hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-27 13:23:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,308 Commits 1,688 Branches 159 Tags
f408a6ddfcb09ee659bfa355df97528a43815ede
Commit Graph

5308 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
f408a6ddfc Merge pull request #1404 from calumgrant/cs/dispose-not-called-on-throw 
C#: Improvement to cs/dispose-not-called-on-throw
 2019-06-17 11:25:16 +02:00
semmle-qlci
03cf8ef94f Merge pull request #1422 from hvitved/csharp/switch-expr-completion 
Approved by calumgrant
 2019-06-17 08:33:43 +01:00
Calum Grant
1e7ce8cd31 Merge pull request #1451 from hvitved/csharp/element-preds 
C#: Move two predicates from `csharp/Element.qll` to `dotnet/Element.qll`
 2019-06-14 16:21:28 +01:00
Jonas Jensen
41d5d5ab86 Merge pull request #1438 from geoffw0/assignedvalue 
CPP: Support for aggregate initializers in getAnAssignedValue()
 2019-06-14 00:37:46 -07:00
Geoffrey White
37a1c48071 CPP: Optimize AV Rule 71.ql. 2019-06-13 15:30:56 +01:00
Max Schaefer
b9703b70ed Merge pull request #1452 from markshannon/merge-121 
Merge rc/1.21 into master.
 2019-06-13 15:05:09 +01:00
Calum Grant
8354f813f7 Merge pull request #1419 from hvitved/csharp/stubs 
C#: Improvements to `Stubs.qll`
 2019-06-13 14:17:24 +01:00
Mark Shannon
77030c4dde Merge branch 'rc/1.21' into 'master' 2019-06-13 12:32:45 +01:00
Tom Hvitved
8c8929a702 C#: Move two predicates from csharp/Element.qll to dotnet/Element.qll 2019-06-13 13:00:18 +02:00
semmle-qlci
8a43fdc806 Merge pull request #1448 from xiemaisi/js/fix-access-paths-perf-regression 
Approved by esben-semmle
 2019-06-13 10:13:27 +01:00
semmle-qlci
bffc3307b5 Merge pull request #1450 from esben-semmle/js/classify-json-js-as-generated 
Approved by xiemaisi
 2019-06-13 09:45:37 +01:00
Anders Schack-Mulligen
37931a92e2 Merge pull request #1383 from yh-semmle/java-dbscheme-diagnostics 
Java: add compilation/diagnostic relations to dbscheme
 2019-06-13 10:13:40 +02:00
yh-semmle
32f48f4351 Java: add db stats for compilation/diagnostic relations 2019-06-12 17:21:35 -04:00
yh-semmle
ca7a5b3926 Java: add compilation/diagnostic relations to dbscheme 2019-06-12 17:21:34 -04:00
semmle-qlci
7332446ee1 Merge pull request #1444 from esben-semmle/js/express-node-inheritance 
Approved by xiemaisi
 2019-06-12 21:43:44 +01:00
semmle-qlci
913544600a Merge pull request #1449 from xiemaisi/js/fix-http-response-sink-perf-regression 
Approved by esben-semmle
 2019-06-12 21:36:23 +01:00
Taus
e1b61d3163 Merge pull request #1423 from markshannon/python-extend-api 
Python: Extend the object API.
 2019-06-12 17:24:20 +02:00
Max Schaefer
60964efce5 JavaScript: Avoid bad context pushing in ReflectedXss::HttpResponseSink. 2019-06-12 16:20:35 +01:00
Mark Shannon
97294e16e0 Python: Update tests to account for improved API. 2019-06-12 15:00:20 +01:00
Mark Shannon
3b31b9cf58 Python: Extend object API. Clearly differentiate between what an object is called, and what it is named. 2019-06-12 14:59:39 +01:00
yh-semmle
547bd584a0 Merge pull request #1447 from aschackmull/java/equals-type-test 
Java: Improve precision of java/unchecked-cast-in-equals
 2019-06-12 09:49:18 -04:00
semmle-qlci
42ab0fff4a Merge pull request #1445 from esben-semmle/mb/rc-1.21/06-12 
Approved by aschackmull, jbj, xiemaisi
 2019-06-12 14:00:33 +01:00
Anders Schack-Mulligen
c199f2e8fe Java: Improve precision of MissingInstanceofInEquals.ql 2019-06-12 14:05:42 +02:00
Tom Hvitved
8e38511aeb C#: Address review comments 2019-06-12 13:21:49 +02:00
Esben Sparre Andreasen
3f11ae7eaa Merge remote-tracking branch 'rc/1.21' into master 2019-06-12 12:57:55 +02:00
Esben Sparre Andreasen
6e022f66c4 JS: formatting of Express and NodeJSLib.qll 2019-06-12 12:45:01 +02:00
Esben Sparre Andreasen
59b7b0757a JS: make Express' res/req extend Node's res/req 2019-06-12 12:45:01 +02:00
Anders Schack-Mulligen
cc70817a61 Merge pull request #1437 from jbj/bb-shortestDistances 
C++: use shortestDistances in PrimitiveBasicBlocks
 2019-06-12 11:31:07 +02:00
Calum Grant
02875721df C#: Address review comment. 2019-06-12 09:50:03 +01:00
Esben Sparre Andreasen
29f9103b39 JS: classify single-line JSON files as generated 2019-06-12 09:05:12 +02:00
Tom Hvitved
a25acd0128 Merge pull request #1441 from calumgrant/cs/nullable-warning-expressions 
C#: Extract SuppressNullableWarning expressions
 2019-06-11 19:36:24 +02:00
Taus
83cbad9a9d Merge pull request #1442 from markshannon/python-fixup-six-test-results 
Python: fixup test results for https://github.com/Semmle/ql/pull/1433
 2019-06-11 17:35:30 +02:00
Mark Shannon
0c02d3deef Python: Fix up expected test results for six test. 2019-06-11 15:44:44 +01:00
Calum Grant
3c7510b44b C#: Analysis change notes. 2019-06-11 15:20:27 +01:00
Calum Grant
d055c85ff0 C#: Exclude case from cs/dispose-not-called-on-throw where the disposable is disposed by a UsingStmt, even when explicitly disposed. 2019-06-11 15:20:27 +01:00
Calum Grant
b9d2fc3380 C#: DB upgrade script and stats. 2019-06-11 15:04:39 +01:00
semmle-qlci
821d8c9dd2 Merge pull request #1436 from yh-semmle/java-android-manifest 
Approved by aschackmull
 2019-06-11 14:04:21 +01:00
Jonas Jensen
32122e86b0 C++: use plain recursion in PrimitiveBasicBlocks 
It's sometimes faster but sometimes up to 2x slower to use plain
recursion here. On the other hand, plain recursion won't run out of Java
heap space, and it won't make unrelated computation slower by forcing
all RAM data out to disk.
 2019-06-11 14:30:21 +02:00
Calum Grant
40481fbf9d C#: Make SuppressNullableWarningExpr a nonNullValue, and add a test. 2019-06-11 12:45:50 +01:00
Calum Grant
d48ce859eb C#: Implement nullable warning suppression expressions. 2019-06-11 12:12:29 +01:00
semmle-qlci
7790ac45bd Merge pull request #1409 from esben-semmle/js/more-command-injection 
Approved by xiemaisi
 2019-06-11 11:59:18 +01:00
semmle-qlci
dbf085a6df Merge pull request #1432 from xiemaisi/js/process-module 
Approved by esben-semmle
 2019-06-11 11:58:47 +01:00
Geoffrey White
bf680161fd CPP: Optimize. 2019-06-11 11:00:45 +01:00
Taus
d14d31c26e Merge pull request #1410 from markshannon/python-no-methodcall-defs-in-tests 
Python ESSA: Remove method-callsite definitions when call is in a test defining a pi-node.
 2019-06-11 11:17:16 +02:00
Taus
1ff67f74e1 Merge pull request #1407 from markshannon/python-fix-odasa-7104 
Python points-to. Improve handling of socket module.
 2019-06-11 11:04:29 +02:00
Jonas Jensen
16b151745b C++: use shortestDistances in PrimitiveBasicBlocks 
The use of transitive closure for BB index calculation has been the
cause of an out-of-memory error. This commit switches the calculation to
use the `shortestDistances` HOP, which still has the problem that the
result needs to fit in RAM, but at least the RAM requirements are sure
to be linear in the size of the result. The `shortestDistances` HOP is
already used for BB index calculation for the C++ IR and for C#.

We could guard even better against OOM by switching the calculation to
use manual recursion, but that would undo the much-needed performance
improvements we got from #123.

This change improves performance on Wireshark, which is notorious for
having long basic blocks. When I benchmarked `shortestDistances`
for #123, it was slower than TC. With the current evaluator, it looks
like `shortestDistances` is faster. Performance before was:

    PrimitiveBasicBlocks::Cached::getMemberIndex#ff ................... 9.7s (executed 8027 times)
    #PrimitiveBasicBlocks::Cached::member_step#ffPlus ................. 6.6s
    PrimitiveBasicBlocks::Cached::primitive_basic_block_entry_node#f .. 3.5s
    PrimitiveBasicBlocks::Cached::primitive_basic_block_member#fff .... 2.3s

Performance with this commit is:

    PrimitiveBasicBlocks::Cached::primitive_basic_block_entry_node#f ................................................................... 3.5s
    shortestDistances@PrimitiveBasicBlocks::Cached::primitive_basic_block_entry_node#1@PrimitiveBasicBlocks::Cached::member_step#2#fff . 3s
    PrimitiveBasicBlocks::Cached::primitive_basic_block_member#fff ..................................................................... 963ms
 2019-06-11 09:44:50 +02:00
Max Schaefer
70cf32c889 JavaScript: Add a few more tests. 2019-06-11 08:44:14 +01:00
Esben Sparre Andreasen
299d4c6e93 JS: add additional SystemCommandExecutors 2019-06-11 09:38:10 +02:00
semmle-qlci
61f7c78fa9 Merge pull request #1421 from xiemaisi/js/data-flow-tutorial-tests 
Approved by esben-semmle
 2019-06-11 07:55:47 +01:00
yh-semmle
6c9d68d847 Merge pull request #1412 from aschackmull/java/typeflow-basecases 
Java: Include two more base cases in TypeFlow to improve virtual dispatch.
 2019-06-10 17:23:24 -04:00