hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-26 21:02:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,687 Branches 159 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yoff
4ce1b680c2 Merge pull request #14654 from yoff/python/update-partial-flow-debug-query 
Python: Update debug query to changed API
 2023-11-01 13:32:09 +01:00
Anders Schack-Mulligen
048a7c4e42 Rangeanalysis: Rename SsaBound.getAVariable to getVariable. 2023-11-01 11:58:06 +01:00
Anders Schack-Mulligen
48291dd32d Rangeanalysis: Remove superfluous ignoreZeroLowerBound. 2023-11-01 11:51:46 +01:00
Rasmus Lerchedahl Petersen
0b45b63bd2 Python: Update debug query to changed API 
The change is commented out by default
which is why no compilation tests failed
when the API changed.
 2023-11-01 11:39:51 +01:00
Tom Hvitved
0c5b528d54 Address review comments 2023-11-01 11:32:57 +01:00
Rasmus Lerchedahl Petersen
1366247f4c Python: Add AWS Lambda as a supported framework 2023-11-01 10:51:35 +01:00
Rasmus Lerchedahl Petersen
f7a8a8ae19 Python: Fix QL alert 2023-11-01 09:24:59 +01:00
Mathias Vorreiter Pedersen
9736936e54 Merge pull request #14635 from MathiasVP/assign-pointer-add-and-sub-is-not-bitwise 2023-11-01 00:40:39 +01:00
Erik Krogh Kristensen
ddb145f15f Merge pull request #14645 from erik-krogh/rerun-tests 
JS: re-order expected test output of all JS tests
 2023-10-31 21:52:52 +01:00
Rasmus Lerchedahl Petersen
38b811b050 Python: Separate -> PhaseDependentFlow 2023-10-31 21:50:33 +01:00
Edward Minnix III
1ec1dd368d Merge pull request #13978 from egregius313/egregius313/java/mad/convert-sensitive-api-to-mad 
Java: Convert `SensitiveApi.qll` to use Models-as-Data
 2023-10-31 15:25:42 -04:00
Kevin Stubbings
3697ef72c4 Small changes 2023-10-31 12:23:18 -07:00
Mathias Vorreiter Pedersen
6e385cabd8 C++: Add change note. 2023-10-31 19:16:36 +00:00
Mathias Vorreiter Pedersen
37a536baf9 Merge pull request #14650 from jketema/invalid-experimental 
C++: Drop `experimental` tag from `cpp/invalid-pointer-deref`
 2023-10-31 20:14:25 +01:00
Kevin Stubbings
5cab25662c Address issues 2023-10-31 11:50:51 -07:00
Jeroen Ketema
3478890090 C++: Drop experimental tag from cpp/invalid-pointer-deref 2023-10-31 19:46:22 +01:00
Kevin Stubbings
8ed10317bd Test comment changes 2023-10-31 11:07:41 -07:00
Kevin Stubbings
dd9a2db137 Minor name changes 2023-10-31 11:03:54 -07:00
Kevin Stubbings
020b4becfd Finish up 2023-10-31 11:00:00 -07:00
Mathias Vorreiter Pedersen
b79a5fee14 Merge pull request #14637 from MathiasVP/dataflow-for-realloc 
C++: Add a taint model for `realloc`
 2023-10-31 18:24:04 +01:00
Geoffrey White
554007b305 Swift: Add a couple more test cases close to the failures. 2023-10-31 17:19:28 +00:00
Geoffrey White
c82eb4dff3 Swift: Test spacing. 2023-10-31 17:18:08 +00:00
Benjamin Rodes
b9ac038de2 Moving change log. 2023-10-31 09:21:01 -07:00
Ian Lynagh
ceb3d14fe0 Merge pull request #14614 from igfoo/igfoo/enum 
Kotlin: Make the enum test more precise
 2023-10-31 16:18:12 +00:00
Benjamin Rodes
07ded4278f Change log 2023-10-31 09:14:47 -07:00
Paolo Tranquilli
051a77fd79 Merge pull request #14537 from github/alexdenisov/remove-outdated-cli-arg 
Swift: remove outdated CLI argument
 2023-10-31 17:06:52 +01:00
Benjamin Rodes
18c8d90a1a Adding a model implementation for ODBC. 
(cherry picked from commit 04147f8d91cdf018ec03cbfdb953253e23687944)
 2023-10-31 08:52:05 -07:00
Tony Torralba
107a05af71 Update MaD Declarations after Triage 2023-10-31 16:52:02 +01:00
erik-krogh
688afddaf2 Re-order expected test output of all JS tests 2023-10-31 16:38:22 +01:00
Erik Krogh Kristensen
8f58685b38 Merge pull request #14643 from aibaars/express-req-path 
Javascript: add `req.path` as remote flow source
 2023-10-31 16:36:48 +01:00
Paolo Tranquilli
567aa1102a Swift: fix toolchain SHAs 2023-10-31 16:20:58 +01:00
Paolo Tranquilli
bc34374075 Swift: switch to downloading the 20.04 toolchain 2023-10-31 16:20:58 +01:00
Paolo Tranquilli
e25a655509 Swift: fix Linux compatibility problem and fetch resource dir from toolchain 
This fetches the resource directory directly from the released
toolchains, allowing us to stop prebuilding and assembling them.
Moreover insertion of our resource directory is moved to the lua
tracing configuration (solving a `TODO`) and enhanced. Now all options
that start with the original resource directory (either explicit or
implied) are redirected to our resource directory.

This solves a problem where `-I <original resource dir>/some/path` was
passed to the extractor and did not work.

This works around the 5.9 linux compatibility problem by including the
`PackageDescription` swift modules in the in-dist toolchain. Copying the
toolchain and fixing the `-I` flag was not enough as for some reason
compilation of `PackageDescription.swiftinterface`  was causing a crash
in the SIL pass. We work around that by pre-compiling those modules
during the build and  including `.swiftmodule` files in the resource
directory.

TODO (apart from testing):
* the libraries included in the macOS toolchain are now fat (they were
  intel only before), occupying more space. We should see if we need to
  trim them down.
* there might be other swiftinterface files causing problems on linux
  lurking around...
* if we go with this, we can simplify and trim down the prebuilding we
  do leaving out the resource directory.
 2023-10-31 16:20:58 +01:00
Mathias Vorreiter Pedersen
b9dfeb3aac Merge pull request #14444 from alexet/range-cases 
CPP: Add some range analysis cases
 2023-10-31 15:55:41 +01:00
Anders Schack-Mulligen
34b9791e46 Rangeanalysis: Remove superfluous ignoreSsaReadCopy. 2023-10-31 15:32:25 +01:00
Anders Schack-Mulligen
322e6c91be Rangeanalysis: Remove superfluous specificSsaRead. 2023-10-31 15:30:36 +01:00
Anders Schack-Mulligen
8b6c940e76 Rangeanalysis: Remove superfluous ignoreSsaReadAssignment. 2023-10-31 15:28:37 +01:00
Anders Schack-Mulligen
6d6f89e71e Rangeanalysis: Remove superfluous ignoreSsaReadArithmeticExpr. 2023-10-31 15:25:28 +01:00
Anders Schack-Mulligen
a39a94ca8e Rangeanalysis: Switch to shared ssaRead predicate. 2023-10-31 15:23:05 +01:00
Anders Schack-Mulligen
19644a8f07 Rangeanalysis: Implement shared ssaRead predicate 2023-10-31 15:07:11 +01:00
Rasmus Lerchedahl Petersen
7f6ae8b2ab Python: improve readability 2023-10-31 14:52:37 +01:00
Alexander Eyers-Taylor
11152deeb5 Update cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-31 13:52:33 +00:00
yoff
f76cde36bb Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2023-10-31 14:12:24 +01:00
Ian Lynagh
e1f7f3cbd4 Kotlin: Add more info to enum test 2023-10-31 12:17:44 +00:00
Mathias Vorreiter Pedersen
e75562e508 Merge pull request #14633 from github/redsun82/capture-list-vars 
Swift: add `VarDecl` children to `CaptureListExpr`
 2023-10-31 12:48:14 +01:00
Arthur Baars
5cc94e1105 Express.js: add req.path as remote input source 2023-10-31 12:44:26 +01:00
Arthur Baars
21b7a51d0a Add test case for req.path 2023-10-31 12:44:25 +01:00
Arthur Baars
1479509d93 Re-order expected test ouput 2023-10-31 12:44:25 +01:00
Mathias Vorreiter Pedersen
377da9fa66 C++: Accept test changes. 2023-10-31 11:18:35 +00:00
Mathias Vorreiter Pedersen
4a1bf95a87 C++: Expose a public memset model and use it in the exposure queries. 2023-10-31 11:17:51 +00:00