semmle-qlci
fd2e8486e4
Merge pull request #1862 from asger-semmle/prototype-pollution-angular-merge
...
Approved by esben-semmle
2019-09-05 12:50:58 +01:00
semmle-qlci
e6bfe2bd5d
Merge pull request #1873 from asger-semmle/type-inf-consistency
...
Approved by xiemaisi
2019-09-05 12:46:59 +01:00
Robert Marsh
1bb57daf6f
Merge pull request #1866 from jbj/dataflow-test-alias-nested
...
C++: Tests for aliasing of nested structs
2019-09-04 10:48:20 -07:00
Robert Marsh
a3290503ec
Merge pull request #1806 from jbj/localExprFlow
...
C++: Add localExprFlow and localExprTaint
2019-09-04 10:38:46 -07:00
Asger F
0e4c34bd81
JS: Add deprecated predicate alias
2019-09-04 16:14:51 +01:00
Asger F
93a3f571ec
JS: Add change note
2019-09-04 16:14:51 +01:00
Asger F
27567e41c5
JS: Add angular.fromJson as JSON parser
2019-09-04 16:14:51 +01:00
Asger F
5aa948cd17
JS: Add angular.merge sink to prototype pollution query
2019-09-04 16:14:51 +01:00
Felicity Chapman
ef7984d1cb
Merge pull request #1842 from jf205/add-java-slides/sd-3762
...
docs: add rst versions of java training slides
2019-09-04 13:53:13 +01:00
jf205
64c4548aca
Update docs/language/ql-training-rst/slide-snippets/local-data-flow.rst
...
Co-Authored-By: Luke Cartey <5377966+lukecartey@users.noreply.github.com >
2019-09-04 12:53:51 +01:00
james
f0e2a2ea71
docs: update images
2019-09-04 12:51:14 +01:00
Jonas Jensen
cdcc716675
Merge pull request #1867 from geoffw0/erafix9
...
CPP: Add date to JapaneseEraDate.ql
2019-09-04 13:16:04 +02:00
Jonas Jensen
bd32931f45
Merge pull request #1868 from geoffw0/tinyfix
...
CPP: Tiny fixes
2019-09-04 13:15:38 +02:00
Geoffrey White
707f95c829
CPP: Alignment.
2019-09-04 09:59:21 +01:00
Geoffrey White
13e2109a38
CPP: Remove an unnecessary include.
2019-09-04 09:42:07 +01:00
Jonas Jensen
8579d7d1cf
C++: Tests for aliasing of nested structs
...
This test shows that local pointers into structs do propagate data flow
like pass-by-reference does in calls.
2019-09-04 10:26:49 +02:00
Jonas Jensen
3ba650911c
Merge pull request #1847 from geoffw0/erafix8
...
CPP: Deal with two very similar Japanese era queries
2019-09-04 09:57:10 +02:00
Jonas Jensen
0e54709d47
Merge pull request #1859 from geoffw0/qldocpartialdef
...
CPP: Document PartialDefinitions
2019-09-04 09:54:55 +02:00
Geoffrey White
84112d3630
CPP: Change note.
2019-09-03 18:30:24 +01:00
Geoffrey White
3a3bef3a03
CPP: Add the new Japanese era.
2019-09-03 18:28:24 +01:00
Geoffrey White
bac39e6288
CPP: Add test cases.
2019-09-03 17:46:30 +01:00
james
acb3e742e6
docs: toctree path
2019-09-03 12:34:58 +01:00
Nick Rolfe
641232a9d7
Merge pull request #1855 from mgrettondann/cpp-343-lambda-names-simplification
...
C++: Update tests for lambda description changes
2019-09-03 11:45:50 +01:00
james
8c88cbba3a
docs: address review comments
2019-09-03 11:16:45 +01:00
semmle-qlci
6778f28424
Merge pull request #1854 from asger-semmle/prototype-pollution-precision
...
Approved by esben-semmle, xiemaisi
2019-09-03 10:50:24 +01:00
semmle-qlci
e4d59c361a
Merge pull request #1856 from asger-semmle/ts-base-types
...
Approved by xiemaisi
2019-09-03 10:12:30 +01:00
Geoffrey White
84da3e3431
CPP: Effect of 'Support nested field flow'.
2019-09-03 09:27:50 +01:00
Geoffrey White
8105d153b1
CPP: Add a test of PartialDefinitions.
2019-09-03 09:27:50 +01:00
Geoffrey White
0f295c65f9
CPP: Add QLDoc to the PartialDefinitions class.
2019-09-03 09:27:50 +01:00
Geoffrey White
d092905c66
Merge pull request #1772 from jbj/ast-field-flow-nested
...
C++: Support nested field flow
2019-09-03 09:12:47 +01:00
Jonas Jensen
d3a6ae5657
C++: Support nested field flow
...
This is the C/C++ side of PR #1766 .
2019-09-03 08:50:15 +02:00
Asger F
7790d4b667
JS: Make getALocalValue overriders include super
2019-09-02 16:45:06 +01:00
Asger F
2006826101
JS: Avoid breaking local object analysis
2019-09-02 16:45:06 +01:00
Asger F
9f2f10fa15
JS: Make type inference flow go through ssa definition node
2019-09-02 16:45:06 +01:00
semmle-qlci
c8ffbf3b87
Merge pull request #1852 from xiemaisi/js/async-generator-methods
...
Approved by esben-semmle
2019-09-02 16:18:04 +01:00
Matthew Gretton-Dann
03eb1ff785
C++: Update taint-tests for changed lambda support
2019-09-02 15:18:27 +01:00
Asger F
8737dbb73d
JS: Add test
2019-09-02 14:31:40 +01:00
Asger F
54d47f60da
JS: Include base types in TypeName
2019-09-02 14:18:48 +01:00
Asger F
e9159acecb
TS: Fix skewed arrays due to recursive call
2019-09-02 13:03:25 +01:00
Geoffrey White
c4d74c3922
CPP: Replace query paths with @name and @id.
2019-09-02 12:36:36 +01:00
Geoffrey White
aa009d07fd
Merge pull request #1787 from jbj/ast-field-flow-local-fields
...
C++: Local field flow using global library
2019-09-02 11:17:37 +01:00
Asger F
c71a66a045
JS: Add change note
2019-09-02 11:05:07 +01:00
Asger F
a41a23fdba
JS: Raise precision of prototype-pollution query
2019-09-02 11:00:24 +01:00
Jonas Jensen
e9a029cba3
C++: Local field flow using global library
...
This commit removes fields from the responsibilities of `FlowVar.qll`.
The treatment of fields in that file was slow and imprecise.
It then adds another copy of the shared global data flow library, used
only to find local field flow, and it exposes that local field flow
through `localFlow` and `localFlowStep`.
This has a performance cost. It adds two cached stages to any query that
uses `localFlow`: the stage from `DataFlowImplCommon`, which is shared
with all queries that use global data flow, and a new stage just for
`localFlowStep`.
2019-09-02 11:17:27 +02:00
Jonas Jensen
4f57f37b31
C++: Test to show false flow through object copy
2019-09-02 11:16:48 +02:00
Max Schaefer
91e46cd6fd
JavaScript: Fix parsing of asynchronous generator methods.
2019-09-02 09:56:42 +01:00
semmle-qlci
6d55d1f7c0
Merge pull request #1707 from asger-semmle/canonical-name-call-graph
...
Approved by xiemaisi
2019-09-02 09:45:24 +01:00
Jonas Jensen
8ee87fd9fc
C++: Make TaintTracking2 QLDoc more like DataFlow2
2019-09-02 09:43:52 +02:00
Max Schaefer
742c9708a9
Merge pull request #1828 from asger-semmle/jsdoc-relation
...
JS: Make getDocumentation handle chain assignments
2019-09-02 08:43:40 +01:00
Jonas Jensen
26c81eaae9
C++: Mention localExpr{Flow,Taint} in module QLDoc
2019-09-02 09:43:23 +02:00
