hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-29 11:48:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,773 Commits 1,723 Branches 164 Tags
9f0499cce95a7618ef9c8d70ae10de2594dece08
Commit Graph

7773 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ziemowit Laski
7e14e2a950 [zlaski/what-buffer-function] Rename references to BufferFunction to ArrayFunction. 2019-09-24 18:02:14 -07:00
Dave Bartolomeo
0e432c2405 Merge pull request #1937 from matt-gretton-dann/cpp-432-namespacembrs-unique-key 
C++: Update test for fix to namespace members
 2019-09-24 10:11:55 -07:00
Shati Patel
3441696100 Apply suggestions from code review 2019-09-24 17:28:14 +01:00
AndreiDiaconu1
d6e4a2afef Autoformat 2019-09-24 17:26:13 +01:00
Dave Bartolomeo
f5dc8ba3ce Merge pull request #2005 from AndreiDiaconu1/ircsharp-unaliased 
C# IR: Unaliased SSA
 2019-09-24 09:05:48 -07:00
Rasmus Wriedt Larsen
752615fb56 Python: Fix doc for Expr::isDeletion 2019-09-24 16:56:07 +02:00
Rasmus Wriedt Larsen
f870b21d2f Python: Use Builtin::special for floats ClassValue 
We could find no reason for using `Builtin::builtin` instead of
`Builtin::special`. Since all the other base types use `special`, and the old
Object API is using `special`, let's also do that :)
 2019-09-24 16:55:49 +02:00
semmle-qlci
0d3edae3fc Merge pull request #2004 from xiemaisi/js/fix-xss-sanitisers 
Approved by asger-semmle
 2019-09-24 15:44:23 +01:00
Taus
594a50e066 Merge pull request #1955 from RasmusWL/python-modernise-explicit-return-in-init 
Python: Modernise the `py/explicit-return-in-init` query.
 2019-09-24 16:23:37 +02:00
AndreiDiaconu1
3f4713f0f5 Add tests and query 2019-09-24 14:53:12 +01:00
AndreiDiaconu1
1b47f80a7a C# implementation 2019-09-24 14:53:12 +01:00
AndreiDiaconu1
f25602bf1c Initial, C++ implementation 2019-09-24 14:53:12 +01:00
AndreiDiaconu1
9228cf83fa Address PR comments 2019-09-24 14:49:09 +01:00
Ian Lynagh
49276e09c5 C++: Add aggregate literals to sideEffects test 2019-09-24 11:28:57 +01:00
Calum Grant
b85896299d Merge pull request #2000 from AndreiDiaconu1/ircsharp-fixes 
C# IR: Minor fixes and changes
 2019-09-23 18:14:50 +01:00
AndreiDiaconu1
a86a15d280 Fix problem with IsExpr 
The translation of `IsExpr` created a sanity check to fail since it generated
a Phi node that had only one source: if a variable was declared as part of the `IsExpr`, a conditional branch was generated, and the variable was defined only in the true successor; this has been changes so that the declaration happens before the conditional branch, and the variable is uninitialized (this removed the need for the `isInitializedByElement` predicate from `TranslatedDeclarationBase`, so that has been removed) and only the assignment happens in the true successor block (so now the two inputs of the Phi node are the result of the `Uninitialized` instruction and the `Store` instruction from the true successor block).
 2019-09-23 17:37:50 +01:00
Shati Patel
c156d6a555 Autoformat QL 2019-09-23 17:34:08 +01:00
AndreiDiaconu1
17e6b80a34 Added C# implementation 2019-09-23 17:31:24 +01:00
AndreiDiaconu1
1dab4e0e26 Initial commit, C++ files 2019-09-23 17:31:24 +01:00
Max Schaefer
d4fca84898 JavaScript: Improve XSS sanitizer detection. 
We now use local data flow to detect more regexp-based sanitizers.
 2019-09-23 17:07:06 +01:00
Matthew Gretton-Dann
6b28f33713 C++: Update test for fix to namespace members 
Generation of IDs for namespace members has been fixed to generate
unique IDs for variables of the same name but in different namespaces.

Update the same_name test to validate this.
 2019-09-23 16:04:59 +01:00
Jonas Jensen
22e57a6559 Merge pull request #1860 from matt-gretton-dann/add-using-aliases 
Add support for using aliases
 2019-09-23 16:53:51 +02:00
Jonas Jensen
898976121b Merge pull request #1987 from geoffw0/toomanyformat 
CPP: WrongNumberOfFormatArguments.ql Fix
 2019-09-23 16:05:11 +02:00
AndreiDiaconu1
7f76947af0 Autoformat 2019-09-23 15:03:38 +01:00
AndreiDiaconu1
ae503b2982 Remove incorrect Load 
Removed an incorrect `Load` op generated by propery accesses.
 2019-09-23 14:43:08 +01:00
AndreiDiaconu1
3c95205f2e Minor fixes for array related translation 
More accurate type sizes using language specific predicates from `IRCSharpLanguage.qll`.
Added immediate operands for some `PointerX` (add, sub) instructions.
Some other minor consistency fixes.
 2019-09-23 14:37:31 +01:00
Robert Marsh
90c91a78f8 Merge pull request #1976 from pavgust/fix/hashcons-perf 
C++: HashCons: Further performance improvements
 2019-09-23 06:37:03 -07:00
Rasmus Wriedt Larsen
a0ecbc555d Merge pull request #1998 from taus-semmle/python-support-aiter 
Python: Add `__aiter__` as a recognised iterator method.
 2019-09-23 15:32:53 +02:00
Matthew Gretton-Dann
4606587fe8 C++: Apply style guide to TypedefType.qll 2019-09-23 13:57:50 +01:00
Matthew Gretton-Dann
af3b0d9e73 C++: Update stats. 2019-09-23 13:57:50 +01:00
Matthew Gretton-Dann
c8dfa46c63 C++: Add upgrade script for using aliases. 2019-09-23 13:57:50 +01:00
Matthew Gretton-Dann
fc75a6af5a C++: Add tests for using aliases 2019-09-23 13:57:50 +01:00
Matthew Gretton-Dann
9ff38ebeee C++: Update tests for new CTypedefType. 2019-09-23 13:57:50 +01:00
Matthew Gretton-Dann
5468b8def7 C++: Add support for C++ using aliases 
Previously these were identified as typedefs.
 2019-09-23 13:57:50 +01:00
Geoffrey White
b3df289a80 CPP: Fix test. 2019-09-23 13:56:24 +01:00
Geoffrey White
2d8e4b3176 CPP: Additional cases resembling the ticket. 2019-09-23 13:04:14 +01:00
semmle-qlci
825a3d2917 Merge pull request #1954 from asger-semmle/type-tracking-through-captured-vars 
Approved by xiemaisi
 2019-09-23 12:10:30 +01:00
semmle-qlci
e2c941c577 Merge pull request #1916 from erik-krogh/taintedLength 
Approved by asger-semmle, xiemaisi
 2019-09-23 11:47:48 +01:00
Taus Brock-Nannestad
e1012d8d5a Python: Add __aiter__ as a recognised iterator method. 2019-09-23 12:26:16 +02:00
Geoffrey White
040bd89163 CPP: Correct expected results. 2019-09-23 11:02:36 +01:00
Rasmus Wriedt Larsen
d6a7b6f7f1 Python: Fix documentation markup for IdentityEqMethod 2019-09-23 11:22:56 +02:00
Rasmus Wriedt Larsen
d273974045 Python: Don't flag return procedure_call() in __init__ as error 
This commit fixes the results for
0d8a429b7e/files/mayaTools/cgm/lib/classes/AttrFactory.py (L90)

```
def __init__(...):
    if error_case:
        return guiFactory.warning(...)
```

that was wrongly reporting _Explicit return in __init__ method._ as an error.
 2019-09-23 11:22:55 +02:00
Rasmus Wriedt Larsen
6e50a0ef84 Python: Modernise the py/explicit-return-in-init query. 
Add explicit test case to show that we don't doulbe report this problem.
 2019-09-23 11:22:55 +02:00
Rasmus Wriedt Larsen
f0479687d8 Python: Fix documentation for Function.isInitMethod 2019-09-23 11:22:55 +02:00
Shati Patel
f88f7962e7 QL etudes: Update predicate 2019-09-23 10:19:49 +01:00
Anders Schack-Mulligen
f8f3a4b25f Java: Minor additional type pruning. 2019-09-23 11:07:10 +02:00
Shati Patel
f94b01cb40 QL etudes: Address comments + fix sphinx warning 2019-09-23 09:52:43 +01:00
semmle-qlci
7a57a3c743 Merge pull request #1996 from xiemaisi/js/fix-illegal-invocation-refl 
Approved by esben-semmle
 2019-09-23 09:16:33 +01:00
Max Schaefer
149ae5d7ab JavaScript: Fix IllegalInvocation. 
This fixes false positives that arise when a call such as `f.apply` can either be interpreted as a reflective invocation of `f`, or a normal call to method `apply` of `f`.
 2019-09-23 07:44:14 +01:00
Tom Hvitved
e4d17a9b04 C#: Refactor getAnOutNode() predicate 2019-09-22 18:55:34 +02:00