hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-25 03:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,692 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
45ab723423 Python: Add dataflow test for a,b = b,a 
Also enables a single test to output more than one OK
 2020-08-28 11:12:25 +02:00
Rasmus Wriedt Larsen
496d856c48 Python: Reformualte explanation of experience from JS 2020-08-28 10:49:33 +02:00
Erik Krogh Kristensen
038cca814a Merge branch 'main' into ts4 2020-08-28 10:27:49 +02:00
Taus
afe234dade Merge pull request #4156 from RasmusWL/python-fix-changenote-fstring-taint 
Python: fstring taint change note should be for 1.26
 2020-08-28 10:23:06 +02:00
Jonas Jensen
55d7ac88f9 Merge pull request #4148 from geoffw0/vecextra 
C++: Improvements to string and vector models.
 2020-08-28 10:05:42 +02:00
CodeQL CI
80cb8be405 Merge pull request #4155 from asger-semmle/js/lower-duplicate-element-id-precision 
Approved by esbena
 2020-08-28 08:52:58 +01:00
Rasmus Wriedt Larsen
7e6ebfd636 Enable labeler action again 
This time using `pull_request_target`, so it will work properly with forks. See
https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target

This reverts commit d5d6093e75.
 2020-08-28 09:31:46 +02:00
CodeQL CI
ac94869978 Merge pull request #3978 from dellalibera/js/insecure-cookies 
Approved by esbena
 2020-08-28 08:31:38 +01:00
Rasmus Wriedt Larsen
deff36e9af Python: fstring taint change note should be for 1.26 
This fixes problem introduced in https://github.com/github/codeql/pull/4127
 2020-08-28 09:00:07 +02:00
Max Schaefer
031a48ecd3 Merge pull request #296 from owen-mc/allocation-size-overflow-improve-sanitizers-easy 
Add new sanitizer guard to Allocation size overflow query
 2020-08-28 07:44:45 +01:00
Tamas Vajk
29eaacdeaf Fix typos and comment styling 2020-08-28 08:41:46 +02:00
Mathias Vorreiter Pedersen
ceddc2497a Merge pull request #4151 from geoffw0/reftaint 
C++: Taint tests for array and reference assignments.
 2020-08-27 20:00:13 +02:00
Robert Marsh
2a6c624407 C++: fix up some iterator taint flows 2020-08-27 10:27:53 -07:00
Taus
1206ff5889 Merge pull request #4150 from RasmusWL/python-dataflow-private-import 
Python: Make import of python private in shared dataflow
 2020-08-27 18:05:55 +02:00
Geoffrey White
9b3da1f6c7 C++: Autoformat. 2020-08-27 16:55:45 +01:00
Geoffrey White
208cd4c888 C++: Fix assign in the test stl.h. 2020-08-27 16:52:22 +01:00
Rasmus Wriedt Larsen
f12d29de07 Python: Add taint test of more colleciton methods 2020-08-27 17:36:10 +02:00
Taus Brock-Nannestad
7112aa2e9a Merge branch 'main' into python-add-typetracker 2020-08-27 17:05:26 +02:00
Asger Feldthaus
e7a0bc6be6 JS: Lower precision of ambiguous HTML ID attribute 2020-08-27 15:51:34 +01:00
Geoffrey White
927a4faa58 C++: Remove the non-reference case that we shouldn't need. 2020-08-27 15:42:40 +01:00
Rasmus Wriedt Larsen
654c4f39ac Python: Add missing module.py to consistency/regression tests 2020-08-27 16:32:26 +02:00
Geoffrey White
071b303ea0 C++: Make the other versions consistent with this. 2020-08-27 15:24:48 +01:00
Rasmus Wriedt Larsen
36ac111659 Merge pull request #4152 from tausbn/python-sync-inline-test-expectations-files 
Python: Sync InlineExpectationsTest.qll between Python and C++
 2020-08-27 16:23:08 +02:00
Rasmus Wriedt Larsen
f1e11f1efd Python: updated expected output from new shared dataflow tests 
I did not verify whether these changes are OK or not, simply ran and accepted
the tests.
 2020-08-27 16:17:12 +02:00
Geoffrey White
865d91de80 C++: Fix getAValueTypeParameterIndex(). 2020-08-27 15:08:58 +01:00
Rasmus Wriedt Larsen
b11b5784b2 Python: Adtop more complete tests from old dataflow impl 
The ones in test/experimental/dataflow/[consistency,regression]/test.py was a
copy from test/library-tests/taint/dataflow/test.py.

However, test/library-tests/taint/dataflow/test.py only contains a subset of
test/library-tests/taint/config/test.py, that only contains a subset of
test/library-tests/taint/general/test.py

This commit updates the experimental dataflow tests to be a copy of the
test/library-tests/taint/general/test.py file.

There seems to have been a few changes to the file after it being copied, in
`test_truth` and `test_early_exit`. I have no reproduced those changes.
 2020-08-27 16:08:51 +02:00
Jonas Jensen
c507b337f2 Merge pull request #3921 from catenacyber/NullCheckParam 
C++: Adds another redundant null check rule
 2020-08-27 16:07:13 +02:00
Geoffrey White
816b8abd7c C++: Add a test case using a const int *. 2020-08-27 15:05:23 +01:00
Max Schaefer
b4550f244b Merge pull request #313 from github/rc/1.25 
Merge rc/1.25 into main
 2020-08-27 14:27:26 +01:00
Tamas Vajk
7e2cf9a858 Adjust code review findings 2020-08-27 15:11:55 +02:00
Tamas Vajk
fcd426210f C#: Add missing QlDoc for code duplication 2020-08-27 14:43:16 +02:00
Taus Brock-Nannestad
797e290a67 Python+CPP: Change values to value 2020-08-27 14:12:40 +02:00
Taus Brock-Nannestad
dccbcc15b3 Python: Sync InlineExpectationsTest.qll between Python and C++ 
Also changes `valuesasas` to `values` in the test example.
 2020-08-27 13:37:26 +02:00
Rasmus Wriedt Larsen
9da6da6106 Python: Fix imports in shraed dataflow tests 2020-08-27 13:29:41 +02:00
Taus
e7322d114f Merge pull request #4077 from yoff/MagicMethods 
Python: Add support for magic methods
 2020-08-27 13:20:56 +02:00
Taus
d3175a7899 Merge pull request #4110 from yoff/SharedDataflow_ParsimoniousFlowNodes 
Python: Shared dataflow, parsimonious flow nodes
 2020-08-27 13:19:23 +02:00
CodeQL CI
30ac2f9c84 Merge pull request #4143 from tausbn/python-add-inline-test-expectations-library 
Approved by RasmusWL
 2020-08-27 12:18:41 +01:00
Taus
a750252c07 Merge pull request #4147 from RasmusWL/python-remove-symlink 
Python: Remove symlink from experimental test
 2020-08-27 13:16:07 +02:00
Sauyon Lee
1743dae7b0 Merge pull request #312 from smowton/smowton/autobuilder-fixes-fixed-further 
Autobuilder: always check the vendor directory works and if go.mod exists
 2020-08-27 04:16:04 -07:00
Geoffrey White
a5a3078b58 C++: Add a test case using a typedef int. 2020-08-27 12:11:56 +01:00
Chris Smowton
af1be2f465 Bump to latest version of golang.org/x/tools 2020-08-27 11:57:21 +01:00
Tom Hvitved
35e1c04b93 Merge pull request #4144 from hvitved/csharp/autobuilder/vsdevcmd 
C#: Teach autobuilder about `VsDevCmd.bat`
 2020-08-27 12:38:49 +02:00
Geoffrey White
6f62803e1f C++: Taint tests for array and reference assignments. 2020-08-27 11:26:25 +01:00
Chris Smowton
4d084372b5 Fix autobuilder Go version comparison 
The semver package requires versions of the form v1.2.3, and unhelpfully evaluates any malformed versions as equal.
 2020-08-27 11:02:23 +01:00
Rasmus Wriedt Larsen
909bff2313 Python: Make import of python private in shared dataflow 2020-08-27 11:48:56 +02:00
Chris Smowton
c6dbb9fcb2 Tidy up -mod argument stringification 2020-08-27 10:46:36 +01:00
Rasmus Wriedt Larsen
627363d6ea Python: Test taint step for string augmented assignment 
Apprently it just works 😕 :magic:
 2020-08-27 11:37:56 +02:00
Geoffrey White
111da4c352 C++: Add a model of std::vector::assign. 2020-08-27 10:22:31 +01:00
Rasmus Wriedt Larsen
569e54e7bb Python: Remove symlink from experimental test 2020-08-27 11:19:55 +02:00
Jonas Jensen
e949c167fa C++: Add back getSubBasicBlockStart 
It turns out this predicate was used in a test, and that use can't be
replaced with the new `partiallyDefinesVariableAt` predicate since
`partiallyDefinesVariableAt` doesn't hold for a `PartialDefinition` that
defines something other than a variable.
 2020-08-27 11:14:47 +02:00