hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-23 16:06:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,192 Commits 1,712 Branches 163 Tags
58702e4c52b67ea1833b49c93000f6e4bb2eea09
Commit Graph

15192 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
58702e4c52 JavaScript: Rename EntryPoint.getADef to getARhs. 2020-09-03 22:28:09 +01:00
Max Schaefer
f3173ca968 JavaScript: Add a few unit tests for API graphs. 2020-09-03 22:28:09 +01:00
Max Schaefer
985399f4cf JavaScript: Move ApiGraphs library to semmle.javascript and import it from javascript.qll. 2020-09-03 22:28:09 +01:00
Max Schaefer
aaa70e4ad3 JavaScript: Make API-graph edge labels accessible outside ApiGraphs.qll. 2020-09-03 22:28:09 +01:00
Max Schaefer
7239f1fb6f JavaScript: Distinguish more carefully between def and use nodes in API graphs. 
In particular, we now have two different kinds of module features: module definitions and module uses.

For the most part, `API::Definition`s correspond to right-hand sides in the data-flow graph, and `API::Use`s correspond to references. However, module definitions can have references (via the CommonJS `module` variable), and so can their exports (via `module.exports` or `exports`). Note that this is different from references to uses of the module, which are simply imports.
 2020-09-03 22:28:09 +01:00
Max Schaefer
d8fbf60cbf JavaScript: Weaken a few types to stay under BDD node limit. 
`SourceNode` in cached layers seems particularly problematic.
 2020-09-03 14:29:04 +01:00
Max Schaefer
e77948103f JavaScript: Remove AdditionalFeature from ApiGraphs. 
I ended up not using it for flow summaries, so at this point it is purely speculative generality. We can reintroduce it later if we need to.
 2020-09-03 14:29:04 +01:00
Max Schaefer
924ef6ae5d Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-03 14:04:23 +01:00
Max Schaefer
ec3c1f114c JavaScript: Simplify steps through promises. 2020-09-02 21:40:34 +01:00
Max Schaefer
702192c316 JavaScript: Make implicit inits of module and exports source nodes. 
This is instead of making every access to those variables source nodes, and fixes a regression in `DeadStoreOfProperty`.
 2020-09-02 19:52:13 +01:00
Max Schaefer
9840a7ddfb JavaScript: Add utility predicate SSA::implicitInit. 2020-09-02 19:46:59 +01:00
Max Schaefer
d81d80430e JavaScript: Add a regression test for DeadStoreOfProperty. 2020-09-02 19:45:27 +01:00
Max Schaefer
df49818152 JavaScript: Address review comments. 2020-09-02 19:45:27 +01:00
Max Schaefer
82d92dc726 JavaScript: Avoid bad join order. 
The optimiser decided that it would be a great idea to start the pipeline with `getReturn().getAUse().(DataFlow::InvokeNode)`. It's not.
 2020-09-02 17:42:33 +01:00
Max Schaefer
500f7bd8fa JavaScript: Reduce complexity of SystemCommandExecutors charpred. 2020-09-02 17:42:32 +01:00
Max Schaefer
e3a9906071 JavaScript: Switch MissingRateLimiting.qll to API graphs. 
The added test shows how this helps us avoid false positives.
 2020-09-02 17:35:47 +01:00
Max Schaefer
e34a821cc6 JavaScript: Switch system-command executor modelling from source nodes to API graphs. 2020-09-02 17:35:47 +01:00
Max Schaefer
6d68036d85 JavaScript: Add test demonstrating more SQL flow. 2020-09-02 17:35:47 +01:00
Max Schaefer
68b3ccdc65 JavaScript: Switch SQL modelling from source nodes to API graphs. 2020-09-02 17:35:47 +01:00
Max Schaefer
f3e9104be4 JavaScript: Add implementation of API graphs. 2020-09-02 17:35:47 +01:00
Anders Schack-Mulligen
beca44ec2f Merge pull request #4172 from rvermeulen/java/xss-sink-extensible 
Java: Customizable XSS analysis
 2020-09-01 09:27:50 +02:00
Remco Vermeulen
2bdd3d7712 Apply qldoc suggestions 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-08-31 17:28:51 +02:00
CodeQL CI
35494ab97c Merge pull request #4171 from max-schaefer/js/promise-flow-public 
Approved by erik-krogh
 2020-08-31 15:15:27 +01:00
CodeQL CI
79e87a6c3d Merge pull request #4088 from aschackmull/java/string-formatted 
Approved by aibaars
 2020-08-31 15:02:49 +01:00
Tom Hvitved
4e963a8a8e Merge pull request #4165 from hvitved/csharp/foreach-guard 
C#: Fix bug in guards logic for `foreach` loops
 2020-08-31 14:32:09 +02:00
CodeQL CI
dc9cc20fdd Merge pull request #4161 from yoff/SharedDataflow_PostUpdateNodes 
Approved by RasmusWL, aschackmull, hvitved, jbj
 2020-08-31 11:57:44 +01:00
Max Schaefer
22ccae6006 JavaScript: Make PromiseFlow module public. 2020-08-31 11:55:10 +01:00
CodeQL CI
9d6b2e7684 Merge pull request #4042 from aschackmull/java/xsssink-extensible 
Approved by aibaars
 2020-08-31 11:54:25 +01:00
Anders Schack-Mulligen
b89a22b583 Merge pull request #4170 from aibaars/drop-inefficient-toarray 
Java: remove InefficientToArray.ql
 2020-08-31 12:45:06 +02:00
Arthur Baars
66d39bb5f6 Java: remove InefficientToArray.ql 
This query was deprecated 4 years ago.

Fixes: #4167
 2020-08-31 10:39:03 +02:00
Tom Hvitved
b205702853 C#: Fix bug in guards logic for foreach loops 2020-08-28 15:19:11 +02:00
Tom Hvitved
ddb33c914b C#: Add test that demonstrates issue with guards logic for foreach statements 2020-08-28 15:13:18 +02:00
Asger F
813d14791d Merge pull request #4043 from erik-krogh/ts4 
JS: Add support for TypeScript 4
 2020-08-28 14:02:08 +01:00
Rasmus Lerchedahl Petersen
750735c70c Dataflow: Update test expectations 2020-08-28 15:00:01 +02:00
Rasmus Lerchedahl Petersen
6b8d9f2a77 Merge branch 'main' of github.com:github/codeql into SharedDataflow_PostUpdateNodes 2020-08-28 13:01:14 +02:00
Rasmus Lerchedahl Petersen
9503c5d8bb Python: Add post-update nodes 2020-08-28 12:59:11 +02:00
Erik Krogh Kristensen
f4060723bb add stats for new properties 2020-08-28 12:43:26 +02:00
Calum Grant
93e0bd9d85 Merge pull request #4126 from tamasvajk/feature/array-index 
C#: Fix computed sizes for implicitly sized array creation
 2020-08-28 11:21:39 +01:00
Tom Hvitved
6eca97bc32 Merge pull request #4113 from tamasvajk/feature/nullability-extraction-cil 
Enable nullability checks on Semmle.Extraction.CIL
 2020-08-28 12:06:54 +02:00
Tom Hvitved
647ed03a2b Merge pull request #4136 from tamasvajk/feature/qldocs 
C#: Add missing QlDocs
 2020-08-28 12:03:03 +02:00
Taus
8caaf8f17c Merge pull request #4158 from RasmusWL/python-reformualte-js-team-comment 
Python: Reformualte explanation of experience from JS
 2020-08-28 11:33:00 +02:00
Rasmus Wriedt Larsen
496d856c48 Python: Reformualte explanation of experience from JS 2020-08-28 10:49:33 +02:00
Erik Krogh Kristensen
038cca814a Merge branch 'main' into ts4 2020-08-28 10:27:49 +02:00
Taus
afe234dade Merge pull request #4156 from RasmusWL/python-fix-changenote-fstring-taint 
Python: fstring taint change note should be for 1.26
 2020-08-28 10:23:06 +02:00
Jonas Jensen
55d7ac88f9 Merge pull request #4148 from geoffw0/vecextra 
C++: Improvements to string and vector models.
 2020-08-28 10:05:42 +02:00
CodeQL CI
80cb8be405 Merge pull request #4155 from asger-semmle/js/lower-duplicate-element-id-precision 
Approved by esbena
 2020-08-28 08:52:58 +01:00
CodeQL CI
ac94869978 Merge pull request #3978 from dellalibera/js/insecure-cookies 
Approved by esbena
 2020-08-28 08:31:38 +01:00
Rasmus Wriedt Larsen
deff36e9af Python: fstring taint change note should be for 1.26 
This fixes problem introduced in https://github.com/github/codeql/pull/4127
 2020-08-28 09:00:07 +02:00
Tamas Vajk
29eaacdeaf Fix typos and comment styling 2020-08-28 08:41:46 +02:00
Mathias Vorreiter Pedersen
ceddc2497a Merge pull request #4151 from geoffw0/reftaint 
C++: Taint tests for array and reference assignments.
 2020-08-27 20:00:13 +02:00