hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 02:13:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,693 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
75451e349a JS: teach the dataflow library identity functions Object.freeze/seal 2020-07-01 15:27:28 +02:00
Esben Sparre Andreasen
33c52761d4 JS: more dataflow and global access path testing 2020-07-01 15:26:25 +02:00
Max Schaefer
f74a94e382 Merge pull request #170 from sauyon/tracing 
Extract more dependency ASTs
 2020-07-01 14:25:52 +01:00
Anders Schack-Mulligen
20aed81476 Merge pull request #3863 from intrigus-lgtm/patch-2 
Fix typo, add Oxford comma
 2020-07-01 15:01:49 +02:00
Tom Hvitved
9e3a6e8d5e Merge remote-tracking branch 'upstream/master' into csharp/dataflow/arrays 2020-07-01 14:50:26 +02:00
intrigus-lgtm
cabd275baa Fix typo, add Oxford comma 2020-07-01 14:49:09 +02:00
Anders Schack-Mulligen
4aac70d3da Dataflow: update doc based on review. 2020-07-01 14:45:49 +02:00
Shati Patel
5af5f40ae1 Small terminology update 2020-07-01 13:41:50 +01:00
Anders Schack-Mulligen
7d057598d8 Merge pull request #3857 from jbj/flowthrough-bigstep-perf 
C++: Remove big-step relation in flow-through code
 2020-07-01 14:23:23 +02:00
Jonas Jensen
50cd759718 Merge pull request #3733 from geoffw0/models5 
C++: Constructor and assignment models
 2020-07-01 13:58:27 +02:00
Erik Krogh Kristensen
3157cd724d add noSQL tests for type-tracking req.query 2020-07-01 11:45:09 +02:00
Owen Mansel-Chan
3a2a33b956 Convert to reStructuredText 
Annoyingly rst won't easily let you make some text monospace inside the
text for a link. The only other things I've changed from pandoc's output
are changing "code::" to "code-block::" and adding whitespace to get the
lists to format correctly.
 2020-07-01 10:43:08 +01:00
Erik Krogh Kristensen
bace2994c3 add test for type-tracking req.params 2020-07-01 11:38:54 +02:00
Anders Schack-Mulligen
38b73ff684 Merge pull request #3854 from hvitved/dataflow/node-type-interface 
Data flow: Replace `getErasedRepr()` and `Node::getTypeBound()` with `getNodeType()`
 2020-07-01 11:37:19 +02:00
Erik Krogh Kristensen
8227010463 also use new type-tracking in isUserControlledObject 2020-07-01 11:32:51 +02:00
Slavomir
62ccceb543 Apply suggestions from code review 
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-07-01 12:16:40 +03:00
Slavomir
87c2ac3caf Remove deprecated; plus aesthetic fix 2020-07-01 12:11:41 +03:00
Owen Mansel-Chan
126d214a2d Address review comments 2020-07-01 10:04:55 +01:00
Slavomir
37af579f27 Implement code review feedback 2020-07-01 12:02:12 +03:00
Max Schaefer
05da78d0f2 Merge pull request #238 from owen-mc/tfunctionoutput-receiver-separate-case 
Make receiver a separate case in TFunctionOutput
 2020-07-01 09:53:13 +01:00
Slavomir
7475170ced Fix getBaseType 2020-07-01 11:21:15 +03:00
Slavomir
7f65424556 Fix comments and tests 2020-07-01 10:40:34 +03:00
Rasmus Lerchedahl Petersen
79e4f1ee93 Python: Enable consistency check (currently fails) 2020-07-01 09:21:36 +02:00
Slavomir
9421476bea Add IndexExpr logic and example 2020-07-01 10:21:16 +03:00
semmle-qlci
ef109d91ed Merge pull request #3842 from hvitved/csharp/dataflow/remove-viable-impl 
Approved by aschackmull
 2020-07-01 08:14:57 +01:00
Tom Hvitved
ed2077b2f4 Merge pull request #3841 from gavinl/master 
QHELP: Encryption using ECB.qhelp grammar
 2020-07-01 08:45:35 +02:00
Dave Bartolomeo
10bbd566d4 C++: Autoformat 2020-07-01 02:28:53 -04:00
Rasmus Lerchedahl Petersen
7787900bed Python: make compile and simplify 2020-07-01 07:36:00 +02:00
Rasmus Lerchedahl Petersen
825f24a953 Python: simplify according to review comments 2020-07-01 07:20:26 +02:00
Rasmus Lerchedahl Petersen
3388ca44ed Python: sync dataflow library 2020-07-01 07:16:59 +02:00
Rasmus Lerchedahl Petersen
e259281821 Merge branch 'master' of github.com:github/codeql into SharedDataflow 
to receive updates from data flow library
 2020-07-01 07:15:32 +02:00
dilanbhalla
259654b1a4 moved library to experimental 2020-06-30 18:04:41 -07:00
dilanbhalla
e1130a2bfa moved privatedata to experimental 2020-06-30 17:58:24 -07:00
dilanbhalla
3fdd11a9b5 scanf fixes, still need to update qhelp file 2020-06-30 17:22:29 -07:00
Robert Marsh
e9777913a3 Merge pull request #3856 from geoffw0/qldoc5follow 
C++: Make getSecureAlgorithmRegex() work as expected.
 2020-06-30 16:17:37 -07:00
Dave Bartolomeo
6592f8c1bb C++: QLDoc cleanup 
This PR just fixes a few bits of PR feedback from my previous QLDoc PR.
 2020-06-30 17:33:52 -04:00
Slavomir
036a1faffa Remove redundancy 2020-06-30 23:00:19 +03:00
Jonas Jensen
cff0f48d34 C++: Work around join-order issue in flow-through 
In this non-linear recursion, a `#prev` relation was joined earlier than
the `#prev_delta` relation. As a result, each iteration of the predicate
processes every tuple from previous iterations.

This quadratic behavior caused severe slowdowns on oneapi-src/oneDNN.
 2020-06-30 21:12:57 +02:00
Slavomir
c5354a88f0 Update tests 2020-06-30 22:11:05 +03:00
dilanbhalla
f462156cdf private data file/buffer write 2020-06-30 12:09:50 -07:00
Slavomir
22e9c75d68 If pointer is to an IndexExpr, the use base type of that index expression 2020-06-30 22:07:40 +03:00
Jonas Jensen
17beb2d867 C++: Remove big-step relation in flow-through code 
This relation was originally introduced to improve performance but may
no longer be necessary. The `localFlowStepPlus` predicate had an
explosion of tuples on oneapi-src/oneDNN for C++.
 2020-06-30 21:06:45 +02:00
Sauyon Lee
6e5e9ce5de Improve comments for extractor utility functions 2020-06-30 11:44:10 -07:00
Sauyon Lee
c6dfcf7365 Merge pull request #237 from github/revert-165-support-actions 
Revert "autobuilder: Add support for GITHUB_REPOSITORY environment variable"
 2020-06-30 11:40:34 -07:00
Owen Mansel-Chan
83fffa6350 Address review comments 2020-06-30 18:37:00 +01:00
Geoffrey White
8bdcc47a50 C++: Add a test. 2020-06-30 17:46:08 +01:00
Owen Mansel-Chan
826603a396 Make receiver a separate case in TFunctionOutput 
This is for consistency with TFunctionInput, which already does this
 2020-06-30 17:15:52 +01:00
Owen Mansel-Chan
88e2ae1b2e Address review comments 2020-06-30 17:00:05 +01:00
Jonathan Leitschuh
fa8b278332 Add jOOQ methods as SQL Injection Sinks 2020-06-30 11:57:17 -04:00
Geoffrey White
54b8f8e662 C++: Make getSecureAlgorithmRegex() return a single regexp as expected, and as getInsecureAlgorithmRegex() does. 2020-06-30 16:51:16 +01:00