hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-17 21:16:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
366 Commits 1,714 Branches 162 Tags
97cfbd9488245fad2ba6074b943fdceef334f19d
Commit Graph

366 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Bartolomeo
97cfbd9488 C++: "IR" means "Aliased SSA IR" 
This change makes the public IR.qll module resolve to the flavor of the IR that we want queries to use. Today, this is the aliased SSA flavor of the IR. Should we add additional IR iterations in the future, we'll update IR.qll to resolve to whichever one we consider the default.

I moved the PrintIR.ql and IRSanity.ql queries into the internal directories of the corresponding flavors. There's still a PrintIR.ql and an IRSanity.ql in the public IR directory, which use the same IR flavor as the public IR.qll.
 2018-09-04 09:05:15 -07:00
Dave Bartolomeo
9fd5f26e2e C++: Remove unnecessary Impl suffix from some files 2018-09-04 09:05:10 -07:00
Dave Bartolomeo
aacee8fecf C++: Reshuffle IR files into a consistent directory structure 
There are no real code changes here, other than to fix up `import`s. All tests still hae the same output, as expected.

A future commit will hide the IR flavors other than the one we want queries to use directly.
 2018-09-04 09:05:03 -07:00
Max Schaefer
fdc20e830a Merge pull request #153 from asger-semmle/ts-typescript3.0-changenote 
TypeScript: update change note to mention TypeScript 3.0 support
 2018-09-04 14:45:29 +01:00
Asger F
f7827b72ab TypeScript: update change note to mention TypeScript 3.0 support 2018-09-04 14:30:16 +01:00
semmle-qlci
3cdaed2e3e Merge pull request #141 from jbj/ql-warnings-1.18 
Approved by ian-semmle
 2018-09-04 14:27:18 +01:00
Jonas Jensen
e0ba2b2251 C++: Fix name of suppressUnusedType 2018-09-04 13:38:28 +02:00
Jonas Jensen
07bacbf389 C++: Follow suppressUnusedThis convention 2018-09-04 09:40:50 +02:00
calumgrant
af3f855491 Merge pull request #94 from hvitved/csharp/cfg/minor-fixes 
C#: Minor CFG improvements
 2018-09-03 17:41:18 +01:00
semmle-qlci
4dec7c5036 Merge pull request #127 from xiemaisi/js/incomplete-sanitisation-doc-improvement 
Approved by esben-semmle
 2018-09-03 16:25:44 +01:00
Jonas Jensen
88f80e4d4b C++: Silence two more QL compiler warnings 
One was for an unused parameter (a deliberate CP of `Type` x
`VoidType`), and one was for use of a deprecated predicate.
 2018-09-03 13:45:04 +02:00
Jonas Jensen
ab6dc1d70c C++: Add missing override annotations 2018-09-03 13:22:22 +02:00
Nick Rolfe
5d5febf4d4 Merge pull request #137 from jbj/getEnclosingElement-changenote 
C++: Change note for getEnclosingElement macro changes
 2018-09-03 10:44:30 +01:00
Jonas Jensen
2fd73f2171 C++: getEnclosingElement-without-macros changenote 2018-09-03 11:29:03 +02:00
Jonas Jensen
b34dbfa68b C++: Correct change note formatting 
In Markdown, nested bullet lists are formatted with indented asterisks
rather than double asterisks.
 2018-09-03 11:29:02 +02:00
Jonas Jensen
18dc1d0af0 Merge pull request #129 from Semmle/changenote-desig-init 
cherry-pick onto rc/1.18: C++: change note for designated intializer fixes
 2018-09-03 11:28:20 +02:00
Max Schaefer
759d98661c Merge pull request #117 from esben-semmle/js/push-sort-taint-steps 
JS: support `push` and `sort` taint steps for arrays
 2018-09-03 09:20:35 +01:00
Max Schaefer
58e384558c JavaScript: Improve query name and help for js/incomplete-sanitization. 
The query applies more generally to all kinds of string escaping and encoding, not just sanitization.
 2018-09-03 08:20:01 +01:00
Max Schaefer
20bff709b1 Merge pull request #136 from esben-semmle/js/composed-function-taint 
JS: model composed functions (RC)
 2018-09-03 08:18:20 +01:00
Max Schaefer
7e3adec789 Merge pull request #135 from esben-semmle/js/pick-get-taint-steps 
JS: model property projection calls (RC)
 2018-09-03 08:17:42 +01:00
Nick Rolfe
f6e5be0af8 cherry-pick 35d31aee onto 1.18 branch 
This changenote was committed after the `rc/1.18 branch` was taken.
 2018-08-31 18:09:39 +01:00
Nick Rolfe
0589be1b8a C++: add qldoc comments for aggregate_{field,array}_init 2018-08-30 22:42:31 +01:00
Nick Rolfe
2130622028 C++: use underlyingElement & unresolveElement for get{Element,Field}Expr 2018-08-30 22:42:31 +01:00
Nick Rolfe
d8d3bfd857 C++: expand aggregate literals test to cover ordering of child exprs 2018-08-30 22:42:30 +01:00
Nick Rolfe
7556f22ff1 C++: stats for aggregate_{field,array}_init 2018-08-30 22:42:30 +01:00
Nick Rolfe
23c648904f C++: properly formatted comments for builtin type kinds 2018-08-30 22:42:30 +01:00
Nick Rolfe
afa7505cae C++: expand test for aggregate literals to include more nesting 2018-08-30 22:42:30 +01:00
Nick Rolfe
4abdeda857 C++: update test output to match corrected extractor behaviour 2018-08-30 22:42:30 +01:00
Nick Rolfe
d068d71ccb C++: dbscheme/library changes to support C99 designated initializers 2018-08-30 22:42:30 +01:00
Pavel Avgustinov
d9bc07cb91 Merge branch 'java-migration'. 2018-08-30 18:49:04 +01:00
Max Schaefer
fabd6c0864 Merge pull request #119 from esben-semmle/js/fix-change-note-libs 
JS: use https- and repo-links in change notes
 2018-08-30 14:23:34 +01:00
Esben Sparre Andreasen
b7fd1e7a74 JS: use https- and repo-links in change notes 2018-08-30 14:54:15 +02:00
Pavel Avgustinov
846c9d5860 Migrate Java code to separate QL repo. 2018-08-30 10:48:05 +01:00
Esben Sparre Andreasen
6ee8f71d09 JS: add change notes for property projection libraries 2018-08-30 09:39:02 +02:00
Esben Sparre Andreasen
90b3902244 JS: add a taint step for property projection 2018-08-30 09:39:02 +02:00
Esben Sparre Andreasen
df97132519 JS: add model for property projection 2018-08-30 09:39:02 +02:00
Esben Sparre Andreasen
c1e6280a0e JS: generalize change notes for improved array operation taint steps 2018-08-30 09:18:48 +02:00
Esben Sparre Andreasen
86ab9adb06 JS: support push and sort taint steps for arrays 2018-08-30 09:14:06 +02:00
Esben Sparre Andreasen
dc72788746 JS: add a model of some function composition libraries 2018-08-30 08:17:01 +02:00
Kevin Backhouse
6c5009225c Merge pull request #111 from olehermanse/gmtime 
Fixed error in gmtime example
 2018-08-29 15:55:52 -04:00
semmle-qlci
d957c151a6 Merge pull request #110 from jbj/fewer-dbtypes 
Approved by ian-semmle
 2018-08-29 17:26:06 +01:00
Pavel Avgustinov
261cfe9892 Merge pull request #112 from shati-semmle/cs/change-notes 
C#: Reorder change notes
 2018-08-29 16:18:29 +01:00
Pavel Avgustinov
4e3616eaf1 Merge pull request #97 from shati-semmle/ql-style-guide 
QL style guide: Small fixes
 2018-08-29 16:18:15 +01:00
semmle-qlci
d22a65a66b Merge pull request #108 from esben-semmle/js/classify-generated-data-files 
Approved by xiemaisi
 2018-08-29 14:15:55 +01:00
Jonas Jensen
4cc27459ca C++: Remove redundant charpred on Element 2018-08-29 14:09:04 +02:00
Jonas Jensen
8b9e4e347c C++: Introduce ElementBase class 
By extending this class, a class can define its own `getLocation`
predicate without participating in the dispatch hierarchy of
`getLocation` as defined on `Element`. Classes wanting to override their
location previously had to define `getURL` or `hasLocationInfo` instead
and rely on these predicates not being defined on future versions of
`Element`.
 2018-08-29 13:21:10 +02:00
shati-semmle
be254ef39a Update analysis-csharp.md 2018-08-29 11:06:27 +01:00
Jonas Jensen
418a16772b Merge pull request #105 from geoffw0/samate-crement 
CPP: Support crement operations in CWE-190
 2018-08-29 09:03:29 +02:00
Ole Herman Schumacher Elgesem
00c552fe2f Fixed error in gmtime example 
gmtime and gmtime_r take a time_t pointer, so have to store the value
of time(NULL) on the stack.

Signed-off-by: Ole Herman Schumacher Elgesem <oleherman93@gmail.com>
 2018-08-28 11:10:11 -07:00
Geoffrey White
0d6373924c CPP: De-conflate cause and effect strings. 2018-08-28 16:39:10 +01:00