hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-27 13:23:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,508 Commits 1,688 Branches 159 Tags
codeql-cli/v2.10.4
Commit Graph

42508 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
6b0df9bdfb refactor the concretize algorithm 2022-06-23 14:36:25 +02:00
Erik Krogh Kristensen
dbeae9aefb make a parameterized module out of the RegexpMatching implementation 2022-06-23 14:36:25 +02:00
Erik Krogh Kristensen
7fb3d81d2f add further normalization of char classses 2022-06-23 14:36:25 +02:00
Erik Krogh Kristensen
3be4a86acd make ReDoSPruning into a parameterized module 2022-06-23 14:36:25 +02:00
Erik Krogh Kristensen
dc06e9df02 move predicates that depend on isReDoSCandidate into a ReDoSPruning module 2022-06-23 14:36:24 +02:00
Anders Schack-Mulligen
4a317a25d3 Dataflow: Sync. 2022-06-23 14:34:52 +02:00
Anders Schack-Mulligen
c27290563a Dataflow: Perf fix, avoid node scans. 2022-06-23 14:34:05 +02:00
Paolo Tranquilli
0957f63cc7 Swift: update codegen workflow to include all files 2022-06-23 14:31:48 +02:00
Paolo Tranquilli
a9877ed2fd Swift: split generated C++ files by directory 2022-06-23 14:24:03 +02:00
Paolo Tranquilli
b2ebf63d2e Swift: split generated C++ code into .h and .cpp 2022-06-23 14:22:58 +02:00
Asger F
d94010c244 Grammar: report -> reports 2022-06-23 14:17:52 +02:00
Asger F
d3df2033f0 Update cpp/ql/lib/change-notes/released/0.3.0.md 2022-06-23 14:11:11 +02:00
Asger F
bef38a64c3 Update cpp/ql/lib/CHANGELOG.md 2022-06-23 14:10:09 +02:00
Ian Lynagh
1713c416c0 Kotlin: Remove unused function getDiagnosticLocation 2022-06-23 13:07:09 +01:00
Geoffrey White
3b48cb02bc Swift: Add Type.getName(). 2022-06-23 12:54:56 +01:00
github-actions[bot]
a74051c658 Release preparation for version 2.10.0 2022-06-23 11:17:46 +00:00
Geoffrey White
01f697abe9 Swift: Rename argName -> paramName. 2022-06-23 12:16:04 +01:00
Geoffrey White
5222ba9073 Swift: Suggestions from review. 2022-06-23 12:02:32 +01:00
Rasmus Wriedt Larsen
3248f7b423 Merge pull request #9649 from RasmusWL/certificate-modeling 
Python/JS/Ruby: Ignore common words (like certain) as sensitive data source
 2022-06-23 12:04:58 +02:00
Mathias Vorreiter Pedersen
9b587843ff Merge pull request #9669 from rdmarsh2/rdmarsh2/swift/dataflow-lambda-flow 
Swift: implement LambdaCall in dataflow library
 2022-06-23 10:38:45 +01:00
Asger F
298f4ab899 Merge pull request #9679 from asgerf/js/fix-downgrade-script 
JS: Downgrade ast_node_symbol relation
 2022-06-23 11:08:06 +02:00
Tamas Vajk
cf18a9a04b Fix bad join order in Shadowing::shadows 
Fixes the bad join order in `Shadowing::shadows`:
Tuple counts for Shadowing::shadows#f4fb89a3#ffff@c4b8a90j:
           182915  ~0%    {2} r1 = Variable::LocalVariableDecl::getCallable#dispred#f0820431#ff AND NOT Shadowing::shadows#f4fb89a3#ffff#antijoin_rhs(Lhs.0, Lhs.1)
           182915  ~0%    {3} r2 = JOIN r1 WITH localvars ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Rhs.2
           182915  ~3%    {4} r3 = JOIN r2 WITH Member::Member::getDeclaringType#dispred#f0820431#bf ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0, Lhs.2
           182833  ~0%    {4} r4 = JOIN r3 WITH classes ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Lhs.3, Lhs.0
           182833  ~3%    {5} r5 = JOIN r4 WITH Element::Element::getName#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.2, Lhs.0, Lhs.1, Lhs.3, Rhs.1
        183352620  ~5%    {5} r6 = JOIN r5 WITH Member::Field::getType#dispred#f0820431#bf_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.3, Lhs.1, Lhs.2, Lhs.4
            40529  ~0%    {5} r7 = JOIN r6 WITH Member::Field::getDeclaringType#dispred#f0820431#fb ON FIRST 2 OUTPUT Lhs.0, Lhs.4, Lhs.2, Lhs.3, Lhs.1
              678  ~4%    {4} r8 = JOIN r7 WITH Element::Element::getName#dispred#f0820431#ff ON FIRST 2 OUTPUT Lhs.2, Lhs.3, Lhs.4, Lhs.0
              670  ~4%    {4} r9 = r8 AND NOT Member::Field::isStatic#dispred#f0820431#b(Lhs.3)
              670  ~3%    {4} r10 = SCAN r9 OUTPUT In.0, In.2, In.3, In.1
                          return r10

After the fix:
Tuple counts for Shadowing::shadows#f4fb89a3#ffff@95ca976v:
        182915  ~0%    {2} r1 = Variable::LocalVariableDecl::getCallable#dispred#f0820431#ff AND NOT Shadowing::shadows#f4fb89a3#ffff#antijoin_rhs(Lhs.0, Lhs.1)
        182915  ~0%    {3} r2 = JOIN r1 WITH localvars ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Rhs.2
        182915  ~0%    {4} r3 = JOIN r2 WITH Member::Member::getDeclaringType#dispred#f0820431#bf ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Rhs.1
        182915  ~7%    {5} r4 = JOIN r3 WITH Element::Element::getName#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.3, Rhs.1, Lhs.2, Lhs.0, Lhs.1
           678  ~4%    {4} r5 = JOIN r4 WITH Shadowing::getField#f4fb89a3#ffff ON FIRST 3 OUTPUT Lhs.3, Lhs.4, Lhs.0, Rhs.3
           670  ~4%    {4} r6 = r5 AND NOT Member::Field::isStatic#dispred#f0820431#b(Lhs.3)
           670  ~3%    {4} r7 = SCAN r6 OUTPUT In.0, In.2, In.3, In.1
                       return r7
 2022-06-23 10:30:39 +02:00
Asger F
90c2b6e47f JS: Downgrade ast_node_symbol relation 2022-06-23 10:17:28 +02:00
Geoffrey White
20c3182437 Merge pull request #9087 from ihsinme/ihsinme-patch-88 
CPP: Add query for CWE-670: Always-Incorrect Control Flow Implementation when use SSL_shutdown
 2022-06-23 09:16:55 +01:00
Tamas Vajk
e65a046235 Fix test file after rebase 2022-06-23 09:51:48 +02:00
Mathias Vorreiter Pedersen
5dfa5fb877 Merge pull request #9678 from jketema/ql-fixes 
C++: Two small QL fixes
 2022-06-23 08:23:54 +01:00
Erik Krogh Kristensen
08e4c8b195 Merge pull request #9634 from erik-krogh/jqueryParam 
JS: add all jquery plugin parameters as source to js/html-constructed-from-input
 2022-06-23 08:57:20 +02:00
Tamas Vajk
579bfc22f3 Fix performance change in SecurityFlag 2022-06-23 08:46:33 +02:00
Tamas Vajk
79ec998636 Fix DB change compatibility to backwards 2022-06-23 08:45:11 +02:00
Tamas Vajk
7dad2f7fcb Fix DB upgrade properties 2022-06-23 08:45:11 +02:00
Tamas Vajk
074b90ea1a Add change note 2022-06-23 08:45:11 +02:00
Tamas Vajk
053ca2e940 Update DB stats file 2022-06-23 08:45:11 +02:00
Tamas Vajk
e03b48f293 Add DB upgrade folder 2022-06-23 08:45:11 +02:00
Tamas Vajk
dabc956dbf Unify loop break/continue statement handling between java and kotlin 2022-06-23 08:45:11 +02:00
Jeroen Ketema
b3ac7bda35 C++: Remove redundant parentheses 2022-06-23 07:25:53 +02:00
Jeroen Ketema
9cfd1a84b6 C++: Remove out-of-date comment, as we use mangled names in ResolveClass.qll 2022-06-23 07:24:04 +02:00
AlexDenisov
decb136471 Update swift/extractor/SwiftExtractor.cpp 
Co-authored-by: Paolo Tranquilli <redsun82@github.com>
 2022-06-23 07:23:17 +02:00
thiggy1342
e838b83f5f attempt to introduce dataflow tracking 2022-06-23 02:21:47 +00:00
Robert Marsh
813a8548d7 C++: accept test changes for globals in data flow 2022-06-22 16:42:42 -04:00
Geoffrey White
07b89b89d7 Swift: Clean up a bit. 2022-06-22 19:35:37 +01:00
Geoffrey White
19026e9ed5 Swift: Work around toString change. 2022-06-22 19:16:09 +01:00
Geoffrey White
da7f49155d Swift: Use dataflow. 2022-06-22 19:16:09 +01:00
Geoffrey White
28d801fde3 Swift: CWE-135 query sources and sinks. 2022-06-22 19:16:08 +01:00
Robert Marsh
b609f1ea52 Merge pull request #9668 from MathiasVP/expr-nodes-for-properties 
Swift: Make sure property setters and getters also have `ExprNodes`
 2022-06-22 14:09:46 -04:00
Robert Marsh
42929a70e8 Swift: implement LambdaCall in dataflow library 2022-06-22 17:30:54 +00:00
Andrew Eisenberg
5432be7b3a Merge pull request #9667 from github/nickrolfe/js_downgrades 
JS: create downgrades pack
 2022-06-22 10:30:41 -07:00
Mathias Vorreiter Pedersen
77b8ceb976 Swift: Make sure property setters and getters also have ExprNodes. 2022-06-22 17:53:41 +01:00
Nick Rolfe
d91e8a6309 JS: create downgrades pack 2022-06-22 17:31:49 +01:00
AlexDenisov
19bc9cf301 Merge pull request #9666 from github/redsun82/swift-code-reorg 
Swift: reorganize code
 2022-06-22 18:28:08 +02:00
Paolo Tranquilli
cfde68023d Swift: fix includes jumbled by IDE 2022-06-22 18:17:40 +02:00