hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-03 17:50:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,360 Commits 1,673 Branches 157 Tags
codeql-cli/v2.14.2
Commit Graph

57360 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
67032b5d73 Ruby: add test for self.class call 2023-06-28 13:20:58 +02:00
Asger F
174ab25867 Ruby: address some review comments 2023-06-28 13:20:58 +02:00
Mathias Vorreiter Pedersen
ae098822c3 C++: Add 'cpp/constant-array-overflow' FP. 2023-06-28 11:22:53 +01:00
Alex Denisov
dbdd654465 Swift: bump Swift build, NFC 2023-06-28 12:11:17 +02:00
Koen Vlaswinkel
36d86787e6 Merge pull request #13588 from github/koesie10/update-csharp-external-api-name 
C#: Fix external API name for nested types
 2023-06-28 11:14:29 +02:00
Mathias Vorreiter Pedersen
78f2fe8d5e C++: Fix join in 'argumentOf'. 
Before:
```
[2023-06-28 09:29:51] Evaluated non-recursive predicate DataFlowImplCommon#59e7a193::Cached::argumentNode#3#fff@8606bd35 in 1945ms (size: 1366058).
Evaluated relational algebra for predicate DataFlowImplCommon#59e7a193::Cached::argumentNode#3#fff@8606bd35 with tuple counts:
      764401   ~0%    {3} r1 = JOIN DataFlowPrivate#fbdd7bd7::DirectPosition#ff_10#join_rhs WITH Instruction#577b6a83::CallInstruction::getArgumentOperand#fff_102#join_rhs ON FIRST 1 OUTPUT Rhs.2, Lhs.1, Rhs.1
      764401   ~0%    {3} r2 = JOIN r1 WITH DataFlowPrivate#fbdd7bd7::PrimaryArgumentNode#fff_20#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Lhs.1

          65   ~0%    {3} r3 = SCAN DataFlowPrivate#fbdd7bd7::IndirectionPosition#fff OUTPUT In.2, In.0, In.1
  180518864   ~0%    {3} r4 = JOIN r3 WITH project#DataFlowPrivate#fbdd7bd7::IndirectOperands::IndirectOperand::hasOperandAndIndirectionIndex#2#dispred#fff#3_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Lhs.1
      601657   ~1%    {2} r5 = JOIN r4 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#2 ON FIRST 2 OUTPUT Lhs.0, Lhs.2
      601657   ~0%    {3} r6 = JOIN r5 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#3 ON FIRST 1 OUTPUT Lhs.0, Rhs.1, Lhs.1

    1366058   ~0%    {3} r7 = r2 UNION r6
                      return r7
```

After:
```
Tuple counts for DataFlowImplCommon#59e7a193::Cached::argumentNode#3#fff/3@d2b091vc after 1.1s:
  764381  ~2%     {3} r1 = JOIN DataFlowPrivate#fbdd7bd7::DirectPosition#ff_10#join_rhs WITH Instruction#577b6a83::CallInstruction::getArgumentOperand#fff_102#join_rhs ON FIRST 1 OUTPUT Rhs.2, Lhs.1 'pos', Rhs.1 'call'
  764381  ~0%     {3} r2 = JOIN r1 WITH DataFlowPrivate#fbdd7bd7::PrimaryArgumentNode#fff_20#join_rhs ON FIRST 1 OUTPUT Rhs.1 'n', Lhs.2 'call', Lhs.1 'pos'

  65      ~3%     {3} r3 = SCAN num#DataFlowPrivate#fbdd7bd7::TIndirectionPosition#fff OUTPUT In.0, In.2 'pos', In.1
  1798930 ~1%     {3} r4 = JOIN r3 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#2_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'n', Lhs.2, Lhs.1 'pos'
  601641  ~1%     {2} r5 = JOIN r4 WITH project#DataFlowPrivate#fbdd7bd7::IndirectOperands::IndirectOperand::hasOperandAndIndirectionIndex#2#dispred#fff#3 ON FIRST 2 OUTPUT Lhs.0 'n', Lhs.2 'pos'
  601641  ~0%     {3} r6 = JOIN r5 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#3 ON FIRST 1 OUTPUT Lhs.0 'n', Rhs.1 'call', Lhs.1 'pos'

  1366022 ~1%     {3} r7 = r2 UNION r6
                  return r7
```
 2023-06-28 10:13:03 +01:00
Mathias Vorreiter Pedersen
2c99009c1a Merge pull request #13117 from rdmarsh2/rdmarsh2/cpp/cobo-handle-array-casts 
C++: handle cast arrays properly in off-by-one query
 2023-06-28 09:25:12 +01:00
Koen Vlaswinkel
51af03d2bc Java: Add tests for names of nested classes 2023-06-28 09:52:25 +02:00
Koen Vlaswinkel
e4d2c51ff8 C#: Add tests for names of nested classes 2023-06-28 09:40:31 +02:00
Tony Torralba
249f9f863d Merge pull request #13594 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-06-28 09:39:18 +02:00
AlexDenisov
9094f9aa9c Merge pull request #13567 from github/alexdenisov/extend-observer 
Swift: extend frontend observer
 2023-06-28 09:35:27 +02:00
AlexDenisov
113408e878 Merge pull request #13569 from github/redsun82/swift-fix-inclusion-of-sil 
Swift: fix all upstream headers for C++20
 2023-06-28 09:35:08 +02:00
Tom Hvitved
fa92e79bea Ruby/Python: Use inline_late on member predicates 2023-06-28 09:04:06 +02:00
Mathias Vorreiter Pedersen
368846621e Merge pull request #13592 from rdmarsh2/rdmarsh2/range-analysis-back-edge-2 
C++: fix irreducible control flow logic
 2023-06-28 07:49:49 +01:00
Paolo Tranquilli
6352399645 Swift: fix all upstream headers for C++20 2023-06-28 08:25:29 +02:00
github-actions[bot]
0749af79d7 Add changed framework coverage reports 2023-06-28 00:18:40 +00:00
Robert Marsh
e90153fc47 C++: fix irreducible control flow logic 2023-06-27 16:52:45 -04:00
Alex Denisov
ea5eda0f22 Swift: adjust test expectations 2023-06-27 17:21:56 +02:00
Alex Denisov
af41dabc14 Swift: extend the frontend observer 2023-06-27 16:57:44 +02:00
Kasper Svendsen
656b4fc1aa Merge pull request #13574 from kaspersv/kaspersv/cpp-remaining-implicit-this 
CPP: Enable implicit this warnings for remaining packs
 2023-06-27 16:56:28 +02:00
Rasmus Wriedt Larsen
91b8ef6540 Merge pull request #13580 from kaspersv/kaspersv/python-remaining-implicit-this 
Python: Enable implicit this warnings for remaining packs
 2023-06-27 16:42:03 +02:00
Ian Lynagh
4adecf0d15 Merge pull request #13586 from igfoo/igfoo/diag-limit 
Kotlin: Remove an out-of-date comment
 2023-06-27 15:41:47 +01:00
Ian Lynagh
b0d2ca5df4 Merge pull request #13568 from igfoo/igfoo/android_lint 
Java: Tweak some android tests
 2023-06-27 15:41:37 +01:00
Ian Lynagh
4415c364ac Merge pull request #13542 from igfoo/igfoo/modality_final 
Kotlin: Remove an expected-no-getter exception
 2023-06-27 15:41:27 +01:00
Koen Vlaswinkel
6812389fc8 C#: Fix external API name for nested types 
This fixes the name of reported external APIs for nested types. The
`getDeclaringType().getUnboundDeclaration()`'s `toString()` method
reports the name of the type, but not the name of the declaring type.
This results in missing information in the
`UnsupportedExternalAPIs.ql` query.

For example, previously it would report:

```
GitHub.Nested#NestedClass.Test()
```

However, the `NestedClass` class does not exist in the namespace and is
only a nested type within `MyFirstClass`. The correct name should be:

```
GitHub.Nested#MyFirstClass+NestedClass.Test()
```

This name also matches the format of MaD.
 2023-06-27 16:31:06 +02:00
Koen Vlaswinkel
fcb2f1082c Java: Fix external API name for nested types 
This fixes the name of reported external APIs for nested types.
The `toString()` method of `getSourceDeclaration()` would report the
name of a type, but not the name of the enclosing type. This results
in missing information in the `UnsupportedExternalAPIs.ql` query.

For example, previously it would report:

```
org.zapodot.junit.db.Builder#build()
```

However, the `Builder` class does not exist in the package and is only
a nested type within `EmbeddedDatabaseRule`. The correct name should be:

```
org.zapodot.junit.db.EmbeddedDatabaseRule$Builder#build()
```

This name also matches the format of MaD.
 2023-06-27 15:23:55 +02:00
Kasper Svendsen
085c85fe32 Merge pull request #13564 from kaspersv/kaspersv/ci-warn-on-implicit-this 
Add workflow to check for warnOnImplicitThis
 2023-06-27 15:15:23 +02:00
Jeroen Ketema
bf771a1537 Merge pull request #13563 from jketema/clears-content 
C++: Implement `clearsContent` for IR dataflow
 2023-06-27 15:13:47 +02:00
Kasper Svendsen
d1979197c7 CPP: Enable implicit this warnings for remaining packs 2023-06-27 14:44:24 +02:00
Ian Lynagh
d588f52262 Kotlin: Remove an out-of-date comment 2023-06-27 13:33:52 +01:00
Tony Torralba
a7c2a25cac Merge pull request #12879 from atorralba/atorralba/java/command-injection-mad-sinks 
Java: Convert all command injection sinks to MaD format
 2023-06-27 14:06:45 +02:00
Tony Torralba
6e20bd04e9 Merge pull request #13539 from atorralba/atorralba/java/url-to-string-model 
Java: Add URL.toString summary
 2023-06-27 14:05:47 +02:00
Mathias Vorreiter Pedersen
51176bdff3 C++: Add Geoffrey's testcases. 2023-06-27 12:59:22 +01:00
Kasper Svendsen
62e2bea757 Merge pull request #13577 from kaspersv/kaspersv/go-remaining-implicit-this 
Go: Enable implicit this warnings for remaining packs
 2023-06-27 13:51:05 +02:00
Kasper Svendsen
b4ef243733 Add workflow to check for warnOnImplicitThis 2023-06-27 13:48:04 +02:00
Jeroen Ketema
b1ae3a0a7b Merge remote-tracking branch 'upstream/main' into clears-content 2023-06-27 13:45:33 +02:00
Tom Hvitved
df61eaf59f Merge pull request #13565 from hvitved/csharp/gvn-blowup 
C#: Avoid combinatorial explosions in GVN construction for types
 2023-06-27 13:31:36 +02:00
Erik Krogh Kristensen
e9102bbdf2 Merge pull request #13579 from kaspersv/kaspersv/javascript-remaining-implicit-this 
Javascript: Enable implicit this warnings for remaining packs
 2023-06-27 13:09:55 +02:00
Mathias Vorreiter Pedersen
f2cbbab419 Merge branch 'main' into rdmarsh2/cpp/cobo-handle-array-casts 2023-06-27 12:03:42 +01:00
Kasper Svendsen
9202708719 Misc: Enable implicit this warnings for remaining packs 2023-06-27 13:03:11 +02:00
Mathias Vorreiter Pedersen
8cf66d22f0 Merge pull request #13583 from kaspersv/kaspersv/swift-remaining-implicit-this 
Swift: Enable implicit this warnings for remaining packs
 2023-06-27 11:57:57 +01:00
Mathias Vorreiter Pedersen
985650cb04 Merge pull request #13559 from MathiasVP/add-barrier-to-invalid-deref-query 
C++: Add barriers to `cpp/invalid-pointer-deref`
 2023-06-27 11:56:58 +01:00
Kasper Svendsen
29f5c78a60 Merge pull request #13581 from kaspersv/kaspersv/ql-remaining-implicit-this 
QL: Enable implicit this warnings for remaining packs
 2023-06-27 12:35:19 +02:00
Kasper Svendsen
c77c455546 Merge pull request #13582 from kaspersv/kaspersv/ruby-remaining-implicit-this 
Ruby: Enable implicit this warnings for remaining packs
 2023-06-27 12:33:16 +02:00
Kasper Svendsen
1aea7d0c79 Merge pull request #13575 from kaspersv/kaspersv/csharp-remaining-implicit-this 
C#: Enable implicit this warnings for remaining packs
 2023-06-27 12:11:23 +02:00
Kasper Svendsen
8ce09438a0 Swift: Enable implicit this warnings for remaining packs 2023-06-27 12:09:27 +02:00
Kasper Svendsen
41c071ff74 Ruby: Enable implicit this warnings for remaining packs 2023-06-27 12:07:05 +02:00
Kasper Svendsen
c9cf0744c0 QL: Enable implicit this warnings for remaining packs 2023-06-27 12:04:29 +02:00
Kasper Svendsen
f41276cb7f Python: Enable implicit this warnings for remaining packs 2023-06-27 12:00:13 +02:00
Jeroen Ketema
2628552ef4 C++: Fix join-order problem in clearsContent 2023-06-27 11:59:26 +02:00