hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-23 19:32:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,686 Branches 158 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
793988afe4 Merge pull request #2344 from asger-semmle/element-pattern-prop-read 
Approved by max-schaefer
 2019-11-27 10:54:46 +00:00
Taus
8372039205 Apply suggestions from documentation review 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2019-11-27 11:50:37 +01:00
Anders Schack-Mulligen
2c3a6d7359 Java: Allow explicit zero multiplication in java/evaluation-to-constant. 2019-11-27 11:49:43 +01:00
Erik Krogh Kristensen
967ecbad24 Merge remote-tracking branch 'upstream/master' into promiseAll 2019-11-27 11:28:37 +01:00
Felicity Chapman
38f6f05f12 Merge pull request #2452 from yo-h/docs-query-metadata-precision-fix 
Documentation: fix invalid `@precision` value
 2019-11-27 10:26:49 +00:00
Erik Krogh Kristensen
e27a69960d update description 2019-11-27 11:17:19 +01:00
Erik Krogh Kristensen
42fbcbf007 update expected test output 2019-11-27 11:14:04 +01:00
Erik Krogh Kristensen
60f7a7a274 changes based on review feedback 2019-11-27 11:11:49 +01:00
Erik Krogh Kristensen
6d63d75d87 remove superfluous line break 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2019-11-27 10:52:01 +01:00
Tom Hvitved
39aaa38486 C#: Update EntityFramework test 2019-11-27 10:28:12 +01:00
Anders Schack-Mulligen
3d0e3aa1fd Java: Fix a number of performance issues when toString is cached. 2019-11-27 09:06:15 +01:00
Anders Schack-Mulligen
42b51d4ebb Merge pull request #2449 from felicitymay/1.23/SD-4095-finalize-change-notes-java2 
Update data-flow note to match that for C/C++
 2019-11-27 08:50:31 +01:00
Asger F
6eb2c26ea4 TS: Pass --no-default-rc and --non-interactive to yarn 2019-11-27 06:42:03 +00:00
Asger F
605c8834c6 JS: Avoid redundant window.name sources 2019-11-27 06:15:12 +00:00
semmle-qlci
380a5fc166 Merge pull request #2444 from esbena/js/flow-spread-prop-types 
Approved by max-schaefer
 2019-11-26 22:42:23 +00:00
yo-h
8a8b795696 Merge pull request #2447 from aschackmull/java/cache-perf 
Java: Improve performance by normalizing import order to reduce cache invalidation.
 2019-11-26 16:26:53 -05:00
Dave Bartolomeo
aa6bd07971 Merge remote-tracking branch 'upstream/master' into dbartol/May-Must 2019-11-26 14:07:13 -07:00
Robert Marsh
e368d5dda0 C++: simplify getDisplayOrderInBlock 2019-11-26 16:02:30 -05:00
Jonas Jensen
c05cc77a91 Merge pull request #2421 from dbartol/dbartol/IndirectAlias 
C++/C#: Cleanup in preparation for indirect alias analysis
 2019-11-26 21:59:17 +01:00
Erik Krogh Kristensen
9b608e9ec4 simplify multiple parameter selection 2019-11-26 21:07:37 +01:00
Dave Bartolomeo
f3b4140948 C++/C#: Consistent handling of "may" vs. "must" memory accesses 
In the IR, some memory accesses are "must" accesses (the entire memory location is always read or written), and some are "may" accesses (some, all, or none of the bits in the location are written). We previously had to special case specific "may" accesses in a few places. This change regularizes our handling of "may" accesses.

The `MemoryAccessKind` enumeration now describes only the extent of the access (the set of locations potentially accessed), but does not distinguish "must" from "may". The new predicates `Operand.hasMayMemoryAccess()` and `Instruction.hasResultMayMemoryAccess()` hold when the access is a "may" access.

Unaliased SSA now correctly ignores variables that are ever accessed via a "may" access.

Aliased SSA now distinguishes `MemoryLocation`s for "may" and "must" accesses. I've refactored `getOverlap()` into the core `getExtentOverlap()`, which considers only the extent, but not the "may" vs. "must", and `getOverlap()`, which tweaks the result of `getExtentOverlap()` based on "may" vs. "must" and read-only locations.

When determining the overlap between a `Phi` operand and its definition, we now use the result of the defining `Chi` instruction, if one exists. This gives exact definitions for `Phi` operands for virtual variables.
 2019-11-26 12:13:07 -07:00
yo-h
2eea94c3dc Documentation: fix invalid @precision value 2019-11-26 14:11:54 -05:00
Felicity Chapman
403565bb06 Update data-flow note to match that for C/C++ 2019-11-26 18:07:51 +00:00
Felicity Chapman
3b7ab8f734 Update shared data-flow note to match that for C/C++ 2019-11-26 18:02:09 +00:00
Jonas Jensen
95bceae915 Merge pull request #2434 from felicitymay/1.23/SD-4095-finalize-change-notes-cpp 
1.23: SD-4095 finalize change notes for C/C++
 2019-11-26 18:56:22 +01:00
Dave Bartolomeo
4e1ee7a998 C++/C#: Fix formatting 2019-11-26 10:48:24 -07:00
Felicity Chapman
4f6660887c Update shared data-flow note for feedback 2019-11-26 16:41:30 +00:00
Taus Brock-Nannestad
118275e948 Python: Use import python consistently in all queries. 2019-11-26 17:37:09 +01:00
Anders Schack-Mulligen
deb6a6e5c6 Java: Improve performance by normalizing import order to reduce cache invalidation. 2019-11-26 17:20:01 +01:00
Taus
e585f1ba85 Merge pull request #1332 from lcartey/python/change-kind 
Python: Update filter queries to have appropriate kind
 2019-11-26 17:15:38 +01:00
Erik Krogh Kristensen
b5a57986c6 small changes based on review feedback 2019-11-26 15:57:31 +01:00
Esben Sparre Andreasen
9ffe03bcce JS: support additional Flow syntax: ... in object types 2019-11-26 15:24:27 +01:00
Erik Krogh Kristensen
7b262fa9cf update expected output 2019-11-26 14:39:09 +01:00
Erik Krogh Kristensen
5a0cabb039 Merge remote-tracking branch 'upstream/master' into typeAheadSink 2019-11-26 14:37:40 +01:00
Erik Krogh Kristensen
ace484a519 change the typeahead.js model to be semantically correct 2019-11-26 14:35:13 +01:00
Taus Brock-Nannestad
35e3e3d2a1 Python: Update change note for 1.23. 2019-11-26 13:58:22 +01:00
Tom Hvitved
355c4f7154 C#: Add change note 2019-11-26 13:54:19 +01:00
Tom Hvitved
71e958eabc C#: Add taint-tracking steps through conversion operator calls 2019-11-26 13:53:50 +01:00
Tom Hvitved
acb069f69b C#: Add data flow tests for conversion operators 2019-11-26 13:53:17 +01:00
Erik Krogh Kristensen
4a94c49d37 changes based on review feedback 2019-11-26 13:40:48 +01:00
Jonas Jensen
b1745f588c Merge pull request #2402 from geoffw0/nospace 
CPP: Make NoSpaceForZeroTerminator.ql more conservative.
 2019-11-26 13:36:05 +01:00
Erik Krogh Kristensen
97718bf1d4 the callback function can both be the second and third argument 2019-11-26 13:00:00 +01:00
semmle-qlci
3d5d178b19 Merge pull request #2439 from erik-krogh/useOfReturnlessFunctionHotfix 
Approved by max-schaefer
 2019-11-26 11:56:57 +00:00
Erik Krogh Kristensen
b06acd1ed0 add change note 2019-11-26 12:52:41 +01:00
Erik Krogh Kristensen
0f948339af add change note 2019-11-26 11:23:30 +01:00
Erik Krogh Kristensen
b6106f9638 keep the ResolvedPromiseDefinition class as a subclass of PromiseCreationCall 2019-11-26 11:16:59 +01:00
Erik Krogh Kristensen
f284b3a2bb Merge remote-tracking branch 'upstream/master' into exceptionXss 2019-11-26 10:54:04 +01:00
Erik Krogh Kristensen
7ee12a3420 change doc based on review feedback 2019-11-26 10:48:24 +01:00
Anders Schack-Mulligen
18e1708036 Merge pull request #2412 from Cornelius-Riemenschneider/nullness-corr-cond 
Java: Nullness library: track instanceof expressions in correlated conditions
 2019-11-26 10:33:34 +01:00
Erik Krogh Kristensen
fed2675f76 remove FP in use-of-returnless-function FP related to calls to super() 2019-11-26 10:17:04 +01:00