85654 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Paolo Tranquilli	4aef1ba9d1	Rust: clean up	2025-10-16 17:20:41 +02:00
REDMOND\brodes	3f36b09b3c	Crypto: Rename tests for weak asymmetric key gen size.	2025-10-16 11:18:36 -04:00
Paolo Tranquilli	a9ae583e14	Rust: introduce File::hasSemantics and File::isSkippedByCompilation	2025-10-16 17:08:12 +02:00
REDMOND\brodes	a64a24d25d	Crypto: Comment in Language.qll	2025-10-16 11:03:49 -04:00
REDMOND\brodes	79ccef3a58	Crypto: Initial sketch for unknown hash, the model needs to recognize unknowns but where the algorithm category (e.g., hashing) is known.	2025-10-16 11:03:16 -04:00
Taus	3c2635767e	Misc: Add script for patching the query history ... Adds `patch_query_history.py` in the `misc/scripts` directory. Its function is to extend the existing VSCode query history with a new entry whose JSON evaluator log summary points at a log that was created outside of VSCode. This enables the use of e.g. the Performance Comparison View on runs that were not initiated from within VSCode.	2025-10-16 15:00:43 +00:00
REDMOND\brodes	d2598d4f5d	Crypto: Updating weak hash tests	2025-10-16 10:56:08 -04:00
REDMOND\brodes	4860034d41	Crypto: Weak Hash test cases update and expected file.	2025-10-16 10:40:53 -04:00
Geoffrey White	5d95fad467	Rust: Changes suggested by Copilot (with effect on tests).	2025-10-16 14:59:06 +01:00
Simon Friis Vindum	68d4240c26	C++: Add change note	2025-10-16 15:56:11 +02:00
Simon Friis Vindum	9502d83f2c	C++: Add debug predicates	2025-10-16 15:05:48 +02:00
Simon Friis Vindum	c1f0f3da96	C++: Handle guard phi nodes differently	2025-10-16 15:05:46 +02:00
Simon Friis Vindum	99103a5741	C++: Add additional test for range analysis	2025-10-16 15:05:45 +02:00
Simon Friis Vindum	8896a7210b	C++: Add number of bounds test to simple range analysis	2025-10-16 15:05:44 +02:00
Simon Friis Vindum	7eacd87343	C++: Apply widening based on number of bounds measure	2025-10-16 15:05:42 +02:00
Geoffrey White	397563dd0e	Rust: Accept consistency check .expected changes.	2025-10-16 13:54:11 +01:00
Nora Dimitrijević	e120e5c3ba	Merge pull request #20337 from d10c/d10c/python-overlay-compilation-plus-extractor ... Python: enable overlay compilation + extractor overlay support	2025-10-16 14:49:01 +02:00
Geoffrey White	d4a599c51d	Rust: Accept more minor test expectation changes.	2025-10-16 12:41:49 +01:00
Geoffrey White	b933f8df89	Merge branch 'main' into gen1	2025-10-16 12:38:59 +01:00
Geoffrey White	8f7d3798ad	Rust: Allow rows to be direct sources of taint as well.	2025-10-16 12:14:50 +01:00
Geoffrey White	f310d535ae	Rust: Add models.	2025-10-16 12:07:54 +01:00
Geoffrey White	08ca643cd3	Rust: Test sources for mysql and mysql_async.	2025-10-16 11:55:24 +01:00
Geoffrey White	75a34a4881	Merge pull request #20631 from geoffw0/mysql ... Rust: Model mysql and mysql_async query sinks	2025-10-16 11:42:33 +01:00
Geoffrey White	ee86655742	Rust: Update another affected test.	2025-10-16 11:37:57 +01:00
Geoffrey White	c56de30248	Rust: Fix merge conflict in .expected file.	2025-10-16 11:16:54 +01:00
Geoffrey White	c30e9a96d4	Rust: Accept changes to other test expectations.	2025-10-16 11:00:29 +01:00
Geoffrey White	217508e2c2	Merge branch 'main' into gen1	2025-10-16 09:35:29 +01:00
Geoffrey White	1936abaaee	Merge pull request #20650 from geoffw0/mv2 ... Rust: Rename stdlib model files to be consistent with others.	2025-10-16 08:47:47 +01:00
Simon Friis Vindum	744b11e421	Merge pull request #20543 from paldepind/rust/model-actix-web ... Rust: Add models for actix-web	2025-10-16 08:48:06 +02:00
REDMOND\brodes	25599e9b4b	crypto: Update JCA model macs to take into consideration update calls (use prior pattern for signatures). Misc. bug fixes.	2025-10-15 16:25:36 -04:00
Geoffrey White	510597666a	Rust: Change note.	2025-10-15 20:31:47 +01:00
Geoffrey White	612e95b7a4	Rust: More deduplication.	2025-10-15 20:31:46 +01:00
Geoffrey White	483ab5929a	Rust: Combine and expand some of the models.	2025-10-15 20:31:43 +01:00
REDMOND\brodes	15e266db94	Crypto: Tweaks to bad crypto ordering queries.	2025-10-15 14:20:40 -04:00
REDMOND\brodes	9a6aac1300	Crypto: To get unreferenced parameters as general sources for Java, I've included the caveat that if a function is called, all the calls appear to be in test files.	2025-10-15 14:20:16 -04:00
REDMOND\brodes	c6174fbb93	Crypto: remove precision tag	2025-10-15 14:10:16 -04:00
Geoffrey White	ea6c7cfba0	Rust: Generalize stdlib 'a as b' models.	2025-10-15 19:08:05 +01:00
Geoffrey White	072eca233d	Rust: Update consistency check .expected.	2025-10-15 16:50:47 +01:00
Geoffrey White	eb1555c45e	Rust: Update the suite list .expected files.	2025-10-15 16:08:08 +01:00
Geoffrey White	f4a6efa9e0	Rust: Rename stdlib model files to be consistent with others.	2025-10-15 16:02:42 +01:00
REDMOND\brodes	631e482fd6	Crytpo: when key encapsulation or cipher operations have multiple modes at a node, the node name must reflect that it may be any mode.	2025-10-15 11:01:49 -04:00
Geoffrey White	c68112fb60	Rust: Move the CWE-328 test.	2025-10-15 15:24:25 +01:00
Geoffrey White	c7f0e41660	Rust: Move the existing CWE-327 test.	2025-10-15 15:24:14 +01:00
Geoffrey White	9dcc0a0d81	Rust: Move rust/weak-sensitive-data-hashing to CWE-327.	2025-10-15 15:14:16 +01:00
Geoffrey White	48ca04bc40	Rust: Repair test annotations following format and accept .expected changes.	2025-10-15 15:00:28 +01:00
Geoffrey White	28c139abfb	Rust: Format the test.	2025-10-15 14:42:12 +01:00
Geoffrey White	5544dfff6d	Update rust/ql/test/query-tests/security/CWE-089/mysql.rs ... Co-authored-by: Simon Friis Vindum <paldepind@github.com>	2025-10-15 14:31:10 +01:00
REDMOND\brodes	c7be23e1fe	Crypto: Remove all precision tags from all experimental queries. Precision is largely in flux while the models are being developed.	2025-10-15 09:22:04 -04:00
REDMOND\brodes	bf9a249624	Crypto: Experimental queries for mac ordering	2025-10-15 08:06:50 -04:00
REDMOND\brodes	ee08385e31	Crytpo: Update JCA keyagreement to type conversion, XDH is a type of ECDH.	2025-10-15 08:06:19 -04:00