hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-16 16:04:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
65,362 Commits 1,679 Branches 158 Tags
fdafaa2ff4e7226ea222df27ebf2271497f9aae9
Commit Graph

65362 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
fdafaa2ff4 Change note: update numbers of models added 2024-04-01 14:04:01 +01:00
Owen Mansel-Chan
e3fb40a842 Adjust change note 2024-04-01 14:03:53 +01:00
Owen Mansel-Chan
a5979e209a Add change note 2024-04-01 14:03:47 +01:00
Owen Mansel-Chan
fa614df3f4 Tests fixed by model for CharBuffer.wrap(char[]) 2024-04-01 14:03:42 +01:00
Owen Mansel-Chan
2d24fe011b Accept that lots of sinks are now summaries as well 2024-04-01 14:03:36 +01:00
Owen Mansel-Chan
9067a337b0 Test fixed by model for BasicAttributes(String, Object) 2024-04-01 14:03:30 +01:00
Owen Mansel-Chan
776c9d9eb2 Accept changes to top jdk apis test 2024-04-01 14:03:23 +01:00
Owen Mansel-Chan
52e6ea30e7 Accept more capture summary models 
This line is added because `FileOutputStream`'s constructor is now modeled as propagating taint, not just as a sink.
| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];ReturnValue;taint;df-generated |
 2024-04-01 14:03:00 +01:00
Owen Mansel-Chan
919436efbb Remove df-gen models we have deliberately modeled 
Manual models always take precedence over generated models, so there is
no point in keeping the generated models.

These manual models were deliberately written to take precedence over
the corresponding df-gen models.
 2024-04-01 13:59:36 +01:00
Owen Mansel-Chan
311512c768 Remove df-gen models for incidentally modelled APIs 
Manual models always take precedence over generated models, so there is
no point in keeping the generated models.

These APIs happened to have been modelled between model generation and
merging this PR.
 2024-03-27 12:15:08 +00:00
Owen Mansel-Chan
f03a56f7e0 Run generation script 
The command line was:
python3 /Users/owen-mc/workspace/codeql-home/codeql/java/ql/src/utils/modelgenerator/GenerateFlowModel.py /Users/owen-mc/db/java/openjdk17 --with-summaries --with-neutrals
 2024-03-27 12:15:00 +00:00
Mathias Vorreiter Pedersen
7bb2b57394 Merge pull request #15964 from rdmarsh2/rdmarsh2/cpp/temp-destructors-extended 
C++: IR translation for destruction of temporaries with extended lifetimes
 2024-03-27 11:58:48 +00:00
Mathias Vorreiter Pedersen
8711232a38 Merge pull request #16069 from jketema/var-templ 
C++: Add `VariableTemplateInstantiation` class
 2024-03-27 11:31:35 +00:00
Ian Lynagh
6cd94cf253 Merge pull request #16059 from igfoo/igfoo/exprs 
Kotlin 2: Accept more location changes
 2024-03-27 11:17:07 +00:00
Jeroen Ketema
050682c477 C++: Update expected test results 2024-03-27 12:03:37 +01:00
Jeroen Ketema
27c6e2421c C++: Add VariableTemplateInstantiation class 
This adds some uniformity, as we already had `FunctionTemplateInstantiation` and
`ClassTemplateInstantiation` classes.
 2024-03-27 11:35:13 +01:00
Tony Torralba
b617667b0e Merge pull request #16062 from atorralba/atorralba/java/more-neutrals 
Java: Add more neutrals and improve `java.net.URL` models
 2024-03-27 10:41:38 +01:00
Tony Torralba
7a0446740b Update java/ql/lib/ext/java.net.model.yml 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-03-27 09:09:48 +01:00
Mathias Vorreiter Pedersen
3e9602854a Merge pull request #16063 from MathiasVP/taint-inheriting-content-for-cpp 
C++: Add `TaintInheritingContent`
 2024-03-26 17:28:52 +00:00
Mathias Vorreiter Pedersen
3bfaab9182 C++: Remove debugging conjunct. 2024-03-26 17:01:06 +00:00
Mathias Vorreiter Pedersen
6a8c592900 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/FlowSteps.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2024-03-26 16:59:18 +00:00
Mathias Vorreiter Pedersen
d610d721a4 C++: Add file QLDoc. 2024-03-26 16:47:39 +00:00
Mathias Vorreiter Pedersen
e3744c435a C++: Add change note. 2024-03-26 16:44:16 +00:00
Mathias Vorreiter Pedersen
ec3d041c8d C++: Accept test changes. 2024-03-26 16:40:18 +00:00
Mathias Vorreiter Pedersen
bd2ecd3346 C++: Add test. 2024-03-26 16:38:28 +00:00
Mathias Vorreiter Pedersen
2075716df7 C++: Add 'TaintInheritingContent'. 2024-03-26 16:37:22 +00:00
Tony Torralba
d786ea90a4 Java: Add more neutrals 
Adds more neutral models to help the model generator ignore certain callables.

Also improves the precision of certain URL models by using synthetic fields so that the parts of a URL are tainted separately.
 2024-03-26 17:31:11 +01:00
Henry Mercer
2de62dfcdd Merge pull request #16058 from github/henrymercer/merge-back-rc-3.13 
Merge `rc/3.13` back to `main`
 2024-03-26 14:57:31 +00:00
Ian Lynagh
c5604c97bd Kotlin 2: Accept more location changes 2024-03-26 14:10:28 +00:00
Henry Mercer
0646744928 Merge branch 'main' into henrymercer/merge-back-rc-3.13 2024-03-26 12:59:12 +00:00
Michael B. Gale
cf9e2dcea1 Merge pull request #16056 from github/mbg/go/changenote-for-dependency-improvement 
Go: Add changenote for `CODEQL_EXTRACTOR_GO_FAST_PACKAGE_INFO` change
 2024-03-26 12:50:19 +00:00
Henry Mercer
f89109df7c Merge pull request #16048 from github/post-release-prep/codeql-cli-2.16.6 
Post-release preparation for codeql-cli-2.16.6
 2024-03-26 12:23:11 +00:00
Michael B. Gale
f84609dbc4 Go: Add changenote for CODEQL_EXTRACTOR_GO_FAST_PACKAGE_INFO change 2024-03-26 10:51:57 +00:00
Tamás Vajk
0c5ea975a4 Merge pull request #16021 from tamasvajk/feature/add-buildless-telemetry 
C#: Add high level diagnostic messages for buildless extraction (star…
 2024-03-26 11:03:20 +01:00
Dave Bartolomeo
a950de36a0 Merge pull request #16050 from github/dbartol/more-test-fixes 
Remove unused data extension in test
 2024-03-25 20:50:09 -04:00
Dave Bartolomeo
c11b8f9d51 Remove unused data extension in test 2024-03-25 19:14:54 -04:00
Max Schaefer
ff23f572d0 Merge pull request #16038 from github/max-schaefer/string-break-qhelp 
Go: Improve QHelp for `go/unsafe-quoting`.
 2024-03-25 20:10:02 +00:00
Max Schaefer
5bc710b406 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2024-03-25 19:48:56 +00:00
Dave Bartolomeo
98bf5269a0 Merge pull request #16040 from github/dbartol/qltest-model 
Use correct model pack name in qltest data extension
 2024-03-25 15:29:16 -04:00
Chris Smowton
f5ebd3d501 Merge pull request #16047 from github/smowton/admin/update-java-supported-version 
Update Java version supported to 22
 2024-03-25 18:42:35 +00:00
github-actions[bot]
f67b5f9158 Post-release preparation for codeql-cli-2.16.6 2024-03-25 18:17:15 +00:00
Chris Smowton
757b9bb5fa Update Java version supported to 22 2024-03-25 18:01:30 +00:00
Chris Smowton
6fc99e3ad6 Merge pull request #16023 from smowton/smowton/feature/jdk22-support 
Java: support Java 22 language features
 2024-03-25 17:58:50 +00:00
Henry Mercer
3d82318839 Merge pull request #16045 from github/release-prep/2.16.6 
Release preparation for version 2.16.6
codeql-cli/v2.16.6 		2024-03-25 16:59:13 +00:00
github-actions[bot]
71ab804274 Release preparation for version 2.16.6 2024-03-25 16:58:08 +00:00
Chris Smowton
dcebcc35b6 Rename getPatternAtIndex 2024-03-25 16:36:38 +00:00
Chris Smowton
568bddc4a9 Add test cases for cases falling directly out of switch blocks 2024-03-25 16:31:40 +00:00
Chris Smowton
17193ac11b Distinguish record patterns that do or don't declare identifiers 2024-03-25 16:31:40 +00:00
Chris Smowton
a4401963f5 Use getAPattern 2024-03-25 16:31:39 +00:00
Chris Smowton
f347784ec2 autoformat 2024-03-25 16:31:39 +00:00