hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-05 09:41:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,820 Commits 1,691 Branches 159 Tags
codeql-cli/v2.12.6
Commit Graph

51820 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
29ee1bda50 Merge pull request #12369 from michaelnebel/csharp/unsafestubs 
C#: .NET 7 Runtime and ASP.NET 7 stubs.
 2023-03-08 13:54:23 +01:00
Michael Nebel
6adc04eca0 Merge pull request #12370 from michaelnebel/csharp/unsafemember 
C#: Improve the `unsafe` predicate on Modifiable.
 2023-03-08 13:47:59 +01:00
Anders Schack-Mulligen
e7f85673e9 Java: Fix tests and make modules private 2023-03-08 13:35:25 +01:00
Michael B. Gale
71d0a2378b Append process id to diagnostics filename 2023-03-08 12:15:46 +00:00
Arthur Baars
2d6f3ed6c2 Address comments 2023-03-08 13:10:03 +01:00
Mathias Vorreiter Pedersen
c84d88f5aa Merge pull request #12429 from MathiasVP/actually-implement-language-specific-flow-into-call-node-cand1 
C++: Implement `getAdditionalFlowIntoCallNodeTerm`
 2023-03-08 11:58:56 +00:00
yoff
a45a0ee50d Merge pull request #12425 from RasmusWL/arg-passing-problem 
Python: Add test of keyword argument with same name as positional-only parameter
 2023-03-08 12:01:26 +01:00
Mathias Vorreiter Pedersen
8308c661b4 Merge pull request #12432 from MathiasVP/fix-ir-uninitialized-node 
C++: Fix `asUninitialized`
 2023-03-08 10:03:46 +00:00
Chris Smowton
a63a4c29e2 Go: fix incorrect-integer-conversion sanitizer 
This was amended as part of https://github.com/github/codeql/pull/12186, but the conversion was inadequate because the new implementation didn't work when a sink (type conversion) led directly to a non-`localTaintStep` step, such as a store step or an interprocedural step. Here I move the sink back one step to the argument of the type
conversion and sanitize the result of the conversion instead, to ensure there is always a unique local successor to a sink.

This should eliminate unexpected extra results that resulted from https://github.com/github/codeql/pull/12186. Independently there are also *lost* results that stem from needing a higher `fieldFlowBranchLimit` that are not addressed in this PR, but raising that limit is a performance risk and so I will address this separately.
 2023-03-08 09:48:35 +00:00
Mathias Vorreiter Pedersen
5a6b94eda2 C++: Respond to PR reviews. 2023-03-08 09:38:56 +00:00
Michael Nebel
0714310661 C#: Add some more test examples. 2023-03-08 10:14:49 +01:00
Mathias Vorreiter Pedersen
263b208282 C++: Disambiguate a test annotation. 2023-03-08 09:07:07 +00:00
Michael Nebel
7ce5c0d55d C#: Add change note. 2023-03-08 10:02:28 +01:00
Michael Nebel
c88f52c63e C#: Add stubs test case. 2023-03-08 10:02:27 +01:00
Michael Nebel
b6d97b07bf C#: Also print the unsafe keyword for eg. classes when creating stubs. 2023-03-08 10:02:27 +01:00
Michael Nebel
67e7b8fc23 C#: If a type (or any child of a type) is a pointer like type then it is unsafe. 2023-03-08 10:02:27 +01:00
Jeroen Ketema
5391b13db9 C++: Make dataflow configuration modules private in qll files 2023-03-08 09:18:09 +01:00
Jeroen Ketema
0f8a12f3ac C++: Add change note for deprecated data flow configurations in qll files 2023-03-08 09:00:43 +01:00
Robert Marsh
94d80b0e87 Swift: accept LocalTaint test for constructor flow 2023-03-07 21:17:26 +00:00
Robert Marsh
86fd21de45 Swift: respond to PR comments on constructor flow 2023-03-07 21:17:01 +00:00
Paolo Tranquilli
a4c0a0353f Merge pull request #12426 from github/redsun82/cpp-file-permissions-example 
C++: fix example code for `FilePermissions.qll`
 2023-03-07 19:55:46 +01:00
Jeroen Ketema
13bdd9c0c6 C++: Fix query compliation 
Apparently some queries we skipped in the testing I did locally.
 2023-03-07 19:16:10 +01:00
Jeroen Ketema
57c5d5f2c7 C++: Add QLDoc on configuration modules where the original class had one 2023-03-07 19:01:05 +01:00
Jeroen Ketema
0c39d1e5ca C++: Fix query formatting 2023-03-07 18:55:58 +01:00
Jeroen Ketema
2eb2e11ef7 C++: Fix query compilation 2023-03-07 18:53:07 +01:00
AlexDenisov
6a985a3df9 Merge pull request #12392 from github/alexdenisov/mangle-builtin-types 
Swift: mangle builtin types
 2023-03-07 18:22:13 +01:00
Jeroen Ketema
fb57914751 C++: Convert a number of data flow based queries to use ConfigSig 2023-03-07 18:21:52 +01:00
Arthur Baars
858aa9ae63 Ruby: add some links to diagnostic messages 2023-03-07 17:55:13 +01:00
Mathias Vorreiter Pedersen
cc0b8bbebb Merge pull request #12430 from MathiasVP/no-to-string-on-state-in-cast-array-pointer-arith 
C++: Convert `cpp/upcast-array-pointer-arithmetic` to the new API
 2023-03-07 16:48:15 +00:00
Alex Denisov
1283bcb860 Swift: mangle builtin types 2023-03-07 17:45:08 +01:00
AlexDenisov
d469b9711d Merge pull request #12388 from github/alexdenisov/introduce-type-mangling 
Swift: introduce type mangling
 2023-03-07 17:44:30 +01:00
Owen Mansel-Chan
07098bf8bf Minor refactor in diagnostics.go 2023-03-07 16:38:53 +00:00
Owen Mansel-Chan
2edccec693 Do not link to GitHub AE version of documentation 2023-03-07 16:38:53 +00:00
Owen Mansel-Chan
c28f51f820 Remove diagnostics-limit-exceeded test 
There is no way to trigger this any more.
 2023-03-07 16:38:52 +00:00
Owen Mansel-Chan
05a4fdf6d8 Put all package-not-found errors into one diagnostic 2023-03-07 16:38:52 +00:00
Owen Mansel-Chan
a4c9120a9a Update one of the diagnostic messages 2023-03-07 16:38:52 +00:00
Owen Mansel-Chan
2c5239ff7b Use full stops at the end of diagnostics messages 2023-03-07 16:38:51 +00:00
Owen Mansel-Chan
a7a10de9ea Emit diagnostic to pass fourth integration tests 2023-03-07 16:38:51 +00:00
Owen Mansel-Chan
8d28253175 Add tests for fourth diagnostic (Go files found but not processed) 2023-03-07 16:38:51 +00:00
Owen Mansel-Chan
01a2e74df7 Add test for diagnostic-limit-hit diagnostic 2023-03-07 16:38:50 +00:00
Owen Mansel-Chan
b6a9f87238 Use "go/autobuilder/" as prefix for all diagnostics 2023-03-07 16:38:50 +00:00
Owen Mansel-Chan
4907e5754f Address review comments 2023-03-07 16:38:49 +00:00
Owen Mansel-Chan
2a41e6ae66 Emit diagnostic to pass third inegration tests 2023-03-07 16:38:49 +00:00
Owen Mansel-Chan
4fe4dfbf83 Add tests for third diagnostic (package not found) 2023-03-07 16:38:49 +00:00
Owen Mansel-Chan
c0cc1c3fd5 Emit diagnostic to pass second integration test 2023-03-07 16:38:48 +00:00
Owen Mansel-Chan
3f805d3456 Remove unused param from function 2023-03-07 16:38:48 +00:00
Owen Mansel-Chan
137b2c9ef9 Add test for second diagnostic (newer go version) 2023-03-07 16:38:47 +00:00
Owen Mansel-Chan
cbb2fb9968 Emit diagnostic to pass first integration test 2023-03-07 16:38:47 +00:00
Owen Mansel-Chan
4d3b05e041 Add test for first diagnostic (different OS/arch) 2023-03-07 16:38:46 +00:00
Geoffrey White
72d6f56df1 Merge pull request #12413 from geoffw0/ptrout2 
Swift: Permit data flow from all generic arguments
 2023-03-07 16:27:12 +00:00