hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-27 05:13:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,689 Branches 159 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
james
f2baf43f74 docs: fix broken Expr links 
(cherry picked from commit 9437c2d007)
 2019-09-10 16:04:34 +01:00
semmle-qlci
05247849b0 Merge pull request #1913 from xiemaisi/csharp/update-a-qlref 
Approved by hvitved
 2019-09-10 16:04:19 +01:00
shati-semmle
2a3c6a9ac4 Vale linter: fix typo 
(cherry picked from commit 4d98b4c3a1)
 2019-09-10 16:03:10 +01:00
james
cf8fbca218 docs: improve slide layout for printing 
(cherry picked from commit f78ce146f1)
 2019-09-10 16:03:09 +01:00
james
358be7419d docs: updated slide background 
(cherry picked from commit ecc2449c1c)
 2019-09-10 16:03:09 +01:00
james
be14eea5a4 docs: slides fix for edge and ff 
(cherry picked from commit f93359a472)
 2019-09-10 16:03:09 +01:00
james
a2c87c9890 docs: fix typo 
(cherry picked from commit 09a0b562e5)
 2019-09-10 16:03:06 +01:00
jf205
b1d4843a95 Update docs/language/README.rst 
Co-Authored-By: shati-semmle <42641846+shati-semmle@users.noreply.github.com>
(cherry picked from commit ce2326cc6e)
 2019-09-10 16:03:06 +01:00
jf205
20df58f400 Update docs/language/learn-ql/ql-training.rst 
Co-Authored-By: shati-semmle <42641846+shati-semmle@users.noreply.github.com>
(cherry picked from commit 1f67d71f5f)
 2019-09-10 16:03:06 +01:00
jf205
1c0db5dce8 Update docs/language/learn-ql/ql-training.rst 
Co-Authored-By: shati-semmle <42641846+shati-semmle@users.noreply.github.com>
(cherry picked from commit 4ec828a719)
 2019-09-10 16:03:06 +01:00
james
985751b128 docs: update layout.html 
(cherry picked from commit 1a7c79bd7c)
 2019-09-10 16:03:05 +01:00
james
1d3cf2002a docs: specify sphinx 1.7.9 in readme 
(cherry picked from commit 99614d98e1)
 2019-09-10 16:03:05 +01:00
james
fcba260393 docs: fix a couple of links 
(cherry picked from commit 16aaa95566)
 2019-09-10 16:03:05 +01:00
james
7e7b9e5578 docs: remove VA section from writing-queries.rst 
(cherry picked from commit 6f9d4c8562)
 2019-09-10 16:03:04 +01:00
james
8efcabf237 docs: rework ql-training.rst 
(cherry picked from commit 49955c56be)
 2019-09-10 16:03:04 +01:00
james
b56b28e228 docs: reorganize and add some ref bookmarks to learn-ql index 
(cherry picked from commit 593818b71a)
 2019-09-10 16:03:04 +01:00
james
40be3bc8cf docs: rename ql-training-rst > ql-training 
(cherry picked from commit 65573492e7)
 2019-09-10 16:03:03 +01:00
james
d1d19bf744 docs: add ql-training page to learn-ql project 
(cherry picked from commit c8dd5e620c)
 2019-09-10 16:03:02 +01:00
jf205
e19799f1eb Update docs/language/ql-training-rst/slide-snippets/local-data-flow.rst 
Co-Authored-By: Luke Cartey <5377966+lukecartey@users.noreply.github.com>
(cherry picked from commit 64c4548aca)
 2019-09-10 16:03:00 +01:00
james
32d56fbd93 docs: update images 
(cherry picked from commit f0e2a2ea71)
 2019-09-10 16:02:59 +01:00
james
b701d1d8cf docs: toctree path 
(cherry picked from commit acb3e742e6)
 2019-09-10 16:02:59 +01:00
james
4e4388d688 docs: address review comments 
(cherry picked from commit 8c88cbba3a)
 2019-09-10 16:02:59 +01:00
Mark Shannon
541706ed53 Python docs: Fix typos and rst formatting issue. 
(cherry picked from commit d096644773)
 2019-09-10 15:57:52 +01:00
james
d592af1c22 docs: fix speaker note bug 
(cherry picked from commit 0b31ca46b1)
 2019-09-10 15:57:52 +01:00
james
9eefeb770a docs: fix include in data flow slides 
(cherry picked from commit 387147ede2)
 2019-09-10 15:57:52 +01:00
james
6dcf9997e9 docs: make use of includes for local and global data flow slides 
(cherry picked from commit b89f0161aa)
 2019-09-10 15:57:52 +01:00
james
dfeab086db docs: add template slide deck 
(cherry picked from commit ec9ca6852b)
 2019-09-10 15:57:52 +01:00
james
6b9566a6e4 docs: add rst versions of java slide decks and improve a few c++ slides 
(cherry picked from commit 7fa7f2dd65)
 2019-09-10 15:57:51 +01:00
Mark Shannon
63a391a654 Python docs: remove confusing reference to SSA as 'dataflow' and add a reference to the taint-tracking library from the library overview page. 
(cherry picked from commit dafed6b93e)
 2019-09-10 15:57:51 +01:00
Mark Shannon
1fe5d0cb97 Python docs: Remove all references to ClassExpr and FunctionExpr; we want to remove them eventually. 
(cherry picked from commit 562f4ef604)
 2019-09-10 15:57:51 +01:00
Mark Shannon
ff64aedc0a Python docs: Replace remaining references to old 'Object' API are replaced by new 'Value' API. 
(cherry picked from commit 6edf9efe1b)
 2019-09-10 15:57:51 +01:00
Jonas Jensen
bd59029e2b C++: Add pointer-to-member test to syntax-zoo 
This test was inspired by problems observed in a MySQL snapshot. The
results show there are problems with both the QL CFG and the IR.
 2019-09-10 16:23:23 +02:00
Erik Krogh Kristensen
97fc10e669 Add query for detecting potential DOS form a tainted .length property 2019-09-10 14:59:48 +01:00
Max Schaefer
ea81531a7b C#: Update a .qlref. 
This currently relies on the fact that qltest includes `ql/csharp/ql/src/Metrics` in addition to `ql/csharp/ql/src` on its search path when run internally, which is inconsistent with the other languages. Since this is the only test that relies on it, I'd like to update it and get rid of the extra search root eventually.
 2019-09-10 13:01:04 +01:00
Jonas Jensen
de4e2a259e C++: Stub replacement for security.TaintTracking 
This commit adds a `semmle.code.cpp.ir.dataflow.DefaultTaintTracking`
library that's API-compatible with the
`semmle.code.cpp.security.TaintTracking` library. The new library is
implemented on top of the IR data flow library.

The idea is to evolve this library until it can replace
`semmle.code.cpp.security.TaintTracking` without decreasing our SAMATE
score. Then we'll have the IR in production use, and we will have one
less taint-tracking library in production.
 2019-09-10 13:40:45 +02:00
semmle-qlci
df1bf4a95b Merge pull request #1907 from asger-semmle/mongoose-types 
Approved by xiemaisi
 2019-09-10 12:05:57 +01:00
Sam Lanning
2f54437c10 Merge pull request #1889 from AlexTereshenkov/master 
Add a new issue template for false positive in LGTM.com
 2019-09-10 11:33:09 +01:00
AlexTereshenkov
49ee205b46 Update issue templates 2019-09-10 11:02:02 +01:00
AlexTereshenkov
77871f6d51 Update .github/ISSUE_TEMPLATE/lgtm-com---false-positive.md 
Co-Authored-By: Sam Lanning <sam@lanni.ng>
 2019-09-10 10:25:03 +01:00
AndreiDiaconu1
442c9f2cc8 Delete useless file 2019-09-10 09:52:35 +01:00
AndreiDiaconu1
241a40c145 C# IR: Initializers 
Add support for collection initializers.
Instead of using `AssignExpr` for the translation of object initializers, `MemberInitializer` is now used.
 2019-09-10 09:32:00 +01:00
AndreiDiaconu1
0528d8ef39 C# IR: Object creation refactoring 
The way object creation was translated has been changed: now creations are treated as expressions.
The main motivation for this was the inability to have creation expressions as arguments to
function calls (a test case has been added to showcase this).
All code that dealt with creation expressions has been moved from `TranslatedInitialization.qll` to `TranslatedExpr.qll`.
Some light refactoring has also been done, mainly removing code that was useless after the changes mentioned above.
 2019-09-10 09:20:21 +01:00
AndreiDiaconu1
d9f3c14c9c C# IR: Add support for multiple decls and updates 
Added support for multiple declarations and updates in a for stmt.
Added test cases and updated the expected output.
 2019-09-10 09:17:41 +01:00
Jonas Jensen
d6fba0ef46 C++: Don't create partial defs for calls to const 
These partial defs don't do any harm, but they could hurt performance.
In typical C++ snapshots, between 5% and 20% of all calls are to `const`
functions.
 2019-09-10 09:49:16 +02:00
Jonas Jensen
fd3615d120 C++: Show that there are too many partial defs 2019-09-10 09:44:07 +02:00
jf205
ad4715fd52 Merge pull request #1908 from shati-semmle/ql-hb/fixes 
QL handbook: Add examples and fix typos
 2019-09-10 08:42:14 +01:00
Jonas Jensen
7b09e4177e C++: Add localExprTaint for IR 
This is for ODASA-8053.
 2019-09-10 09:40:31 +02:00
Jonas Jensen
80a0027808 C++: Shared TaintTrackingImpl for IR TaintTracking 2019-09-10 09:40:27 +02:00
Jonas Jensen
770212567f C++: Fix up IR data flow QLDoc 2019-09-10 09:34:54 +02:00
Tom Hvitved
41cd13a637 C#: Update expected test output 2019-09-10 09:17:50 +02:00