hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-21 01:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,078 Commits 1,693 Branches 161 Tags
codeql-cli/v2.11.6
Commit Graph

47078 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ihsinme
9f4b7255aa Add files via upload 2021-09-02 10:21:07 +03:00
Erik Krogh Kristensen
1ad204d89e make after and TState private in ReDoSUtil 2021-09-02 09:15:43 +02:00
Erik Krogh Kristensen
df04c5044c use concat instead of strictconcat in RegexTreeView.qll 2021-09-02 08:54:39 +02:00
Tom Hvitved
c3ecae503b Data flow: Sync files 2021-09-01 19:58:47 +02:00
Tom Hvitved
136c8b5192 Data flow: Improve callMayFlowThroughFwd join order 
Before:
```
[2021-08-25 09:56:29] (1395s) Tuple counts for DataFlowImpl2::Stage3::callMayFlowThroughFwd#ff/2@111fb3:
                      15495496   ~5%         {5} r1 = SCAN DataFlowImpl2::Stage3::fwdFlowOutFromArg#fffff#reorder_0_2_4_1_3 OUTPUT In.3, In.4, In.2 'config', In.0 'call', In.1
                      1450611958 ~6335%      {5} r2 = JOIN r1 WITH DataFlowImpl2::Stage3::fwdFlow#fffff_03412#join_rhs ON FIRST 3 OUTPUT Lhs.3 'call', Lhs.4, Lhs.2 'config', Rhs.3, Rhs.4
                      7043648    ~20415%     {2} r3 = JOIN r2 WITH DataFlowImpl2::Stage3::fwdFlowIsEntered#fffff#reorder_0_3_4_1_2 ON FIRST 5 OUTPUT Lhs.0 'call', Lhs.2 'config'
                                             return r3
```

After:
```
[2021-08-25 10:57:02] (2652s) Tuple counts for DataFlowImpl2::Stage3::callMayFlowThroughFwd#ff/2@d3e27b:
                      15495496 ~0%         {6} r1 = SCAN DataFlowImpl2::Stage3::fwdFlowOutFromArg#fffff#reorder_0_2_4_1_3 OUTPUT In.0 'call', In.1, In.2 'config', In.3, In.4, In.2 'config'
                      9236888  ~22%        {7} r2 = JOIN r1 WITH DataFlowImpl2::Stage3::fwdFlowIsEntered#fffff#reorder_0_3_4_1_2 ON FIRST 3 OUTPUT Lhs.3, Rhs.3, Rhs.4, Lhs.4, Lhs.5, Lhs.0 'call', Lhs.2 'config'
                      7043648  ~20415%     {2} r3 = JOIN r2 WITH DataFlowImpl2::Stage3::fwdFlow#fffff ON FIRST 5 OUTPUT Lhs.5 'call', Lhs.6 'config'
                                           return r3
```
 2021-09-01 19:57:29 +02:00
Andrew Eisenberg
10f6cab77e Merge pull request #6583 from github/aeisenberg/query-suite-docs 
Docs: Update documentation for query suites
 2021-09-01 10:33:22 -07:00
Tom Hvitved
c176d344ab Merge pull request #274 from github/hvitved/cfg/may-raise 
CFG: Model calls that may raise an exception
 2021-09-01 17:42:13 +02:00
Tom Hvitved
6e23a9ae7a Merge pull request #275 from github/hvitved/api-graphs-fix 
API graphs: Fix bug for resolvable modules
 2021-09-01 17:10:27 +02:00
Tom Hvitved
03e91a22bc API graphs: Performance fixes 2021-09-01 16:57:56 +02:00
Tom Hvitved
ae70af01cd API graphs: Fix bug for resolvable modules 2021-09-01 16:57:52 +02:00
Tom Hvitved
031a73ff0f Add API graph test that exhibits a missing edge 2021-09-01 16:56:09 +02:00
Benjamin Muskalla
ee8958ba03 Fix nodes for local taint test 2021-09-01 15:55:59 +02:00
Benjamin Muskalla
c1d34d7d6f Move Strings to lib 2021-09-01 15:55:39 +02:00
Benjamin Muskalla
190bf90bc8 Replace stringbuilder step with model 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
7ddf7ff211 Track taint from concatenated string 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
d178fe4e5d Fix failing tests 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
93bc8aa7b2 Fix tests to take trim into account 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
7be179cf6c Mark String constructor as propagating taint 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
3928ffd30d Support CharSequence#subSequence 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
b7e608abc9 Model string builder APIs 2021-09-01 15:41:14 +02:00
Benjamin Muskalla
dab626270d Convert Objects API to csv model 2021-09-01 15:41:14 +02:00
Benjamin Muskalla
5df5805d36 Convert strings to summary model 2021-09-01 15:41:14 +02:00
Benjamin Muskalla
e0d978fd58 Migrate String constructor to model 2021-09-01 15:41:13 +02:00
Tom Hvitved
701eab7b74 Merge pull request #273 from github/hvitved/has-name 
Add `hasName` predicates
 2021-09-01 15:39:39 +02:00
Remco Vermeulen
7310590f90 Update qldoc FunctionAccess class 
The `FunctionAccess` class doesn't capture accesses of functions in function call expressions.
This update makes that explicit.
 2021-09-01 15:36:00 +02:00
Remco Vermeulen
ffd2a388a9 Update qldoc for the Access class 
The access class does not capture function accesses that are part of a function call expression.
This updates makes that explicit
 2021-09-01 15:30:33 +02:00
Tom Hvitved
89e6c0e838 CFG: Model calls that may raise an exception 
In order to avoid dead `rescue`s, we assume that any call that happens in a
`rescue`/`ensure` context may raise an exception.
 2021-09-01 14:07:28 +02:00
Tom Hvitved
4eaa31d800 Add hasName predicates 2021-09-01 13:32:19 +02:00
Asger Feldthaus
cc838326e1 JS: Remove old bulk export access getAnExportedModule 2021-09-01 13:28:54 +02:00
Asger Feldthaus
7daa6481e3 JS: Check property name in NodeJSModule.getABulkExportedNode 2021-09-01 13:25:14 +02:00
Asger Feldthaus
4b1f918feb JS: Extend getABulkExportedNode and use it in PackageExports 2021-09-01 13:24:23 +02:00
Chris Smowton
dccdc3be5a Merge pull request #6582 from github/smowton/admin/mention-multiple-sort-criteria 
Expression docs: mention multiple sort criteria
 2021-09-01 12:22:23 +01:00
Asger Feldthaus
cce3c0256e JS: Update some comments in Vue 2021-09-01 13:04:40 +02:00
Tamás Vajk
e9ff6e8755 Merge pull request #6578 from tamasvajk/fix/cil-local-decoding 
C#: Handle non-critical exception in CIL local variable extraction
 2021-09-01 12:52:53 +02:00
Erik Krogh Kristensen
a3289fabe1 sync ReDoSUtil with python 2021-09-01 12:47:06 +02:00
Erik Krogh Kristensen
537450606e use a consistent comment about the ignore case flag 2021-09-01 12:46:50 +02:00
Erik Krogh Kristensen
ff74fe1e03 rename hasChildThatMatchesIgnoringCasing to hasChildThatMatchesIgnoringCasingFlags 2021-09-01 12:45:20 +02:00
Erik Krogh Kristensen
75a3f34e86 use if-else in ReDoSUtil::getCanonicalizationFlags 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-09-01 12:44:02 +02:00
CodeQL CI
29bcd7ca6f Merge pull request #6572 from erik-krogh/live-server 
Approved by esbena
 2021-09-01 12:41:23 +02:00
Tamás Vajk
50a9b18c92 Merge pull request #6579 from tamasvajk/fix/cil-type-args 
C#: Fix completely broken type argument extraction in NoMetadataHandleType
 2021-09-01 12:16:15 +02:00
Chris Smowton
303e02fb8a Fix typo 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-09-01 10:45:47 +01:00
Erik Krogh Kristensen
f8d46677b9 add RequestExpr as an alias to NodeJSLib::RequestExpr in Connect.qll 2021-09-01 10:11:05 +02:00
Erik Krogh Kristensen
98d018ce26 remove redundant extends clause 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-09-01 10:09:40 +02:00
Andrew Eisenberg
21c168e229 Apply suggestions from code review 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-08-31 14:47:28 -07:00
Andrew Eisenberg
0923d1fdc1 Docs: Update documentation for query suites 
Adds some clarification around the `qlpack` directive.
The semantics has changed. This provides a new example
and some description.
 2021-08-31 13:39:04 -07:00
Alex Ford
41e7ef11e6 add missing pragma back 2021-08-31 21:19:56 +01:00
Alex Ford
d47c8ee9a5 format 2021-08-31 21:04:43 +01:00
Chris Smowton
c92b7828cb Merge pull request #6580 from smowton/smowton/admin/guava-models-mistakes 
Fix minor mistakes in old Guava models
 2021-08-31 19:44:23 +01:00
Chris Smowton
a47efc4348 Expression docs: mention multiple sort criteria 2021-08-31 19:18:03 +01:00
Shati Patel
a80a367de4 Merge pull request #6354 from Optixal/docs-js-isuncertain 
JS: Fixed description of `isUncertain()` predicate in CodeQL Language Guides: CodeQL Library for JavaScript
 2021-08-31 19:13:40 +01:00