hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 05:13:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,697 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
bd64dda4c3 Fix code review findings in pragma warning directives 2021-02-04 08:42:38 +01:00
Tamas Vajk
3900698b41 Add doc comments for preprocessor directive base class 2021-02-04 08:42:38 +01:00
Tamas Vajk
a896e1522d Extract active flag from directives, fix missing assembly location 2021-02-04 08:42:38 +01:00
Tamas Vajk
41fbce0ad0 Extract #if directives 2021-02-04 08:42:38 +01:00
Tamas Vajk
a5d18f9b68 Extract region directives 2021-02-04 08:42:38 +01:00
Tamas Vajk
fe0a494bab Extract line directives 2021-02-04 08:42:38 +01:00
Tamas Vajk
4bb8b6c992 Extract nullable directives 2021-02-04 08:42:38 +01:00
Tamas Vajk
15c611e22f Extract warning and error directives 2021-02-04 08:42:38 +01:00
Tamas Vajk
3740aba4a8 Extract undef directives 2021-02-04 08:42:38 +01:00
Tamas Vajk
9b405144ff Extract define directives 2021-02-04 08:42:38 +01:00
Tamas Vajk
94bf3467b7 Extract pragma checksum directives 2021-02-04 08:42:38 +01:00
Tamas Vajk
8b9c6712d1 Extract pragma warning directives 2021-02-04 08:42:38 +01:00
Tamas Vajk
40186db768 Rename CommentPopulator 2021-02-04 08:42:38 +01:00
Tamas Vajk
48d24b2264 Get line comments from trivia lines 2021-02-04 08:42:38 +01:00
Tamas Vajk
046a37b834 Simplify element access extraction 2021-02-04 08:42:38 +01:00
Tamas Vajk
c3ef6841d0 Add tests for trivia types 2021-02-04 08:42:38 +01:00
Tamas Vajk
3be229f097 C#: Separate visitors to dedicated files, rename and reorganize comment extraction related classes 2021-02-04 08:42:38 +01:00
Raul Garcia (MSFT)
53ab787efc Fixed format 2021-02-03 15:54:47 -08:00
Raul Garcia (MSFT)
86a2aa97ec Fixing incorrect file extension & adding suite 2021-02-03 15:48:16 -08:00
Raul Garcia (MSFT)
5e1e27c2b6 Adding queries related to the Solorigate campaign 2021-02-03 15:12:31 -08:00
Taus Brock-Nannestad
5974af661e Python: Update test file 
Makes the `a.b.c.d` test more sensible.

Also adds a test that shows a case where we're currently _not_ getting
the right flow.
 2021-02-03 22:43:21 +01:00
Taus Brock-Nannestad
ba98b08001 Python: Further elaboration of use/3 2021-02-03 22:31:33 +01:00
Taus Brock-Nannestad
ebfb1faf77 Python: Autoformat 2021-02-03 22:26:46 +01:00
Rasmus Lerchedahl Petersen
a7ca065411 Python: Fix ForTarget 2021-02-03 22:14:15 +01:00
yoff
b5633625b3 Update python/ql/src/semmle/python/dataflow/new/internal/DataFlowPrivate.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-02-03 21:56:03 +01:00
Tamas Vajk
cccca879d9 C#: Add initial DB scheme 2021-02-03 21:52:00 +01:00
Taus
56515c5708 Python: Improve documentation for moduleImport 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-02-03 21:29:15 +01:00
Nick Rolfe
61d9669655 Merge pull request #110 from github/class_ast 
Add AST classes for classes and modules
 2021-02-03 19:32:55 +00:00
Tom Hvitved
16c4faef6a SSA: Sync with latest changes 
Now that the shared SSA library supports uncertain/pseudo reads, we can simplify
the Ruby implementation.
 2021-02-03 20:31:36 +01:00
Tom Hvitved
cf860f1dac Merge pull request #5071 from hvitved/csharp/ssa/uncertain-reads 
C#: Move uncertain-read logic into shared SSA implementation
 2021-02-03 20:27:45 +01:00
Taus Brock-Nannestad
05f290f734 Python: Better explanation in use/3 2021-02-03 19:52:40 +01:00
Taus Brock-Nannestad
c5d6792c1e Python: Make toString abstract 2021-02-03 19:52:40 +01:00
Taus Brock-Nannestad
6ce160c51c Python: Use call instead of invocation 2021-02-03 19:52:40 +01:00
luchua-bc
724c3e00e0 Update help file 2021-02-03 16:45:15 +00:00
Rasmus Wriedt Larsen
93f91d8746 Python: Apply suggestions from code review 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2021-02-03 17:44:04 +01:00
Nick Rolfe
c5fca0cb6b Add ModuleBase base class and combine class/module tests 2021-02-03 16:13:59 +00:00
Taus Brock-Nannestad
3fafb47b16 Python: Fix global flow 
A slightly odd fix, but still morally okay, I think. The main issue
here was that global variables have their first occurrence in an inner
scope inside a so-called "scope entry definition", that then
subsequently flows to the first use of this variable. This meant that
that first use was _not_ a `LocalSourceNode` (since _something_ flowed
into it), and this blocked `trackUseNode` from type-tracking to it (as
it expects all nodes to be `LocalSourceNode`s).

The answer, then, is to say that a `LocalSourceNode` is simply one
that doesn't have flow to it from _any `CfgNode`_ (through one or more
steps). This disregards the flow from the scope entry definition, as
that is flow from an `EssaNode`.

Additionally, it makes sense to exclude `ModuleVariableNode`s. These
should never be considered local sources, since they always have flow
from (at least) the place where the corresponding global variable is
introduced.
 2021-02-03 16:41:22 +01:00
Owen Mansel-Chan
36fafadda5 Add fallthrough statements to switch statement tests 2021-02-03 15:26:07 +00:00
Mathias Vorreiter Pedersen
8cf8b704c5 C++: Add more indirection flow in dataflow models. Also revert the additions to DataFlowUtil added in #5035 as they can add too much flow. 2021-02-03 16:16:48 +01:00
Owen Mansel-Chan
a7545cd11b Add test with multiple switch statements 2021-02-03 14:38:53 +00:00
Owen Mansel-Chan
760d89b0d3 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-03 14:34:28 +00:00
Anders Schack-Mulligen
40d02e7e32 Merge pull request #4926 from luchua-bc/java/insufficient-key-size 
Java: Query to detect weak encryption: insufficient key size
 2021-02-03 15:16:10 +01:00
Anders Schack-Mulligen
0df7e9fa4e Merge pull request #4989 from lcartey/lcartey/spring-inheritence-improvements 
Java: Track taint through Spring Java bean getters on super types
 2021-02-03 15:06:03 +01:00
Jonas Jensen
e3bdebf7a0 Merge pull request #5077 from jbj/revert-nested-fields 
C++: Revert #4784
 2021-02-03 14:07:28 +01:00
Arthur Baars
3c0f822369 Merge pull request #111 from github/hvitved/dataflow 
Initial data flow library
 2021-02-03 13:43:08 +01:00
Rasmus Wriedt Larsen
2453a25833 Update docs/ql-style-guide.md 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-02-03 13:42:08 +01:00
Rasmus Wriedt Larsen
0ea7aa54f9 Update CodeQL Style guide to mention acronyms 
Adding this after asking how to do this internally. Is based on https://dart.dev/guides/language/effective-dart/style#do-capitalize-acronyms-and-abbreviations-longer-than-two-letters-like-words
 2021-02-03 13:31:26 +01:00
luchua-bc
2ace10fcdf Use PostUpdateNode for wrapper method calls 2021-02-03 12:21:31 +00:00
Erik Krogh Kristensen
d016ba2252 rename name dataflow configuration in js/template-object-injection 2021-02-03 12:29:23 +01:00
Erik Krogh Kristensen
a5bde53bfe use the TaintedObject library in js/template-object-injection 2021-02-03 12:26:37 +01:00