hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
52,226 Commits 1,671 Branches 157 Tags
fec80973a9425632b51a46617b74628677af0da2
Commit Graph

9282 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
d2d91cfb29 C++: Accept test changes. 2023-03-06 11:30:40 +00:00
Mathias Vorreiter Pedersen
8836cbae5b C++: Make sure we use an indirect sink only for the sinks that receive a 
pointer to the data. Also fix a bug where we used 'asExpr' instead
of 'asIndirectExpr'.
 2023-03-06 11:22:58 +00:00
Anders Schack-Mulligen
557cb17f4d Dataflow: Minor perf fix for single config wrapper. 2023-03-06 10:24:33 +01:00
Jeroen Ketema
72d03e4060 C++: Fix test that used deprecated function 2023-03-06 09:07:52 +01:00
Dave Bartolomeo
e169702165 Merge branch 'main' into post-release-prep/codeql-cli-2.12.4 2023-03-04 09:20:44 -05:00
github-actions[bot]
af61b45785 Post-release preparation for codeql-cli-2.12.4 2023-03-04 14:16:55 +00:00
Jeroen Ketema
aa00424b75 C++: Fix experimental query that uses the deprecated freeCall predicate 2023-03-03 17:53:49 +01:00
Jeroen Ketema
391d9bed5b C++: Add deprecated to predicates that are deprecated according to the QLDoc 2023-03-03 17:15:47 +01:00
Jeroen Ketema
6495f1911f C++: Properly deprecate hasQualifiedName by using the deprecated keyword 2023-03-03 15:57:59 +01:00
Mathias Vorreiter Pedersen
907e6299a4 C++: Convert 'ExecTainted' to use the new refactored dataflow library. 2023-03-03 14:41:29 +00:00
github-actions[bot]
462da63970 Release preparation for version 2.12.4 2023-03-03 14:11:51 +00:00
Jeroen Ketema
620c69df12 C++: Add more static qualifiers in syntax zoo test 2023-03-03 15:03:31 +01:00
Michael B. Gale
9dc9925f59 Abstract over DiagnosticsStream for tests 2023-03-03 13:05:43 +00:00
Michael Nebel
df6f5d52b9 C#: Use dependency injection in the auto builder for Diagnostic classifier. 2023-03-03 13:05:28 +00:00
Michael B. Gale
4f0a93295a Move Language class to Semmle.Util 2023-03-03 13:05:27 +00:00
Michael B. Gale
04aaccb186 Fix C++ test missing env var 2023-03-03 13:05:26 +00:00
Michael B. Gale
9d19752c2e Make improvements based on PR feedback 2023-03-03 13:05:24 +00:00
Michael B. Gale
62cd8ca26f Update C/C++ autobuilder 2023-03-03 13:05:24 +00:00
Jeroen Ketema
87b1c3eaa8 Merge pull request #12381 from jketema/silence 
C++: Silence some more bogus consistency errors in syntax zoo
 2023-03-03 12:51:39 +01:00
Mathias Vorreiter Pedersen
16e817c814 Merge pull request #12356 from MathiasVP/use-phi-reads 
C++: Include "phi reads" in `DataFlow::Node`
 2023-03-03 11:14:08 +00:00
Jeroen Ketema
4faede0e2c C++: Silence some more bogus consistency errors in syntax zoo 
These were due to several functions occurring that would have the same TRAP key.
By making the functions static or wrapping the defining class in an anonymous
namespace the TRAP keys will differ from each other.
 2023-03-03 12:07:33 +01:00
Anders Schack-Mulligen
0addcfa7c5 Dataflow: Fix some perf issues. 2023-03-03 11:45:32 +01:00
Asger F
8f0b77d54f Revert "C#: Tool status page support" 2023-03-03 11:44:42 +01:00
Geoffrey White
7b596f4928 Merge pull request #10431 from ihsinme/ihsinme-patch-111 
CPP: Add query for CWE-369: Divide By Zero.
 2023-03-03 10:42:04 +00:00
Jeroen Ketema
f649def3f8 C++: Silence a number of bogus consistency errors in syntax zoo 
These were due to several functions occurring that would have the same TRAP
key. By making the functions static the TRAP keys will differ from each other.
 2023-03-03 11:16:19 +01:00
erik-krogh
a928f4c9ef add change-notes 2023-03-03 09:23:10 +01:00
erik-krogh
f96d6accbb delete old deprecations 2023-03-03 09:23:02 +01:00
Mathias Vorreiter Pedersen
959237e8d2 C++: Fix missing type for Phi nodes. 2023-03-02 22:48:10 +00:00
Mathias Vorreiter Pedersen
2963dc1cb1 C++: Include phi read nodes in SSA. 
There's a small fix to the mapping from 'global def -> use'.

Finally, this commit also accepts a test failure related to new missing
types for phi nodes. The fix for that is in the next commit.
 2023-03-02 22:48:06 +00:00
Mathias Vorreiter Pedersen
b3f92fcf0f C++: Add FN caused by missing static local initialization in SSA. 2023-03-02 22:37:52 +00:00
Anders Schack-Mulligen
b34f99f716 Dataflow: Add change notes. 2023-03-02 16:01:29 +01:00
Michael B. Gale
fd9b279ef9 Merge pull request #12217 from github/mbg/csharp/tsp-support 2023-03-02 11:47:30 +00:00
Michael Nebel
2525ac3dd2 C#: Use dependency injection in the auto builder for Diagnostic classifier. 2023-03-02 09:18:56 +01:00
Mathias Vorreiter Pedersen
2f8d71762c C++: Disable standard order for 'convertsIntoArgumentRev'. 2023-03-01 15:16:49 +00:00
Mathias Vorreiter Pedersen
0469df1c18 Merge pull request #12338 from MathiasVP/expr-sanitizer-for-exec-tainted 
C++: Speedup `cpp/command-line-injection`
 2023-03-01 11:40:05 +00:00
Mathias Vorreiter Pedersen
d5b0ad6bfc C++: Remove cached predicate that's no longer used. 2023-02-28 16:20:29 +00:00
Mathias Vorreiter Pedersen
075a83c987 Stage stats before on 'ExecTainted.ql' before: 
```
1	10	1 Fwd	609968	1398	-1	94	769936	ExecTaintConfiguration
2	15	1 Rev	239464	774	-1	52	320663	ExecTaintConfiguration
3	20	2 Fwd	205794	511	650	39	18576546	ExecTaintConfiguration
4	25	2 Rev	161966	351	428	39	13639502	ExecTaintConfiguration
5	30	3 Fwd	31889	322	791	39	5982574	ExecTaintConfiguration
6	35	3 Rev	30068	303	661	39	4181421	ExecTaintConfiguration
7	40	4 Fwd	24031	232	1432	39	14725618	ExecTaintConfiguration
8	45	4 Rev	21506	219	907	39	5962780	ExecTaintConfiguration
9	50	5 Fwd	20149	204	1527	38	8350094	ExecTaintConfiguration
10	55	5 Rev	20102	204	1472	38	7515307	ExecTaintConfiguration
11	60	6 Fwd	19950	200	904	33	9673369	ExecTaintConfiguration
12	65	6 Rev	18431	200	901	33	7030957	ExecTaintConfiguration
```

Stage stats after:
```
1	10	1 Fwd	368610	699	-1	65	445199	ExecTaintConfiguration
2	15	1 Rev	112848	336	-1	23	150522	ExecTaintConfiguration
3	20	2 Fwd	91528	219	270	22	4120713	ExecTaintConfiguration
4	25	2 Rev	66017	141	159	22	2657398	ExecTaintConfiguration
5	30	3 Fwd	12161	119	208	22	792468	ExecTaintConfiguration
6	35	3 Rev	11640	111	167	22	569193	ExecTaintConfiguration
7	40	4 Fwd	11423	109	331	22	1203871	ExecTaintConfiguration
8	45	4 Rev	10851	107	323	22	904017	ExecTaintConfiguration
9	50	5 Fwd	10694	107	763	22	2428404	ExecTaintConfiguration
10	55	5 Rev	10332	104	735	22	2355698	ExecTaintConfiguration
11	60	6 Fwd	10302	104	729	22	5772762	ExecTaintConfiguration
12	65	6 Rev	9482	102	725	22	4020951	ExecTaintConfiguration
```
 2023-02-28 15:05:29 +00:00
Mathias Vorreiter Pedersen
8dd0bdbdb0 C++: Rename 'fst' and 'snd' to 'incoming' and 'outgoing'. 2023-02-28 15:05:18 +00:00
Michael B. Gale
e3762c7f93 Move Language class to Semmle.Util 2023-02-28 14:16:33 +00:00
Jeroen Ketema
3014f207f3 C++: Add tests for all dataflow examples that occur in our docs 2023-02-28 14:45:00 +01:00
Mathias Vorreiter Pedersen
d93d22ba3e C++: Fix FPs in 'cpp/non-constant-format'. 2023-02-28 10:05:05 +00:00
Mathias Vorreiter Pedersen
1e5b235f4b C++: Accept test changes in 'cpp/non-constant-format'. These are actually FPs. 2023-02-28 10:02:32 +00:00
Mathias Vorreiter Pedersen
85c7116e8f C++: Fix the following join (I canceled it mid-way): 
```
Tuple counts for SsaInternals#7b362d2f::getAPriorDefinition#1#ff/2@bfabfc7o after 11.4s:
  1000      ~4%     {2} r1 = SCAN Ssa#da392372::Make#SsaInternals#7b362d2f::SsaInput#::Definition::definesAt#3#dispred#ffff OUTPUT In.1, In.0
  474321529 ~0%     {4} r2 = JOIN r1 WITH SsaInternals#7b362d2f::DefOrUse::hasIndexInBlock#3#dispred#ffff_3012#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.2, Rhs.3, Rhs.1
  0         ~0%     {2} r3 = JOIN r2 WITH SsaInternals#7b362d2f::SsaCached::lastRefRedef#4#ffff ON FIRST 3 OUTPUT Lhs.3, Rhs.3
  0         ~0%     {2} r4 = JOIN r3 WITH SsaInternals#7b362d2f::nodeToDefOrUse#3#fff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1 'result'
  0         ~0%     {2} r5 = JOIN r4 WITH SsaInternals#7b362d2f::ssaDefinition#1#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'defOrUse', Lhs.1 'result'
                    return r5
```
 2023-02-28 09:53:37 +00:00
Mathias Vorreiter Pedersen
04b84320c9 C++: Accept more query-test changes. 2023-02-28 00:06:35 +00:00
Mathias Vorreiter Pedersen
3906a1923b Merge branch 'mathiasvp/replace-ast-with-ir-use-usedataflow' into no-taint-indirect-direct-conflation 2023-02-27 18:40:04 +00:00
Mathias Vorreiter Pedersen
f9c724d9a3 Merge pull request #12325 from MathiasVP/gets-return-deref 
C++: Make `gets` indirect output a LocalFlowSource
 2023-02-27 18:39:36 +00:00
Jeroen Ketema
9c202f508f Merge pull request #12324 from jketema/taint-fix 
C++: Use correct DataFlow import in new TaintTracking.qll
 2023-02-27 18:37:46 +01:00
Mathias Vorreiter Pedersen
7bb806563f Merge branch 'mathiasvp/replace-ast-with-ir-use-usedataflow' into no-taint-indirect-direct-conflation 2023-02-27 17:19:36 +00:00
Mathias Vorreiter Pedersen
2a9133aae0 C++: Accept query-test changes. 2023-02-27 17:15:53 +00:00
Mathias Vorreiter Pedersen
d628905156 C++: Accept more test changes. 2023-02-27 17:13:23 +00:00