hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-16 06:53:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,690 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
af0df6c369 JS: Lower severity of js/syntax-error 2020-03-04 11:16:59 +00:00
semmle-qlci
c4b961c8af Merge pull request #2973 from tausbn/python-fix-or-disable-cps 
Approved by BekaValentine
 2020-03-04 10:36:47 +00:00
Max Schaefer
264478f4b8 Remove a mistaken uniqueness annotation. 2020-03-04 10:34:55 +00:00
Jonas Jensen
60bcbf477a C++: pragma[noinline] on GVN charpred 
The charpred of class `GVN` in `ASTValueNumbering.qll` got inlined into
the member predicate `getAnInstruction` and caused a tuple explosion on
Wireshark in the query `StrncpyFlippedArgs.ql`.

I interrupted the predicate after 10 minutes and got these intermediate
tuple counts:

    (5208s) Tuple counts for ASTValueNumbering::GVN::getAnInstruction_dispred#ff:
    8754900909 ~5%          {3} r1 = JOIN ValueNumberingInternal::tvalueNumber#ff_10#join_rhs AS L WITH ValueNumberingInternal::tvalueNumber#ff_10#join_rhs AS R ON FIRST 1 OUTPUT R.<1>, L.<1>, L.<0>
    4390274632 ~150085%     {2} r2 = JOIN r1 WITH project#SSAConstruction::Cached::getInstructionUnconvertedResultExpression AS R ON FIRST 1 OUTPUT r1.<2>, r1.<1>
                            return r2

After this change, the `getAnInstruction` predicate is itself inlined,
like it should be. The new non-inlined charpred takes 2.1s and has these
tuple counts:

    (2s) Tuple counts for ASTValueNumbering::GVN#f:
    9158442  ~117%     {1} r1 = JOIN project#SSAConstruction::Cached::getInstructionUnconvertedResultExpression AS L WITH ValueNumberingInternal::tvalueNumber#ff@staged_ext AS R ON FIRST 1 OUTPUT R.<1>
                       return r1
 2020-03-04 10:34:05 +01:00
Esben Sparre Andreasen
ae43e90a67 JS: model process as an EventEmitter 2020-03-04 09:49:16 +01:00
Rebecca Valentine
2bcd8c8cb8 Python: Moves query over to modernized predicates 2020-03-03 17:05:47 -08:00
Rebecca Valentine
fa59fc607c Python: Adds modernized predicates 2020-03-03 17:05:29 -08:00
Rebecca Valentine
0f26734e9a Python: Moves more predicates over to suffixed form 2020-03-03 17:04:12 -08:00
Rebecca Valentine
a0cf2cbb13 Python: Moves old predicates to suffixed form 2020-03-03 16:53:56 -08:00
Rebecca Valentine
400a0f5741 Python: Adds preliminary modernization 2020-03-03 16:52:12 -08:00
Rebecca Valentine
b33b222db8 Python: Modernizes query 2020-03-03 16:41:52 -08:00
Rebecca Valentine
88daf65854 Python: Removes obsolete predicates 2020-03-03 16:03:27 -08:00
Rebecca Valentine
3bedd5cb58 Python: Adds modernized predicates and moves query over to them 2020-03-03 16:02:25 -08:00
Rebecca Valentine
5fea31eed1 Python: Moves predicates over to suffixed form 2020-03-03 15:55:40 -08:00
Rebecca Valentine
e39a0c9121 Python: Moves non_local_control_flow to new API, and fixes bug in ClassValue implementation 2020-03-03 15:38:35 -08:00
Taus
02ae0fbda6 Merge pull request #2965 from BekaValentine/python-objectapi-to-valueapi-raising 
Python: ObjectAPI to ValueAPI: Raising
 2020-03-04 00:03:17 +01:00
Rebecca Valentine
ce204ac949 Python: Moves statement out of quantifier that it didnt need to be in 2020-03-03 14:57:30 -08:00
Rebecca Valentine
8e1c089ff3 Python: Removes unused import 2020-03-03 14:38:26 -08:00
Robert Marsh
1e3419fd60 C++/C#: generate IR for funcs excluded in PrintIR 
Previously, functions excluded from PrintIR would not have IR
generated. This sometimes affected escacpe analysis of functions that
were printed.
 2020-03-03 14:34:08 -08:00
semmle-qlci
6f508bccc1 Merge pull request #2943 from esbena/js/more-fs-modules 
Approved by erik-krogh
 2020-03-03 21:50:43 +00:00
Taus Brock-Nannestad
48a47e1b54 Python: Fix broken test output. 2020-03-03 19:45:13 +01:00
Taus
8bd4f6d136 Merge pull request #2945 from BekaValentine/python-objectapi-to-valueapi-calltosuperwrongclass 
Python: ObjectAPI to ValueAPI: CallToSuperWrongClass
 2020-03-03 18:38:58 +01:00
Taus
9068040097 Merge pull request #2964 from BekaValentine/python-objectapi-to-valueapi-notimplemented 
Python: ObjectAPI to ValueAPI: NotImplemented
 2020-03-03 18:36:14 +01:00
Calum Grant
464a034c7d Merge pull request #2894 from BekaValentine/python-objectapi-to-valueapi-iscomparisons 
Python: ObjectAPI to ValueAPI: IsComparisons
 2020-03-03 17:25:24 +00:00
Taus Brock-Nannestad
eecace788f Python: Fix or disable CPs introduced by #2700 and #2875. 2020-03-03 18:18:03 +01:00
yo-h
a576f3fa54 Merge pull request #2966 from aschackmull/java/nullness-fp-test 
Java: Document a FP for nullness in a test.
 2020-03-03 12:04:52 -05:00
Nick Rolfe
c2db3d7984 Merge pull request #2968 from igfoo/unused_types 
C++: Update tests following extractor no longer extracting some unused types
 2020-03-03 16:03:40 +00:00
Esben Sparre Andreasen
4625217a68 Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules 2020-03-03 15:07:51 +01:00
Jonas Jensen
30b43b9322 C++: Tests for variables with ambiguous types 2020-03-03 14:45:04 +01:00
Esben Sparre Andreasen
dfa07130b5 JS: add process EventEmitter test 2020-03-03 14:26:03 +01:00
Jonas Jensen
88c74b2a4b Merge pull request #2917 from MathiasVP/inexact-is-chi-for-all-aliased-memory 
C++: `isChiForAllAliasedMemory` recursion through inexact Phi operands
 2020-03-03 14:25:49 +01:00
Jonas Jensen
4f23acf080 Merge pull request #2957 from MathiasVP/dataflow-dispatch-same-num-args 
C++: Only return functions that match arguments in DataFlowDispatch::viableCallable
 2020-03-03 14:19:26 +01:00
Anders Schack-Mulligen
4601639bad Java: Document a FP in a test. 2020-03-03 13:39:26 +01:00
Erik Krogh Kristensen
f03c67266a add taint step for replace call that only removes dots 2020-03-03 12:58:06 +01:00
Erik Krogh Kristensen
95819c8731 use RegExpTerm to generalize predicate 2020-03-03 12:34:18 +01:00
Asger Feldthaus
a2042094cf JS: Restrict reachableFromStoreBase 2020-03-03 11:32:23 +00:00
Asger Feldthaus
98524556c3 JS: Add some tests 2020-03-03 11:32:23 +00:00
Erik Krogh Kristensen
622a2fcfdc use regexp term instead of char class 2020-03-03 12:24:13 +01:00
semmle-qlci
57b3e6addf Merge pull request #2958 from erik-krogh/InnerPrefix 
Approved by asgerf
 2020-03-03 11:10:44 +00:00
Erik Krogh Kristensen
bc13204193 refactor header checks to be based on dominance 2020-03-03 12:04:31 +01:00
semmle-qlci
7f3f629d39 Merge pull request #2913 from asger-semmle/js/prototype-pollution-path 
Approved by erik-krogh
 2020-03-03 10:29:47 +00:00
semmle-qlci
b3cbf8baa8 Merge pull request #2960 from erik-krogh/OverloadsWithThis 
Approved by asgerf
 2020-03-03 10:10:00 +00:00
Esben Sparre Andreasen
adddebf039 Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules 2020-03-03 10:55:16 +01:00
semmle-qlci
e1c5449885 Merge pull request #2867 from erik-krogh/UselessCat 
Approved by esbena
 2020-03-03 09:10:25 +00:00
Erik Krogh Kristensen
9016f43d80 update expected output 2020-03-03 10:04:57 +01:00
Erik Krogh Kristensen
1781179e25 doc fixes 2020-03-03 09:50:02 +01:00
Erik Krogh Kristensen
c4ebd66b34 fix capitalization of predicate 2020-03-03 09:29:04 +01:00
Rebecca Valentine
2bbe4759ba Python: Removes obsolete predicate 2020-03-02 18:53:06 -08:00
Rebecca Valentine
e481ddf99e Python: Adds modernized predicate and moves queries over to it 2020-03-02 18:52:45 -08:00
Rebecca Valentine
a8ae843059 Python: Removes now obsolete original predicate 2020-03-02 18:46:19 -08:00