hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-24 03:42:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,686 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
67710eaed7 Python: Comment to highlight convention 2022-09-06 17:43:34 +02:00
Rasmus Lerchedahl Petersen
a496d10126 Python: qldoc to highlight source code aspect 2022-09-06 17:39:20 +02:00
Rasmus Lerchedahl Petersen
e7400e90e5 Python: add qldoc 2022-09-06 17:29:27 +02:00
Rasmus Lerchedahl Petersen
4cd41c24c7 Python: remove comments and start design document 2022-09-06 17:23:40 +02:00
Rasmus Lerchedahl Petersen
67c3a9b2f4 Python: resolve library calls in the CFG 
rather than in the AST
 2022-09-06 17:00:28 +02:00
Tony Torralba
ff731f1d83 Merge pull request #10138 from atorralba/atorralba/contentresolver-summaries 
Java: Add summaries for ContentResolver and adjacent classes
 2022-09-06 16:28:28 +02:00
Mathias Vorreiter Pedersen
d6b8f25312 C++: Add more tests. 2022-09-06 15:22:10 +01:00
Tony Torralba
c0dd9dd5d5 Merge pull request #10249 from atorralba/atorralba/regex-dot-bypass-docs 
Java: Documentation fixes in the "Permissive dot regex" experimental query
 2022-09-06 16:18:35 +02:00
Anders Schack-Mulligen
b84dca92cf Merge pull request #10240 from aschackmull/java/scc-typeflow 
Java: Support SCCs in TypeFlow.
 2022-09-06 15:43:20 +02:00
Mathias Vorreiter Pedersen
9745073024 C++: Speedup 'cpp/using-expired-stack-address' by avoiding a large negation. 2022-09-06 14:33:33 +01:00
Geoffrey White
d1867b9716 Merge pull request #10284 from geoffw0/stringlengthcleanup 
Swift: Improve swift/string-length-conflation
 2022-09-06 14:07:02 +01:00
Asger F
e8864d072d JS: Remove stray module DF export 2022-09-06 15:06:33 +02:00
Asger F
95c60858d4 Export as DataFlow instead of DF 2022-09-06 15:02:48 +02:00
Geoffrey White
d0cda04909 Swift: Clearer, possibly more efficient implementation. 2022-09-06 13:48:04 +01:00
Tony Torralba
b745b5ab71 Add models for androidx.core.app.NotificationCompat 2022-09-06 14:43:13 +02:00
Geoffrey White
0741266cea Swift: Switch from isSanitizerIn to isSanitizer. 2022-09-06 13:37:49 +01:00
Geoffrey White
8281d92e71 Swift: Add barriers for encryption. 2022-09-06 13:37:49 +01:00
Geoffrey White
9683a95162 Swift: Add a few more test cases. 2022-09-06 13:37:48 +01:00
Tom Hvitved
f448965953 Merge pull request #10294 from hvitved/csharp/integration-tests 
C#: Add `dotnet build` integration test
 2022-09-06 14:35:17 +02:00
Rasmus Lerchedahl Petersen
e5f087518e Python: stay in control flow layer 2022-09-06 14:16:48 +02:00
Anders Schack-Mulligen
6ffaa6918a Apply suggestions from code review 2022-09-06 14:11:48 +02:00
Anders Schack-Mulligen
bc57d87303 Java: Address comments. 2022-09-06 13:59:54 +02:00
Tom Hvitved
0353b3ebfc Merge pull request #10308 from github/rc/3.7 
Merge `rc/3.7` into `main`
 2022-09-06 13:32:00 +02:00
Tamas Vajk
57f50725ba Revert formatting change 2022-09-06 13:28:38 +02:00
Tamas Vajk
bbf4563cfe Apply review findings 2022-09-06 13:25:12 +02:00
Tom Hvitved
b2c38b37de Merge pull request #10296 from hvitved/ruby/call-graph-missing-singletons 
Ruby: Add missing edges to the call graph for singleton methods
 2022-09-06 13:23:24 +02:00
Tom Hvitved
66df44f8c9 Merge pull request #10310 from hvitved/csharp/docs/shared-compilation 
Docs: No longer mention required `/p:UseSharedCompilation=false`
 2022-09-06 13:20:59 +02:00
Tom Hvitved
8b8a662c76 Ruby: Fix bad join in parameterMatch 
Before
```
Evaluated relational algebra for predicate DataFlowDispatch#36b84300::parameterMatch#2#ff@281bdfu5 with tuple counts:
        23338949   ~0%    {2} r1 = JOIN DataFlowDispatch#36b84300::Cached::TParameterPosition#f WITH DataFlowDispatch#36b84300::Cached::TArgumentPosition#f CARTESIAN PRODUCT OUTPUT Lhs.0, Rhs.0

           65011   ~0%    {2} r2 = JOIN r1 WITH DataFlowDispatch#36b84300::Cached::TAnyParameterPosition#f ON FIRST 1 OUTPUT Lhs.0, Lhs.1
           65010   ~0%    {2} r3 = r2 AND NOT DataFlowDispatch#36b84300::Cached::TSelfArgumentPosition#f(Lhs.1)

        23338949   ~0%    {2} r4 = JOIN DataFlowDispatch#36b84300::Cached::TParameterPosition#f WITH DataFlowDispatch#36b84300::Cached::TArgumentPosition#f CARTESIAN PRODUCT OUTPUT Rhs.0, Lhs.0

             359   ~3%    {2} r5 = JOIN r4 WITH DataFlowDispatch#36b84300::Cached::TAnyArgumentPosition#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0
             358   ~3%    {2} r6 = r5 AND NOT DataFlowDispatch#36b84300::Cached::TSelfParameterPosition#f(Lhs.0)

           65368   ~0%    {2} r7 = r3 UNION r6

           65011   ~0%    {2} r8 = JOIN r1 WITH DataFlowDispatch#36b84300::Cached::TSelfParameterPosition#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0
               1   ~0%    {2} r9 = JOIN r8 WITH DataFlowDispatch#36b84300::Cached::TSelfArgumentPosition#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0

           65011   ~0%    {2} r10 = JOIN r1 WITH DataFlowDispatch#36b84300::Cached::TBlockParameterPosition#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0
               1   ~0%    {2} r11 = JOIN r10 WITH DataFlowDispatch#36b84300::Cached::TBlockArgumentPosition#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0

           65011   ~3%    {2} r12 = JOIN r1 WITH DataFlowDispatch#36b84300::Cached::THashSplatParameterPosition#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0
               1   ~0%    {2} r13 = JOIN r12 WITH DataFlowDispatch#36b84300::Cached::THashSplatArgumentPosition#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0

               2   ~0%    {2} r14 = r11 UNION r13
               3   ~0%    {2} r15 = r9 UNION r14
           65371   ~0%    {2} r16 = r7 UNION r15

           65011   ~0%    {2} r17 = JOIN r1 WITH DataFlowDispatch#36b84300::Cached::TAnyKeywordParameterPosition#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0
            1645   ~1%    {2} r18 = JOIN r17 WITH DataFlowDispatch#36b84300::Cached::TKeywordArgumentPosition#ff_1#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0

             359   ~0%    {2} r19 = JOIN r4 WITH DataFlowDispatch#36b84300::Cached::TAnyKeywordArgumentPosition#f ON FIRST 1 OUTPUT Lhs.1, Lhs.0
             320   ~0%    {2} r20 = JOIN r19 WITH DataFlowDispatch#36b84300::Cached::TKeywordParameterPosition#ff_1#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1

            1965   ~1%    {2} r21 = r18 UNION r20

        20803520   ~1%    {3} r22 = JOIN r1 WITH DataFlowDispatch#36b84300::Cached::TKeywordParameterPosition#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0
             320   ~0%    {2} r23 = JOIN r22 WITH DataFlowDispatch#36b84300::Cached::TKeywordArgumentPosition#ff ON FIRST 2 OUTPUT Lhs.2, Lhs.1

         2145363   ~0%    {3} r24 = JOIN r1 WITH DataFlowDispatch#36b84300::Cached::TPositionalParameterPosition#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0
              33   ~0%    {2} r25 = JOIN r24 WITH DataFlowDispatch#36b84300::Cached::TPositionalArgumentPosition#ff ON FIRST 2 OUTPUT Lhs.2, Lhs.1

           65011   ~0%    {3} r26 = JOIN r1 WITH DataFlowDispatch#36b84300::Cached::TPositionalParameterLowerBoundPosition#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Rhs.1
           63361   ~0%    {4} r27 = JOIN r26 WITH DataFlowDispatch#36b84300::Cached::TPositionalArgumentPosition#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Rhs.1
           63360   ~0%    {4} r28 = SELECT r27 ON In.3 >= In.2
           63360   ~0%    {2} r29 = SCAN r28 OUTPUT In.0, In.1

           63393   ~0%    {2} r30 = r25 UNION r29
           63713   ~0%    {2} r31 = r23 UNION r30
           65678   ~0%    {2} r32 = r21 UNION r31
          131049   ~0%    {2} r33 = r16 UNION r32
                          return r33
```

After
```
Evaluated relational algebra for predicate DataFlowDispatch#36b84300::parameterMatch#2#ff@698b99ci with tuple counts:
             1   ~0%    {2} r1 = JOIN DataFlowDispatch#36b84300::Cached::TSelfParameterPosition#f WITH DataFlowDispatch#36b84300::Cached::TSelfArgumentPosition#f CARTESIAN PRODUCT OUTPUT Lhs.0, Rhs.0

             1   ~0%    {2} r2 = JOIN DataFlowDispatch#36b84300::Cached::TBlockParameterPosition#f WITH DataFlowDispatch#36b84300::Cached::TBlockArgumentPosition#f CARTESIAN PRODUCT OUTPUT Lhs.0, Rhs.0

             2   ~0%    {2} r3 = r1 UNION r2

             1   ~0%    {2} r4 = JOIN DataFlowDispatch#36b84300::Cached::THashSplatParameterPosition#f WITH DataFlowDispatch#36b84300::Cached::THashSplatArgumentPosition#f CARTESIAN PRODUCT OUTPUT Lhs.0, Rhs.0

         65010   ~0%    {2} r5 = JOIN DataFlowDispatch#36b84300::Cached::TAnyParameterPosition#f WITH DataFlowDispatch#36b84300::argumentPositionIsNotSelf#1#f CARTESIAN PRODUCT OUTPUT Lhs.0, Rhs.0

           358   ~3%    {2} r6 = JOIN DataFlowDispatch#36b84300::Cached::TAnyArgumentPosition#f WITH DataFlowDispatch#36b84300::parameterPositionIsNotSelf#1#f CARTESIAN PRODUCT OUTPUT Rhs.0, Lhs.0

         65368   ~0%    {2} r7 = r5 UNION r6
         65369   ~0%    {2} r8 = r4 UNION r7
         65371   ~0%    {2} r9 = r3 UNION r8

          1645   ~1%    {2} r10 = JOIN DataFlowDispatch#36b84300::Cached::TAnyKeywordParameterPosition#f WITH DataFlowDispatch#36b84300::Cached::TKeywordArgumentPosition#ff CARTESIAN PRODUCT OUTPUT Lhs.0, Rhs.1

           320   ~0%    {2} r11 = JOIN DataFlowDispatch#36b84300::Cached::TAnyKeywordArgumentPosition#f WITH DataFlowDispatch#36b84300::Cached::TKeywordParameterPosition#ff CARTESIAN PRODUCT OUTPUT Rhs.1, Lhs.0

          1965   ~1%    {2} r12 = r10 UNION r11

            33   ~0%    {2} r13 = JOIN DataFlowDispatch#36b84300::Cached::TPositionalParameterPosition#ff WITH DataFlowDispatch#36b84300::Cached::TPositionalArgumentPosition#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1

           320   ~0%    {2} r14 = JOIN DataFlowDispatch#36b84300::Cached::TKeywordParameterPosition#ff WITH DataFlowDispatch#36b84300::Cached::TKeywordArgumentPosition#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1

         63361   ~1%    {4} r15 = JOIN DataFlowDispatch#36b84300::Cached::TPositionalParameterLowerBoundPosition#ff WITH DataFlowDispatch#36b84300::Cached::TPositionalArgumentPosition#ff CARTESIAN PRODUCT OUTPUT Lhs.0, Lhs.1, Rhs.0, Rhs.1
         63360   ~1%    {4} r16 = SELECT r15 ON In.2 >= In.0
         63360   ~0%    {2} r17 = SCAN r16 OUTPUT In.1, In.3

         63680   ~0%    {2} r18 = r14 UNION r17
         63713   ~0%    {2} r19 = r13 UNION r18
         65678   ~0%    {2} r20 = r12 UNION r19
        131049   ~0%    {2} r21 = r9 UNION r20
                        return r21
```
 2022-09-06 13:02:36 +02:00
Erik Krogh Kristensen
c76b6d1782 Merge pull request #10309 from erik-krogh/leftoverTodo 
JS: fix leftover todo in js/insecure-temporary-file
 2022-09-06 12:31:29 +02:00
erik-krogh
24f2e3cc07 update alert-messages of the sensitive data queries to match #10314 2022-09-06 12:25:36 +02:00
Taus
810568cf02 Merge pull request #10171 from RasmusWL/variable-accesss 
Python: Fixes for variable access
 2022-09-06 12:18:37 +02:00
Rasmus Wriedt Larsen
5f6e3dcc2e Python: Revert changes to sensitive data query alert messages 
This partly reverts the changes from https://github.com/github/codeql/pull/10252

Although consistency is nice, the new messages didn't sound as natural.

New alert message would read

> Insecure hashing algorithm (md5) depends on sensitive data (password). (...)

I'm not sure what it means that a hashing algorithm depends on data. So
for me, the original text below is much easier to understand.

> Sensitive data (password) is used in a hashing algorithm (md5) that is insecure (...)

Same goes for the other sensitive data queries.
 2022-09-06 12:01:24 +02:00
Mathias Vorreiter Pedersen
02c18e714b C++: Mention 'range-based for-loops' in the QLDoc for 'IRDeclarationEntry'. 2022-09-06 10:40:13 +01:00
Mathias Vorreiter Pedersen
10f962f341 C++: Rename 'PseudoDeclarationEntry' to 'IRDeclarationEntry'. 2022-09-06 10:36:38 +01:00
Tamas Vajk
826bbdf834 Kotlin: Fix vararg extraction outside of method call 2022-09-06 11:32:32 +02:00
Tamas Vajk
cb3c53dee7 Kotlin: Add test case for unexpected vararg extraction error 2022-09-06 11:32:24 +02:00
Mathias Vorreiter Pedersen
ed3fff0eba Update cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-09-06 10:32:16 +01:00
Tony Torralba
b94e0d3e69 Merge pull request #10251 from atorralba/atorralba/implicit-pendingintent-sinks 
Java: Add new AlarmManager sinks to Use of implicit PendingIntents
 2022-09-06 11:31:27 +02:00
Rasmus Wriedt Larsen
7895a5859d Ruby: Autoformat 2022-09-06 11:01:06 +02:00
Rasmus Wriedt Larsen
a9e1e72196 Merge branch 'main' into shared-http-client-request 2022-09-06 10:52:27 +02:00
Rasmus Wriedt Larsen
528ef0eeaa Ruby: Use separate dataflow copy for HTTP client libs 
As discussed with @hvitved offline. This helps out to ensrue we don't
needlessly evaluate dataflow for configurations that are not needed
anyway. That is, if other library modeling also used the same dataflow
configuration, which ends up being used in query A, then dataflow for
all the `DataFlowImplForLibraries` configurations would be computeted at
once. When we get to evaluate the query `RequestWithoutValidation.ql`
these results mgith have been forgotten since the predicates are not
cached, and everything will have to be computeted again.

In principle we could be added a dataflow copy for each framework.
However, since we know that the `disablesCertificateValidation`
member-predicates for all the HTTP client libraries will all be used at
the same time, and only for the one query, we only add ONE additional
copy.

Note that the only use of `DataFlowImplForLibraries` before this PR is
using `tainttrackingforlibraries.TaintTrackingImpl` (based on
DataFlowImplForLibraries) for regex computation.
c904ba1d16/ruby/ql/lib/codeql/ruby/Regexp.qll (L153)
Since this is currently transitively imported from Frameworks.qll
(through Core.qll, and core/String.qll), the previous approach didn't
actually violate the assumption about all configurations always being in
scope, but it might have been more by accident, than by purpose.
 2022-09-06 10:43:36 +02:00
Rasmus Wriedt Larsen
25d09cd6d6 Ruby: Simplify getKeywordArgumentIncludeHashArgument 
As suggested by @hvitved in review
 2022-09-06 10:24:22 +02:00
Tom Hvitved
eff3747eb9 Docs: No longer mention required /p:UseSharedCompilation=false 2022-09-06 10:13:29 +02:00
Rasmus Wriedt Larsen
07457b2b5f Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
d708abfc80 Python: Accept more .expected changes 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
c9cd809ef2 Python: Add change-note 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
e979dffc08 Python: Fix variable access from extractor-change 
These changes are from internal PR.
 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
985e87ccde Python: Add variable scope example with subclass 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
0e3d520712 Python: Add variables regression test 
As illustrated when running the python file, the non qualified reads in
the `use` method all refer to the global variables, whereas `ex =
func(baz)` are to the things defined on the class.

The important part of the .expected changes is that the _global_
variable `bar` is used inside the function, whereas it's the local
variable for `foo` (on class scope) that is used inside the function
(which is wrong).
 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
98db1af898 Python: Also show variable access 2022-09-06 10:11:37 +02:00