hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-01 08:42:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
96db3459d0 remove stray todo 2020-10-13 11:48:06 +02:00
Rasmus Wriedt Larsen
dcd103ea73 Python: Fix grammar 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 10:31:35 +02:00
Rasmus Wriedt Larsen
ce85ac3ce1 Python: Remove solved TODO 2020-10-13 10:15:03 +02:00
Rasmus Wriedt Larsen
2e430325be Python: Refactor argument matching to use set literals 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 10:05:35 +02:00
Erik Krogh Kristensen
9604705f64 remove pretty printing of bytes (unstable between minor versions) 2020-10-12 22:32:37 +02:00
Erik Krogh Kristensen
9b7c59f4b4 implement printAst for Python 2020-10-12 21:17:46 +02:00
CodeQL CI
e2b0c60627 Merge pull request #4449 from max-schaefer/js/api-graphs-type-handling-improvements 
Approved by erik-krogh
 2020-10-12 11:41:21 -07:00
Robert Marsh
3b7cf7fd27 Merge pull request #4439 from geoffw0/mapex 
C++: Additional taint flows through std::map
 2020-10-12 14:17:17 -04:00
Max Schaefer
9ac70e3044 JavaScript: Clarify the relationship between MkCanonicalName{Def,Use} with an upper-case M and mkCanonicalName{Def,Use} with a lower-case m. 2020-10-12 16:29:11 +01:00
Jonathan Leitschuh
48f4b6c058 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-10-12 11:16:21 -04:00
Jonathan Leitschuh
895f4d0ea6 JHipster Vuln: Add GOOD/BAD & release note links 2020-10-12 11:00:05 -04:00
Joe Farebrother
aa8bacb724 Java: Update test output 2020-10-12 15:50:47 +01:00
Joe Farebrother
3416911ac6 Java: Refector out StringBuilder and Number taint preserving callables 2020-10-12 15:50:47 +01:00
Joe Farebrother
eafde05a55 Java: Expand flow step refactoring to Callables 
Also add some missing flow steps for StringBuilder
 2020-10-12 15:50:47 +01:00
Joe Farebrother
7e2c49fadd Java: Fix a couple of flow step issues 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-10-12 15:50:47 +01:00
Joe Farebrother
4a8b7f64e8 Java: Rename returnsTaint to returnsTaintFrom 2020-10-12 15:50:47 +01:00
Joe Farebrother
ca9038350c Java: Add this. and fix mistake 2020-10-12 15:50:46 +01:00
Joe Farebrother
5d487b97da Java: Merge TaintPreservingMethod with TaintTransferringMethod 2020-10-12 15:50:46 +01:00
Joe Farebrother
a510f58865 Java: Implement code review changes 2020-10-12 15:50:46 +01:00
Joe Farebrother
91ce02aad4 Java: Fix bug involving varadic parameters 2020-10-12 15:50:46 +01:00
Joe Farebrother
79209af9c0 Java: Refactor out flow steps for more frameworks. 2020-10-12 15:50:41 +01:00
Joe Farebrother
92fd8c4128 Java: Move new definitions to new file 2020-10-12 15:48:43 +01:00
Joe Farebrother
60a7666105 Java: Refactor Android SQLite flow steps 2020-10-12 15:48:43 +01:00
Joe Farebrother
ca60f2cc18 Java: Fix failing tests 2020-10-12 15:48:43 +01:00
Joe Farebrother
ff6c5c219c Java: Start TaintTrackingUtils refactor 2020-10-12 15:48:43 +01:00
Joe Farebrother
551d86c6ea Java: Define classes for taint propagation methods 2020-10-12 15:48:43 +01:00
Arthur Baars
fc4a3426ac Merge pull request #4457 from daniel-beck/file-taint 
Java: Track taint through java.io.File constructor and #toURI; URI#toURL
 2020-10-12 16:42:11 +02:00
Taus Brock-Nannestad
3288cf1a75 Python: Hopefully final changes to documentation. 2020-10-12 16:38:21 +02:00
Max Schaefer
cd33d358aa JavaScript: Add a test showing a false positive from UnsafeShellCommandConstruction due to infeasible paths. 
The path from the API entry point to the sink contains a "return" step. A client of the library cannot match that step, resulting in an infeasible path.
 2020-10-12 14:50:47 +01:00
Jonas Jensen
24da4cc344 Merge pull request #4421 from jbj/SimpleRangeAnalysis-guard-overflow 
C++: Demonstrate overflowing guard bounds
 2020-10-12 15:38:13 +02:00
yoff
433a36225b Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-12 15:26:53 +02:00
Jonas Jensen
0459248b9f Merge remote-tracking branch 'upstream/main' into SimpleRangeAnalysis-guard-overflow 2020-10-12 14:32:29 +02:00
CodeQL CI
8eb84b2599 Merge pull request #4391 from max-schaefer/js/api-graph-reexport 
Approved by asgerf
 2020-10-12 05:26:53 -07:00
CodeQL CI
6d1634ef8f Merge pull request #4329 from erik-krogh/DVSA 
Approved by esbena
 2020-10-12 05:23:29 -07:00
Taus Brock-Nannestad
b07c7abacc Python: Clear up attribute name access QLDoc 2020-10-12 13:49:08 +02:00
Tom Hvitved
35985a9189 Merge pull request #4452 from hvitved/csharp/ssa/overlapping-captured-defs 
C#: Avoid overlapping SSA definitions for `ref`/`out` captured variables
 2020-10-12 13:01:39 +02:00
Geoffrey White
6440db786d Merge pull request #4420 from jbj/SimpleRangeAnalysis-widen-Expr 
C++: SimpleRangeAnalysis: widen recursive *, +, -
 2020-10-12 11:20:09 +01:00
Geoffrey White
58727cb8ad C++: Update change note. 2020-10-12 11:01:09 +01:00
Geoffrey White
4363f08b45 C++: Model std::set::emplace and emplace_hint. 2020-10-12 11:01:09 +01:00
Jonas Jensen
30b9d13a45 C++: Correct annotation in test 2020-10-12 11:25:38 +02:00
Geoffrey White
5d87117dc7 C++: Model std::set::lower_bound, upper_bound, equal_range. 2020-10-12 10:10:40 +01:00
Jonas Jensen
9b12ceae8d C++: SimpleRangeAnalysis: widen recursive *, +, - 
The number of candidate bounds during the main `SimpleRangeAnalysis`
recursion was in principle always exponential in the size of the
program, but in practice it did not get out of hand when only `+` and
`-` operations were supported. Now that `*` is also supported, the range
analysis started timing out on the SinaMostafanejad/OpenRDM project. The
problematic expressions in that project are of the form

    a*x*x*x + b*x*x + c*x + d

where most of the variables involved are recursive definitions and are
therefore likely to have a large number of candidate bounds.

The fix here is to identify those few binary operations that are most
likely to cause an explosion in the number of bounds and apply widening
to them. Previously, widening was only applied at definitions.
 2020-10-12 11:09:01 +02:00
Jonas Jensen
bbeea452e1 C++: Add test with widening of binary Expr 2020-10-12 11:08:41 +02:00
Geoffrey White
fc19bba0bd C++: Model std::set::merge and correct test annotations. 2020-10-12 10:01:57 +01:00
Tom Hvitved
9d1f64d35d C#: Avoid overlapping SSA definitions for ref/out captured variables 2020-10-12 10:52:40 +02:00
Anders Schack-Mulligen
725194a3b8 Merge pull request #4447 from aschackmull/dataflow/postupdate-flow-consistency 
Dataflow: Introduce consistency check for flow targeting PostUpdateNodes
 2020-10-12 08:56:19 +02:00
Daniel Beck
0c70be145f Track taint through java.io.File constructor and #toURI; URI#toURL 2020-10-10 20:54:55 +02:00
Geoffrey White
c63f7cb409 C++: Taint through emplace from qualifier to return value. 2020-10-09 17:41:24 +01:00
Geoffrey White
270517d379 C++: Revise model of emplace and emplace_hint. Note that 2 of the 3 taint regressions we shouldn't be getting because we don't yet do taint through keys. 2020-10-09 17:27:18 +01:00
Geoffrey White
49c121d370 C++: More test cases covering other std::pair constructors. 2020-10-09 17:22:29 +01:00