hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-03 16:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,887 Commits 1,689 Branches 159 Tags
codeql-cli/v2.13.3
Commit Graph

54887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Harry Maclean
30468dd059 QL: Rename extractor to codeql-extractor-ql 2023-04-19 06:30:09 +00:00
Harry Maclean
ab4eba11ec Ruby: Rename extractor to codeql-extractor-ruby 2023-04-19 06:27:27 +00:00
Tony Torralba
62f5a5dcd5 Merge pull request #10707 from atorralba/atorralba/log-injection-sanitizers 
Java: Add line break sanitizers to java/log-injection
 2023-04-19 08:20:04 +02:00
Nate Johnson
4ae8377713 Merge branch 'main' into js-insecure-http-parser 2023-04-18 22:00:13 -04:00
Nate Johnson
78229bb264 Moved into experimental 2023-04-18 21:59:14 -04:00
github-actions[bot]
7abc029872 Add changed framework coverage reports 2023-04-19 00:16:15 +00:00
Robert Marsh
3c2b4e8456 C++: AST-based wrapper for new range analysis 2023-04-18 15:52:43 -04:00
Edward Minnix III
fc3c776bdc Permit CodeQL's own tests 
Removing `%/test/%` accidentally removed our own test cases.

Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-04-18 15:31:49 -04:00
Mathias Vorreiter Pedersen
9aca2d8533 Merge pull request #12861 from MathiasVP/ignore-more-instructions-for-dataflow 
C++: Ignore a few more instructions in dataflow
 2023-04-18 18:17:11 +01:00
Geoffrey White
c7ea08aa73 Swift: Fix inline expectations. 2023-04-18 17:32:38 +01:00
Mathias Vorreiter Pedersen
fb1a871777 Merge pull request #12855 from MathiasVP/fix-joins-in-use-after-free 
C++: Fix bad self-join in `cpp/use-after-free`
 2023-04-18 17:13:03 +01:00
Nora Dimitrijević
7f675d8c3b Swift: more CapturedDecl test cases 2023-04-18 16:50:38 +02:00
Nora Dimitrijević
96f06f8eca Swift: refactor the public API wrt captures 
This exposes capture- and access-related methods under different names.
 2023-04-18 16:50:37 +02:00
Ed Minnix
83d5cde01d Change isInTestFile to ignore %/test/% 2023-04-18 10:27:20 -04:00
Edward Minnix III
09502c60d5 Merge pull request #12812 from egregius313/egregius313/java/dataflow/refactor-tests 
Java: Refactor Test DataFlow configurations to new API
 2023-04-18 10:22:30 -04:00
Alex Ford
924ce250dd Merge pull request #12847 from github/post-release-prep/codeql-cli-2.13.0 
Post-release preparation for codeql-cli-2.13.0
 2023-04-18 14:40:40 +01:00
Mathias Vorreiter Pedersen
6e5f09f7bb C++: Ignore more instructions in dataflow. 2023-04-18 13:32:24 +01:00
Mathias Vorreiter Pedersen
231b0fcab2 Swift: Add more tests. 2023-04-18 12:01:08 +01:00
Paolo Tranquilli
4b40471f7b Swift: reconfigure default logging in qltest.sh 
Route all logging to console by default, which ends up in the qltest.log
file.
 2023-04-18 12:48:59 +02:00
Paolo Tranquilli
61bb6c912a Swift: replace or remove assertions in translators 
Assertions before fetching a non optional label are not needed as
the dispatcher will replace those with unspecified elements (and
properly log those instances).
 2023-04-18 12:16:22 +02:00
Paolo Tranquilli
df84ed5953 Swift: error printing in SwiftInvocationExtractor 2023-04-18 12:16:22 +02:00
Paolo Tranquilli
a1cec3e970 Swift: replace assertions and prints in the file library 2023-04-18 12:16:22 +02:00
Paolo Tranquilli
f965495ddf Swift: replace assertions and direct prints in SwiftDispatcher 
Also added opt-in logging of undefined trap labels for all emissions
outside the `SwiftDispatcher`.
 2023-04-18 12:16:22 +02:00
Paolo Tranquilli
89496a87df Codegen: add const overload of forEachLabel 2023-04-18 12:14:46 +02:00
Paolo Tranquilli
dbfd85c505 Swift: replace assertions and prints in main and SwiftExtractor 2023-04-18 12:14:46 +02:00
Rasmus Wriedt Larsen
a168af349e Python: Expand modeling of paramiko 2023-04-18 11:57:20 +02:00
Rasmus Wriedt Larsen
a5a0861be0 Python: Expand test of py/paramiko-missing-host-key-validation 2023-04-18 11:56:07 +02:00
Paolo Tranquilli
f42975f132 Swift: add assertion and expectation macros 2023-04-18 11:48:45 +02:00
Peter Stöckli
2f268b309b Ruby: improve non-constant-kernel-open, freeze called on constant 2023-04-18 11:24:01 +02:00
Tony Torralba
ba49386e6c Merge pull request #12806 from GeekMasher/main 
Java: Add missing write-file models for Java IO / NIO
 2023-04-18 11:15:53 +02:00
Mathias Vorreiter Pedersen
61aba4683f C++: Fix bad self-join in 'cpp/use-after-free'. 
Before:
```ql
[2023-04-18 09:17:24] Evaluated non-recursive predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs_project#Instruction#577b6a83::Initia__#loop_invariant_prefix@ae046923 in 3903ms (size: 130544).
Evaluated relational algebra for predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs_project#Instruction#577b6a83::Initia__#loop_invariant_prefix@ae046923 with tuple counts:
        533787724  ~0%    {2} r1 = JOIN ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs WITH ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
           130544  ~0%    {2} r2 = JOIN r1 WITH project#Instruction#577b6a83::InitializeParameterInstruction#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.0
                          return r2
```

After:
```ql
[2023-04-18 10:09:34] Evaluated non-recursive predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_project#Instruction#577b6a83::InitializeParamete__#loop_invariant_prefix@eb90a6fk in 2ms (size: 18380).
Evaluated relational algebra for predicate _ValueNumberingInternal#c9f42560::tvalueNumber#1#ff_project#Instruction#577b6a83::InitializeParamete__#loop_invariant_prefix@eb90a6fk with tuple counts:
        18380  ~0%    {2} r1 = JOIN ValueNumberingInternal#c9f42560::tvalueNumber#1#ff WITH project#Instruction#577b6a83::InitializeParameterInstruction#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.0
                      return r1
```
 2023-04-18 10:14:45 +01:00
Arthur Baars
e5d89b969a Merge pull request #12780 from aibaars/shared-yaml-lib 
JS: extract YAML library to a shared pack
 2023-04-18 11:09:53 +02:00
Tom Hvitved
f6d000eb20 Merge pull request #12805 from hvitved/remove-queries-xml 
Remove all `queries.xml` files
 2023-04-18 10:52:14 +02:00
Peter Stöckli
0a6bb3f7ce Ruby: improve non-constant-kernel-open, no FP's on open without arguments 2023-04-18 10:10:36 +02:00
Paolo Tranquilli
d777fd950f Merge pull request #12760 from github/redsun82/swift-logging-compiler 
Swift: route compiler diagnostics through our log
 2023-04-18 10:03:29 +02:00
Tony Torralba
99ad43b21e Merge pull request #12853 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-04-18 09:34:52 +02:00
Kasper Svendsen
9d34d090ab Merge pull request #12843 from kaspersv/kaspersv/prevent-bad-js-join-order 
Prevent JS join order regression
 2023-04-18 09:09:43 +02:00
Paolo Tranquilli
b8c55612e5 Swift: route compiler diagnostics through our log 2023-04-18 08:46:31 +02:00
Nate Johnson
bbb1ee9597 Merge branch 'main' into js-insecure-http-parser 2023-04-18 00:45:32 -04:00
Nate Johnson
cb90f9af3c Fix to include specification of flag in NODE_OPTIONS 2023-04-18 00:41:48 -04:00
Nate Johnson
522a285d9e Qhelp file for explanation 2023-04-18 00:41:28 -04:00
Nate Johnson
2e27447c65 Include example 2023-04-18 00:41:11 -04:00
Ed Minnix
e6a2528c38 Refactor XSS and SpringJDBC tests to lib configurations 2023-04-17 23:48:06 -04:00
Ed Minnix
49521f6de8 Refactor tests which extends Configuration 2023-04-17 23:48:06 -04:00
Ed Minnix
66f971e70d Refactor query tests 2023-04-17 23:48:06 -04:00
Ed Minnix
93bd2a9409 Refactor PathSanitizer test 2023-04-17 23:48:06 -04:00
Ed Minnix
547f00c3d1 Refactor Spring test 2023-04-17 23:48:06 -04:00
Ed Minnix
9631b6545f Refactor Ratpack test 2023-04-17 23:48:06 -04:00
Ed Minnix
e0e5bb131b Refactor RabbitMQ test 2023-04-17 23:48:06 -04:00
Ed Minnix
2579852e90 Refactor jms test 2023-04-17 23:48:06 -04:00