hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-08 11:11:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,812 Commits 1,691 Branches 160 Tags
codeql-cli/v2.10.3
Commit Graph

41812 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
d672a6e13e Merge pull request #1376 from jbj/getName-direct 
C++: Use Definition.qll's getName
 2019-05-30 10:01:12 +01:00
Jonas Jensen
2b424bfb81 C++: Clarify getAQualifierForMembers 2019-05-30 10:06:35 +02:00
Jonas Jensen
4f304fcbf7 C++: Fix join order in RedundantNullCheckSimple 
The join order broke again after the last change.
 2019-05-30 09:43:56 +02:00
Jonas Jensen
a61aec9e63 C++: Fix ValueNumbering for CopyInstruction 
Querying for overlap type wasn't possible when this library was first
written. This change fixes FPs in `RedundantNullCheckSimple.ql` on
Wireshark and other real-world projects.
 2019-05-30 09:42:46 +02:00
Jonas Jensen
120df6054b C++: Demonstrate a FP due to GVN 2019-05-30 09:41:42 +02:00
Jonas Jensen
2e7daf2308 C++: Use GVN in RedundantNullCheckSimple 2019-05-30 09:41:42 +02:00
Dave Bartolomeo
aff85c5b24 C++: IR support for range-based for loops 
IR construction was missing support for C++ 11 range-based `for` loops. The extractor generates ASTs for the compiler-generated implementation already, so I had enough information to generate IR. I've expanded on some of the predicates in `RangeBasedForStmt` to access the desugared information.

One complication was that the `DeclStmt`s for the compiler-generated variables seem to have results for `getDeclaration()` but not for `getDeclarationEntry()`. This required handling these slightly differently than we do for other `DeclStmt`s.

The flow for range-based `for` is actually easier than for a regular `for`, because all three components (init, condition, and update) are always present.
 2019-05-29 14:40:29 -07:00
Calum Grant
59a006e59e Merge pull request #1368 from hvitved/csharp/cil-nullness 
CIL: Account for multiple `VariableUpdate::getSource()`s in nullness analysis
 2019-05-29 20:55:08 +01:00
Geoffrey White
665510a13c CPP: Add DangerousFunctionOverflow.ql to the security suite. 2019-05-29 16:36:02 +01:00
alexey
9377638834 Improve query help 2019-05-29 16:28:07 +01:00
alexey
86ec047be2 Rename files by style guide and change query metadata 2019-05-29 15:35:58 +01:00
Mark Shannon
71ae61c9f7 Python points-to: Remove duplicate import. 2019-05-29 15:02:59 +01:00
Mark Shannon
1ed3e5d9bc Python points-to: Fix ordering of string constants. 2019-05-29 15:02:59 +01:00
Mark Shannon
7181a025f8 Python points-to: Update expected results to account for fixed tuple formatting. 2019-05-29 15:02:59 +01:00
Felicity Chapman
a782585d74 Merge pull request #1374 from jf205/update-readme/sd-3458 
docs: add link to style guides in readme
 2019-05-29 14:42:46 +01:00
Jonas Jensen
241ef3c873 Merge pull request #1315 from geoffw0/ctime 
CPP: Split PotentiallyDangerousFunction.ql
 2019-05-29 15:40:34 +02:00
Jonas Jensen
df4c57648c C++: Support inline namespaces in hasQualifiedName 2019-05-29 15:22:42 +02:00
Jonas Jensen
4bb65fddf7 C++: Test that hasQualifiedName/3 ignores inline 2019-05-29 15:22:42 +02:00
Tom Hvitved
abc7cf2ef1 C#: Add change note 2019-05-29 15:18:45 +02:00
Tom Hvitved
6b99e1a1bf C#: Teach cs/useless-upcast about disambiguating constructor calls 2019-05-29 15:16:08 +02:00
Tom Hvitved
d8482083b9 C#: Add tests for disambiguated constructor calls 2019-05-29 15:14:30 +02:00
alexey
96380f6767 Edit query metadata and help and add new entry to the change-notes 1.21 2019-05-29 13:22:35 +01:00
Jonas Jensen
f8644b1023 C++: Use Definition.qll's getName 
It turns out we didn't have to move the `getName` implementation into
the mirror classes in `QualifiedName`. Doing so only made it harder for
the optimiser to specialize calls to `getName` on various kinds of
`Declaration`.
 2019-05-29 14:18:10 +02:00
Jonas Jensen
b4f19eebdd C++: Revert the getName() changes 
This reverts the `getName()` parts of 56e88cbac0 and 0a2e28858a.
 2019-05-29 14:15:45 +02:00
Tom Hvitved
884ef4c960 Merge pull request #1362 from calumgrant/cs/cs8/testing 
C#: Various small C#8 features
 2019-05-29 14:00:43 +02:00
Tom Hvitved
c68dfb9d68 C#: Switch expression guards 2019-05-29 13:50:42 +02:00
james
59bca9026c docs: address review comments 2019-05-29 11:53:53 +01:00
Geoffrey White
6c267f4957 CPP: Fix qhelp. 2019-05-29 10:35:49 +01:00
Geoffrey White
76d18b42b8 CPP: Repair getQualifiedName changes from elsewhere. 2019-05-29 10:35:49 +01:00
Geoffrey White
2e932b6675 CPP: Change notes. 2019-05-29 10:35:49 +01:00
Geoffrey White
eb880c3f9f CPP: Reference URLs. 2019-05-29 10:35:49 +01:00
Geoffrey White
dc44d686d4 CPP: Update CWE tag. 2019-05-29 10:35:49 +01:00
Geoffrey White
34444ace8b CPP: Update the query name and description. 2019-05-29 10:35:49 +01:00
Geoffrey White
2ae38a54af CPP: Adjust query tags. 2019-05-29 10:35:49 +01:00
Geoffrey White
9da2ead1f7 CPP: Remove redundant tests. 2019-05-29 10:35:49 +01:00
Geoffrey White
fc5e7e5e91 CPP: Test the new query. 2019-05-29 10:35:48 +01:00
Geoffrey White
88f363d564 CPP: Update the ql, qhelp and example. 2019-05-29 10:35:48 +01:00
Geoffrey White
1f80dea375 CPP: Clone PotentiallyDangerousFunction query as DangerousUseOfGets. 2019-05-29 10:35:48 +01:00
Geoffrey White
574a1d8501 Merge pull request #1037 from kevinbackhouse/RangeAnalysisAssignAddOverflow 
Better overflow detection for AssignAdd/AssignSub
 2019-05-29 09:54:06 +01:00
Tom Hvitved
23ce5bc7bf Merge pull request #1353 from calumgrant/cs/diagnostic-queries3 
C#: Add internal queries for extractor and compiler diagnostics
 2019-05-29 10:26:41 +02:00
Kevin Backhouse
b7ac03d07b Merge pull request #2 from geoffw0/assignadd2 
CPP: Minor corrections to: Better overflow detection for AssignAdd/AssignSub
 2019-05-29 08:36:29 +01:00
Tom Hvitved
428ad72694 C#: Improve performance of always[Not]NullMethod() 2019-05-29 09:34:54 +02:00
Calum Grant
1b264f73b4 C#: Fix test settings. 2019-05-29 08:15:51 +01:00
Calum Grant
cd41f4f415 C#: Analysis change notes. 2019-05-29 08:15:50 +01:00
Calum Grant
573646fe6a C#: Various C#8 features: 
- Async streams (test only)
 - Unmanaged generic structs (extractor support)
 - Alternate interpolated strings (test only)
 - static local function (test only)
 2019-05-29 08:12:11 +01:00
semmle-qlci
5bbbd26787 Merge pull request #1372 from xiemaisi/js/fail-if-no-code 
Approved by esben-semmle
 2019-05-29 08:06:44 +01:00
james
29e46cf347 docs: add link to style guides in readme 2019-05-28 21:33:36 +01:00
Jonas Jensen
b0a7f207e4 Merge pull request #1343 from rdmarsh2/rdmarsh/cpp/getUnspecifiedType 
C++: add getUnspecifiedType() for exprs and decls
 2019-05-28 20:10:28 +01:00
Calum Grant
85f275ce73 Merge pull request #1347 from hvitved/csharp/dataflow/this-flow 
C#: Data flow through `this` parameter
 2019-05-28 19:58:01 +01:00
Mark Shannon
77c508f954 Python points-to: More comment clarifications and typo fixes. 2019-05-28 17:52:55 +01:00