hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-23 16:06:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,514 Commits 1,712 Branches 163 Tags
e689f6bad2ab69ca00a3ad9acc267763b212f2da
Commit Graph

31514 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
e689f6bad2 C++: Use the IR for 'cpp/return-stack-allocated-memory'. 2022-01-20 18:22:49 +00:00
Mathias Vorreiter Pedersen
78642aaae2 Merge pull request #7593 from MathiasVP/fix-join-order-in-get-conversion-type 
C++: Fix join order in 'getConversionType4'
 2022-01-17 11:01:08 +00:00
Paolo Tranquilli
6a53b7b233 Merge pull request #7543 from github/rdmarsh2/cpp/hex-format-range-analysis 
C++: Use range analysis for maximum lengths of `%x` formats
 2022-01-17 08:32:34 +01:00
Tom Hvitved
2ecf0d3264 Merge pull request #7550 from michaelnebel/csharp/global-using 
C#: Support for identifying whether a using directive is "global".
 2022-01-14 20:03:18 +01:00
Robert Marsh
5df6bcf952 C++: change note for hex format range analysis 2022-01-14 13:18:58 -05:00
Dave Bartolomeo
bce2a810a3 Merge pull request #7400 from github/dbartol/change-note-instructions 
Add instructions for creating change notes.
 2022-01-14 13:10:44 -05:00
Robert Marsh
9de63b2812 Merge branch 'main' into rdmarsh2/cpp/hex-format-range-analysis 
Accept test changes from query split
 2022-01-14 12:53:52 -05:00
Ian Lynagh
bba8e45e74 Merge pull request #7602 from igfoo/igfoo/typos 
Fix a couple of typos: clases / clasess
 2022-01-14 15:56:04 +00:00
Henry Mercer
ed28b7f174 Merge pull request #7575 from github/henrymercer/atm-remove-code-to-features 
JS: Remove ATM `CodeToFeatures` library
 2022-01-14 15:31:34 +00:00
Michael Nebel
e09009cd8e Merge pull request #7118 from michaelnebel/csharp-primary-ql-class 
C#: PrimaryQlClass
 2022-01-14 16:14:28 +01:00
Ian Lynagh
22dc24629f Fix a couple of typos: clases / clasess 2022-01-14 14:28:29 +00:00
Michael Nebel
8c6c8b0adb C#: Remove un-needed ql doc comment. 2022-01-14 12:55:54 +01:00
Mathias Vorreiter Pedersen
b51c85597b Merge pull request #7529 from erik-krogh/fixup-library-deps 
QL: recognize dependecies of the form: libraryPathDependencies: library-name
 2022-01-14 11:13:56 +00:00
Erik Krogh Kristensen
b02fecf125 Merge pull request #7600 from erik-krogh/ql-for-ql-team 
QL: change reviewers of QL-for-QL to a newly created team
 2022-01-14 11:45:40 +01:00
Erik Krogh Kristensen
47e56365c4 QL: change reviewers of QL-for-QL to a newly created team 2022-01-14 11:32:09 +01:00
Henry Mercer
d55e6d1ca7 Merge pull request #7594 from github/henrymercer/js-atm-rename-queries 
JS: Update names, IDs, and tags for ML-powered queries
 2022-01-14 10:28:24 +00:00
Mathias Vorreiter Pedersen
6d95d47467 Merge branch 'main' into fix-join-order-in-get-conversion-type 2022-01-14 09:53:17 +00:00
Michael Nebel
6009d71e9a C#: Add getAPrimaryQlClass override to UnknownExpr. 2022-01-14 10:41:44 +01:00
Mathias Vorreiter Pedersen
68385dfab5 Merge pull request #7386 from github/redsun82/cpp-overrunning-write-precision-split 
C++: split `cpp/overrunning-write` into two
 2022-01-14 09:11:39 +00:00
Tom Hvitved
6c20585fc7 C#: Eliminate bad magic optimization 
```
[2022-01-14 08:57:14] (253s) Tuple counts for Stmt::getAChild#bbf/3@8dfbc66f after 1m53s:
                      4922010396 ~5%     {3} r1 = JOIN ControlFlowElement::ControlFlowElement::getEnclosingCallable_dispred#ff_10#join_rhs WITH ControlFlowElement::ControlFlowElement::getEnclosingCallable_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'cfe', Rhs.1 'cfe', Lhs.0 'c'
                      1597068    ~2%     {3} r2 = JOIN r1 WITH Element::Element::getAChild_dispred#ff ON FIRST 2 OUTPUT Lhs.0 'cfe', Lhs.2 'c', Lhs.1 'result'
                                         return r2
```
 2022-01-14 10:10:23 +01:00
Tom Hvitved
411d2b2876 C#: Update stats 2022-01-14 10:10:23 +01:00
Michael Nebel
f025db0371 C#: Add downgrade script for deleting using_global relation. 2022-01-14 10:10:23 +01:00
Michael Nebel
dcd6a6be40 C#: Add database upgrade script for adding the using_global relation. 2022-01-14 10:10:22 +01:00
Michael Nebel
a1eff1603a C#: Add test for global using directive. 2022-01-14 10:10:22 +01:00
Michael Nebel
c118d9bf6f C#: Add support for the global modifier for using directives. 2022-01-14 10:10:22 +01:00
Michael Nebel
e305a8a6c5 C#: Refactor Tuples to use expression body syntax. 2022-01-14 10:10:22 +01:00
Michael Nebel
6e72f6e2c4 C#: Refactor to re-use code to extract modifier tokens. 2022-01-14 10:10:13 +01:00
Edoardo Pirovano
f2818ebb5e Merge pull request #7489 from edoardopirovano/fix-example 
Fix example in JavaScript query
 2022-01-14 08:58:28 +00:00
Tony Torralba
8f73772955 Merge pull request #7595 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-01-14 09:32:13 +01:00
Anders Schack-Mulligen
0b24af901d Merge pull request #7349 from aschackmull/dataflow/state 
Dataflow: Add support for flow state
 2022-01-14 09:12:38 +01:00
github-actions[bot]
685336fa23 Add changed framework coverage reports 2022-01-14 00:10:33 +00:00
Henry Mercer
e9bb9f5294 JS: Update names, IDs, and tags for ML-powered queries 2022-01-13 17:45:40 +00:00
Henry Mercer
8e9d8c112d JS: Improve comments in FunctionBodyFeatures.qll 2022-01-13 17:20:42 +00:00
Henry Mercer
2aea3257cb JS: Improve documentation for getTokenizedAstNode 2022-01-13 17:20:41 +00:00
Andrew Eisenberg
4ffd8c62ac Merge pull request #7579 from github/aeisenberg/changenote-upgrades-removal 
Changenotes: Add changenotes for upgrades refactoring
 2022-01-13 09:09:06 -08:00
Henry Mercer
92d6fecc73 Optimize performance of body tokens 
The refactoring to remove the `CodeToFeatures` AST reintroduced a
performance problem. This commit resolves it by pushing size
restrictions into intermediate predicates.
 2022-01-13 16:29:04 +00:00
Michael Nebel
71baf32596 Update csharp/ql/consistency-queries/PrimaryQlClass.ql 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2022-01-13 16:36:31 +01:00
Anders Schack-Mulligen
c44cf29992 Merge pull request #7587 from owen-mc/add-default-taint-sanitizer-guard 
Dataflow: Add default taint sanitizer guard
 2022-01-13 14:44:55 +01:00
Anders Schack-Mulligen
61490e74d8 Merge pull request #7561 from aschackmull/java/misc-perf 
Java: A few perf fixes for getASupertype*().
 2022-01-13 14:43:28 +01:00
Mathias Vorreiter Pedersen
6148af4621 C++: Fix join order in 'getConversionType4'. 2022-01-13 13:28:36 +00:00
Anders Schack-Mulligen
f7cf327e71 Dataflow: Sync 2022-01-13 13:28:43 +01:00
Anders Schack-Mulligen
a34c981209 Dataflow: Address comments. 2022-01-13 13:28:24 +01:00
Anders Schack-Mulligen
69973dadb3 Merge pull request #7548 from zbazztian/spring-taint-summaries 
Java: Add Spring and Apache Common Langs taint flow steps
 2022-01-13 13:00:41 +01:00
Paolo Tranquilli
e6763c858d C++: add bindingset to private Printf predicate 
That predicate turned out to create a lot of tuples, of which only a
minimal part was then used in the query.
 2022-01-13 11:59:48 +00:00
Paolo Tranquilli
64d15d6226 C++: fix inc.qhelp files and change notes 2022-01-13 11:59:48 +00:00
Paolo Tranquilli
7b4300e4cf C++: Apply suggestions in documentation 
Co-authored-by: Sarah Edwards <skedwards88@github.com>
 2022-01-13 11:59:48 +00:00
Paolo Tranquilli
9d49ad9f20 C++: use includes in OverrunWrite qhelp files 
Also added the relevant CERT C _and_ C++ standard references where they
were missing, and did some minor stylistic tweaks to
`OverrunWriteFloat.qhelp`.
 2022-01-13 11:59:48 +00:00
Paolo Tranquilli
c117a1e21f C++: demote VeryLikelyOverrunWrite cast results 
There were some false positives where something like

    int x;
    // ...
    sprintf(buff, "%ld", (long)x);

was considered as if the parameter had a non-trivial range analysis only
because the range of `int` is smaller than the range for `long`, without
any non-trivial range analysis actually done on `x`.

These will now be reported by `OverrunWrite` instead.
 2022-01-13 11:59:48 +00:00
Paolo Tranquilli
630982cc31 C++: auto format Printf.qll 2022-01-13 11:59:48 +00:00
Paolo Tranquilli
9f811b2439 C++: remove unused variables and fix tests 2022-01-13 11:59:47 +00:00