hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-21 06:57:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,330 Commits 1,712 Branches 163 Tags
f5e419e77419c049d5116ead36dc25abeb47201d
Commit Graph

3330 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
f5e419e774 Merge pull request #933 from xiemaisi/js/createContextualFragment 
Approved by asger-semmle
 2019-02-20 12:42:27 +00:00
Taus
caf0bfe858 Merge pull request #951 from markshannon/python-string-tests 
Python: Add a test for handling of corner-case strings.
 2019-02-20 12:46:42 +01:00
Mark Shannon
76d1fba9f0 Python: Add a test for handling of corner-case strings. 2019-02-20 10:26:40 +00:00
Jonas Jensen
2dea0b4270 Merge pull request #879 from rdmarsh2/rdmarsh/cpp/ir-guards-edges 
C++: Add edge-based predicates to IRGuards
 2019-02-19 16:54:52 +01:00
Taus
9e1a5238ac Merge pull request #950 from markshannon/python-fix-a-couple-of-performance-issues 
Python: fix a couple of performance issues
 2019-02-19 16:15:19 +01:00
Mark Shannon
4e8e4aed3d Python: factor out helper predicate to prevent bad join-order. 2019-02-19 12:40:56 +00:00
Mark Shannon
17681d6de4 Python: factor out helper predicate to prevent bad join-order. 2019-02-19 12:21:41 +00:00
semmle-qlci
9dc624578e Merge pull request #949 from rneatherway/dbscheme-mode 
Approved by esben-semmle
 2019-02-19 10:01:59 +00:00
Robin Neatherway
88bc1be98f Add simple mode for highlighting QL dbschemes 2019-02-19 09:56:39 +00:00
semmle-qlci
62c0eea572 Merge pull request #939 from yh-semmle/java-frameworks 
Approved by pavgust
 2019-02-18 17:06:34 +00:00
Taus
1b25573cc0 Merge pull request #872 from markshannon/python-bottle 
Python: Add support for bottle framework.
 2019-02-18 12:34:44 +01:00
Jonas Jensen
9dc3b93164 Merge pull request #916 from geoffw0/largeparam 
CPP: Update severity/precision of LargeParameter.ql.
 2019-02-18 12:23:00 +01:00
yh-semmle
ca3aaa8c75 Java: add change note for additional framework support 2019-02-15 20:01:08 -05:00
yh-semmle
64b2d331ae Java: add test for Guice framework support 2019-02-15 20:01:08 -05:00
yh-semmle
b0d9c80ccc Java: add taint steps for Protobuf framework 2019-02-15 20:01:07 -05:00
yh-semmle
fc4aa16905 Java: add remote user input for Apache Thrift framework 2019-02-15 20:01:07 -05:00
yh-semmle
751bbbf583 Java: add remote user input for Struts 2 ActionSupport 2019-02-15 20:01:06 -05:00
yh-semmle
a436369846 Java: add remote user input and taint step for Guice framework 2019-02-15 20:01:06 -05:00
Robin Neatherway
5754eb666c Merge pull request #942 from esben-semmle/emacs-1 
Emacs syntax highlighting and file-type detection
 2019-02-15 14:27:57 +00:00
Esben Sparre Andreasen
b6f2e60ece emacs: restrict parameterized annotation highlightning 2019-02-15 12:45:36 +01:00
Nick Rolfe
5502627242 Merge pull request #943 from rneatherway/patch-1 
Add transient as an annotation
 2019-02-15 10:51:05 +00:00
Robin Neatherway
5181bcd0ad Add transient as an annotation 2019-02-15 10:41:17 +00:00
Esben Sparre Andreasen
046c8c963f emacs: generalize parameterized annotation highlightning 2019-02-15 11:35:18 +01:00
Esben Sparre Andreasen
1fd9186428 emacs: initial ql-mode-base.el 2019-02-15 10:00:58 +01:00
Robert Marsh
26a0f4b100 Merge pull request #938 from dave-bartolomeo/dave/AliasedSSA 
C++: Better tracking of SSA memory accesses
 2019-02-14 08:10:31 -08:00
Nick Rolfe
6c0dc440ae Merge pull request #940 from aschackmull/cpp/sync-dataflow 
CPP/Java: Sync Dataflow
 2019-02-14 13:18:35 +00:00
Anders Schack-Mulligen
980a690b8b CPP/Java: Sync Dataflow 2019-02-14 09:59:08 +01:00
Dave Bartolomeo
d8bf3ffe1b C++: Update test expectations 2019-02-13 14:19:57 -08:00
Dave Bartolomeo
b40fd95b8e C++: Better tracking of SSA memory accesses 
This change fixes a few key problems with the existing SSA implementations:

For unaliased SSA, we were incorrectly choosing to model a local variable that had accesses that did not cover the entire variable. This has been changed to ensure that all accesses to the variable are at offset zero and have the same type as the variable itself. This was only possible to fix now that every `MemoryOperand` has its own type.

For aliased SSA, we now correctly track the offset and size of each memory access using an interval of bit offsets covered by the access. The offset interval makes the overlap computation more straightforward. Again, this is only possible now that operands have types.
The `getXXXMemoryAccess` predicates are now driven by the `MemoryAccessKind` on the operands and results, instead of by specific opcodes.

This change does fix an existing false negative in the IR dataflow tests.

I added a few simple test cases to the SSA IR tests, covering the various kinds of overlap (MustExcactly, MustTotally, and MayPartially).

I added "PrintSSA.qll", which can dump the SSA memory accesses as part of an IR dump.
 2019-02-13 10:44:39 -08:00
Dave Bartolomeo
055485d9eb C++: Work around lack of size for enum type 2019-02-13 10:44:39 -08:00
semmle-qlci
26525fc1b5 Merge pull request #929 from asger-semmle/typescript-no-expansion 
Approved by xiemaisi
 2019-02-13 18:20:41 +00:00
semmle-qlci
92a6e7e04c Merge pull request #932 from asger-semmle/cookbook-prepare 
Approved by xiemaisi
 2019-02-13 18:20:09 +00:00
Max Schaefer
5b2df068d3 Merge pull request #921 from asger-semmle/class-node-absval 
JS: use type inference to back up function-style classes
 2019-02-13 10:12:20 +00:00
Taus
ca6f145b12 Merge pull request #832 from markshannon/python-typesafe-origin 
Python: typesafe origin for points-to
 2019-02-13 10:55:33 +01:00
semmle-qlci
c422ade739 Merge pull request #927 from xiemaisi/js/ambiguous-id-attr-templates 
Approved by esben-semmle
 2019-02-13 08:35:41 +00:00
Tom Hvitved
0cb2c0994a Merge pull request #930 from calumgrant/cs/suppress-alerts 
C#: Add some alert suppression comments
 2019-02-13 09:34:18 +01:00
semmle-qlci
1d4f894583 Merge pull request #931 from aschackmull/java/autoformat 
Approved by esben-semmle, hvitved, yh-semmle
 2019-02-13 08:30:25 +00:00
Robert Marsh
f0cf576e3b Merge pull request #935 from dave-bartolomeo/dave/PointerDecay 
C++: Handle pointer decay and inferred array sizes
 2019-02-12 15:03:21 -08:00
Dave Bartolomeo
aff2ea3316 C++: Handle pointer decay and inferred array sizes 
For function parameters that are subject to "pointer decay", the database contains the type as originally declared (e.g. `T[]` instead of `T*`). The IR needs the actual type. Similarly, for variable declared as an array of unknown size, the actual size needs to be inferred from the initializer (e.g. `char a[] = "blah";` needs to have the type `char[5]`).

I've opened a ticket to have the extractor emit the actual type alongside the declared type, but for now, this workaround is enough to unblock progress for typical code.
 2019-02-12 12:41:21 -08:00
Robert Marsh
6ab0eaac7d Merge pull request #926 from dave-bartolomeo/dave/MemoryOperand 
C++: Rationalize `RegisterOperand` vs. `MemoryOperand`
 2019-02-12 12:18:02 -08:00
Dave Bartolomeo
f5121d71bc C++: Fix range analysis for new API 2019-02-12 09:38:11 -08:00
Max Schaefer
2fce626c3a JavaScript: Add Range.prototype.createContextualFragment as an XSS sink. 2019-02-12 16:32:30 +00:00
Max Schaefer
41eb1ff9d0 JavaScript: Drop precision of AmbiguousIdAttribute to 'high'. 2019-02-12 16:31:29 +00:00
Max Schaefer
25f95d9fb1 JavaScript: Be more conservative about templates in AmbiguousIdAttribute. 
Previously, we only excluded attributes where the value of the attribute itself suggests templating happening. Now we exclude all attributes in documents where _any_ attribute value suggests templating.
 2019-02-12 16:31:01 +00:00
Mark Shannon
0ea33b7e91 Python: Rename class. 2019-02-12 14:37:50 +00:00
Mark Shannon
e7d2c1e179 Python: Convert ObjectOrCfg back to using extensionals for speed. 2019-02-12 14:37:19 +00:00
Mark Shannon
bcf4df840c Convert ObjectOrCfg to IPA type for stronger type-checking. 2019-02-12 14:37:19 +00:00
Mark Shannon
c767de02e6 Python: Refactor points-to origin code for better encapsulation. 2019-02-12 14:37:19 +00:00
Mark Shannon
b644891e53 Python: Fix up some typos for bottle and add a few more tests. 2019-02-12 14:26:06 +00:00
Mark Shannon
aab0a243dc Python: Add redirects to bottle framework support. 2019-02-12 14:26:06 +00:00