eff Fix cartesian product 2020-09-18 15:42:03 +01:00
Tom Hvitved
dff9f8264b Merge pull request #4296 from hvitved/csharp/useless-upcast-nomagic 
C#: Avoid bad magic in `UselessUpcast.ql`
 2020-09-18 16:24:20 +02:00
Joe
abb1731be7 Java: Simplify the implementation of ExecTainted 2020-09-18 15:21:03 +01:00