hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-22 21:27:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,608 Commits 1,783 Branches 169 Tags
codeql-cli/v2.25.6
Commit Graph

87608 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
00546804e3 Merge pull request #103 from max-schaefer/fix-disabled-certificate-check-qldoc 
Fix misformatted header comment for `DisabledCertificateCheck`.
 2020-04-16 09:59:55 +01:00
Rasmus Wriedt Larsen
ab120ed7af Python: Remove deprecated annotation for old PointsTo::points_to 
We should only deprecate it when we're ready to deprecate the old refersTo and
all the old Object classes
 2020-04-16 09:47:45 +02:00
Max Schaefer
245b99dd42 Fix misformatted header comment for DisabledCertificateCheck. 2020-04-16 08:43:33 +01:00
Robert Marsh
d0e047186a C++: add remote flow models for fread and gets 2020-04-15 18:01:04 -07:00
Robert Marsh
a006bd3117 C++: add model-based RemoteFlowSource 2020-04-15 17:46:00 -07:00
Dave Bartolomeo
2264ec714f C++: Better type preservation in getVariableType() 
`getVariableType()` is used to compute the actual semantic type of a variable from its declared type. That's where we handle pointer and function decay for parameters, and it's also where we handle arrays of unknown bound initialized with an initializer of known bound.

Previously, even if neither of the above situations applied, the type that we returned was the `getUnspecifiedType()` of the variable. This meant that, for example, `const char* p` would be treated as `char *`. This is inconsistent with how we handle types elsewhere in IR construction, where we preserve typedefs and cv-qualifiers when creating the `CppType` of an `IRVariable`, `Instruction`, or `Operand`.

The only visible effect this fix has is to fix the inferred result type for `Phi` instructions for variables affect by this change in `getVariableType()` behavior. Previously, we would see the variable accessed as both `const char*` and as `char*`, so we'd fall back to the canonical pointer type, which is `decltype(nullptr)`. Now, we see the same type for all accesses to the variable, so we use that type as the type of the SSA memory location and as the result type of the `Phi` instruction.
 2020-04-15 18:41:24 -04:00
Dave Bartolomeo
90dc14c56e C++/C#: Fix phantom Chi definitions in PrintSSA 
When `PrintSSA.qll` is imported, IR dumps will be annotated with the alias analysis information used during SSA construction. When printing this information, we incorrectly treated instructions at offset -1, which should only be `Phi` instructions, as `Chi` instructions for the instruction at offset 0. This produced phantom annotations, but did not affect the correctness of the actual IR.
 2020-04-15 18:24:11 -04:00
Mathias Vorreiter Pedersen
86ba03bea8 Merge pull request #3256 from Semmle/rdmarsh/cpp/add-qldoc-1 
C++: Add QLdoc to some AST methods (Class.qll-Diagnostics.qll)
 2020-04-15 21:46:36 +02:00
Erik Krogh Kristensen
69a16af152 Merge branch 'master' into Maps 2020-04-15 20:41:22 +02:00
Erik Krogh Kristensen
fd51142200 change succ in storeStep to be a SourceNode 2020-04-15 20:40:58 +02:00
Erik Krogh Kristensen
e8dc77d508 add support for util.promisify with child_process calls 2020-04-15 19:16:30 +02:00
Rasmus Wriedt Larsen
b179a0bdc2 Python: Add deprecated comment for FinalCustomPointsToFact 2020-04-15 16:59:07 +02:00
Rasmus Wriedt Larsen
5a51d2cc4c Merge pull request #3245 from BekaValentine/python-objectapi-to-valueapi-wrongnameforargumentinclassinstantiation 
Python: ObjectAPI to ValueAPI: WrongNameForArgumentInClassInstantiation
 2020-04-15 16:48:26 +02:00
Rasmus Wriedt Larsen
390959713a Merge pull request #3246 from BekaValentine/python-objectapi-to-valueapi-uselessclass 
Python: ObjectAPI to ValueAPI: UselessClass
 2020-04-15 16:45:02 +02:00
Jonas Jensen
7e67dcca6f C++: Tidy up 1.24 change notes 
- Merged the two notes for `cpp/uncontrolled-allocation-size` into one.
- Added note about renaming of a query id.
- Moved the use of IR in queries from the library section to the queries
  section, rephrasing the note in terms of query results/performance
  rather than library implementation.
- Grouped, without text changes, the three notes about the `Allocation`
  library
- Grouped all the notes about standard-library models, abbreviating them
  to eliminate the common text.
- Removed the note about `strlen` (#2647) since that should no longer
  affect the results of queries or IR data flow after we started using
  unsound IR for data flow.
 2020-04-15 16:08:57 +02:00
Jonas Jensen
aa8f30cd83 Merge pull request #3268 from MathiasVP/ql-doc-negativitiy 
C++: Add QLDoc to public predicates in Negativity.qll
 2020-04-15 15:12:07 +02:00
Max Schaefer
699208adae Merge pull request #102 from marcogario/integeroverflow_qhelp 
Integeroverflow.qhelp: use paragraphs within sections
 2020-04-15 14:09:55 +01:00
Mathias Vorreiter Pedersen
3d0ac53266 Apply suggestions from code review 
Co-Authored-By: Jonas Jensen <jbj@github.com>
 2020-04-15 14:01:49 +02:00
Geoffrey White
b8acd702d6 C++: Rename the test for consistency. 2020-04-15 12:49:07 +01:00
Marco Gario
14e4e2d40f Integeroverflow.qhelp: use paragraphs within sections 2020-04-15 12:15:25 +01:00
Jonas Jensen
6eba3380dd Merge pull request #3241 from geoffw0/alloc-size2 
C++ Improvements to TaintedAllocationSize.ql
 2020-04-15 12:58:19 +02:00
semmle-qlci
bfd80b42a7 Merge pull request #3260 from asger-semmle/js/location-tweaks 
Approved by erik-krogh
 2020-04-15 10:47:35 +01:00
Asger F
34d40b5035 Merge pull request #3237 from asger-semmle/js/sparse-capture 
JS: Add CapturedVariableNode to avoid N^2 edges
 2020-04-15 10:42:48 +01:00
Mathias Vorreiter Pedersen
f02feac33a C++: Add flow from #3220 2020-04-15 11:34:19 +02:00
Asger Feldthaus
679259944f JS: Address review comments 2020-04-15 10:27:32 +01:00
Geoffrey White
2aa64db40e Merge remote-tracking branch 'upstream/rc/1.24' into alloc-size2 2020-04-15 10:09:54 +01:00
Mathias Vorreiter Pedersen
209e084820 Merge branch 'master' into ir-flow-fields 2020-04-15 10:51:45 +02:00
Sauyon Lee
882805207a Merge pull request #98 from max-schaefer/extract-frontend-errors 
Add support for extracting frontend errors
 2020-04-15 01:40:31 -07:00
Sauyon Lee
777818e019 Merge pull request #99 from github/rc/1.24 
Merge rc/1.24 into master
 2020-04-15 01:33:46 -07:00
Max Schaefer
d452fc04ad Merge pull request #101 from sauyon/bufio-change-note 
Add change note for buffered i/o
 2020-04-15 08:48:58 +01:00
Sauyon Lee
8ca310e6b6 Add change note for buffered i/o 2020-04-15 00:37:50 -07:00
Sauyon Lee
d3e62b0480 Merge pull request #100 from max-schaefer/add-missing-change-notes 
Add two missing change notes.
 2020-04-15 00:33:54 -07:00
Max Schaefer
95c2cb19cf Add two missing change notes. 2020-04-15 07:57:47 +01:00
Mathias Vorreiter Pedersen
a2fbe9e9da C++: Add QLDoc to public predicates in Negativity 2020-04-15 08:18:03 +02:00
Jonas Jensen
b603a3da64 Merge pull request #3259 from MathiasVP/ql-doc-fileclosed-loopbounds-memoryfreed 
C++: QLDoc for FileClosed, LoopBounds and MemoryFreed
 2020-04-15 08:08:04 +02:00
Jonas Jensen
6eac35c753 Merge pull request #3264 from Semmle/merge-rc/1.24 
Merge rc/1.24 into master.
 2020-04-15 07:56:58 +02:00
Jonas Jensen
ae11e7b72c Merge pull request #3265 from Semmle/rdmarsh/cpp/deprecate-isDefined 
C++: deprecate Declaration::isDefined()
 2020-04-15 07:53:19 +02:00
Chris Gavin
4e981d8e70 Merge rc/1.24 into master. 2020-04-14 21:30:29 +01:00
Robert Marsh
146bfca2ad Merge pull request #3254 from dbartol/dbartol/ImplicitReturnValue2 
C++: Treat implicit end of body of non`-void` function as `Unreached`
 2020-04-14 12:18:50 -07:00
Asger Feldthaus
1107e7c6a6 JS: Rename other uses of getURL 2020-04-14 19:45:09 +01:00
Dave Bartolomeo
279467654e C++: Make test functions return void 2020-04-14 14:17:56 -04:00
Dave Bartolomeo
812087968f C++: Fix test output 
Mostly noise, but a couple of the missing operand errors are actual fixes.
 2020-04-14 14:17:20 -04:00
Robert Marsh
b5c0a0f77d C++: remove all uses of Declaration::isDefined 2020-04-14 10:54:06 -07:00
Robert Marsh
5ee60762fe C++: deprecate Declaration::isDefined() 2020-04-14 10:49:52 -07:00
Robert Marsh
7f5b3de665 C++: autoformat 2020-04-14 10:36:53 -07:00
Robert Marsh
be81a1a8b3 Merge pull request #3255 from dbartol/dbartol/UnmodeledDefinition 
C++: Connect `InitializeIndirection` to `UnmodeledDefinition`
 2020-04-14 10:34:30 -07:00
Taus
8402e6a2e1 Merge pull request #3243 from BekaValentine/python-objectapi-to-valueapi-incorrectlyspecifiedoverriddenmethod 
Python: ObjectAPI to ValueAPI: IncorrectlySpecifiedOverriddenMethod
 2020-04-14 18:55:42 +02:00
Mathias Vorreiter Pedersen
092145d571 Update cpp/ql/src/Critical/FileClosed.qll 
Co-Authored-By: Jonas Jensen <jbj@github.com>
 2020-04-14 18:38:33 +02:00
Max Schaefer
8341ce0d46 Merge pull request #97 from max-schaefer/fix-frontend-errors 
Fix a few compiler errors in tests
 2020-04-14 17:17:03 +01:00
Dave Bartolomeo
125a09ce6e C++: Fix IR generation of return of void expression 2020-04-14 11:40:33 -04:00