hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-23 11:22:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,685 Branches 158 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Smowton
4205f1bd03 Temporarily un-deprecate MethodAccess to decouple from private tests 2023-10-24 14:03:26 +01:00
Chris Smowton
b849a66c97 Update test expectations 2023-10-24 14:02:30 +01:00
Nora Dimitrijević
9dbf7e818d Swift: align definition of InputSig slightly closer to Java version 
Though there is a regression in the tests, so more work is needed.
 2023-10-24 13:56:31 +01:00
Nora Dimitrijević
9de3cc703a Swift: add CapturePostUpdateNode 
However, this doesn't change any of the test results.
 2023-10-24 13:56:31 +01:00
Nora Dimitrijević
5418d39a0d Swift: add and accept a few new simple test cases 2023-10-24 13:56:31 +01:00
Nora Dimitrijević
af49a3aa64 Swift: accept new results in old tests 2023-10-24 13:56:31 +01:00
Nora Dimitrijević
8115774a7a Swift: Add the capture flow step as part of the normal data flow relation 
TODO: see if we need to exclude duplicate SSA steps
 2023-10-24 13:56:31 +01:00
Nora Dimitrijević
4e1b44a059 Swift: port simpleAstFlowStep/hasAliasedAccess 2023-10-24 13:56:31 +01:00
Nora Dimitrijević
21a369de13 Swift: Add closure content read-write steps 2023-10-24 13:56:31 +01:00
Nora Dimitrijević
c04654d8f9 Swift: getImmediateBasicBlockDominator/2 should use immediatelyDominates/0. 2023-10-24 13:56:31 +01:00
Nora Dimitrijević
95a7d6559c Swift: initial version of a swift port of most of the java code 2023-10-24 13:56:31 +01:00
Nora Dimitrijević
3253c0425c Swift: s/getName/getShortName/ in InlineFlowTest.qll 2023-10-24 13:56:31 +01:00
Nora Dimitrijević
050b8e682f Swift: add failing inline expectation test based on closure AST tests. 2023-10-24 13:56:31 +01:00
Jeroen Ketema
ba67217b44 Merge pull request #14571 from MathiasVP/fix-indirect-taint 
C++: Fix indirect taint
 2023-10-24 14:47:43 +02:00
Chris Smowton
06238dd5f6 Improve reflective class names 2023-10-24 13:29:32 +01:00
Chris Smowton
011666b48c Fix description and improve predicate name of VarWrite. 2023-10-24 12:59:57 +01:00
Geoffrey White
d3063e849e Swift: Model string closure methods. 2023-10-24 12:58:38 +01:00
Chris Smowton
ede17585a6 Amend NewClassExpr description 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-24 12:51:42 +01:00
Chris Smowton
e3edea2a5f Apply simple suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-24 12:51:03 +01:00
Stephan Brandauer
eb97ce3294 Java: automodel extraction query docs, candidate examples 2023-10-24 13:49:38 +02:00
Chris Smowton
efb63aada3 Add change note 2023-10-24 11:45:41 +01:00
Chris Smowton
3627eb2bcf Add missing qldoc 2023-10-24 11:15:08 +01:00
Chris Smowton
e8c9708282 Autoformat 2023-10-24 11:06:19 +01:00
Chris Smowton
09e83d1173 Fix isEnclosingMethodAccess wrapper 2023-10-24 11:03:57 +01:00
Chris Smowton
ac38d4c9c6 Mass rename L/RValue -> VarWrite/Read 2023-10-24 10:58:29 +01:00
Chris Smowton
59a49eef0b Add aliases for public, importable renamed classes and predicates. 
Also rename and aliases a couple of uses of Access noted along the way.
 2023-10-24 10:54:35 +01:00
Chris Smowton
f552a15aae Mass-rename MethodAccess -> MethodCall 2023-10-24 10:30:26 +01:00
Geoffrey White
f597f0272a Update README.md 
Turned the warning at the top into a warning box.

Made the section headers consistent.

I was going to add a section, but I realized it belongs somewhere else.  :)
 2023-10-24 10:12:20 +01:00
Michael Nebel
26f767073d Merge pull request #14363 from michaelnebel/csharp/sunsetqlstubgen 
C#: Sunset QL based stub generator.
 2023-10-24 11:05:56 +02:00
Chris Smowton
a10731c591 Java: introduce more-intuitive names for ClassInstanceExpr, L/RValue and MethodAccess. 2023-10-24 09:38:49 +01:00
Mathias Vorreiter Pedersen
1fce26534f C++: Remove implied conjunct. 2023-10-24 09:25:32 +01:00
Tony Torralba
4e823b4306 Merge pull request #14566 from atorralba/atorralba/java/springframework-6-models 
Java: Added up to date models for Spring's ResponseEntity
 2023-10-24 09:11:37 +02:00
Geoffrey White
4cf40ed259 Swift: Add a test case for withMutableCharacters. 2023-10-23 23:30:19 +01:00
Mathias Vorreiter Pedersen
67ed12c916 C++: Correctly model that 'operator->', and 'get' 
on smart pointers perform a load.
 2023-10-23 20:11:23 +01:00
Mathias Vorreiter Pedersen
b107c4c641 C++: Fix missing result in 'ModelUtil'. The problem was that 'n.asInstruction()' on line 81 wasn't necessarily a 'CallInstruction' (it could be a conversion). 2023-10-23 19:34:25 +01:00
Mathias Vorreiter Pedersen
c0b04eac7c C++: Add failing test. 2023-10-23 19:29:28 +01:00
Alex Eyers-Taylor
26b0363707 CPP: Add test demonstrating use-after-free false negatives. 2023-10-23 17:01:52 +01:00
Paolo Tranquilli
2f0ee12584 Swift: fix patterns/bound_and_unbound.ql test 2023-10-23 17:36:42 +02:00
Paolo Tranquilli
f22d60f011 Swift: clean up VarDecl, NamedPattern and SwitchStmt interactions 
* `variables` under `CaseStmt` are now AST children, which solves
  orphan `VarDecl`s in that case
* reordered `CaseStmt` AST children to be `labels > variables > body`
  (was `body > labels`)
* made `NamedPattern::getVarDecl` an extracted property instead of
  `getName`
* The above led to duplicate DB entities because of a quirk in the
  Swift compiler code. This is solved by tweaking the extraction of
  `variables` under `CaseStmt` to not use `getCaseBodyVariables`.
 2023-10-23 17:36:42 +02:00
Paolo Tranquilli
140ff723e4 Merge pull request #14563 from github/redsun82/codegen-test-with 
Codegen: add `@qltest.test_with`
 2023-10-23 17:35:31 +02:00
Rasmus Wriedt Larsen
e8f548ab52 Python: Model routed parameter flow to *args and **kwargs in Django + rest framework 2023-10-23 17:18:22 +02:00
Joe Farebrother
3f11d83b7b Merge pull request #14500 from joefarebrother/shared-filepath-normalize 
Shared: Add library for filepath normalization
 2023-10-23 16:09:44 +01:00
Paolo Tranquilli
02a2debe94 Codegen: fix python compatibility problem 2023-10-23 16:56:44 +02:00
Rasmus Wriedt Larsen
24687b4156 Python: Add test highlighting missing routed parameter flow to **kwargs parameter of request handler function 2023-10-23 16:49:43 +02:00
Rasmus Wriedt Larsen
8b23140a08 Python: Remove trailing , 2023-10-23 16:45:08 +02:00
Rasmus Wriedt Larsen
60e7786b04 Python: Use explicit keyword parameter 2023-10-23 16:44:54 +02:00
Rasmus Wriedt Larsen
46e44a0036 Python: Fix import 2023-10-23 16:42:55 +02:00
Tony Torralba
cd10dc8a27 Java: Added up to date models for Spring's ResponseEntity 2023-10-23 16:06:11 +02:00
Chris Smowton
e301223644 Merge pull request #14541 from JarLob/patch-3 
fix CWE number
 2023-10-23 15:05:02 +01:00
Michael Nebel
743be92624 C#: Adjust workflow to point to the new location for the script. 2023-10-23 15:10:20 +02:00