codeql

mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00

Author	SHA1	Message	Date
Anders Schack-Mulligen	9f1bbf2bbd	Merge pull request #10575 from aschackmull/dataflow/cleanup-module Dataflow: Minor visibility cleanup	2022-09-27 10:10:53 +02:00
Tom Hvitved	45fc62f16b	Data flow: Sync files	2022-09-26 20:39:48 +02:00
Tom Hvitved	1273db5a22	Data flow: Fix bad join-order when `getAReadContent` has large fan-in Before (terminated before completion) ``` Evaluated relational algebra for predicate DataFlowImplForHttpClientLibraries#c536b619::store#5#fffff@e5ef07bh with tuple counts: 151500 ~0% {4} r1 = SCAN DataFlowImplCommon#4f8df883::Cached::store#4#ffff OUTPUT In.1, In.0, In.2, In.3 150500 ~0% {5} r2 = JOIN r1 WITH DataFlowImplCommon#4f8df883::Cached::MkTypedContent#fff_20#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Lhs.3, Rhs.1 149500 ~0% {5} r3 = JOIN r2 WITH num#DataFlowImplForHttpClientLibraries#c536b619::TNodeNormal#ff ON FIRST 1 OUTPUT Lhs.2, Lhs.1, Lhs.3, Lhs.4, Rhs.1 148500 ~0% {5} r4 = JOIN r3 WITH num#DataFlowImplForHttpClientLibraries#c536b619::TNodeNormal#ff ON FIRST 1 OUTPUT Lhs.3, Lhs.1, Lhs.2, Lhs.4, Rhs.1 2003849000 ~0% {5} r5 = JOIN r4 WITH DataFlowPublic#e1781e31::ContentSet::getAReadContent#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.4 105066500 ~9036% {5} r6 = JOIN r5 WITH project#DataFlowImplForHttpClientLibraries#c536b619::readSet#4#ffff ON FIRST 1 OUTPUT Lhs.3, Lhs.1, Lhs.4, Lhs.2, Rhs.1 return r6 ``` After ``` Evaluated relational algebra for predicate DataFlowImplForHttpClientLibraries#c536b619::readProj#2#ff@302620cn with tuple counts: 1461867 ~0% {2} r1 = SCAN DataFlowPrivate#462ff392::Cached::TContent#f OUTPUT In.0, In.0 3549054 ~1% {2} r2 = JOIN r1 WITH DataFlowPublic#e1781e31::ContentSet::getAReadContent#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1 5772824 ~5% {2} r3 = JOIN r2 WITH project#DataFlowImplForHttpClientLibraries#c536b619::readSet#4#ffff ON FIRST 1 OUTPUT Lhs.1, Rhs.1 return r3 Evaluated relational algebra for predicate DataFlowImplForHttpClientLibraries#c536b619::store#5#fffff@016cd9o1 with tuple counts: 267905 ~0% {4} r1 = SCAN DataFlowImplCommon#4f8df883::Cached::store#4#ffff OUTPUT In.1, In.0, In.2, In.3 267905 ~0% {5} r2 = JOIN r1 WITH DataFlowImplCommon#4f8df883::Cached::MkTypedContent#fff_20#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Lhs.3, Rhs.1 267905 ~0% {5} r3 = JOIN r2 WITH num#DataFlowImplForHttpClientLibraries#c536b619::TNodeNormal#ff ON FIRST 1 OUTPUT Lhs.2, Lhs.1, Lhs.3, Lhs.4, Rhs.1 267905 ~0% {5} r4 = JOIN r3 WITH num#DataFlowImplForHttpClientLibraries#c536b619::TNodeNormal#ff ON FIRST 1 OUTPUT Lhs.3, Lhs.1, Lhs.2, Lhs.4, Rhs.1 2109240 ~0% {5} r5 = JOIN r4 WITH DataFlowImplForHttpClientLibraries#c536b619::readProj#2#ff ON FIRST 1 OUTPUT Lhs.3, Lhs.1, Lhs.4, Lhs.2, Rhs.1 return r5 ```	2022-09-26 20:37:53 +02:00
erik-krogh	0f1a8a6f5b	deleted unused internal code	2022-09-26 20:20:52 +02:00
erik-krogh	b83ca08854	deprecate class documented as deprecated	2022-09-26 20:09:54 +02:00
Mathias Vorreiter Pedersen	11b2a12392	Merge pull request #10572 from MathiasVP/add-cwe-193-fp C++: Add FP test for `CWE-193`	2022-09-26 17:22:47 +01:00
Anders Schack-Mulligen	1687d08587	Dataflow: Sync.	2022-09-26 16:10:03 +02:00
Mathias Vorreiter Pedersen	1c55bbe2e8	C++: Add FP for CWE-193.	2022-09-26 11:53:03 +01:00
Erik Krogh Kristensen	c2b5c39436	Merge pull request #10507 from erik-krogh/cpp-followMsg CPP: Make more alert-messages follow the style guide	2022-09-24 17:26:11 +02:00
Dave Bartolomeo	3bd456e52d	Merge pull request #10565 from github/post-release-prep/codeql-cli-2.11.0 Post-release preparation for codeql-cli-2.11.0	2022-09-23 18:13:59 -04:00
github-actions[bot]	6cef0af5df	Post-release preparation for codeql-cli-2.11.0	2022-09-23 21:01:40 +00:00
Robert Marsh	b93a2b06bf	C++: prototype for off-by-one in array-typed field	2022-09-23 14:38:06 -04:00
Mathias Vorreiter Pedersen	73f279d6e7	Merge pull request #10555 from MathiasVP/testcase-for-php-cve C++: Fix missing bounds in range analysis	2022-09-23 16:55:51 +01:00
Robert Marsh	c2dfbd47a3	Merge pull request #10398 from MathiasVP/further-work-on-buffer-over-queries C++: Further work on buffer-overflow queries	2022-09-23 11:06:32 -04:00
erik-krogh	96b46de7c8	update alert-messages based on review feedback	2022-09-23 14:53:54 +02:00
erik-krogh	edd03020c2	fix the casing in the alert-message of cpp/unclear-array-index-validation	2022-09-23 14:48:01 +02:00
Mathias Vorreiter Pedersen	639aaff9c7	C++: Add more metadata.	2022-09-23 13:47:02 +01:00
erik-krogh	9e4843d53e	update the alert-message of cpp/file-may-not-be-closed based on feedback	2022-09-23 14:46:00 +02:00
erik-krogh	2351884352	update some alert-messages based on review feedback	2022-09-23 14:45:59 +02:00
erik-krogh	a3c051bf96	add change-note	2022-09-23 14:45:59 +02:00
erik-krogh	40bea78186	remove more instances of the alert-loc being repeated as a link	2022-09-23 14:45:59 +02:00
erik-krogh	d55993a37b	autoformat	2022-09-23 14:45:59 +02:00
erik-krogh	33165f4f55	CPP: update expected output	2022-09-23 14:45:59 +02:00
erik-krogh	a30c38f38c	CPP: make more alert messages follow the style-guide	2022-09-23 14:45:59 +02:00
Mathias Vorreiter Pedersen	ce3654c6ec	C++: Make ql-for-ql happy.	2022-09-23 13:07:07 +01:00
Mathias Vorreiter Pedersen	f3212fe01c	C++: Autoformat.	2022-09-23 13:00:22 +01:00
Mathias Vorreiter Pedersen	162ec2884e	C++: Also fix 'OverrunWriteProductFlow.ql'	2022-09-23 12:59:27 +01:00
Mathias Vorreiter Pedersen	8056131901	C++: Autoformat.	2022-09-23 12:26:37 +01:00
Mathias Vorreiter Pedersen	494afdde96	C++: Accept test changes.	2022-09-23 12:21:31 +01:00
Mathias Vorreiter Pedersen	ac03242cfc	C++: Add an SSAVariable for pointer-arithmetic expressions in guards.	2022-09-23 12:21:31 +01:00
Geoffrey White	d60a829569	C++: Remove ErrorExpr case.	2022-09-23 12:17:09 +01:00
Mathias Vorreiter Pedersen	6d06234048	C++: Add testcase demonstrating missing result for 'cpp/invalid-pointer-deref' query.	2022-09-23 11:41:16 +01:00
Nora Dimitrijević	0e9b77e7c3	C++: Initial .qhelp file	2022-09-23 11:46:31 +02:00
Tom Hvitved	8b424d181a	Merge pull request #10505 from hvitved/dataflow/viable-impl-in-ctx-consistency Data flow: Guard against `viableImplInCallContext` not being a subset of `viableCallable`	2022-09-23 10:38:48 +02:00
github-actions[bot]	f5cf8cffa3	Release preparation for version 2.11.0	2022-09-22 20:14:12 +00:00
Dave Bartolomeo	cee0e8e137	Merge pull request #10532 from github/henrymercer/3.7-mergeback Final mergeback from `rc/3.7`	2022-09-22 13:42:59 -04:00
Nora Dimitrijević	dca13f5c89	C++: Initial `cpp/comma-before-misleading-indentation` MRVA top 1000 run at: https://github.com/github/semmle-code/actions/runs/3106828111	2022-09-22 17:44:18 +02:00
Mathias Vorreiter Pedersen	c4afb3a2b5	Merge branch 'main' into further-work-on-buffer-over-queries	2022-09-22 16:35:52 +01:00
Nora Dimitrijević	f1efc76e8c	C++: Initial commit of `cpp/comma-before-missing-indentation`	2022-09-22 17:06:04 +02:00
Tom Hvitved	7a694d5da5	C++: Update expected test output	2022-09-22 15:01:40 +02:00
Tom Hvitved	ad6b870f94	Data flow: Sync files	2022-09-22 15:01:33 +02:00
Tom Hvitved	f0f4fe7286	Merge pull request #10444 from hvitved/ruby/stmt-sequence-post-update Ruby: Add post-update nodes for compound arguments	2022-09-22 13:18:51 +02:00
Henry Mercer	f8f99af8b7	Bump the minor version of packs we regularly release	2022-09-22 12:14:19 +01:00
Robert Marsh	32ab636c77	C++: adjust test so size flows from malloc to field	2022-09-21 12:43:44 -04:00
Robert Marsh	fcd0bb13b3	C++: add paths to ArrayAccessProductFlow	2022-09-21 12:37:31 -04:00
Andrew Eisenberg	99e8cb78b0	Merge pull request #10496 from aeisenberg/aeisenberg/merge-rc3.7-into-main Aeisenberg/merge rc3.7 into main	2022-09-21 08:09:47 -07:00
Geoffrey White	518b45bc8e	C++: Add two more test cases.	2022-09-21 15:41:27 +01:00
Geoffrey White	0584191b6c	C++: Add pragma[noinline].	2022-09-21 11:49:28 +01:00
Geoffrey White	1cdaaf7882	C++: Performance fix.	2022-09-21 11:11:11 +01:00
Geoffrey White	e319c1773e	C++: Change note.	2022-09-21 10:45:29 +01:00

... 8 9 10 11 12 ...

8731 Commits