hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 22:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,929 Commits 1,673 Branches 157 Tags
codeql-cli/v2.15.3
Commit Graph

60929 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ed Minnix
96d6ecb108 Fix crypto parameters 2023-10-25 14:31:53 -04:00
Ed Minnix
35e19eac96 Fix password models 2023-10-25 14:31:53 -04:00
Ed Minnix
4f8908106b Refactor HardcodedCredentials to use new SensitiveApi api 2023-10-25 14:31:53 -04:00
Ed Minnix
f7c07d55ed Credential-other sinks 2023-10-25 14:31:53 -04:00
Ed Minnix
49218cdbfb Credential-username models 2023-10-25 14:31:53 -04:00
Ed Minnix
18661eee77 Crypto-parameter models 2023-10-25 14:31:53 -04:00
Ed Minnix
66486b08dc Password models 2023-10-25 14:31:53 -04:00
Ed Minnix
4aec302fb7 Create new sink kinds 2023-10-25 14:31:53 -04:00
Jami
c7b9e405b7 Merge pull request #14517 from jcogs33/jcogs33/update-framework-cov-diff-workflow 
CI: Update framework coverage difference commenter
 2023-10-25 14:31:00 -04:00
Geoffrey White
2cfca032de Swift: Fix use of deprecated predicate. 2023-10-25 17:32:55 +01:00
Maiky
eccde3f4f1 Add Tests 2023-10-25 18:31:51 +02:00
Geoffrey White
82b92c38f9 Swift: Change method types to DataFlow::Node / go ahead with planned deprecations. 2023-10-25 17:11:21 +01:00
Geoffrey White
bfd150a1d3 Swift: Clarify comment. 2023-10-25 16:38:59 +01:00
Geoffrey White
ff15b73250 Swift: Update the change note. 2023-10-25 16:32:59 +01:00
Geoffrey White
4a08ca39d6 Swift: Replace PotentialRegexEval with a more specialized solution. 2023-10-25 16:26:46 +01:00
Alex Ford
16c5edd3ca Ruby: add a query and script for autogenerating typeModel and summaryModel data extensions entries 2023-10-25 15:52:02 +01:00
Mathias Vorreiter Pedersen
11194e574c Swift: Get rid of the unnecessary parameter/argument position for the closure. Instead, we can just reuse the 'this' parameter and argument. 2023-10-25 15:46:10 +01:00
Geoffrey White
354983087e Swift: this.(PotentialRegexEval) -> super. or this. . 2023-10-25 15:25:12 +01:00
Rasmus Wriedt Larsen
be494b73d4 Python: Minor cleanup for string pool interaction 
This doesn't really seem to impact performance, is just a bit cleaner way to write the QL code.

In the worst case, since we do string concat with empty string, we would need to load string + attempt to store new string in string pool, which is useless since we can surely just reuse the integer ID.

-- Previously

Evaluated non-recursive predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0#join_rhs#CSE@5fdc6eia in 1ms (size: 2).
Evaluated relational algebra for predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0#join_rhs#CSE@5fdc6eia with tuple counts:
         1   ~0%    {1} r1 = CONSTANT(unique string)[""]

         1   ~0%    {1} r2 = CONSTANT(unique string)[".__init__"]

         2   ~0%    {1} r3 = r1 UNION r2
                    return r3

Evaluated recursive predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0@b4f54xlv in 72ms on iteration 1 (delta size: 26339).
Evaluated relational algebra for predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0@b4f54xlv on iteration 1 running pipeline base with tuple counts:
         6382   ~0%    {3} r1 = JOIN ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0#join_rhs#CSE WITH Module#68efc075::Module::getFile#0#dispred#ff CARTESIAN PRODUCT OUTPUT Rhs.1, Lhs.0, Rhs.0
         6066   ~2%    {4} r2 = JOIN r1 WITH Module#68efc075::isPreferredModuleForName#2#ff ON FIRST 1 OUTPUT Lhs.2, _, Lhs.1, Rhs.1
                       {2} r3 = REWRITE r2 WITH Tmp.1 := "", Out.1 := InverseAppend(Tmp.1,In.2,In.3) KEEPING 2
         3721   ~0%    {2} r4 = SCAN r3 OUTPUT In.1, In.0
        25945   ~2%    {2} r5 = JOIN r4 WITH ImportResolution#f829f0f0::ImportResolution::getReferenceToModuleName#1#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1

           38   ~4%    {3} r6 = SCAN SsaDefinitions#9197156e::SsaSource::init_module_submodule_defn#2#ff OUTPUT In.1, _, In.0
           38   ~1%    {3} r7 = REWRITE r6 WITH Out.1 := -1
           38   ~1%    {2} r8 = JOIN r7 WITH py_scope_flow_021#join_rhs ON FIRST 2 OUTPUT Rhs.2, Lhs.2
           38   ~0%    {2} r9 = JOIN r8 WITH Module#68efc075::Module::getPackageName#0#dispred#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1
          394   ~2%    {2} r10 = JOIN r9 WITH Essa#24e22a14::EssaVariable::getSourceVariable#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
          394   ~0%    {3} r11 = JOIN r10 WITH DataFlowPublic#c4b6ce7e::EssaNode#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Rhs.1

          394   ~0%    {5} r12 = JOIN r11 WITH Essa#24e22a14::EssaVariable::getName#0#dispred#ff ON FIRST 1 OUTPUT _, Lhs.2, Lhs.1, Rhs.1, _
          394   ~0%    {2} r13 = REWRITE r12 WITH Tmp.0 := ".", Tmp.4 := "", Out.0 := (In.2 ++ Tmp.0 ++ In.3 ++ Tmp.4) KEEPING 2

          394   ~0%    {5} r14 = JOIN r11 WITH Essa#24e22a14::EssaVariable::getName#0#dispred#ff ON FIRST 1 OUTPUT _, Lhs.2, Lhs.1, Rhs.1, _
          394   ~1%    {2} r15 = REWRITE r14 WITH Tmp.0 := ".", Tmp.4 := ".__init__", Out.0 := (In.2 ++ Tmp.0 ++ In.3 ++ Tmp.4) KEEPING 2

          788   ~3%    {2} r16 = r13 UNION r15
          401   ~2%    {2} r17 = JOIN r16 WITH Module#68efc075::isPreferredModuleForName#2#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
          394   ~1%    {2} r18 = JOIN r17 WITH Module#68efc075::Module::getFile#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1

        26339   ~1%    {2} r19 = r5 UNION r18
                       return r19

-- Now

Evaluated recursive predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0@409a0xhe in 8ms on iteration 1 (delta size: 26339).
Evaluated relational algebra for predicate ImportResolution#f829f0f0::ImportResolution::getImmediateModuleReference#1#ff#reorder_1_0@409a0xhe on iteration 1 running pipeline base with tuple counts:
         3033   ~0%    {2} r1 = JOIN Module#68efc075::Module::getFile#0#dispred#ff_10#join_rhs WITH Module#68efc075::isPreferredModuleForName#2#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1

         3033   ~0%    {4} r2 = JOIN Module#68efc075::Module::getFile#0#dispred#ff_10#join_rhs WITH Module#68efc075::isPreferredModuleForName#2#ff ON FIRST 1 OUTPUT Lhs.1, _, Rhs.1, _
                       {2} r3 = REWRITE r2 WITH Tmp.1 := "", Tmp.3 := ".__init__", Out.1 := InverseAppend(Tmp.1,Tmp.3,In.2) KEEPING 2
          688   ~0%    {2} r4 = SCAN r3 OUTPUT In.1, In.0

         3721   ~0%    {2} r5 = r1 UNION r4
        25945   ~2%    {2} r6 = JOIN r5 WITH ImportResolution#f829f0f0::ImportResolution::getReferenceToModuleName#1#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1

           38   ~4%    {3} r7 = SCAN SsaDefinitions#9197156e::SsaSource::init_module_submodule_defn#2#ff OUTPUT In.1, _, In.0
           38   ~1%    {3} r8 = REWRITE r7 WITH Out.1 := -1
           38   ~1%    {2} r9 = JOIN r8 WITH py_scope_flow_021#join_rhs ON FIRST 2 OUTPUT Rhs.2, Lhs.2
           38   ~0%    {2} r10 = JOIN r9 WITH Module#68efc075::Module::getPackageName#0#dispred#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1
          394   ~2%    {2} r11 = JOIN r10 WITH Essa#24e22a14::EssaVariable::getSourceVariable#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
          394   ~0%    {3} r12 = JOIN r11 WITH DataFlowPublic#c4b6ce7e::EssaNode#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Rhs.1

          394   ~2%    {4} r13 = JOIN r12 WITH Essa#24e22a14::EssaVariable::getName#0#dispred#ff ON FIRST 1 OUTPUT _, Lhs.2, Lhs.1, Rhs.1
          394   ~0%    {2} r14 = REWRITE r13 WITH Tmp.0 := ".", Out.0 := (In.2 ++ Tmp.0 ++ In.3) KEEPING 2

          394   ~0%    {5} r15 = JOIN r12 WITH Essa#24e22a14::EssaVariable::getName#0#dispred#ff ON FIRST 1 OUTPUT _, Lhs.2, Lhs.1, Rhs.1, _
          394   ~5%    {2} r16 = REWRITE r15 WITH Tmp.0 := ".", Tmp.0 := (In.2 ++ Tmp.0 ++ In.3), Tmp.4 := ".__init__", Out.0 := (Tmp.0 ++ Tmp.4) KEEPING 2

          788   ~0%    {2} r17 = r14 UNION r16
          401   ~1%    {2} r18 = JOIN r17 WITH Module#68efc075::isPreferredModuleForName#2#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
          394   ~1%    {2} r19 = JOIN r18 WITH Module#68efc075::Module::getFile#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1

        26339   ~0%    {2} r20 = r6 UNION r19
                       return r20
 2023-10-25 14:53:51 +01:00
Mathias Vorreiter Pedersen
951b6beeb1 Swift: Untangle the confusion between 'getParameter' and 'asParameter'. 2023-10-25 14:44:09 +01:00
Jeroen Ketema
990d7161b2 Merge pull request #14337 from aschackmull/cpp/container-not-locatable 
C++: Remove getLocation from Container.
 2023-10-25 15:37:57 +02:00
Mathias Vorreiter Pedersen
78e08cf63c Swift: Remove irrelevant TODO. 2023-10-25 13:55:07 +01:00
Anders Schack-Mulligen
6882504397 C#: Fix compilation 2023-10-25 14:31:49 +02:00
Anders Schack-Mulligen
5ded55cd9f C#: Sync Bound.qll 2023-10-25 14:08:48 +02:00
Anders Schack-Mulligen
283d6efdf8 Rangeanalysis/Java/C++: Address some ql4ql findings. 2023-10-25 14:06:35 +02:00
Jeroen Ketema
75a1173d63 C++: Add change note 2023-10-25 14:05:38 +02:00
Jeroen Ketema
dc512728fa C++: Make File extend Locatable 2023-10-25 14:05:38 +02:00
Jeroen Ketema
4ea5c13390 C++: Add back getLocation in File 2023-10-25 14:05:38 +02:00
Anders Schack-Mulligen
7124a53c9c C++: Remove getLocation from Container. 2023-10-25 14:05:38 +02:00
Jami
53d92d58fc Merge pull request #14581 from jcogs33/jcogs33/add-internal-to-model-exclusions 
Java: exclude internal packages globally from MaD models
 2023-10-25 08:04:03 -04:00
Michael Nebel
b3e5b86f0a Java: Cleanup threat models tests. 2023-10-25 14:02:31 +02:00
Mathias Vorreiter Pedersen
05385eb704 Merge pull request #14587 from MathiasVP/fix-indirect-strtok-model 
C++: Fix `strtok` model for indirections
 2023-10-25 12:09:13 +01:00
Owen Mansel-Chan
27646ce971 Merge pull request #14547 from owen-mc/go/enable-data-flow-consistency-checks 
Go: make data flow consistency checks available (and fix some)
 2023-10-25 11:15:44 +01:00
Paolo Tranquilli
fb470e4140 Swift: remove useless commented-out line 2023-10-25 12:15:25 +02:00
Geoffrey White
bf503849ea Swift: Fixup line numbers after merge. 2023-10-25 11:09:13 +01:00
Geoffrey White
bf6e6a1e68 Merge branch 'main' into stringwith 2023-10-25 10:58:25 +01:00
Geoffrey White
a3d53ba9ec Merge pull request #14574 from github/geoffw0-patch-2 
Swift: Update README.md
 2023-10-25 10:56:01 +01:00
Geoffrey White
7029f14651 Merge pull request #14511 from geoffw0/substring 
Swift: Model Substring
 2023-10-25 10:46:47 +01:00
Anders Schack-Mulligen
2592c94c54 Java: Replace range analysis with shared version. 2023-10-25 11:29:55 +02:00
Anders Schack-Mulligen
36082808d3 Java: Implement shared range analysis signatures. 2023-10-25 11:29:55 +02:00
Anders Schack-Mulligen
c1c4a5bfcf Rangeanalysis: Copy qldoc and simplification from Java. 2023-10-25 11:17:02 +02:00
Anders Schack-Mulligen
cd44d67529 Rangeanalysis: Add temporary Java compatibility flag. 2023-10-25 11:17:02 +02:00
Anders Schack-Mulligen
06fe10bbe9 Rangeanalysis: Bugfix division with float representation. 2023-10-25 11:17:02 +02:00
Anders Schack-Mulligen
7b214a24df C++: Add division test 2023-10-25 11:17:02 +02:00
Anders Schack-Mulligen
232c147f6b Rangeanalysis: Port join-order fix from Java version. 2023-10-25 11:17:02 +02:00
Anders Schack-Mulligen
ec39de20d8 C++: Convert to qlpack version of core range analysis. 2023-10-25 11:17:01 +02:00
Anders Schack-Mulligen
38274db205 Rangeanalysis: Parameterise library. 2023-10-25 11:17:01 +02:00
Anders Schack-Mulligen
169ba03778 Rangeanalysis: Copy C++ version verbatim. 2023-10-25 11:17:01 +02:00
Anders Schack-Mulligen
aed830cf1b Rangeanalysis: Make new qlpack 2023-10-25 11:17:01 +02:00
Paolo Tranquilli
a245d0019e Swift: tiny cosmetic tweak 2023-10-25 10:56:21 +02:00