hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-07 10:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,691 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
AndreiDiaconu1
a86a15d280 Fix problem with IsExpr 
The translation of `IsExpr` created a sanity check to fail since it generated
a Phi node that had only one source: if a variable was declared as part of the `IsExpr`, a conditional branch was generated, and the variable was defined only in the true successor; this has been changes so that the declaration happens before the conditional branch, and the variable is uninitialized (this removed the need for the `isInitializedByElement` predicate from `TranslatedDeclarationBase`, so that has been removed) and only the assignment happens in the true successor block (so now the two inputs of the Phi node are the result of the `Uninitialized` instruction and the `Store` instruction from the true successor block).
 2019-09-23 17:37:50 +01:00
Shati Patel
c156d6a555 Autoformat QL 2019-09-23 17:34:08 +01:00
AndreiDiaconu1
17e6b80a34 Added C# implementation 2019-09-23 17:31:24 +01:00
AndreiDiaconu1
1dab4e0e26 Initial commit, C++ files 2019-09-23 17:31:24 +01:00
Max Schaefer
d4fca84898 JavaScript: Improve XSS sanitizer detection. 
We now use local data flow to detect more regexp-based sanitizers.
 2019-09-23 17:07:06 +01:00
Matthew Gretton-Dann
6b28f33713 C++: Update test for fix to namespace members 
Generation of IDs for namespace members has been fixed to generate
unique IDs for variables of the same name but in different namespaces.

Update the same_name test to validate this.
 2019-09-23 16:04:59 +01:00
Jonas Jensen
22e57a6559 Merge pull request #1860 from matt-gretton-dann/add-using-aliases 
Add support for using aliases
 2019-09-23 16:53:51 +02:00
Jonas Jensen
898976121b Merge pull request #1987 from geoffw0/toomanyformat 
CPP: WrongNumberOfFormatArguments.ql Fix
 2019-09-23 16:05:11 +02:00
AndreiDiaconu1
7f76947af0 Autoformat 2019-09-23 15:03:38 +01:00
AndreiDiaconu1
ae503b2982 Remove incorrect Load 
Removed an incorrect `Load` op generated by propery accesses.
 2019-09-23 14:43:08 +01:00
Jonas Jensen
a34c0d4200 C++: Autoformat TranslatedExpr.qll 2019-09-23 15:39:32 +02:00
AndreiDiaconu1
3c95205f2e Minor fixes for array related translation 
More accurate type sizes using language specific predicates from `IRCSharpLanguage.qll`.
Added immediate operands for some `PointerX` (add, sub) instructions.
Some other minor consistency fixes.
 2019-09-23 14:37:31 +01:00
Robert Marsh
90c91a78f8 Merge pull request #1976 from pavgust/fix/hashcons-perf 
C++: HashCons: Further performance improvements
 2019-09-23 06:37:03 -07:00
Rasmus Wriedt Larsen
a0ecbc555d Merge pull request #1998 from taus-semmle/python-support-aiter 
Python: Add `__aiter__` as a recognised iterator method.
 2019-09-23 15:32:53 +02:00
Jonas Jensen
cd5f3b84a8 C++: Make sure there's a Instruction for each Expr 
This change ensures that all `Expr`s (except parentheses) have a
`TranslatedExpr` with a `getResult` that's one of its own instructions,
not an instruction from one of its operands. This means that when we
translate back and forth between `Expr` and `Instruction`, like in
`DataFlow::exprNode`, we will not conflate `e` with `&e` or `... = e`.
 2019-09-23 15:23:31 +02:00
Matthew Gretton-Dann
4606587fe8 C++: Apply style guide to TypedefType.qll 2019-09-23 13:57:50 +01:00
Matthew Gretton-Dann
af3b0d9e73 C++: Update stats. 2019-09-23 13:57:50 +01:00
Matthew Gretton-Dann
c8dfa46c63 C++: Add upgrade script for using aliases. 2019-09-23 13:57:50 +01:00
Matthew Gretton-Dann
fc75a6af5a C++: Add tests for using aliases 2019-09-23 13:57:50 +01:00
Matthew Gretton-Dann
9ff38ebeee C++: Update tests for new CTypedefType. 2019-09-23 13:57:50 +01:00
Matthew Gretton-Dann
5468b8def7 C++: Add support for C++ using aliases 
Previously these were identified as typedefs.
 2019-09-23 13:57:50 +01:00
Geoffrey White
b3df289a80 CPP: Fix test. 2019-09-23 13:56:24 +01:00
Geoffrey White
2d8e4b3176 CPP: Additional cases resembling the ticket. 2019-09-23 13:04:14 +01:00
semmle-qlci
825a3d2917 Merge pull request #1954 from asger-semmle/type-tracking-through-captured-vars 
Approved by xiemaisi
 2019-09-23 12:10:30 +01:00
semmle-qlci
e2c941c577 Merge pull request #1916 from erik-krogh/taintedLength 
Approved by asger-semmle, xiemaisi
 2019-09-23 11:47:48 +01:00
Taus Brock-Nannestad
e1012d8d5a Python: Add __aiter__ as a recognised iterator method. 2019-09-23 12:26:16 +02:00
Geoffrey White
040bd89163 CPP: Correct expected results. 2019-09-23 11:02:36 +01:00
Rasmus Wriedt Larsen
d6a7b6f7f1 Python: Fix documentation markup for IdentityEqMethod 2019-09-23 11:22:56 +02:00
Rasmus Wriedt Larsen
d273974045 Python: Don't flag return procedure_call() in __init__ as error 
This commit fixes the results for
0d8a429b7e/files/mayaTools/cgm/lib/classes/AttrFactory.py (L90)

```
def __init__(...):
    if error_case:
        return guiFactory.warning(...)
```

that was wrongly reporting _Explicit return in __init__ method._ as an error.
 2019-09-23 11:22:55 +02:00
Rasmus Wriedt Larsen
6e50a0ef84 Python: Modernise the py/explicit-return-in-init query. 
Add explicit test case to show that we don't doulbe report this problem.
 2019-09-23 11:22:55 +02:00
Rasmus Wriedt Larsen
f0479687d8 Python: Fix documentation for Function.isInitMethod 2019-09-23 11:22:55 +02:00
Shati Patel
f88f7962e7 QL etudes: Update predicate 2019-09-23 10:19:49 +01:00
Anders Schack-Mulligen
f8f3a4b25f Java: Minor additional type pruning. 2019-09-23 11:07:10 +02:00
Shati Patel
f94b01cb40 QL etudes: Address comments + fix sphinx warning 2019-09-23 09:52:43 +01:00
semmle-qlci
7a57a3c743 Merge pull request #1996 from xiemaisi/js/fix-illegal-invocation-refl 
Approved by esben-semmle
 2019-09-23 09:16:33 +01:00
Max Schaefer
149ae5d7ab JavaScript: Fix IllegalInvocation. 
This fixes false positives that arise when a call such as `f.apply` can either be interpreted as a reflective invocation of `f`, or a normal call to method `apply` of `f`.
 2019-09-23 07:44:14 +01:00
Tom Hvitved
e4d17a9b04 C#: Refactor getAnOutNode() predicate 2019-09-22 18:55:34 +02:00
Erik Krogh Kristensen
814c5537be update name of loop bound injection in change-notes 2019-09-20 22:56:08 +02:00
Asger F
69a88c4fcd JS: Fix typo and add metadata to DomValueRefs 2019-09-20 15:43:08 +01:00
Asger F
1ce0a48996 JS: Update tests 2019-09-20 15:41:36 +01:00
Geoffrey White
9100ab9360 CPP: Autoformat. 2019-09-20 15:30:59 +01:00
Anders Schack-Mulligen
42a970b905 Java: Update qldoc. 2019-09-20 16:21:03 +02:00
Geoffrey White
accb8246d4 CPP: Change note. 2019-09-20 15:15:35 +01:00
Anders Schack-Mulligen
d9aa46d3b0 Java: Add missing field pruning. 2019-09-20 16:13:48 +02:00
Anders Schack-Mulligen
648335d46d Java: Remove two unnecessary unbinds. 2019-09-20 16:12:56 +02:00
Geoffrey White
f7607313e7 CPP: Fix FPs. 2019-09-20 15:12:55 +01:00
Geoffrey White
9a407eb43c CPP: Test format args with mismatching declarations. 2019-09-20 14:54:44 +01:00
Calum Grant
b31cd8ab32 Merge pull request #1982 from hvitved/csharp/null-maybe-dynamic 
C#: Remove false positives from `cs/dereferenced-value-may-be-null`
 2019-09-20 14:46:01 +01:00
Calum Grant
8408e90b5f C#: Change note & docs. 2019-09-20 14:44:07 +01:00
Shati Patel
56bc8cb035 QL etudes: Add river crossing puzzle 
WIP
 2019-09-20 14:23:47 +01:00