codeql

mirror of https://github.com/github/codeql.git synced 2026-01-03 09:40:17 +01:00

Author	SHA1	Message	Date
Tamás Vajk	54c35748f0	Merge pull request #4193 from tamasvajk/feature/sign-analysis C#: Sign analysis	2020-09-22 15:33:33 +02:00
Tom Hvitved	06dbec78f7	C#: Add `Guard::controlsBasicBlock()` and simplify `Guard::isEquality()`	2020-09-21 16:15:12 +02:00
Tamas Vajk	8bf4a4209c	C#: Sign analysis Synced between Java and C# through `identical-files.json`.	2020-09-21 16:15:12 +02:00
Tom Hvitved	d3ea20cd2c	Merge pull request #4271 from github/matt-gretton-dann/csharp-dont-trace-macos-pkill Don't trace through pkill or pgrep on macOS.	2020-09-21 15:44:48 +02:00
Tom Hvitved	d867172d27	Merge pull request #4300 from hvitved/csharp/runtime-checks-bypass-bad-magic C#: Avoid bad magic in `RuntimeChecksBypass.ql`	2020-09-18 19:40:34 +02:00
Tom Hvitved	aac2e0ebfb	C#: Avoid bad magic in `RuntimeChecksBypass.ql` Before: ``` [2020-09-18 14:03:57] (2587s) Tuple counts for RuntimeChecksBypass::uncheckedWrite#bbf#antijoin_rhs#1: 1270 ~8% {2} r1 = SCAN RuntimeChecksBypass::uncheckedWrite#bbf#shared AS I OUTPUT I.<1>, I.<0> 188197390 ~0% {3} r2 = JOIN r1 WITH #Callable::Callable::calls_dispred#bfPlus AS R ON FIRST 1 OUTPUT R.<1>, r1.<1>, r1.<0> 2425784042 ~1% {3} r3 = JOIN r2 WITH Expr::Expr::getEnclosingCallable_dispred#ff_10#join_rhs AS R ON FIRST 1 OUTPUT r2.<1>, R.<1>, r2.<2> 58 ~9% {2} r4 = JOIN r3 WITH project#RuntimeChecksBypass::checkedWrite#bfff AS R ON FIRST 2 OUTPUT r3.<0>, r3.<2> return r4 ``` After: ``` [2020-09-18 14:08:48] (5s) Tuple counts for RuntimeChecksBypass::uncheckedWrite#fff#antijoin_rhs: 24704473 ~2% {2} r1 = SCAN DataFlowPublic::localExprFlow#ff AS I OUTPUT I.<1>, I.<0> 23784154 ~6% {4} r2 = JOIN r1 WITH Expr::Expr::getEnclosingCallable_dispred#ff AS R ON FIRST 1 OUTPUT r1.<1>, 28, R.<0>, R.<1> 201391 ~2% {2} r3 = JOIN r2 WITH expressions AS R ON FIRST 2 OUTPUT r2.<2>, r2.<3> 23784154 ~0% {3} r4 = JOIN r1 WITH Expr::Expr::getEnclosingCallable_dispred#ff AS R ON FIRST 1 OUTPUT r1.<1>, R.<0>, R.<1> 1065242 ~20% {2} r5 = JOIN r4 WITH expr_value AS R ON FIRST 1 OUTPUT r4.<1>, r4.<2> 1266633 ~16% {2} r6 = r3 \/ r5 return r6 ```	2020-09-18 14:15:30 +02:00
Tom Hvitved	4090859207	C#: Avoid bad magic in `UselessUpcast.ql`	2020-09-18 12:14:52 +02:00
Matthew Gretton-Dann	99fd323ded	Don't trace through pkill or pgrep on macOS.	2020-09-15 13:37:22 +01:00
Tom Hvitved	d095d6b56b	Merge pull request #4139 from hvitved/csharp/cfg/foreach-loop-empty C#: Skip `foreach` loop bodies in the CFG when the iteration expression is empty	2020-09-15 09:30:29 +02:00
Tamás Vajk	d21c101c0d	Merge pull request #4041 from tamasvajk/feature/update-roslyn C#: upgrade Roslyn dependencies to version 3.7	2020-09-14 13:57:36 +02:00
Tamás Vajk	f5f4b8e25b	C#: Enable nullability of Semmle.Extraction.CSharp.Standalone (#4115 )	2020-09-14 13:43:57 +02:00
Tom Hvitved	0fb9dc5bac	C#: Adjust caching of tuple types	2020-09-14 11:24:46 +02:00
Tom Hvitved	19746023d9	C#: Tidy code for constructing underlying tuple structs	2020-09-14 10:08:58 +02:00
Mathias Vorreiter Pedersen	2d57abdcbe	Merge branch 'main' into mathiasvp/read-step-without-memory-operands	2020-09-11 12:47:29 +02:00
Tom Hvitved	6c5b30d2a4	C#: Update CIL consistency test	2020-09-11 11:49:07 +02:00
Tom Hvitved	f225a17639	C#: Even more reflection for retrieving meta data handle	2020-09-11 11:49:07 +02:00
Tamas Vajk	d60b7c7297	C#: Improve empty collection check to not report on collections with property writes	2020-09-11 10:46:34 +02:00
Tom Hvitved	2cc635f7e0	C#: Add DB upgrade script	2020-09-10 14:09:40 +02:00
Tom Hvitved	01e766c745	C#: Disable uniqueness constraint from `explicitly_implements` The documentation on `ExplicitInterfaceImplementations` says "Properties imported from metadata can explicitly implement more than one property", so the constraint appears to be invalid.	2020-09-10 14:05:37 +02:00
Tamas Vajk	643a8b57c3	C#: Explicitly handle underlying tuple types	2020-09-10 14:05:37 +02:00
Tamas Vajk	221b92de04	C#: upgrade Roslyn dependencies to version 3.7	2020-09-10 13:53:39 +02:00
Tom Hvitved	a9f322e6c3	Merge pull request #4241 from hvitved/csharp/autobuild-cmd-exit-code C#: Correctly propagate exit code in `autobuild.cmd`	2020-09-10 12:43:43 +02:00
Tom Hvitved	9629f1c2f4	C#: Also propagate exit code in `pre-finalize.cmd`	2020-09-10 11:09:38 +02:00
Tom Hvitved	fcf39eaac1	C#: Fix broken auto-builder tests on Windows	2020-09-10 10:46:39 +02:00
Tom Hvitved	a32db3de4b	Simplify exit code logic Co-authored-by: Arthur Baars <aibaars@github.com>	2020-09-10 10:22:02 +02:00
Tom Hvitved	4cc1e4d1f1	C#: Correctly propagate exit code in `autobuild.cmd`	2020-09-10 10:01:43 +02:00
Tom Hvitved	c45743588c	Merge pull request #4237 from hvitved/csharp/autobuilder/nuget C#: Download nuget.exe in auto-builder if it does not exist	2020-09-10 08:43:39 +02:00
Tom Hvitved	1ce3ac74a1	Address review comments	2020-09-09 16:35:37 +02:00
Taus	17ccc137ae	Merge pull request #4238 from RasmusWL/dataflow-small-fix-for-naming Dataflow: small fixes for naming in taint tracking	2020-09-09 16:26:36 +02:00
Mathias Vorreiter Pedersen	ad602b892b	Merge branch 'main' into mathiasvp/read-step-without-memory-operands	2020-09-09 16:17:23 +02:00
Tamás Vajk	dfb8761bdc	C#: Add flag to Standalone extractor to use the self contained .Net framework (#4233 )	2020-09-09 16:12:48 +02:00
Rasmus Wriedt Larsen	2172fb6e65	Dataflow: s/data flow/taint propagation/ in QLDoc for sanitizers	2020-09-09 14:30:33 +02:00
Rasmus Wriedt Larsen	d90f0be2c4	Dataflow: defaultTaintBarrier => defaultTaintSanitizer Just keeping things a bit more consistent :)	2020-09-09 14:11:56 +02:00
Tom Hvitved	947040aafe	C#: Download nuget.exe in auto-builder if it does not exist	2020-09-09 14:09:41 +02:00
Tom Hvitved	6c716331d9	C#: Skip `foreach` loop bodies in the CFG when the iteration expression is empty	2020-09-07 15:26:28 +02:00
Tom Hvitved	9e240b7397	C#: Add more CFG loop unrolling tests	2020-09-07 15:26:25 +02:00
Mathias Vorreiter Pedersen	ed7e499b02	Merge branch 'main' into mathiasvp/read-step-without-memory-operands	2020-09-04 17:25:36 +02:00
Tamas Vajk	e2c205deb4	C#: Add stable order for generated accessors in printed AST	2020-09-04 10:39:01 +02:00
Tom Hvitved	7f18c3377e	Merge pull request #4017 from hvitved/csharp/unqualify-trap-ids3 C#: Remove assembly prefixes from TRAP labels	2020-09-04 09:20:39 +02:00
Mathias Vorreiter Pedersen	0fed7c0745	C++/C#: Sync identical files	2020-09-02 22:53:45 +02:00
Arthur Baars	00668b536a	Merge pull request #4188 from aibaars/csharp-buildless C#: autobuild: fix buildless mode for CodeQL	2020-09-02 21:04:39 +02:00
Arthur Baars	babe69d6e9	Update unit tests	2020-09-02 17:59:56 +02:00
Arthur Baars	90f013d74f	Merge pull request #4176 from aibaars/missing-qhelp Add missing QHelp files	2020-09-02 16:12:42 +02:00
Arthur Baars	3ed6465716	Address comments	2020-09-02 15:18:31 +02:00
Arthur Baars	223d94219e	C#: autobuild: fix buildless mode for CodeQL	2020-09-02 13:23:23 +02:00
Tom Hvitved	1b769ebac9	C#: Address more review comments	2020-09-02 10:52:05 +02:00
Tom Hvitved	51dc1515ab	C#: Address review comments	2020-09-02 10:52:05 +02:00
Tom Hvitved	92bf830a8a	C#: Avoid bad magic in `UselessUpcast.ql`	2020-09-02 10:52:05 +02:00
Tom Hvitved	c7f776984f	C#: Add CFG tests for callables with multiple implementations	2020-09-02 10:52:05 +02:00
Tom Hvitved	8a0355720a	C#: Make `Callable::get[Expression\|Statement]Body()` return all possible implementations Previosly, we returned only the body belonging to "the most likely" implementation, based on a CFG size heuristics. However, now that more callables are mapped to the same entity, it makes more sense to treat such callables (to some extent) like partial methods. This means, for instance, that data flow will branch out to all possible implementations, much like we do for virtual dispatch.	2020-09-02 10:52:05 +02:00

1 2 3 4 5 ...

2037 Commits