hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,661 Commits 1,741 Branches 165 Tags
55b95d22e95d60abd08b6a679729572fea026a0d
Commit Graph

427 Commits

Author SHA1 Message Date
Owen Mansel-Chan
5762191832 Enable MaD barriers for queries with MaD sinks 2026-03-24 10:28:25 +00:00
Owen Mansel-Chan
3aaee9d981 Change @security-severity for rust/log-injection from 2.6 to 6.1 2026-03-17 12:01:05 +00:00
Owen Mansel-Chan
f58a6e5d3a Change @security-severity for XSS queries from 6.1 to 7.8 2026-03-13 10:01:02 +00:00
Tom Hvitved
18d2f586b3 Rust: Update AccessAfterLifetime query to use FeatureEscapesSourceCallContextOrEqualSourceSinkCallContext 2026-03-04 10:44:25 +01:00
Geoffrey White
97a02ed903 Rust: Remove MacroCallTargetStats from rust/diagnostic/database-quality. 2026-02-19 08:57:12 +00:00
Tom Hvitved
55e5bc4970 Rust: Add telemtry tags to queries 2026-02-10 11:25:42 +01:00
Simon Friis Vindum
9e74a7869a Rust: Move everything type inference related into the typeinference directory 2026-01-12 16:31:34 +01:00
Tom Hvitved
836b667a62 Address review comment 2026-01-05 19:47:02 +01:00
Tom Hvitved
2543754dd4 Rust: Remove newtype construction 2026-01-05 13:10:40 +01:00
Tom Hvitved
5bc457f6da Rust: Move logic from AccessAfterLifetimeExtensions.qll to AccessAfterLifetime.ql 2026-01-05 13:10:38 +01:00
Tom Hvitved
06a5648336 Rust: Speedup AccessAfterLifetime.ql 
Before
```
Pipeline standard for AccessAfterLifetimeExtensions::AccessAfterLifetime::mayEncloseOnStack/2#3cdefece#bf@61cb32j5 was evaluated in 30 iterations totaling 44856ms (delta sizes total: 241646328).
         241404616     ~1%    {2} r1 = SCAN `AccessAfterLifetimeExtensions::AccessAfterLifetime::mayEncloseOnStack/2#3cdefece#bf#prev_delta` OUTPUT In.1, In.0
        7379161442  ~1080%    {2}    | JOIN WITH `_AstNode::AstNode.getEnclosingBlock/0#5c38e65a_AstNode::AstNode.getEnclosingCallable/0#5a548913_Bloc__#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1
         333897324    ~40%    {2}    | AND NOT `AccessAfterLifetimeExtensions::AccessAfterLifetime::mayEncloseOnStack/2#3cdefece#bf#prev`(FIRST 2)
         297961888    ~24%    {2}    | JOIN WITH `project#AccessAfterLifetimeExtensions::AccessAfterLifetime::sourceValueScope/3#d065ba16#2` ON FIRST 1 OUTPUT Lhs.0, Lhs.1
                              return r1
```
 2026-01-05 13:10:37 +01:00
Geoffrey White
ee13a49152 Merge branch 'main' into varfps 2025-12-11 18:21:22 +00:00
Geoffrey White
d88bae9ec2 Rust: Narrow the exclusion a little. 2025-12-11 18:07:12 +00:00
Geoffrey White
c160a1f658 Rust: Fix common FPs for rust/unused-variable and rust/unused-value. 2025-12-10 16:56:24 +00:00
Simon Friis Vindum
7d1acbcb87 Rust: Restrict the scope of DereferenceSink to dereferences of raw pointers 2025-12-10 11:35:28 +01:00
Tom Hvitved
31b184a404 Rust: Exclude deref expressions on raw pointers from call resolution stats 2025-12-09 08:54:51 +01:00
Tom Hvitved
bfa37b8488 Fix typo 2025-12-08 10:17:47 +01:00
Tom Hvitved
57bca5ca9b Rust: Include more calls in DB quality metrics 2025-12-05 09:15:26 +01:00
Tom Hvitved
8b89e15dfa Merge pull request #20863 from hvitved/rust/call-refactor 
Rust: Restructure classes representing calls
 2025-12-04 17:02:17 +01:00
Tom Hvitved
bc6d38ebb4 Address review comments 2025-12-04 10:38:47 +01:00
Anders Schack-Mulligen
607ad1f886 Merge pull request #20961 from aschackmull/dataflow/flowfrom 
Dataflow: Add flowFrom predicates to mirror flowTo.
 2025-12-04 10:09:29 +01:00
Anders Schack-Mulligen
78e1879c9e Use more flowTo. 2025-12-03 14:12:08 +01:00
Tom Hvitved
7378fbc567 Rust: Restructure classes representing calls 2025-12-02 10:08:04 +01:00
Geoffrey White
faf69b821b Rust: Add sinks as barriers to prevent duplicate results. 2025-12-01 12:39:13 +00:00
Simon Friis Vindum
86eb949673 Merge pull request #20902 from paldepind/rust/xss-query 
Rust: Add new query for XSS vulnerabilities
 2025-11-28 09:09:14 +01:00
Simon Friis Vindum
97dad2db17 Rust: Apply suggestions from docs review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-11-27 11:43:41 +01:00
Simon Friis Vindum
9ae4c14ffb Rust: Address PR feedback 2025-11-25 14:20:17 +01:00
Geoffrey White
1c2d8bb70e Merge pull request #20851 from geoffw0/access-invalid-pointer-fp 
Rust: Improve rust/access-invalid-pointer
 2025-11-25 09:49:07 +00:00
Simon Friis Vindum
411d1fa861 Rust: Fix grammar and typos 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-25 09:31:00 +01:00
Simon Friis Vindum
9c2858d69b Rust: Add qhelp for XSS query 2025-11-24 15:46:26 +01:00
Simon Friis Vindum
ae9c753371 Rust: Add XSS query 2025-11-24 15:46:24 +01:00
Geoffrey White
ff8032a4ec Rust: Fix after merge. 2025-11-21 18:53:57 +00:00
Geoffrey White
80615056c0 Merge remote-tracking branch 'upstream/main' into cert-checks 2025-11-21 18:40:40 +00:00
Geoffrey White
03fc4cb0aa Merge remote-tracking branch 'upstream/main' into access-invalid-pointer-fp 2025-11-21 17:39:56 +00:00
Geoffrey White
785754ec65 Rust: Switch the query to taint flow, since some taint summaries are relevant now. 2025-11-21 15:02:29 +00:00
Geoffrey White
8145264b77 Rust: Add threat model sources as additional sources for the query. 2025-11-21 14:40:11 +00:00
Tom Hvitved
489fff9572 Rust: Base DataFlow::Node on AST instead of CFG 2025-11-19 19:37:39 +01:00
Geoffrey White
725899389b Rust: Clean up the query slightly. 2025-11-17 15:08:53 +00:00
Tom Hvitved
8455663255 Rust: Speedup AccessAfterLifetime.ql 2025-11-15 15:21:03 +01:00
Geoffrey White
15fa99a288 Rust: Clarify some confusing text in the .qhelp. 2025-11-13 09:00:46 +00:00
Geoffrey White
42aca4a171 Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-11-13 08:51:41 +00:00
Geoffrey White
0675a29ae6 Rust: Minor corrections. 2025-11-12 19:26:45 +00:00
Tom Hvitved
467bd541d2 Merge pull request #20770 from hvitved/rust/attribute-macro-expansion-filter 
Rust: Remove elements superseded by attribute macro expansions
 2025-11-12 19:52:09 +01:00
Geoffrey White
49063ac8a9 Rust: Cut down the example for readability. 2025-11-12 18:13:02 +00:00
Geoffrey White
dcae0ef975 Rust: I prefer the original certificates reference from the Go .qhelp. 2025-11-12 18:10:44 +00:00
Geoffrey White
87d66c69a3 Rust: Clean up the .qhelp a little. 2025-11-12 18:10:02 +00:00
Geoffrey White
bb78fdf150 Rust: Add qhelp and examples (translated from Go, by Copilot). 2025-11-12 16:50:50 +00:00
Geoffrey White
c77eef39e2 Rust: Convert the query to a path-problem with global data flow. 2025-11-12 16:21:46 +00:00
Geoffrey White
209f394b5e Rust: Fix the alert message. 2025-11-12 15:51:03 +00:00
Geoffrey White
f6b7aeaaca Rust: Add prototype query. 2025-11-11 16:01:10 +00:00