hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-11 20:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,689 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
c24bceddcd C++: Add ReadSideEffectInstruction to IR 
There was already a `WriteSideEffectInstruction` class that served as a
superclass for all the specific write side effects. This new class
serves the same purpose for read side effects.
 2020-01-22 13:27:10 +01:00
Jonas Jensen
2aaf41a0d8 C++: Test lack of flow through read side effect 2020-01-22 13:27:10 +01:00
semmle-qlci
bc88c41e0b Merge pull request #2668 from erik-krogh/MoreEvents 
Approved by esbena
 2020-01-22 11:57:11 +00:00
Erik Krogh Kristensen
1228d506b4 update change notes to reflect that library models have improved 2020-01-22 12:52:45 +01:00
Asger Feldthaus
5719b44fa5 TS: Add some documentation 2020-01-22 11:47:02 +00:00
Asger Feldthaus
a220268ad8 TS: Install deps under scratch dir 2020-01-22 11:47:02 +00:00
Asger Feldthaus
303bac9710 TS: Guess main file location 2020-01-22 11:25:24 +00:00
Tom Hvitved
d5daee4450 Merge pull request #2661 from aschackmull/java/remove-dataflowlocation 
Java/C++/C#: Remove DataFlowLocation as it's no longer needed.
 2020-01-22 12:11:24 +01:00
Anders Schack-Mulligen
b92203a87f Java: Allow null literals as sources in data flow. 2020-01-22 12:04:42 +01:00
Asger Feldthaus
21eecc4c9c JS: Make return type class for installDependencies() 2020-01-22 10:52:38 +00:00
Asger Feldthaus
71b540755d TS: Print TypeScript semantic errors in log 2020-01-22 10:52:37 +00:00
Asger Feldthaus
dde0f868b3 TS: Handle monorepos by rewriting package.json 2020-01-22 10:52:37 +00:00
Anders Schack-Mulligen
cf004ac9d8 Java: Remove the deprecated ParityAnalysis. 2020-01-22 11:45:18 +01:00
Rasmus Wriedt Larsen
aeaaab6437 Python: Modernise Resources/ queries 2020-01-22 11:20:31 +01:00
Rasmus Wriedt Larsen
47b932d6ce Python: Autoformat Resources/ queries 2020-01-22 11:20:28 +01:00
Erik Krogh Kristensen
5063e3820d update expected output 2020-01-22 11:18:47 +01:00
Erik Krogh Kristensen
750e9786f6 add change note for EventEmitter 2020-01-22 10:31:38 +01:00
Sauyon Lee
fe23f88468 Merge pull request #221 from max/cleanup 
Minor fixes
 2020-01-22 00:52:58 -08:00
Dave Bartolomeo
9d35ff73c4 C++/C#: Make escape analysis unsound by default 
When building SSA, we'll be assuming that stack variables do not escape, at least until we improve our alias analysis. I've added a new `IREscapeAnalysisConfiguration` class to allow the query to control this, and a new `UseSoundEscapeAnalysis.qll` module that can be imported to switch to the sound escape analysis. I've cloned the existing IR and SSA tests to have both sound and unsound versions. There were relatively few diffs in the IR dump tests, and the sanity tests still give the same results after one change described below.

Assuming that stack variables do not escape exposed an existing bug where we do not emit an `Uninitialized` instruction for the temporary variables used by `return` statements and `throw` expressions, even if the initializer is a constructor call or array initializer. I've refactored the code for handling elements that initialize a variable to share a common base class. I added a test case for returning an object initialized by constructor call, and ensured that the IR diffs for the existing `throw` test cases are correct.
 2020-01-22 00:15:30 -07:00
Grzegorz Golawski
c5a974788b Add check for disabled CSRF protection in Spring 
Fix the help according to review comments.
 2020-01-21 21:54:36 +01:00
Robert Marsh
c79d7acbfc Merge pull request #2656 from jbj/asDefiningArgument 
C++: Add DataFlow::Node.asDefiningArgument in IR
 2020-01-21 15:42:57 -05:00
Erik Krogh Kristensen
8370699344 add support for creating a promise with another resolved promise, e.g: Promise.resolve(otherPromise) 2020-01-21 20:11:27 +01:00
Erik Krogh Kristensen
8679132624 copy data from both callbacks in Promise data-flow 2020-01-21 18:00:06 +01:00
Erik Krogh Kristensen
86477a2249 changes based on review 2020-01-21 16:45:53 +01:00
Calum Grant
3d460aeb44 C#: ZipSlip query reports alert at source 2020-01-21 15:17:06 +00:00
Erik Krogh Kristensen
fe0b6a86d7 add data-flow steps for when Promise handlers return other promises 2020-01-21 16:15:18 +01:00
Erik Krogh Kristensen
d8b25ef5a2 add data-flow steps for resolved promises using pseudo-properties 2020-01-21 15:52:50 +01:00
Erik Krogh Kristensen
6648e2751f remove use of .getAlocalSource() i custom load/store test 2020-01-21 15:49:42 +01:00
Rasmus Wriedt Larsen
422658bbdb Python: Remove unused variable in example for py/url-redirection 2020-01-21 15:45:05 +01:00
Taus Brock-Nannestad
ead687da06 Python: Add false positive test example for issue #2652. 2020-01-21 15:28:01 +01:00
Rasmus Wriedt Larsen
bbe93f43d3 Python: Only comparison with constant will clear taint 
tainted = SOURCE
    if tainted == tainted:
        SINK(tainted) # unsafe

before, in the body of the if statement, `tainted` was not tainted
 2020-01-21 15:25:57 +01:00
Rasmus Wriedt Larsen
1498145415 Python: Highlight that any comparison will clear taint 2020-01-21 15:24:56 +01:00
Anders Schack-Mulligen
9cc0d3d1f4 Java/C++/C#: Remove DataFlowLocation as it's no longer needed. 2020-01-21 15:08:39 +01:00
Calum Grant
6692e61fa2 C#: Analysis change notes 2020-01-21 13:55:32 +00:00
Calum Grant
be68b6f938 C#: Add precision to queries 2020-01-21 13:24:48 +00:00
Jonas Jensen
84811f66a2 C++: autoformat 2020-01-21 13:21:16 +01:00
Erik Krogh Kristensen
569ee8fc8d add support for subclasses of EventEmitter 2020-01-21 12:08:50 +01:00
Jonas Jensen
6d46e4d946 C++: Wire up models to DefaultTaintTracking 
This adds support for arg-to-arg and arg-to-return taint.
 2020-01-21 12:04:45 +01:00
Jonas Jensen
fa00e96ba8 C++: Test IR taint through library functions 2020-01-21 12:03:43 +01:00
Jonas Jensen
5ac56c2e3a C++: Add DataFlow::Node.asDefiningArgument in IR 2020-01-21 11:52:06 +01:00
Max Schaefer
fe56c207a3 Make ImpossibleInterfaceNilCheck more robust. 
It no longer flags alerts that may be simply caused by missing type information.
 2020-01-21 10:04:57 +00:00
Max Schaefer
d78ba06a8d Add change note. 2020-01-21 09:56:59 +00:00
Max Schaefer
baeae0f69c Add a few variants to test. 2020-01-21 09:56:59 +00:00
Max Schaefer
6671b61fd3 Model panic from out-of-bounds index expression. 2020-01-21 09:56:59 +00:00
Max Schaefer
f42a2b060c Take implicit dereferences in index and slice expressions into account as well. 2020-01-21 09:56:59 +00:00
Max Schaefer
a4f5ad7412 Refactor implementation of SliceNode. 2020-01-21 09:56:59 +00:00
Max Schaefer
44b9bcf7a1 Autoformat. 2020-01-21 09:56:59 +00:00
Max Schaefer
64049d8f3d Make taint tracking less syntactic. 2020-01-21 09:56:59 +00:00
Max Schaefer
9f897132f2 Update HTTP library. 2020-01-21 09:56:59 +00:00
Max Schaefer
a2879dc754 Model implicit dereferences in data flow. 2020-01-21 09:56:59 +00:00