hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-07 08:04:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,734 Branches 164 Tags
codeql-cli/v2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mark Shannon
c9a929fb23 Python tests: Increase import depth to ensure sre_constants module is imported. 2019-01-14 11:18:36 +00:00
Tom Hvitved
bbc49dce40 Merge pull request #755 from calumgrant/cs/extractor-alerts 
C#: Fix some LGTM alerts on the extractor
 2019-01-14 10:47:44 +01:00
semmle-qlci
b78fcd39be Merge pull request #745 from hvitved/csharp/query/missed-readonly-modifier 
Approved by calumgrant
 2019-01-14 08:43:59 +00:00
semmle-qlci
3fe9f92817 Merge pull request #746 from hvitved/csharp/is-valid-explicit-params-type 
Approved by calumgrant
 2019-01-14 08:43:30 +00:00
semmle-qlci
201f68d751 Merge pull request #757 from hvitved/csharp/autoformat/queries 
Approved by calumgrant
 2019-01-14 08:42:21 +00:00
semmle-qlci
955bad0618 Merge pull request #640 from asger-semmle/lodash-case 
Approved by esben-semmle
 2019-01-14 07:59:59 +00:00
semmle-qlci
7bb8edd16d Merge pull request #720 from esben-semmle/js/more-flow-parsing 
Approved by xiemaisi
 2019-01-14 07:58:28 +00:00
Esben Sparre Andreasen
7f5dd1a4e8 JS: change notes for improved js/unbound-event-handler-receiver 2019-01-14 08:48:15 +01:00
Esben Sparre Andreasen
b35c4b2a9a JS: support FP pattern for js/unbound-event-handler-receiver 2019-01-14 08:47:37 +01:00
semmle-qlci
9c41b214ee Merge pull request #748 from esben-semmle/js/fix/js/useless-assignment-to-property 
Approved by xiemaisi
 2019-01-13 21:40:35 +00:00
Esben Sparre Andreasen
73af2adde0 JS: change notes for improved support for Flow 2019-01-13 22:10:56 +01:00
Esben Sparre Andreasen
64346e1321 JS: bump extractor version for improved support for Flow 2019-01-13 22:10:56 +01:00
Esben Sparre Andreasen
c26ae26f53 JS: support explicit type arguments for Flow 2019-01-13 22:10:56 +01:00
Esben Sparre Andreasen
45a4026385 JS: support additional export statements for Flow 2019-01-13 22:10:56 +01:00
Esben Sparre Andreasen
c6f9a043ca JS: support additional import statements for Flow 2019-01-13 22:10:56 +01:00
Robert Marsh
eabc674bb3 Merge pull request #747 from jbj/cfg-remove-cfg.ql 
C++: Delete library-tests/qlcfg/cfg.ql
 2019-01-11 11:57:26 -08:00
Jonas Jensen
ef331ee68c Merge pull request #633 from Semmle/rdmarsh/cpp/range-analysis 
C++: New range analysis
 2019-01-11 19:32:20 +01:00
Geoffrey White
c8cbc8ea5a Merge pull request #751 from jbj/hides-parameter-crossfile 
C++: Improvements to "Declaration hides parameter"
 2019-01-11 18:00:50 +00:00
Geoffrey White
a656c692bb Merge pull request #752 from jbj/large-parameter-assignment 
C++: Exclude copy assignment in LargeParameter.ql
 2019-01-11 17:54:30 +00:00
semmle-qlci
04c15028ab Merge pull request #750 from aschackmull/javascript/autoformat 
Approved by xiemaisi
 2019-01-11 16:35:38 +00:00
calum
e76eb1641a C#: Address review comment. 2019-01-11 16:13:04 +00:00
Taus
dcdbc00430 Merge pull request #753 from markshannon/python-fix-regex-test-depth 
Python tests: Increase import depth to ensure sre_constants module is imported.
 2019-01-11 16:46:56 +01:00
Nick Rolfe
e8f4127fe5 C++: fix wording in GVN qldoc comment 2019-01-11 13:56:52 +00:00
Tom Hvitved
36e4b879e9 C#: Remove comment 2019-01-11 14:32:34 +01:00
Anders Schack-Mulligen
db9407bae5 Javascript: Update .expected files. 2019-01-11 14:27:16 +01:00
Jonas Jensen
ca3554dcc6 C++: Incorporate docs review comments 2019-01-11 14:18:15 +01:00
Jonas Jensen
b65e2f8b79 C++: Put QLDoc on two helper predicates 2019-01-11 14:07:22 +01:00
Tom Hvitved
390ebc96ae C#: Autoformat QL files 2019-01-11 13:55:28 +01:00
Taus Brock-Nannestad
b5dc0134a7 Python: Move query suites to public repo. 2019-01-11 13:46:47 +01:00
calum
de4f592bba C#: Add alert suppression comments for cs/similar-file 2019-01-11 12:36:20 +00:00
calum
a44a86bf6f C#: Add alert suppression comments. Rename e to ex in catch clauses for consistency. 2019-01-11 12:32:24 +00:00
Jonas Jensen
6385dd38cf C++: Exclude operator= in ExprHasNoEffect 2019-01-11 13:30:08 +01:00
Jonas Jensen
95e457cb49 C++: Add test with FP in ExprHasNoEffect 2019-01-11 13:18:44 +01:00
Mark Shannon
33a2315ba0 Python tests: Increase import depth to ensure sre_constants module is imported. 2019-01-11 12:15:56 +00:00
calum
fb0cae87a8 C#: Fix some alerts, and fix a potential NullReferenceException. 2019-01-11 12:12:11 +00:00
Jonas Jensen
1cc36dd969 C++: Exclude copy assignment in LargeParameter.ql 
The purpose of the copy assignment operator is to copy the object, so we
should not complain that a copy happens when passing the parameter. See
https://en.wikibooks.org/wiki/More_C++_Idioms/Copy-and-swap for details.
 2019-01-11 12:00:02 +01:00
Jonas Jensen
4ea3849595 C++: Add failing test case for LargeParameter.ql 2019-01-11 11:53:04 +01:00
semmle-qlci
b0dd3dfeb1 Merge pull request #502 from xiemaisi/js/summaries 
Approved by asger-semmle
 2019-01-11 10:27:03 +00:00
Jonas Jensen
b38ca944f4 C++: Work around CPP-331 
This change suppresses results from "Declaration hides parameter" where
the ParameterDeclarationEntry does not link up to the right
FunctionDeclarationEntry.
 2019-01-11 11:26:43 +01:00
Max Schaefer
f9d704bdcf JavaScript: Add example of indirect command injection. 2019-01-11 10:24:41 +00:00
Jonas Jensen
2268f1fee6 C++: Speed up "Declaration hides parameter" 
Bad magic ended up in `LocalVariable.getFunction` and effectively
created a Cartesian product. Before this change, the timing looked like
this:

    Variable::LocalVariable::getFunction_dispred#bb ... 50.1s
    #select#cpe#123#fff ............................... 20.6s

After this change, those predicates become much faster:

    Variable::LocalVariable::getFunction_dispred#ff ... 121ms
    DeclarationHidesParameter::localVariableNames#fff . 77ms
    #select#cpe#123#fff ............................... 28ms

Introducing the predicate `localVariableNames` ensures that we can do
the main join on two columns simultaneously, so that's a change we
should keep even if we remove the `pragma[nomagic]` later.
 2019-01-11 11:06:18 +01:00
Jonas Jensen
8a435ae321 C++: Autoformat "Declaration hides parameter" 2019-01-11 11:02:52 +01:00
Anders Schack-Mulligen
e58094c732 Javascript: Autoformat. 2019-01-11 11:02:42 +01:00
Max Schaefer
7d2d33840a JavaScript: Track flow through forwarding higher-order calls. 2019-01-11 09:15:58 +00:00
Tom Hvitved
c06fc2af09 C#: Remove DefUse.qll 2019-01-11 09:35:38 +01:00
Max Schaefer
59bac829b1 JavaScript: Refactor flowsIntoHigherOrderCall predicate. 2019-01-11 08:34:09 +00:00
Max Schaefer
edc5117dfd JavaScript: Track flow into (simple) higher-order function calls. 
The only case we support for now are functions that invoke one of their arguments, passing another argument as input.
 2019-01-11 08:11:15 +00:00
Max Schaefer
414ab8ea8c JavaScript: Refactor argumentPassing. 2019-01-11 07:57:58 +00:00
Esben Sparre Andreasen
9af6a81a58 JS: change note for ODASA-7636 fix 2019-01-11 08:37:01 +01:00
Esben Sparre Andreasen
d0372dd290 JS: reuse a variable 2019-01-11 08:34:17 +01:00