hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-28 10:18:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,723 Branches 164 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
52b76b1373 Merge pull request #3233 from RasmusWL/python-use-getAbsolutePath 
Approved by BekaValentine
 2020-04-14 10:43:24 +01:00
Mathias Vorreiter Pedersen
419b511ddb C++: Format 2020-04-14 11:39:44 +02:00
semmle-qlci
2e95cab970 Merge pull request #3234 from RasmusWL/python-modenise-files 
Approved by BekaValentine
 2020-04-14 10:38:26 +01:00
Asger Feldthaus
3515a2b412 JS: Update test output 2020-04-14 10:31:31 +01:00
Max Schaefer
d565a26d5b Add QL library for working with Go frontend errors. 2020-04-14 10:29:36 +01:00
Max Schaefer
f2d11538ce Add upgrade script. 2020-04-14 10:29:36 +01:00
Asger Feldthaus
88667206fc JS: Remove default hasLocationInfo case 2020-04-14 10:03:10 +01:00
Asger Feldthaus
5da968e34c JS: Specialize ASTNode.getFile 2020-04-14 10:03:10 +01:00
Asger Feldthaus
244a304e1d JS: Implement getFile() directly instead of via locations 2020-04-14 10:03:10 +01:00
Asger Feldthaus
dc084628cc JS: Avoid the special name getURL 2020-04-14 10:03:09 +01:00
Erik Krogh Kristensen
6827b84bdc change docstring to inline comment, and refer directly to array class 2020-04-14 10:32:16 +02:00
Erik Krogh Kristensen
e47575ce5b more precise getChild for matching "../" 2020-04-14 10:24:08 +02:00
Mathias Vorreiter Pedersen
d8dcbe3cbd C++: QLDoc for FileClosed, LoopBounds and MemoryFreed 2020-04-14 10:21:11 +02:00
Tom Hvitved
a9b88b6eaa C#: Update data flow tests 2020-04-14 09:31:10 +02:00
Sauyon Lee
a3ad54e8b9 Add tests for ginkgo test files 2020-04-13 22:59:23 -07:00
Sauyon Lee
385603a7a1 Use stubber for SQL tests 2020-04-13 22:59:22 -07:00
Sauyon Lee
06559e0ebf Use stubber for SystemCommandExecution tests 
Also remove redundant tests
 2020-04-13 22:59:21 -07:00
Sauyon Lee
42d16ca80b Use stubber for CWE-643 tests, and test example 2020-04-13 22:59:20 -07:00
Sauyon Lee
adc8730f1f Use stubber for CWE-312 tests 2020-04-13 22:59:18 -07:00
Sauyon Lee
5e765a9ca1 Use stubber for CWE-089 tests 2020-04-13 20:15:24 -07:00
Robert Marsh
10824f9612 C++: add method qldoc in Class.qll 2020-04-13 15:49:37 -07:00
Dave Bartolomeo
1bde11706e C++: Connect InitializeIndirection to UnmodeledDefinition 
The IR generation for `InitializeIndirection` currently connects its load operand to the result of the corresponding `InitializeParameter` instruction. This isn't exactly wrong, but it doesn't fit the IR invariant of "All unmodeled uses consume `UnmodeledDefinition`". Our current code doesn't care, because we just throw away all of the existing def-use information, modeled or otherwise, when we build unaliased SSA. However, some upcoming SSA changes don't work correctly if this invariant is broken.

I've added the trivial IR generation change, along with a new sanity query.
 2020-04-13 18:37:47 -04:00
Dave Bartolomeo
603a3af19b C++: Treat implicit end of body of non-void function as Unreached 
When the extractor can't prove that control flow will never reach the end of a non-`void`-returning function without reaching an explicit `return` statement, it inserts an implicit `return` without an operand. If control actually reaches this point, the behavior is undefined.

We were previously generating invalid IR for these implicit `return` statements, because the lack of an operand meant that there was no definition of the return value variable along that path. Instead, I've changed the IR generation to emit an `Unreached` instruction for the implicit `return`. This ensures that we don't create a control flow edge from the end of the body to the function epilogue.

The change to the range analysis test avoids having that test depend on the previous bad IR behavior, while still preserving the original spirit of the test.
 2020-04-13 18:09:44 -04:00
Robert Marsh
f24c4e51c5 C++: add method qldoc in Diagnostics.qll 2020-04-13 14:58:30 -07:00
Robert Marsh
d065389a6b C++: add method commetns in Compilation.qll 2020-04-13 14:41:25 -07:00
Robert Marsh
de29d93ede C++: add method qldoc for Comment.qll 2020-04-13 14:39:51 -07:00
Robert Marsh
8779177839 C++: accept minor test change 2020-04-13 14:03:02 -07:00
Robert Marsh
a5e7db73b2 Merge branch 'rc/1.24' into rdmarsh/cpp/ir-flow-through-outparams 
For submodule consistency
 2020-04-13 12:02:59 -07:00
Mathias Vorreiter Pedersen
cde34c9b1b C++: Accept test output which I previously forgot to accept 2020-04-13 16:19:21 +02:00
Mathias Vorreiter Pedersen
daac5c5ab3 Merge branch 'master' into ir-flow-fields 2020-04-13 14:19:17 +02:00
Mathias Vorreiter Pedersen
945ecffd05 C++: Add charpred to ParameterNode 2020-04-13 14:18:57 +02:00
Pavel Avgustinov
7c5c9ea8ea Merge pull request #3240 from Semmle/update-license-in-readme 
Update README to reflect new license
 2020-04-10 17:36:36 +01:00
Rebecca Valentine
8e91f10030 Python: ObjectAPI to ValueAPI: UselessClass: Adds preliminary modernization 2020-04-09 15:25:38 -07:00
Rebecca Valentine
339758fa70 Python: ObjectAPI to ValueAPI: WrongNameForArgumentInClassInstantiation: Adds preliminary modernization 2020-04-09 15:04:44 -07:00
Rebecca Valentine
8dc1933a02 Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInClassInstantiation: Adds preliminary modernization 2020-04-09 14:58:30 -07:00
Rebecca Valentine
336e48c5c6 Python: ObjectAPI to ValueAPI: IncorrectlySpecifiedOverriddenMethod: Adds preliminary modernization 2020-04-09 14:50:26 -07:00
Rebecca Valentine
be00d71b99 Python: ObjectAPI to ValueAPI: IncorrectlyOverriddenMethod: Adds preliminary modernization 2020-04-09 14:41:22 -07:00
Rebecca Valentine
7a586c97a4 Python: ObjectAPI to ValueAPI: IterReturnsNonIterature: Replaces custom return_type predicate with call to getAnInferredReturnType 2020-04-09 14:30:40 -07:00
Max Schaefer
c38edf77ce Update stats. 2020-04-09 16:39:47 +01:00
Max Schaefer
a837d5f4ce Add support for extracting Go frontend errors. 2020-04-09 16:39:47 +01:00
Dave Bartolomeo
9f18a15a93 Merge pull request #3231 from MathiasVP/qualified-static-calls-are-static 
C++: Do not generate this parameters and read/write side effects from static member functions
 2020-04-09 10:48:59 -04:00
Pavel Avgustinov
6737e99d65 Merge pull request #3209 from hmakholm/baselib-extractor 
Add extractor field in base language QL packs
 2020-04-09 15:24:49 +01:00
Mathias Vorreiter Pedersen
7f5330dd0a Merge branch 'master' into ir-flow-fields 2020-04-09 16:08:44 +02:00
Geoffrey White
ba3a8d0872 C++: Improve naming and QLDoc. 2020-04-09 15:06:23 +01:00
Geoffrey White
a7979fdc12 C++: Base results purely on allocations now, not multiplications by a sizeof. 2020-04-09 15:05:29 +01:00
Geoffrey White
febbbc4423 C++: Additional test cases. 2020-04-09 15:03:35 +01:00
James Fletcher
6e88b6d4f4 Merge pull request #3239 from jf205/update-support-project 
docs: Update support project to use fewer reusables
 2020-04-09 14:18:55 +01:00
Geoffrey White
2f7ec49684 Merge pull request #3238 from MathiasVP/TlsSettingsMisconfiguration-id-no-underscores 
C++: Replace underscores with dashes in query @id
 2020-04-09 13:07:08 +01:00
Henry Mercer
5af7d5f03a Update README to reflect new license 
Per https://github.com/Semmle/ql/pull/3205, code is now licensed under the MIT License.
 2020-04-09 13:06:53 +01:00
Asger Feldthaus
c070416fbe JS: Update test output 2020-04-09 12:24:11 +01:00