hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-06 07:34:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
54,887 Commits 1,732 Branches 164 Tags
codeql-cli/v2.13.3
Commit Graph

54887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
5d031d7abe Python: CG trace: Fix sorting of ExternalCallee 
Also exposed that the better_compare_for_dataclass was exposed to bad loop
variable capture :|
 2020-07-23 17:36:31 +02:00
Rasmus Wriedt Larsen
03d22fa8e3 Python: Fix filenames in qhelp 2020-07-23 17:32:01 +02:00
Rasmus Wriedt Larsen
e283d289fd Python: Update TemplateInjection.qhelp 
Moved things around so there is only a single `<example>` tag (and had to rewrite contents a bit).
 2020-07-23 17:23:26 +02:00
Ricter Z
bb2d5ea6b5 add some sinks in commonly-used SQL libraries 2020-07-23 16:19:42 +01:00
Porcupiney Hairs
1e7921e575 add qhelp and fix tests. 2020-07-23 20:04:32 +05:30
porcupineyhairs
8e85dc755a Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-07-23 19:37:40 +05:30
Rasmus Wriedt Larsen
da518ed0d5 Python: CG trace: Remove Python 3.8 only f"{var=}" usage 2020-07-23 14:01:29 +02:00
Rasmus Wriedt Larsen
bb4b8dceaa Python: CG trace: More robust logging setup 2020-07-23 14:01:29 +02:00
semmle-qlci
bb5b161d72 Merge pull request #3972 from shati-patel/merge-rc 
Approved by mchammer01
 2020-07-23 11:30:45 +01:00
Shati Patel
2326f31749 Merge branch 'rc/1.24' into merge-rc 2020-07-23 12:18:30 +02:00
Rasmus Wriedt Larsen
a97f942a17 Python: Autoformat 2020-07-23 11:38:34 +02:00
Felicity Chapman
40c998fa13 Merge pull request #3969 from alexey-tereshenkov-oxb/master 
Python: Fix typo in qhelp file
 2020-07-23 10:37:37 +01:00
Mathias Vorreiter Pedersen
a4242bcb5d Merge pull request #3962 from rdmarsh2/ir-barrierguard-checks-expr 
C++: make IR BarrierGuard::checks match AST
 2020-07-23 09:21:37 +02:00
Alexey Tereshenkov
7840dfce3b Put the closing tag back 2020-07-22 20:51:29 +01:00
Alexey Tereshenkov
e2939377e9 Update python/ql/src/Expressions/WrongNumberArgumentsForFormat.qhelp 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-07-22 20:07:34 +01:00
Alexey Tereshenkov
a6eb3caa5f Update python/ql/src/Expressions/WrongNumberArgumentsForFormat.qhelp 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-07-22 20:07:27 +01:00
Rasmus Wriedt Larsen
9157385571 Python: CG trace: XML can export list of dataclass 2020-07-22 17:40:59 +02:00
Alexey Tereshenkov
a5f566b563 Fix typo 2020-07-22 15:39:50 +01:00
Chris Smowton
b9e61115f3 Merge pull request #266 from sauyon/query-tags 
Add correctness tag to MistypedExponentiation
 2020-07-22 15:27:46 +01:00
Chris Smowton
6c4a1d0a34 Merge pull request #264 from smowton/smowton/feature/printast-restrict-files 
PrintAst: improve support for restricting subsets of the AST to print
 2020-07-22 15:20:14 +01:00
Remco Vermeulen
3320061178 Add and adjust QL docs for classes and predicates 2020-07-22 16:04:55 +02:00
Remco Vermeulen
2c42d3cca5 Extract additional taint steps 
This is done for logical cohesion. We already have the capability of
extending additional taint steps by extending
`TaintTracking::AdditionalTaintStep`.
 2020-07-22 16:04:55 +02:00
Remco Vermeulen
57e7411c0a Extract Ldap injection sanitizers to importable lib 
This includes a new abstract class that represents all the Ldap injection
santizers and can be used to add additional santizers through
extension.
 2020-07-22 16:04:55 +02:00
Remco Vermeulen
0d5f9113a3 Extract ldap injection sink into importable library 2020-07-22 16:04:55 +02:00
Rasmus Wriedt Larsen
746c577d72 Python: CG trace: Update naming and add QLDoc 2020-07-22 15:49:11 +02:00
Rasmus Wriedt Larsen
67b45164eb Python: CG trace: Partial matching of BytecodeExpr and AST not safe 2020-07-22 15:19:57 +02:00
Chris Smowton
f8d141f7ff PrintAst: Sort root File nodes by relative path. 
This should make graphtext output deterministic, rather than depending on the order the results interpretation step happens to see the nodes.
 2020-07-22 13:43:34 +01:00
Rasmus Wriedt Larsen
1e89388f2b Python: CG trace: Don't abuse example dir 2020-07-22 14:22:04 +02:00
Rasmus Wriedt Larsen
ad2e336ead Python: CG trace: Autoformat 2020-07-22 13:53:22 +02:00
Sauyon Lee
c9df4d81b4 Add correctness tag to MistypedExponentiation 2020-07-22 04:26:56 -07:00
Rasmus Wriedt Larsen
ccffa7d99d Python: CG trace: Ignore some calls for call-grahp metrics 
and provide some internal metrics as well
 2020-07-22 13:12:52 +02:00
Chris Smowton
c30d198f3d Switch to using top-level function declarations to filter PrintAst 
This means it's no longer possible to ask for the AST of a function literal, but this is hopefully a niche use-case that we can add if and when there is demand.
 2020-07-22 10:40:41 +01:00
Rasmus Wriedt Larsen
b227a7ec90 Python: CG trace: Add overall metrics query 2020-07-22 00:55:53 +02:00
Rasmus Wriedt Larsen
278ab4b883 Python: CG trace: Much improved toString for QL 2020-07-22 00:55:53 +02:00
Rasmus Wriedt Larsen
a5838b66ed Python: CG trace: Small improvements to QL code 2020-07-22 00:00:17 +02:00
Rasmus Wriedt Larsen
b86ca19264 Python: CG trace: Apply better_compare_for_dataclass to all 2020-07-21 23:37:33 +02:00
Rasmus Wriedt Larsen
9bff615fad Python: CG trace: Handle BUILD_LIST 2020-07-21 23:08:33 +02:00
Rasmus Wriedt Larsen
8c8656ccca Python: CG trace: Handle BUILD_TUPLE 2020-07-21 23:05:49 +02:00
Rasmus Wriedt Larsen
0d05d96b50 Python: CG trace: Handle CALL_FUNCTION_EX 2020-07-21 22:54:45 +02:00
Rasmus Wriedt Larsen
3539798c22 Python: CG trace: ignore with statement for now 2020-07-21 22:54:19 +02:00
Rasmus Wriedt Larsen
4843d29ad6 Python: CG trace: Cache calls seen 
This improved runtime from ~10 seconds to 1 seconds when running one of the
tests fo wcwidth
 2020-07-21 22:54:10 +02:00
Rasmus Wriedt Larsen
ebbea0cd61 Python: CG trace: Ignore IMPORT_NAME 2020-07-21 22:17:17 +02:00
Rasmus Wriedt Larsen
6830804112 Python: CG trace: More logging 2020-07-21 22:08:15 +02:00
Rasmus Wriedt Larsen
3752a25665 Python: CG trace: Handle LOAD_DEREF 2020-07-21 22:02:25 +02:00
Rasmus Wriedt Larsen
61b1d3eef3 Python: CG trace: Handle subscript 2020-07-21 21:45:53 +02:00
Rasmus Wriedt Larsen
79c2c682d7 Python: CG trace: Nicer logging 2020-07-21 21:34:20 +02:00
Rasmus Wriedt Larsen
0a7e6a9938 Python: CG trace: Avoid handling jumps for now 2020-07-21 20:07:33 +02:00
Rasmus Wriedt Larsen
4e3ae98ddf Python: CG trace: Handle list-comprehension and iteration 
Which relies on LOAD_CONST and MAKE_FUNCTION
 2020-07-21 19:54:59 +02:00
Rasmus Wriedt Larsen
58f11194a8 Python: CG trace: Refactoring 2020-07-21 19:53:05 +02:00
Rasmus Wriedt Larsen
290eb638f9 Python: CG trace: Handle SystemExit 
otherwise, with-exit would end the tracer without producing any output :|
 2020-07-21 19:40:58 +02:00