hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-26 21:02:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,687 Branches 159 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
f3aea0706a JS: Use type info in Express Request/Response 2019-09-04 11:43:21 +01:00
Geoffrey White
707f95c829 CPP: Alignment. 2019-09-04 09:59:21 +01:00
Geoffrey White
13e2109a38 CPP: Remove an unnecessary include. 2019-09-04 09:42:07 +01:00
Jonas Jensen
8579d7d1cf C++: Tests for aliasing of nested structs 
This test shows that local pointers into structs do propagate data flow
like pass-by-reference does in calls.
 2019-09-04 10:26:49 +02:00
Jonas Jensen
3ba650911c Merge pull request #1847 from geoffw0/erafix8 
CPP: Deal with two very similar Japanese era queries
 2019-09-04 09:57:10 +02:00
Jonas Jensen
0e54709d47 Merge pull request #1859 from geoffw0/qldocpartialdef 
CPP: Document PartialDefinitions
 2019-09-04 09:54:55 +02:00
Jonas Jensen
067c55adb9 C++: Fix ConditionDeclExpr data flow 
Data flow probably never worked when a variable declared in a
`ConditionDeclExpr` was modeled with `BlockVar`. That combination did
not come up in testing before the last commit.
 2019-09-04 09:33:00 +02:00
Geoffrey White
84112d3630 CPP: Change note. 2019-09-03 18:30:24 +01:00
Geoffrey White
3a3bef3a03 CPP: Add the new Japanese era. 2019-09-03 18:28:24 +01:00
Geoffrey White
bac39e6288 CPP: Add test cases. 2019-09-03 17:46:30 +01:00
Taus Brock-Nannestad
1b432076c4 Python: Prevent divergence in type-hint analysis. (ODASA-8075) 2019-09-03 13:38:46 +02:00
james
acb3e742e6 docs: toctree path 2019-09-03 12:34:58 +01:00
Nick Rolfe
641232a9d7 Merge pull request #1855 from mgrettondann/cpp-343-lambda-names-simplification 
C++: Update tests for lambda description changes
 2019-09-03 11:45:50 +01:00
james
8c88cbba3a docs: address review comments 2019-09-03 11:16:45 +01:00
semmle-qlci
6778f28424 Merge pull request #1854 from asger-semmle/prototype-pollution-precision 
Approved by esben-semmle, xiemaisi
 2019-09-03 10:50:24 +01:00
Jonas Jensen
d7681bf122 C++: Don't use definitionByReference for data flow 
The data flow library conflates pointers and objects enough for the
`definitionByReference` predicate to be too strict in some cases. It was
too permissive in other cases that are now (or will be) handled better
by field flow.

See also the change note entry.
 2019-09-03 11:49:01 +02:00
semmle-qlci
e4d59c361a Merge pull request #1856 from asger-semmle/ts-base-types 
Approved by xiemaisi
 2019-09-03 10:12:30 +01:00
Geoffrey White
84da3e3431 CPP: Effect of 'Support nested field flow'. 2019-09-03 09:27:50 +01:00
Geoffrey White
8105d153b1 CPP: Add a test of PartialDefinitions. 2019-09-03 09:27:50 +01:00
Geoffrey White
0f295c65f9 CPP: Add QLDoc to the PartialDefinitions class. 2019-09-03 09:27:50 +01:00
Geoffrey White
d092905c66 Merge pull request #1772 from jbj/ast-field-flow-nested 
C++: Support nested field flow
 2019-09-03 09:12:47 +01:00
Tom Hvitved
4b32ee77e6 C#: Add change note 2019-09-03 09:35:58 +02:00
Jonas Jensen
d3a6ae5657 C++: Support nested field flow 
This is the C/C++ side of PR #1766.
 2019-09-03 08:50:15 +02:00
Asger F
7790d4b667 JS: Make getALocalValue overriders include super 2019-09-02 16:45:06 +01:00
Asger F
2006826101 JS: Avoid breaking local object analysis 2019-09-02 16:45:06 +01:00
Asger F
9f2f10fa15 JS: Make type inference flow go through ssa definition node 2019-09-02 16:45:06 +01:00
semmle-qlci
c8ffbf3b87 Merge pull request #1852 from xiemaisi/js/async-generator-methods 
Approved by esben-semmle
 2019-09-02 16:18:04 +01:00
Matthew Gretton-Dann
03eb1ff785 C++: Update taint-tests for changed lambda support 2019-09-02 15:18:27 +01:00
Jonas Jensen
9c9b7ac651 C#/C++/Java: Revert AccessPathNil.toString changes 
This caused too many `*.expected` files to change, also in our internal
repo.
 2019-09-02 15:59:36 +02:00
Asger F
8737dbb73d JS: Add test 2019-09-02 14:31:40 +01:00
Asger F
54d47f60da JS: Include base types in TypeName 2019-09-02 14:18:48 +01:00
Jonas Jensen
a98992f0f9 C#/C++/Java: distinguish toString of nil from cons 2019-09-02 14:22:03 +02:00
Jonas Jensen
cdede8744f C#/C++/Java: Prettier PartialAccessPath.toString 2019-09-02 14:05:50 +02:00
Asger F
e9159acecb TS: Fix skewed arrays due to recursive call 2019-09-02 13:03:25 +01:00
Jonas Jensen
c3bc9f8575 C#/C++/Java: Unbreak partial data flow support 
Partial data flow had a semantic merge conflict with this branch. The
problem is that partial data flow doesn't (and shouldn't) cause the
initial pruning steps to run, but the length-2 access paths depend on
the `consCand` information that comes from that initial pruning. The
solution is to restore the old `AccessPath` class, now called
`PartialAccessPath` for use only by partial data flow.

With this change, partial data flow will in some cases allow more field
flow than non-partial data flow.
 2019-09-02 14:02:39 +02:00
Geoffrey White
c4d74c3922 CPP: Replace query paths with @name and @id. 2019-09-02 12:36:36 +01:00
Jonas Jensen
dec0c3a0ee C#/C++/Java: Make AccessPath abstract 
This was requested by @hvitved in code review. There is no difference in
the generated DIL.
 2019-09-02 13:14:30 +02:00
Jonas Jensen
b1be123e31 C#/C++/Java: Prettier AccessPath.toString 
The `ppReprType` predicate should now be `none()` instead of `result=""`
to signal that there is nothing to print. That seems clearer to me.
 2019-09-02 13:14:20 +02:00
Jonas Jensen
dbe8034e04 C#: Accept test results 2019-09-02 13:14:17 +02:00
Jonas Jensen
6c96a8d339 Java: Accept test changes 
Note: the results in `partial` have regressed and will need to be fixed
in a follow-up commit.
 2019-09-02 13:14:17 +02:00
Jonas Jensen
9f0f2f7c04 C++: Accept test changes 2019-09-02 13:14:17 +02:00
Jonas Jensen
b2c94cc6b4 C++/C#/Java: Restore the AccessPathCons class 2019-09-02 13:14:13 +02:00
Jonas Jensen
fbe34015f3 C++/C#/Java: AccessPath class names reflect length 
One -> ConsNil
Two -> ConsCons
 2019-09-02 13:13:59 +02:00
Jonas Jensen
e8006bb2cc C++/C#/Java: data flow AccessPath up to length 2 
This commit does not include updates to test results.
 2019-09-02 13:13:46 +02:00
Geoffrey White
aa009d07fd Merge pull request #1787 from jbj/ast-field-flow-local-fields 
C++: Local field flow using global library
 2019-09-02 11:17:37 +01:00
Asger F
c71a66a045 JS: Add change note 2019-09-02 11:05:07 +01:00
Asger F
a41a23fdba JS: Raise precision of prototype-pollution query 2019-09-02 11:00:24 +01:00
Jonas Jensen
e9a029cba3 C++: Local field flow using global library 
This commit removes fields from the responsibilities of `FlowVar.qll`.
The treatment of fields in that file was slow and imprecise.

It then adds another copy of the shared global data flow library, used
only to find local field flow, and it exposes that local field flow
through `localFlow` and `localFlowStep`.

This has a performance cost. It adds two cached stages to any query that
uses `localFlow`: the stage from `DataFlowImplCommon`, which is shared
with all queries that use global data flow, and a new stage just for
`localFlowStep`.
 2019-09-02 11:17:27 +02:00
Jonas Jensen
4f57f37b31 C++: Test to show false flow through object copy 2019-09-02 11:16:48 +02:00
Max Schaefer
91e46cd6fd JavaScript: Fix parsing of asynchronous generator methods. 2019-09-02 09:56:42 +01:00