hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-05 02:30:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,791 Commits 1,673 Branches 157 Tags
ec63acfb0cbf02167ccb1cf9553ca573f593efbd
Commit Graph

16791 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
ec63acfb0c C#: Inline out variable declarations 2020-10-13 13:27:45 +02:00
Tamas Vajk
f2e6b42aa4 C#: Add type parameter in/out 2020-10-13 13:27:45 +02:00
Tamas Vajk
33672a4058 C#: Simplify using statements 2020-10-13 13:27:45 +02:00
Tamas Vajk
412b87c5c7 C#: Fix loop that iterates only once 2020-10-13 13:27:45 +02:00
Tamas Vajk
79eff06828 C#: Remove unused out argument 2020-10-13 13:27:45 +02:00
Tamas Vajk
921d3eeaec C#: Mark members static (remove unused members) 2020-10-13 13:27:45 +02:00
Tamas Vajk
68a45e7e9d C: Remove unused fields 2020-10-13 13:27:45 +02:00
Tamas Vajk
0c9aaa3dce C#: Remove unused parameters 2020-10-13 13:27:45 +02:00
Tamas Vajk
93c6d5ea58 C#: Fix empty array creation 2020-10-13 13:27:45 +02:00
Tamas Vajk
2d3985742f C#: Fix length/emptiness checks 2020-10-13 13:27:45 +02:00
Erik Krogh Kristensen
83d6d6041a Merge pull request #4462 from erik-krogh/strayTodo 
JS: remove stray todo
 2020-10-13 12:50:00 +02:00
CodeQL CI
d3f8fb5e53 Merge pull request #4423 from tausbn/python-add-attribute-access-interface 
Approved by RasmusWL
 2020-10-13 02:56:21 -07:00
Erik Krogh Kristensen
96db3459d0 remove stray todo 2020-10-13 11:48:06 +02:00
CodeQL CI
e2b0c60627 Merge pull request #4449 from max-schaefer/js/api-graphs-type-handling-improvements 
Approved by erik-krogh
 2020-10-12 11:41:21 -07:00
Robert Marsh
3b7cf7fd27 Merge pull request #4439 from geoffw0/mapex 
C++: Additional taint flows through std::map
 2020-10-12 14:17:17 -04:00
Max Schaefer
9ac70e3044 JavaScript: Clarify the relationship between MkCanonicalName{Def,Use} with an upper-case M and mkCanonicalName{Def,Use} with a lower-case m. 2020-10-12 16:29:11 +01:00
Arthur Baars
fc4a3426ac Merge pull request #4457 from daniel-beck/file-taint 
Java: Track taint through java.io.File constructor and #toURI; URI#toURL
 2020-10-12 16:42:11 +02:00
Taus Brock-Nannestad
3288cf1a75 Python: Hopefully final changes to documentation. 2020-10-12 16:38:21 +02:00
Jonas Jensen
24da4cc344 Merge pull request #4421 from jbj/SimpleRangeAnalysis-guard-overflow 
C++: Demonstrate overflowing guard bounds
 2020-10-12 15:38:13 +02:00
Jonas Jensen
0459248b9f Merge remote-tracking branch 'upstream/main' into SimpleRangeAnalysis-guard-overflow 2020-10-12 14:32:29 +02:00
CodeQL CI
8eb84b2599 Merge pull request #4391 from max-schaefer/js/api-graph-reexport 
Approved by asgerf
 2020-10-12 05:26:53 -07:00
CodeQL CI
6d1634ef8f Merge pull request #4329 from erik-krogh/DVSA 
Approved by esbena
 2020-10-12 05:23:29 -07:00
Taus Brock-Nannestad
b07c7abacc Python: Clear up attribute name access QLDoc 2020-10-12 13:49:08 +02:00
Tom Hvitved
35985a9189 Merge pull request #4452 from hvitved/csharp/ssa/overlapping-captured-defs 
C#: Avoid overlapping SSA definitions for `ref`/`out` captured variables
 2020-10-12 13:01:39 +02:00
Geoffrey White
6440db786d Merge pull request #4420 from jbj/SimpleRangeAnalysis-widen-Expr 
C++: SimpleRangeAnalysis: widen recursive *, +, -
 2020-10-12 11:20:09 +01:00
Jonas Jensen
30b9d13a45 C++: Correct annotation in test 2020-10-12 11:25:38 +02:00
Jonas Jensen
9b12ceae8d C++: SimpleRangeAnalysis: widen recursive *, +, - 
The number of candidate bounds during the main `SimpleRangeAnalysis`
recursion was in principle always exponential in the size of the
program, but in practice it did not get out of hand when only `+` and
`-` operations were supported. Now that `*` is also supported, the range
analysis started timing out on the SinaMostafanejad/OpenRDM project. The
problematic expressions in that project are of the form

    a*x*x*x + b*x*x + c*x + d

where most of the variables involved are recursive definitions and are
therefore likely to have a large number of candidate bounds.

The fix here is to identify those few binary operations that are most
likely to cause an explosion in the number of bounds and apply widening
to them. Previously, widening was only applied at definitions.
 2020-10-12 11:09:01 +02:00
Jonas Jensen
bbeea452e1 C++: Add test with widening of binary Expr 2020-10-12 11:08:41 +02:00
Tom Hvitved
9d1f64d35d C#: Avoid overlapping SSA definitions for ref/out captured variables 2020-10-12 10:52:40 +02:00
Anders Schack-Mulligen
725194a3b8 Merge pull request #4447 from aschackmull/dataflow/postupdate-flow-consistency 
Dataflow: Introduce consistency check for flow targeting PostUpdateNodes
 2020-10-12 08:56:19 +02:00
Daniel Beck
0c70be145f Track taint through java.io.File constructor and #toURI; URI#toURL 2020-10-10 20:54:55 +02:00
Geoffrey White
c63f7cb409 C++: Taint through emplace from qualifier to return value. 2020-10-09 17:41:24 +01:00
Geoffrey White
270517d379 C++: Revise model of emplace and emplace_hint. Note that 2 of the 3 taint regressions we shouldn't be getting because we don't yet do taint through keys. 2020-10-09 17:27:18 +01:00
Geoffrey White
49c121d370 C++: More test cases covering other std::pair constructors. 2020-10-09 17:22:29 +01:00
Anders Schack-Mulligen
091e3a2931 Dataflow: Adjust test output. 2020-10-09 16:25:14 +02:00
Tom Hvitved
723699a584 C#: Add SSA test for overlapping captured variable definitions 2020-10-09 16:01:19 +02:00
James Fletcher
c8cacb9fee Merge pull request #4451 from github/jf205-patch-2 
Fix typo in CodeQL docs template
 2020-10-09 14:47:39 +01:00
Geoffrey White
61a78e28ac C++: Fix map::merge. 2020-10-09 14:46:23 +01:00
James Fletcher
42ee136306 Update layout.html 2020-10-09 14:33:45 +01:00
Erik Krogh Kristensen
a0cbeb6093 add change note 2020-10-09 14:54:34 +02:00
Erik Krogh Kristensen
2fb19f0b11 refactor into a single regular expression with two capture groups 2020-10-09 14:50:16 +02:00
Erik Krogh Kristensen
f6f8bbd1d8 Update javascript/ql/src/semmle/javascript/frameworks/ServerLess.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-10-09 14:46:31 +02:00
Anders Schack-Mulligen
1c043447e8 Dataflow: Introduce consistency check for flow targeting PostUpdateNodes. 2020-10-09 14:29:52 +02:00
Jonas Jensen
4c9ffcec27 Merge pull request #4396 from geoffw0/stringsets 
C++: Use [, ...] syntax more widely.
 2020-10-09 13:30:05 +02:00
James Fletcher
2436c56258 Merge pull request #4444 from github/codeql-style-updates 
[CodeQL docs] First pass at style updates for docs microsite
 2020-10-09 11:40:47 +01:00
Alexander Eyers-Taylor
b0d01cfe8d Merge pull request #4370 from jbj/range-analysis-mega-change-note 
C++: Change note for several range-analysis PRs
 2020-10-09 10:45:11 +01:00
james
6d78c7b46e fix path to primer.css in template 2020-10-09 10:04:39 +01:00
Geoffrey White
1f1be3bf9a C++: Block try_emplace arg 0. 2020-10-09 10:04:22 +01:00
james
de42906785 hide header text on small screens and fix body width 2020-10-09 10:03:13 +01:00
james
2fe986eb79 add local primer.css 2020-10-09 10:03:13 +01:00