hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-21 06:57:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,753 Commits 1,712 Branches 163 Tags
5bfde2c0f2845df08036084f49fa3824aebbd263
Commit Graph

19753 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Taus Brock-Nannestad
5bfde2c0f2 Python: Fix overly broad class attribute node class 
This is not strictly necessary, but it was bothering me that this
simply covered _all_ nodes that were both definitions and names at the
same time. Now it actually encompasses what the documentation claims
it does.
 2021-02-05 21:56:57 +01:00
Taus Brock-Nannestad
7f3c6acd08 Python: Handle class attribute references in API graph 
This is slightly dubious, and should really be in the currently
unimplemented "def" counterpart to the "use" bits we already have.

However, it seems to work correctly, and in the spirit of moving
things along, this seemed like the easier solution. We can always
replace the implementation with the "proper" approach at a later point.
 2021-02-05 21:54:35 +01:00
Taus Brock-Nannestad
ef600575ca Python: Add API graph support for subclasses 2021-02-05 16:52:58 +01:00
Taus Brock-Nannestad
b39cbf82c6 Python: Port Flask models to use API graphs 
Most of the type trackers in this model were easily replaceable with
uses of the API graph, but the ones for tracking subclasses are
problematic, as these take us out of the API graph.
 2021-02-05 14:41:42 +01:00
yoff
7fef1a8817 Merge pull request #5069 from tausbn/python-api-graphs 
Python: Add support for API graphs
 2021-02-05 13:17:09 +01:00
Taus Brock-Nannestad
78cb53449d Python: Slight cleanup of Cached::call 
Makes it more similar to the other functions in this module.
 2021-02-05 12:47:26 +01:00
Taus
6c8dfb253d Python: Use flowsTo instead of hasLocalSource 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-02-05 12:42:41 +01:00
Tamás Vajk
d7505e41db Merge pull request #5091 from tamasvajk/feature/cleanup-nullable 
C#: Fix nullable warnings and some code quality issues
 2021-02-05 12:07:42 +01:00
Jonas Jensen
6e5d56cbcb Merge pull request #5097 from geoffw0/qldoceg11 
C++: QLDoc Improvements
 2021-02-05 12:00:35 +01:00
Shati Patel
474ddc9bc8 Merge pull request #5090 from RasmusWL/docs-fix-direct-query-link 
Docs: Use /blob/ instead of /tree/ for direct query link
 2021-02-05 10:50:40 +00:00
Jonas Jensen
c945ece80d Merge pull request #5100 from MathiasVP/fix-changenote-unsigned-difference-expression-compared-zero 
C++: Add query author and link to original PR in change-note
 2021-02-05 11:21:48 +01:00
Geoffrey White
55b0dbd7b8 C++: Autoformat. 2021-02-05 10:02:31 +00:00
Taus
a66743192e Python: Fix typo in docs 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-02-05 10:58:47 +01:00
Mathias Vorreiter Pedersen
a416a089b4 Update cpp/change-notes/2020-02-04-unsigned-difference-expression-compared-zero.md 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-02-05 09:48:54 +01:00
Tamás Vajk
87ba9d55b6 Merge pull request #4687 from tamasvajk/feature/csharp9-records 
C#: Extract record declarations
 2021-02-05 08:56:24 +01:00
Robert Marsh
649bd03db6 Merge pull request #5101 from NateD-MSFT/patch-1 
Add KeGetCurrentProcessorNumberEx to CWE-457 whitelist
 2021-02-04 16:59:07 -08:00
NateD-MSFT
9470a99092 Add KeGetCurrentProcessorNumberEx to CQE-457 whitelist 
Windows driver developers may call KeGetCurrentProcessorNumberEx in their driver.  This function optionally may initialize a provided structure, but this initialization always occurs.  The return value is the current processor being run on.  As such, this query incorrectly marks calls to KeGetCurrentProcessorNumberEx that initialize a structure that is later used as risky, even though in reality the initialization always succeeds.

See https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/ntddk/nf-ntddk-kegetcurrentprocessornumberex
 2021-02-04 13:32:09 -08:00
Tamas Vajk
83f0fad014 Fix expected test AST 2021-02-04 21:08:01 +01:00
Tamas Vajk
f555c0642e Add change note 2021-02-04 21:08:01 +01:00
Tamas Vajk
f0b0845f9f Add 'record' QL class 2021-02-04 21:08:01 +01:00
Tamas Vajk
9ffc38f5b1 Fix deterministic ordering of class members in PrintAst 2021-02-04 21:08:01 +01:00
Tamas Vajk
a6fd7a3203 C#: Extract record declarations 2021-02-04 21:08:01 +01:00
Mathias Vorreiter Pedersen
993abd4499 C++: Add query author and link to original PR in change-note. 2021-02-04 20:23:27 +01:00
Taus
f0d5a91d59 Merge pull request #5093 from RasmusWL/fix-query-names-with-dunder 
Python: Fix query names with dunder (__)
 2021-02-04 18:47:45 +01:00
Taus Brock-Nannestad
d035937083 Python: Add change note 2021-02-04 18:43:44 +01:00
Taus Brock-Nannestad
a505eb6922 Python: Adhere to QLDoc style guide 2021-02-04 18:34:06 +01:00
Taus Brock-Nannestad
3c7d9c3c4b Python: Fix typo 2021-02-04 18:33:50 +01:00
Geoffrey White
2160edc789 C++: Clean up bits I didn't finish. 2021-02-04 17:16:45 +00:00
Geoffrey White
1f928c2910 CPP: Examples Element.qll. 2021-02-04 17:08:29 +00:00
Geoffrey White
8ae01789b1 CPP: Examples Specifier.qll. 2021-02-04 17:08:29 +00:00
Geoffrey White
500097ca76 CPP: Examples Preprocessor.qll. 2021-02-04 17:08:29 +00:00
Geoffrey White
4b9532c6f7 CPP: Examples Namespace.qll. 2021-02-04 17:08:29 +00:00
Taus Brock-Nannestad
f6e1ea5b2a Python: Fix missing global variable source nodes 
In lieu of removing the offending flow (which would likely have
consequences for a lot of other tests), I opted to simply _include_
the relevant nodes directly.
 2021-02-04 18:07:13 +01:00
Taus Brock-Nannestad
2524f23a46 Python: Add more test cases 
There is now a bit of redundancy in the tests, but I thought it useful
to actually include some of the cases called out explicitly in the
documentation, so as to make it easy to see that the code actually
does what we expect (in these cases, anyway).
 2021-02-04 18:05:33 +01:00
Taus Brock-Nannestad
aa7e9f0b56 Python: Add big explanatory comment about prefixes. 2021-02-04 18:03:34 +01:00
Geoffrey White
69c7c83bc2 Merge pull request #5094 from MathiasVP/promote-UnsignedDifferenceExpressionComparedZero 
Promote cpp/unsigned-difference-expression-compared-zero out of experimental
 2021-02-04 16:54:45 +00:00
Mathias Vorreiter Pedersen
cf0e464ab9 Merge branch 'promote-UnsignedDifferenceExpressionComparedZero' of github.com:MathiasVP/ql into promote-UnsignedDifferenceExpressionComparedZero 2021-02-04 17:24:59 +01:00
Mathias Vorreiter Pedersen
6a97d02247 C++: Address review comments. 2021-02-04 17:24:14 +01:00
Mathias Vorreiter Pedersen
161e5679a7 Apply suggestions from code review 
Co-authored-by: hubwriter <hubwriter@github.com>
 2021-02-04 16:47:45 +01:00
Taus Brock-Nannestad
305bfaba2d Python: Fix imports/2 2021-02-04 16:46:22 +01:00
Mathias Vorreiter Pedersen
d9d82fc56a C++: Update change-notes 2021-02-04 16:24:56 +01:00
Geoffrey White
7c54512859 Merge pull request #5010 from ihsinme/ihsinme-patch-220 
CPP: Add query for CWE-570 detect and handle memory allocation errors.
 2021-02-04 15:17:28 +00:00
Mathias Vorreiter Pedersen
707f532e10 C++: Fix bad join-order using a poor man's unbind operator. 2021-02-04 16:11:34 +01:00
Mathias Vorreiter Pedersen
fd596ebbbb C++: Move cpp/unsigned-difference-expression-compared-zero out of experimental. 2021-02-04 16:10:34 +01:00
Mathias Vorreiter Pedersen
c1c9f963b9 C++: Fix qhelp in cpp/unsigned-difference-expression-compared-zero. 2021-02-04 16:10:30 +01:00
Taus Brock-Nannestad
07ffa9f1ae Python: More documentation 2021-02-04 15:59:00 +01:00
Taus Brock-Nannestad
e54c925b70 Python: Greatly simplify imports/2 predicate 2021-02-04 15:58:15 +01:00
Rasmus Wriedt Larsen
b94658fd52 Python: Highlight that __slots__ query is only for Python 2 in qhelp 
Since I was already editing this file, it was easy to just add this extra bit of
info.
 2021-02-04 15:54:37 +01:00
Rasmus Wriedt Larsen
23d9e2646a Python: Fix name of class in example of __slots__ qhelp 2021-02-04 15:54:10 +01:00
Rasmus Wriedt Larsen
dcb185b659 Python: Fix trailing whitespace in a single qhelp file 
Since I edited already, why not get this little bonus? :D
 2021-02-04 15:53:23 +01:00