hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-16 23:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,692 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
d0aaaad537 Address review comments 2020-03-18 18:16:11 +01:00
Geoffrey White
2e4e491ce8 Merge branch 'master' into sideeffect 2020-03-18 17:12:14 +00:00
Rasmus Wriedt Larsen
9a0b2b1843 Merge pull request #2989 from BekaValentine/python-objectapi-to-valueapi-incorrectexceptorder 
Python: ObjectAPI to ValueAPI: IncorrectExceptOrder
 2020-03-18 18:03:25 +01:00
Taus
ae1268f241 Merge branch 'master' into python-add-points-to-for-missing-builtin-return-types 2020-03-18 17:59:17 +01:00
Rasmus Wriedt Larsen
290e33a912 Merge pull request #2922 from tausbn/python-fix-multi-assign-points-to 
Python: Fix bug in `multi_assignment_points_to`.
 2020-03-18 17:50:37 +01:00
Rasmus Wriedt Larsen
b0303158a5 Merge pull request #3088 from tausbn/python-prepare-autoformatting 
Python: Prepare for autoformatting.
 2020-03-18 17:48:46 +01:00
Geoffrey White
6cc1c2341c C++: Add some SideEffect models. 2020-03-18 16:42:33 +00:00
Geoffrey White
935b8d96f8 C++: Offset .expected for cleaner diff. 2020-03-18 16:42:33 +00:00
Geoffrey White
0c9466640a C++: Add IR test for strcpy/strcat. 2020-03-18 16:42:25 +00:00
Sauyon Lee
f60f6ea7d0 Add examples qlpack.yml to CodeQL manifest 2020-03-18 09:30:45 -07:00
Dave Bartolomeo
0329327f9f C++: Move VarArgs utilities location 2020-03-18 11:24:44 -04:00
Dave Bartolomeo
fed1bce015 C++: Make vararg utilities internal for now. 2020-03-18 11:18:38 -04:00
Dave Bartolomeo
4fce20116e C++: Fix formatting 2020-03-18 09:53:01 -04:00
Dave Bartolomeo
26ea93af58 Merge remote-tracking branch 'upstream/master' into dbartol/VarArgIR 2020-03-18 09:52:21 -04:00
Jonas Jensen
a23077af11 C++: Comments for future maintainers 2020-03-18 14:11:37 +01:00
Taus Brock-Nannestad
57af7b84aa Python: Prepare for autoformatting. 
Mostly fixes up a bunch of comments that were made wonky by the autoformatter.
 2020-03-18 13:59:38 +01:00
Tom Hvitved
3bd6429072 Data flow: Sync files 2020-03-18 13:28:26 +01:00
Tom Hvitved
321b91209f Address review comments 2020-03-18 13:28:16 +01:00
Asger Feldthaus
7393844699 JS: Update some queries that used data as source 2020-03-18 11:55:13 +00:00
Asger Feldthaus
506ddaf3f4 JS: Add explanation for test failure 2020-03-18 11:55:13 +00:00
Asger Feldthaus
028022158d JS: Add variant of test that passes 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a7e337ab28 JS: Add some lines in test case 2020-03-18 11:55:13 +00:00
Asger Feldthaus
3e68072e38 JS: Accept test case change 2020-03-18 11:55:13 +00:00
Asger Feldthaus
18eea96cf8 JS: Autoformat 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a9901a44e8 JS: Update TaintBarriers/isBarrier test 2020-03-18 11:55:13 +00:00
Asger Feldthaus
de7fbce27b JS: Adjust whitespace in change notes 2020-03-18 11:55:13 +00:00
Asger Feldthaus
0edb765958 JS: Split test case function in two 2020-03-18 11:55:13 +00:00
Asger Feldthaus
4e75fe3977 JS: Update some qldoc comments 2020-03-18 11:55:13 +00:00
Asger Feldthaus
08ad4f785a JS: Tweak other parts of change note for consistency 2020-03-18 11:55:12 +00:00
Asger Feldthaus
ad2b150d05 JS: Add change note 2020-03-18 11:55:12 +00:00
Asger Feldthaus
a195429471 JS: Add test with non-guard sanitizer 2020-03-18 11:55:12 +00:00
Asger Feldthaus
83606e7b60 JS: Dont use data label in taint-tracking configs 2020-03-18 11:55:12 +00:00
Asger Feldthaus
8da0584b12 JS: Add test 2020-03-18 11:55:12 +00:00
Max Schaefer
f53732ec5a Merge pull request #39 from sauyon/go1.14 
Go 1.14 support
 2020-03-18 10:08:50 +00:00
Jonas Jensen
f1ad0dafdc Merge pull request #2849 from geoffw0/model-gets 
C++: Model for gets
 2020-03-18 11:06:23 +01:00
Anders Schack-Mulligen
396678fd55 Java: Add apache Base64 taint steps. 2020-03-18 10:54:40 +01:00
Esben Sparre Andreasen
b1a722fcda JS: typo fix 2020-03-18 10:11:38 +01:00
Esben Sparre Andreasen
12d8177b4b Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:12:05 +01:00
Esben Sparre Andreasen
ce3b196b93 Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:11:57 +01:00
Esben Sparre Andreasen
b9860d3444 Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:11:49 +01:00
Esben Sparre Andreasen
d74c16f86c Update javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-03-18 10:11:36 +01:00
Max Schaefer
0a59470640 Fix tests. (#3) 2020-03-18 02:10:24 -07:00
Jonas Jensen
260bfe7b1d C++: Manual magic in inStaticInitializer 
Since `runtimeExprInStaticInitializer` only looks at expressions at the
top level of an initializer or directly below some number of top-level
aggregate literals, there is no need for `inStaticInitializer` to
include expressions strictly below those in the AST.

I tested this on Wireshark, which has very large static initializers,
but found no measureable difference in run time. There are some
differences in tuple counts and iteration counts, though:

- `inStaticInitializer` changes from 6,241,153 rows (86 iterations) to
  5,031,617 rows (7 iterations).
- `runtimeExprInStaticInitializer` changes from 386,350 rows to 4,705
  rows.
- `hasDynamicInitialization` has 410 rows both before and after, which
  suggests that this change does not affect results.

Even though there is no impact on this snapshot at this time, things
might look different if/when the restriction on aggregate literals to
100 children is removed in the extractor.
 2020-03-18 09:28:45 +01:00
Max Schaefer
60ce9c5acd Merge pull request #59 from max-schaefer/go-pg 
Add model of `go-pg/pg`.
 2020-03-18 07:35:23 +00:00
Jonas Jensen
93c6f8f1f7 Merge pull request #3056 from dbartol/dbartol/static-locals 
C++: Model dynamic initialization of static local variables in IR
 2020-03-18 08:16:21 +01:00
Dave Bartolomeo
309ccf3daf C++: Factor out common code to avoid recursion 2020-03-17 18:44:29 -04:00
Dave Bartolomeo
772324fafa C++: Add comment with IR for dynamic init of static var 2020-03-17 18:44:00 -04:00
Dave Bartolomeo
709757f7f2 Merge remote-tracking branch 'upstream/master' into dbartol/static-locals 2020-03-17 18:35:13 -04:00
Taus
46567a5842 Merge pull request #3029 from BekaValentine/python-objectapi-to-valueapi-handles 
Python: ObjectAPI to ValueAPI: Handles
 2020-03-17 22:37:27 +01:00
Rebecca Valentine
f351916418 Merge branch 'master' into testmerge 2020-03-17 12:32:45 -07:00