hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 07:36:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,326 Commits 1,703 Branches 162 Tags
6ff1c99ae330c02a4d4dd87aa4a1bb1884defe65
Commit Graph

10326 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
james
6ff1c99ae3 docs: a few content updates 2020-02-19 11:08:18 +00:00
james
d3eb5334b8 docs: update titles, some links, add intros 2020-02-19 07:37:35 +00:00
james
2245d64c52 docs: tidy up ql-for-cpp 2020-02-19 07:09:01 +00:00
semmle-qlci
ba67faf461 Merge pull request #2863 from shati-patel/master 
Approved by felicitymay
 2020-02-18 15:56:10 +00:00
Esben Sparre Andreasen
abe7aeef7c Merge pull request #2643 from esbena/js/unsafe-jquery 
JS: add query js/unsafe-jquery-plugin
 2020-02-18 09:26:14 +01:00
semmle-qlci
ecad925101 Merge pull request #2631 from hvitved/dataflow/generalize-flow-summaries 
Approved by aschackmull
 2020-02-17 18:22:46 +00:00
yo-h
d3b1729864 Merge pull request #2793 from aschackmull/java/format-taint-step 
Java: Add String.format as default taint step.
 2020-02-17 12:50:12 -05:00
Alexander Eyers-Taylor
c685b348c3 Merge pull request #2837 from jf205/monotonic-aggregates 
docs: expand QL book entry on monotonic aggregates
 2020-02-17 17:05:54 +00:00
james
d5ff8f2b8e docs: technical feedback 2020-02-17 16:20:31 +00:00
Tom Hvitved
0e7838aca5 Data flow: Sync files 2020-02-17 15:08:26 +01:00
Tom Hvitved
c7aa31d90a Address review comments 2020-02-17 15:07:53 +01:00
James Fletcher
a3fc2eac9c Merge pull request #2834 from shati-patel/2160-prep-ql-language 
Minor update to QL language topics
 2020-02-17 13:44:54 +00:00
Anders Schack-Mulligen
cabe627d1e Java: Fix qldoc. 2020-02-17 14:44:12 +01:00
Shati Patel
c5eec30713 Tidy up QLDoc spec 2020-02-17 12:07:15 +00:00
Shati Patel
2ce1ad1818 Rename "QLDoc specification" to "QLDoc comment specification" 2020-02-17 12:07:15 +00:00
Shati Patel
c846f536c4 Remove numbering 2020-02-17 12:07:15 +00:00
semmle-qlci
23ed2bcc64 Merge pull request #2782 from asger-semmle/js/export-as-ns 
Approved by erik-krogh, max-schaefer
 2020-02-17 11:22:58 +00:00
Taus
03ae7831ad Merge pull request #2711 from RasmusWL/python-fix-import-deprecated-module 
Python: fix alerts for py/import-deprecated-module
 2020-02-17 11:46:12 +01:00
Taus
df3ac49c28 Merge pull request #2700 from RasmusWL/python-taint-iterable-unpacking 
Python: Handle iterable unpacking in taint tracking
 2020-02-17 11:44:25 +01:00
Taus
990d1c1663 Merge pull request #2802 from RasmusWL/python-fix-fp-py/import-own-module 
Python: Fix FP for py/import own module
 2020-02-17 11:23:11 +01:00
Tom Hvitved
8e325ead91 Add change notes 2020-02-17 11:00:10 +01:00
Tom Hvitved
dcdb5299f0 C#: Update expected test output 2020-02-17 10:52:02 +01:00
Tom Hvitved
7eae5f913c C#: Update data-flow test 2020-02-17 10:45:44 +01:00
Tom Hvitved
28307399f8 Data flow: Sync files 2020-02-17 10:45:35 +01:00
Tom Hvitved
bc6c4744b1 Data flow: Follow-up changes to FlowExploration module 2020-02-17 10:43:26 +01:00
Tom Hvitved
307ac7f0b3 Data flow: Remove UntypedAccessPath again 2020-02-17 10:32:27 +01:00
Jonas Jensen
0628625a76 Merge pull request #2835 from MathiasVP/value-number-perf 
C++: Value number performance fix
 2020-02-15 20:40:53 +01:00
Mathias Vorreiter Pedersen
8cda847dbc C++: Add TLoadTotalOverlapValueNumber to getKind predicate in AST GVN wrapper 2020-02-15 09:37:45 -07:00
Jonas Jensen
49d2f5a60b C++: autoformat 2020-02-15 09:41:27 +01:00
Dave Bartolomeo
867581df91 Merge pull request #2844 from MathiasVP/value-numbering-performance-fix-2 
C++: Ensure that there is just one overlap for an operand in value numbering
 2020-02-14 16:40:03 -07:00
Robert Marsh
7abd289d7d C++: reinclude IRType in total load value numbers 2020-02-14 13:34:29 -08:00
Robert Marsh
f3c788d1e9 Merge pull request #2843 from jbj/ValueNumbering-import-order 
C++: Change import order for stable cache checksum
 2020-02-14 13:34:20 -05:00
Mathias Vorreiter Pedersen
8b8a8cae5b C++/C#: Sync identical files 2020-02-14 16:11:57 +01:00
Mathias Vorreiter Pedersen
4a7b865dc0 C++: Move overlap fix into SSAConstruction 2020-02-14 16:11:00 +01:00
semmle-qlci
8d21692caf Merge pull request #2845 from max-schaefer/js/http2 
Approved by esbena
 2020-02-14 13:05:48 +00:00
Nick Rolfe
d2a0037ad0 Merge pull request #2833 from hmakholm/pr/ql-codeql 
Don't chain to ./codeql in .codeqlmanifest.json
 2020-02-14 11:44:27 +00:00
Max Schaefer
ad83a8946c JavaScript: Sort lines in change notes. 2020-02-14 11:15:09 +00:00
Max Schaefer
f181111886 JavaScript: Add model of http2 compatibility API. 
Also deprecated the `httpOrHttps` predicate, which was now only used in one place and seemed a little pointless anyway.
 2020-02-14 11:14:31 +00:00
Mathias Vorreiter Pedersen
121c5e436d C++: Check that there is only one overlap 2020-02-14 11:13:53 +01:00
Jonas Jensen
928bdbacb0 C++: Change import order for stable cache checksum 
Without this fix, running the full LGTM suite would get the IR evaluated
twice. That's because we have multiple IPA types and constructors with
the same name (like `TInstruction` and `MkIRFunction`), and the QL
compiler chooses how to disambiguate those names differently depending
on import order.

I've tested that the IR is only evaluated once now by running the whole
suite on a tiny project (jbj/magicrescue) and looking at the output of

    perl -ne 'print if /^RESULTS IN:/ .. /^\[/ and not /^\[/' runSnapshotQueries-debug.log | sort |uniq -c |sort -n |less
 2020-02-14 10:28:52 +01:00
semmle-qlci
da566a4484 Merge pull request #2828 from erik-krogh/CVE24 
Approved by esbena
 2020-02-14 09:12:48 +00:00
semmle-qlci
769dce511b Merge pull request #2788 from erik-krogh/CVE42-sink 
Approved by esbena
 2020-02-14 08:00:00 +00:00
Robert Marsh
b4ff1216cc C++: sync identical files 2020-02-13 17:02:00 -08:00
Aditya Sharad
5e0d640f57 Merge pull request #2841 from BekaValentine/gitignore_vim_swap_files 
Adds .gitignore entry for vim swap files.
 2020-02-13 16:20:33 -08:00
Robert Marsh
0f58887396 C++: unique value number for filtered instructions 
Instructions that are removed from the normal value numbering recursion
because they have a duplicated type or AST element get unique value
numbers rather than going unnumbered. This ensures comparisons of value
numbers using `!=` hold for filtered instructions.
 2020-02-13 15:36:42 -08:00
Rebecca Valentine
2ee38f246b Adds .gitignore entry for vim swap files. 2020-02-13 15:23:50 -08:00
Mathias Vorreiter Pedersen
ed7888c612 C++: Sync identical files 2020-02-13 21:50:03 +01:00
Mathias Vorreiter Pedersen
57613d5507 C++: Reintroduce the type in TConstantValueNumber to avoid giving constant with different signed-ness the same value number. Instead filter those with more than one type out. 2020-02-13 21:49:40 +01:00
Tom Hvitved
09b1e8b161 C#: Update expected test output 2020-02-13 20:08:11 +01:00
james
b32683fc9f docs: expand handbook entry on monotonic aggregates 2020-02-13 18:06:44 +00:00