hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,943 Commits 1,690 Branches 160 Tags
f23351afca1883f1d87672fd579e8eebb4f375db
Commit Graph

3731 Commits

Author SHA1 Message Date
Tom Hvitved
f23351afca Rust: Refactor MaD provanance-based filtering 2025-12-19 19:35:41 +01:00
Tom Hvitved
aae6cd93a2 Address review comments 2025-12-18 12:47:43 +01:00
Tom Hvitved
3c6a757c3e Rust: Distinguish &mut T from &T in type inference 2025-12-18 12:47:42 +01:00
Simon Friis Vindum
da99bbf6a6 Merge pull request #21059 from paldepind/rust/adt-class 
Rust: Improve and rename `Adt` class
 2025-12-18 10:41:11 +01:00
Simon Friis Vindum
96a986228d Rust: Revert accidental changes 2025-12-18 09:04:07 +01:00
Simon Friis Vindum
9e8735f84c Merge pull request #20878 from paldepind/rust/axum-model 
Rust: Add models for Axum
 2025-12-17 15:47:28 +01:00
Tom Hvitved
47e375f6e4 Merge pull request #21057 from hvitved/rust/fix-bad-join 
Rust: Fix bad join
 2025-12-17 15:34:45 +01:00
Simon Friis Vindum
8564c1f458 Rust: Add change note 2025-12-17 14:50:50 +01:00
Simon Friis Vindum
97fd70e4f4 Rust: Accept change to expected file 2025-12-17 14:19:19 +01:00
Simon Friis Vindum
f1364caaa9 Rust: Add upgrade and downgrade scripts 2025-12-17 14:19:18 +01:00
Simon Friis Vindum
b64809cbd3 Rust: Adapt QL to AST changes 2025-12-17 14:19:16 +01:00
Tom Hvitved
5c604fce48 Rust: Fix bad join 
Before
```
Evaluated relational algebra for predicate TypeInference::MethodResolution::MethodCall.getTrait/0#dispred#fc13ba6e@914858bt with tuple counts:
          153112   ~2%    {2} r1 = SCAN `Operation::Operation.isOverloaded/3#f0e64084` OUTPUT In.0, In.1
          153112   ~2%    {2}    | STREAM DEDUP

           18807   ~0%    {2} r2 = JOIN `TypeInference::getCallExprTraitQualifier/1#c084fe9f` WITH TypeInference::MethodResolution::MethodCallCallExpr#6eae461f ON FIRST 1 OUTPUT Lhs.0, Lhs.1

        65859035   ~3%    {3} r3 = JOIN `_IndexExpr::Generated::IndexExpr#9975e37a_TypeInference::MethodResolution::MethodCallIndexExpr.isInM__#shared` WITH Trait::Generated::Trait#ecf50173 CARTESIAN PRODUCT OUTPUT Rhs.0, _, Lhs.0
        65859035   ~0%    {3}    | REWRITE WITH Out.1 := "core::ops::index::Index"
           11191   ~0%    {2}    | JOIN WITH `Addressable::Addressable.getCanonicalPath/0#dispred#6044348f#bb` ON FIRST 2 OUTPUT Lhs.2, Lhs.0

             671   ~0%    {1} r4 = JOIN IndexExpr::Generated::IndexExpr#9975e37a WITH `TypeInference::MethodResolution::MethodCallIndexExpr.isInMutableContext/0#dispred#8c8ad425` ON FIRST 1 OUTPUT Lhs.0
         3948835   ~2%    {3}    | JOIN WITH Trait::Generated::Trait#ecf50173 CARTESIAN PRODUCT OUTPUT Rhs.0, _, Lhs.0
         3948835   ~2%    {3}    | REWRITE WITH Out.1 := "core::ops::index::IndexMut"
             671   ~1%    {2}    | JOIN WITH `Addressable::Addressable.getCanonicalPath/0#dispred#6044348f#bb` ON FIRST 2 OUTPUT Lhs.2, Lhs.0

          183781   ~0%    {2} r5 = r1 UNION r2 UNION r3 UNION r4
                          return r5
```

After
```
Evaluated relational algebra for predicate TypeInference::MethodResolution::MethodCall.getTrait/0#dispred#fc13ba6e@1b4a55e3 with tuple counts:
        153112   ~2%    {2} r1 = SCAN `Operation::Operation.isOverloaded/3#f0e64084` OUTPUT In.0, In.1
        153112   ~2%    {2}    | STREAM DEDUP

         11191   ~0%    {2} r2 = JOIN `_IndexExpr::Generated::IndexExpr#9975e37a_TypeInference::MethodResolution::MethodCallIndexExpr.isInM__#shared` WITH Stdlib::IndexTrait#e80543a5 CARTESIAN PRODUCT OUTPUT Lhs.0, Rhs.0

         18807   ~0%    {2} r3 = JOIN `TypeInference::getCallExprTraitQualifier/1#c084fe9f` WITH TypeInference::MethodResolution::MethodCallCallExpr#6eae461f ON FIRST 1 OUTPUT Lhs.0, Lhs.1

           671   ~0%    {1} r4 = JOIN IndexExpr::Generated::IndexExpr#9975e37a WITH `TypeInference::MethodResolution::MethodCallIndexExpr.isInMutableContext/0#dispred#8c8ad425` ON FIRST 1 OUTPUT Lhs.0
           671   ~1%    {2}    | JOIN WITH Stdlib::IndexMutTrait#4d6c31bd CARTESIAN PRODUCT OUTPUT Lhs.0, Rhs.0

        183781   ~0%    {2} r5 = r1 UNION r2 UNION r3 UNION r4
                        return r5
```
 2025-12-17 11:52:28 +01:00
Simon Friis Vindum
dd02ac3964 Rust: Update generated files 2025-12-17 11:13:13 +01:00
Simon Friis Vindum
ca6c054256 Rust: Rename Adt class and lift common predicates to it 2025-12-17 11:13:11 +01:00
Simon Friis Vindum
22bc924c26 Rust: Apply Black formatter to annotations.py 2025-12-17 11:13:10 +01:00
Tom Hvitved
eb56cbd358 Rust: Fix candidate receiver type calculation for trait bounds 2025-12-17 11:06:27 +01:00
Tom Hvitved
3104adbe77 Rust: Add type inference test 2025-12-17 11:06:22 +01:00
Tom Hvitved
802c465b31 Merge pull request #21027 from hvitved/rust/type-inference-matching-specialization 
Rust: Also use specialized types when inferring types for calls
 2025-12-17 11:03:44 +01:00
Tom Hvitved
fe0ce7a492 Address review comments 2025-12-17 10:35:28 +01:00
Simon Friis Vindum
420dd9ab61 Rust: Add change note for Axum models 2025-12-16 15:15:22 +01:00
Simon Friis Vindum
e53bdb11be Rust: Accept changes to expected files for consistency check 2025-12-16 13:15:34 +01:00
Simon Friis Vindum
63329b47d8 Merge pull request #21036 from paldepind/rust/prioritize-manual-summaries 
Rust: Don't apply generated models for functions that have a manual model
 2025-12-16 12:47:27 +01:00
Simon Friis Vindum
cbdab99497 Rust: Add XSS sink for Axum HTML response creation 2025-12-16 12:41:44 +01:00
Simon Friis Vindum
fbf9f7eda7 Rust: Add models for Axum 2025-12-16 12:41:32 +01:00
Simon Friis Vindum
0ea06aca06 Rust: Introduce more functions in Axum test 2025-12-16 12:32:40 +01:00
Simon Friis Vindum
8c4b81ebc7 Rust: Fix typo in comment 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-12-16 10:19:01 +01:00
Simon Friis Vindum
477e1cd96c Rust: Fix manual model for PathBuf::as_path 2025-12-16 09:25:42 +01:00
Tom Hvitved
74ed18a89f Merge pull request #21035 from hvitved/rust/ord-models 
Rust: Add models for `core::cmp::Ord::{min,max,clamp}`
 2025-12-15 17:09:33 +01:00
Simon Friis Vindum
1b70111dd2 Rust: Don't apply generated models for functions that have a manual model 2025-12-15 14:25:49 +01:00
Simon Friis Vindum
d2cfd53933 Rust: Add test with wrong generated model 2025-12-15 14:23:48 +01:00
Tom Hvitved
86a4d42316 Rust: Remove obsolete comment from test 2025-12-15 13:10:41 +01:00
Tom Hvitved
3239afb278 Rust: Also use specialized types when inferring types for calls 2025-12-15 13:10:37 +01:00
Tom Hvitved
8e2d9d50b7 Rust: Add type inference test 2025-12-15 13:09:21 +01:00
Óscar San José
2824c98efb Merge pull request #21025 from github/oscarsj/mergeback-rc-3-20-into-main 
Mergeback rc/3.20 into main
 2025-12-15 11:59:58 +01:00
Tom Hvitved
fc49360e81 Rust: Add models for core::cmp::Ord::{min,max,clamp} 2025-12-15 11:52:05 +01:00
Geoffrey White
01f9b42472 Merge branch 'main' into varfps 2025-12-15 08:49:16 +00:00
Tom Hvitved
b61a439491 Merge pull request #21020 from hvitved/shared/source-sink-provenance-prio 
Shared: Prefer source/sink models with manual provenance over generated
 2025-12-12 16:01:06 +01:00
Óscar San José
d972af9ef8 Merge branch 'main' of https://github.com/github/codeql into oscarsj/mergeback-rc-3-20-into-main 2025-12-12 13:22:08 +01:00
Tom Hvitved
0b00589f95 Rust: Update expected test output 2025-12-12 11:16:17 +01:00
Tom Hvitved
0b81d44ec7 Rust: Apply same filtering of generated summaries as in C# and Java 2025-12-12 11:16:16 +01:00
Simon Friis Vindum
4425891352 Rust: Don't propagate impl in return position into function bodies 2025-12-12 09:13:04 +01:00
Geoffrey White
ee13a49152 Merge branch 'main' into varfps 2025-12-11 18:21:22 +00:00
Geoffrey White
d88bae9ec2 Rust: Narrow the exclusion a little. 2025-12-11 18:07:12 +00:00
Geoffrey White
5db6b92411 Merge pull request #20887 from github/copilot/add-ecb-cbc-test-cases 
Add ECB and CBC block mode test cases for BrokenCryptoAlgorithm query
 2025-12-11 16:22:27 +00:00
Simon Friis Vindum
e13bb0f866 Merge pull request #20879 from paldepind/rust/reads-as-taint 
Rust: Lift content reads as taint steps
 2025-12-11 16:05:29 +01:00
Simon Friis Vindum
74a77a7c3c Rust: Fix typo in change note 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-12-11 15:04:25 +01:00
Simon Friis Vindum
8c39472d73 Rust: Add change note for reads as taint steps 2025-12-11 09:09:12 +01:00
Tom Hvitved
d5a95a8099 Rust: Strengthen isNotInstantiationOf uses 2025-12-10 20:48:21 +01:00
Tom Hvitved
f30a3b3712 Rust: Add type inference blowup test 2025-12-10 20:48:18 +01:00
Geoffrey White
f1d241f810 Rust: Accept test change. 2025-12-10 18:22:59 +00:00