hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-10 13:10:26 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,377 Commits 1,679 Branches 158 Tags
ee77e988b29bc54aa2b49ddb963423bcdde48763
Commit Graph

832 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
7993a83750 Merge pull request #4544 from tausbn/python-fix-bad-join-in-use-use-ssa 
Python: Fix bad join order in `adjacentUseUseSameVar`
 2020-10-23 14:37:27 +02:00
Taus Brock-Nannestad
6d81ca12c4 Python: Fix bad join order in adjacentUseUseSameVar 2020-10-23 14:08:45 +02:00
Erik Krogh Kristensen
e89e99deaa Merge pull request #4461 from erik-krogh/pyPrint 
Python: implement printAst for Python
 2020-10-22 09:37:10 +02:00
Erik Krogh Kristensen
e18cf08d99 documentation changes based on review 2020-10-21 09:45:16 +02:00
Erik Krogh Kristensen
c1dba2ee9f add a few shouldPrint calls to improve performance 2020-10-21 09:37:53 +02:00
Erik Krogh Kristensen
3306b59a14 Update python/ql/src/semmle/python/PrintAst.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2020-10-20 23:19:47 +02:00
Erik Krogh Kristensen
d629eea54e aggregate the arguments of a call into a synthetic node 2020-10-15 13:35:19 +02:00
Erik Krogh Kristensen
5770d0256f fixing printing of NameConstants 2020-10-15 13:32:22 +02:00
Erik Krogh Kristensen
2a5dd2c8a3 fix pretty-printing of number literals 2020-10-15 13:04:52 +02:00
Erik Krogh Kristensen
1d4a605517 remove location for synthetic nodes 2020-10-15 12:57:46 +02:00
Erik Krogh Kristensen
9da8c23717 change the order of the children from FunctionDef 2020-10-15 12:57:17 +02:00
Rasmus Wriedt Larsen
c5810d623b Merge pull request #4474 from tausbn/python-fix-tostring-divergence 
Python: Fix divergence in tuple/subscripted type `toString`
 2020-10-15 10:29:33 +02:00
Taus Brock-Nannestad
f8190feef2 Python: Fix divergence in tuple/subscripted type toString 
A slightly more complicated version of the situation in
https://github.com/github/codeql/pull/2507 could cause the `toString`
calculation to diverge. Although the previous PR took tuples nested
inside tuples into account (and subscripted types cannot be nested
inside each other in our modelling), it did not account for having
this nesting be interleaved, and this is what caused the divergence.

I have not done the usual "test case first to show the problem
exists", since this would also diverge and take forever to fail. The
instance observed in `scipy` was likely caused by something akin to

```python
x = ()
while True:
    x = x[(x,)]
```

Finally, to prevent this from happening with other types, I went
through and checked each instance where the string representation of
an `ObjectInternal` might potentially contain a reference to
itself (and thus explode). I encapsulated this in a
`bounded_toString` helper predicate, and used this in all the cases
where I was able to determine that the above _could_ happen.
 2020-10-14 16:13:03 +02:00
Erik Krogh Kristensen
9604705f64 remove pretty printing of bytes (unstable between minor versions) 2020-10-12 22:32:37 +02:00
Erik Krogh Kristensen
9b7c59f4b4 implement printAst for Python 2020-10-12 21:17:46 +02:00
Rasmus Wriedt Larsen
67c5c590d2 Python: Expose getParameter on ParameterNode 2020-10-07 12:28:35 +02:00
Taus Brock-Nannestad
75f4051cb5 Python: Fix hasLocationInfo for packages 2020-10-01 17:21:53 +02:00
Tom Hvitved
71da9045e5 Java/Python: Reduce size of blockPrecedesVar 2020-09-22 11:00:26 +02:00
Rasmus Lerchedahl Petersen
4c02852358 Python: add missing * (and a rename) 2020-09-14 16:56:46 +02:00
Rasmus Lerchedahl Petersen
543876f980 Python: Fix getAGuardedNode 2020-09-14 14:46:15 +02:00
Rasmus Wriedt Larsen
52d8f7d395 Merge pull request #4235 from yoff/SharedDataflow_UseUseFlow 
Python: Port use-use implementation from Java
 2020-09-10 16:12:28 +02:00
Rasmus Lerchedahl Petersen
92e7a5676d Python: Address review comments 2020-09-10 15:17:30 +02:00
yoff
3a19b1e7fd Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-09-10 15:06:06 +02:00
Rasmus Lerchedahl Petersen
50cc5d58e9 Merge branch 'main' of github.com:github/codeql into SharedDataflow_NestedComprehensions 2020-09-10 10:20:55 +02:00
Rasmus Lerchedahl Petersen
7b10a3a546 Python: fix comment and source uses 2020-09-10 08:36:00 +02:00
Rasmus Lerchedahl Petersen
ce7f82ddc6 Python: Add def-use jump-steps 2020-09-09 13:27:14 +02:00
Rasmus Lerchedahl Petersen
c661f43316 Python: Port use-use implementation from Java 2020-09-09 12:19:40 +02:00
Rasmus Lerchedahl Petersen
6c173047e6 Merge branch 'MagicMethods' of github.com:yoff/codeql into MagicMethods 2020-08-26 17:43:27 +02:00
Rasmus Lerchedahl Petersen
47e35c530d Merge branch 'main' of github.com:github/codeql into MagicMethods 2020-08-26 17:42:44 +02:00
Rasmus Lerchedahl Petersen
fae915bbb5 Python: QL doc 2020-08-25 21:02:17 +02:00
yoff
3140b43db2 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2020-08-25 10:48:01 +02:00
Rasmus Wriedt Larsen
13148b42d3 Python: Handle taint of f-strings 2020-08-24 17:23:10 +02:00
Rasmus Wriedt Larsen
2f090df6d3 Python: Transform comments to QLDoc for security.strings.Basic 2020-08-24 17:20:04 +02:00
Rasmus Lerchedahl Petersen
e91581e9fa Python: Experiments with nested comprhensions 2020-08-24 17:15:31 +02:00
Rasmus Lerchedahl Petersen
de1c75c279 Python: QL format 2020-08-18 16:34:04 +02:00
Rasmus Lerchedahl Petersen
f8364dc74b Python: QL doc 2020-08-18 15:11:20 +02:00
Rasmus Lerchedahl Petersen
d0eaa13974 Python: Magic -> Special and reaarange classes 2020-08-18 14:14:38 +02:00
yoff
b9bf11adb4 Update python/ql/src/semmle/python/Magic.qll 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-08-18 12:59:57 +02:00
Rasmus Lerchedahl Petersen
bbf925fcc4 Python: Magic subscript and format 
(this in preparation for addressing reviews)
 2020-08-18 12:56:15 +02:00
Rasmus Lerchedahl Petersen
8eacef3467 Python: Add QL doc 2020-08-17 12:01:36 +02:00
Rasmus Lerchedahl Petersen
e808d3033a Python: Add magic to DataFlowCall 2020-08-14 14:19:18 +02:00
Rasmus Lerchedahl Petersen
360ddc6314 Python: better charPred 2020-08-14 13:25:17 +02:00
Rasmus Lerchedahl Petersen
5ed3107045 Python: Start scaffold for magic methods 2020-08-14 11:12:23 +02:00
Taus
df4d145490 Merge branch 'master' into python-qlformat-everything-again 2020-07-07 16:33:21 +02:00
Taus Brock-Nannestad
f07a7bf8cf Python: Autoformat everything using qlformat. 
Will need subsequent PRs fixing up test failures (due to deprecated
methods moving around), but other than that everything should be
straight-forward.
 2020-07-07 15:43:52 +02:00
Anders Schack-Mulligen
67db1df00c C++/C#/JavaScript/Python: Port Location qldoc update. 2020-07-07 11:39:27 +02:00
Rasmus Wriedt Larsen
513c2974bd Merge branch 'master' into python-keyword-only-args 2020-07-02 14:48:32 +02:00
Rasmus Wriedt Larsen
26b7a301d6 Merge branch 'master' into python-keyword-only-args 2020-07-02 12:27:02 +02:00
Rasmus Wriedt Larsen
67be45f045 Merge branch 'master' into python-fix-django-taint-sinks 2020-07-02 11:55:42 +02:00
Rasmus Wriedt Larsen
9a82927187 Python: Autoformat 2020-07-02 11:54:41 +02:00