hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-30 12:18:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,723 Branches 164 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
4330d4e289 Python: Remove unused import in test 2020-02-26 10:26:30 +01:00
Rasmus Wriedt Larsen
5fae3a8d0a Python: Explain complexity of HTTPConnection.request 2020-02-26 10:26:30 +01:00
Rasmus Wriedt Larsen
b213db03fd Python: Consolidate stdlib http client tests 
Move the stdlib tests from test/{2,3}/library-tests/ into /test/library-tests/,
and deal with version by using sys.version_info (results should be the same for
both versions).

six tests were moved from /library-tests/web/client/stdlib => /library-tests/web/client/six
 2020-02-26 10:26:30 +01:00
Rasmus Wriedt Larsen
be187bcc0a Python: Make Client::HttpRequest extend ControlFlowNode 
Taus poitned out that the reuqest being send off, doesn't *need* to happen on a
CallNode. Someone *could* use a __setattr__ or property :\
 2020-02-26 10:26:30 +01:00
Rasmus Wriedt Larsen
e25079acc2 Python: Remove unnecessary cast 2020-02-26 10:26:30 +01:00
Rasmus Wriedt Larsen
cd5399d43e Python: Model outgoing http client requests 2020-02-26 10:26:30 +01:00
Mathias Vorreiter Pedersen
d942a3b54a C++: Change definition of isChiForAllAliasedMemory to recurse through inexact PhiInstructions 2020-02-26 10:21:27 +01:00
yo-h
21dd8757dd Update docs/experimental.md 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-02-25 23:11:29 -05:00
Rebecca Valentine
2fb722b04e Removes the general versions of the query. 2020-02-25 14:55:55 -08:00
Rebecca Valentine
15aeeb1e50 Removes erroneous expected result for py3 2020-02-25 14:54:52 -08:00
Rebecca Valentine
e07a003f75 Swaps overridden_call globally 2020-02-25 11:02:18 -08:00
Rebecca Valentine
50c91b99da Swaps correct_args_if_called_as_method globally 2020-02-25 11:01:51 -08:00
Rebecca Valentine
fb0cae76cf Swaps wrong_args globally 2020-02-25 11:00:39 -08:00
Rebecca Valentine
3a764ade8d Swaps too_many_args globally 2020-02-25 10:59:55 -08:00
Rebecca Valentine
3b0be46377 Swaps too_few_args globally 2020-02-25 10:59:16 -08:00
Rebecca Valentine
2c32a859cc Swaps illegally_named_parameter globally 2020-02-25 10:58:08 -08:00
Rebecca Valentine
4857a947ac Swaps get_function_or_initializer globally 2020-02-25 10:51:40 -08:00
Rebecca Valentine
cf4b7e1270 Swaps arg_count globally 2020-02-25 10:50:30 -08:00
Rebecca Valentine
c2a3af7e67 Adds objectapi suffix to private predicates 2020-02-25 10:48:29 -08:00
Rebecca Valentine
930228acc5 Un-autoformats 2020-02-25 09:52:46 -08:00
Rebecca Valentine
3e53e462d6 changes indents to 4 2020-02-25 09:46:21 -08:00
Rebecca Valentine
04951faf86 autoformat 2020-02-25 09:43:51 -08:00
Sauyon Lee
b931539f68 Merge pull request #36 from max-schaefer/remove-unused-predicate 
Remove an unused predicate.
 2020-02-25 09:40:42 -08:00
Taus Brock-Nannestad
1526c86e6d Python: Update test results for ReturnTypes.ql for Python 2. 2020-02-25 17:30:46 +01:00
yo-h
d06caefd8e Address code review comments for experimental.md 2020-02-25 11:17:42 -05:00
Taus Brock-Nannestad
35ada17e2a Python: Use object as default return type for built-ins. 2020-02-25 16:31:40 +01:00
Taus Brock-Nannestad
5813209337 Python: Add tests for missing points-to for built-in methods. 2020-02-25 16:25:41 +01:00
Erik Krogh Kristensen
dc6bfad023 Merge remote-tracking branch 'upstream/master' into CVE481 2020-02-25 16:25:03 +01:00
Taus Brock-Nannestad
887f85cee2 Python: Add test for missing points-to information 
To ease the rollout of this test, currently we only report missing points-to
information for nodes that either

- appear as an argument in a call to a function named `check`, or
- appear inside a scope where the first line is annotated with a comment ending
  in "check".

The idea behind the second version is that once we have points-to running at a
level where no node inside a scope that _ought_ to have points-to is missing
this information, we can simply remove all uses of `check(...)` from inside this
scope, and annotate the entire scope with `# check`. Once this has been done for
the entire file, we can then remove all the comments and just require
_everything_ to be checked.

Note that I don't expect all nodes to have the need for points-to information.
For instance, there are nodes representing scope entry and exit, and for these
it doesn't make sense to require that they "point-to" anything. Similarly,
`NameNode` appearing in a "store" (i.e. as the left hand side of an assignment)
do not strictly need to have points-to information, although it might be more
intuitive if they did.

Thus, the `relevant_node` predicate will almost certainly need to be extended to
exclude these kinds of nodes.
 2020-02-25 16:07:50 +01:00
Rasmus Wriedt Larsen
f10a86d3ac Python: Remove --optimize: true from options files 
Tests will be run with optimizations on by default now.
 2020-02-25 15:52:00 +01:00
Rasmus Wriedt Larsen
8f70101572 Python: docs: Use <code> tag consistently in UseofInput.qhelp 2020-02-25 15:40:08 +01:00
mchammer01
0c5216570c pre-migration work: fix typos 2020-02-25 04:50:14 -08:00
Jonas Jensen
db33c360bc Merge pull request #2910 from aschackmull/dataflow/cleanup 
Java/C++: Minor dataflow cleanup.
 2020-02-25 12:47:10 +01:00
semmle-qlci
03b882381a Merge pull request #2723 from esbena/js/support-path-is-inside 
Approved by asgerf
 2020-02-25 11:21:24 +00:00
Taus
b453cf8f60 Merge pull request #2906 from RasmusWL/python-add-3-imports-tests 
Python: Add Python 3 Imports tests from internal repo
 2020-02-25 12:04:16 +01:00
Max Schaefer
34c66c4245 Remove an unused predicate. 2020-02-25 10:46:09 +00:00
Erik Krogh Kristensen
c83c27cbc4 add extra sanity-check that the output looks good 2020-02-25 11:11:58 +01:00
Erik Krogh Kristensen
8d26f32199 arg -> param 2020-02-25 10:53:07 +01:00
Erik Krogh Kristensen
87d283aa6c add tests for third party command execution libraries (and two small fixes) 2020-02-25 10:50:59 +01:00
Matthew Gretton-Dann
3465d5a0c7 docs: Correct AC5 version 2020-02-25 09:29:18 +00:00
Matthew Gretton-Dann
a48e36e2e1 docs: Update clang/gcc versions supported 2020-02-25 09:28:39 +00:00
Matthew Gretton-Dann
28e9cd7e38 docs: Detail support for C18. 2020-02-25 09:27:42 +00:00
Mathias Vorreiter Pedersen
b9bb2ec0ac Merge pull request #2864 from jbj/DefaultTaintTracking-cached 
C++: Cache DefaultTaintTracking
 2020-02-25 10:15:43 +01:00
Erik Krogh Kristensen
d540caecdd Apply suggestions from code review 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-02-25 10:04:51 +01:00
Anders Schack-Mulligen
fba8772411 Java/C++: Minor dataflow cleanup. 2020-02-25 09:40:25 +01:00
Asger F
160fc48803 Merge pull request #2896 from asger-semmle/typescript-3.8 
TS: Support Typescript 3.8
 2020-02-25 08:19:01 +00:00
Sauyon Lee
7a918efbf8 Merge pull request #34 from max-schaefer/receiver-flow 
Propagate data flow through receivers
 2020-02-24 23:58:28 -08:00
Sauyon Lee
836146a3bf Merge pull request #35 from max-schaefer/field-package 
Make `Field.getPackage()` behave sensibly.
 2020-02-24 23:52:02 -08:00
Esben Sparre Andreasen
5baba62154 JS: model path-is-inside+is-path-inside for js/path-injection 2020-02-24 23:10:15 +01:00
Esben Sparre Andreasen
86b836cd29 JS: add tests for js/path-injection 2020-02-24 23:03:42 +01:00