hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-27 13:23:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,688 Branches 159 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mark Shannon
2ab3bf46cf Python ESSA: Move definition sub-classes from points-to folder to essa folder. 2019-08-20 11:41:53 +01:00
Mark Shannon
e34ccae1fc Python ESSA: Move all Essa code to semmle.python.essa folder. 2019-08-20 11:41:46 +01:00
Asger F
f18f54fd0d TS: Allow changing the port 2019-08-20 10:41:25 +01:00
semmle-qlci
7698240484 Merge pull request #1769 from asger-semmle/ts-rest-pattern-default 
Approved by esben-semmle
 2019-08-20 10:02:43 +01:00
Asger F
6f217502f9 TS: Review 2019-08-20 09:57:32 +01:00
Max Schaefer
d105de81a3 JavaScript: Raise precision of UndocumentedParameter to high. 
This is more consistent with the other JSDoc queries. Results are still not shown on LGTM by default, but the query can now be enabled selectively for projects that care about JSDoc.
 2019-08-20 09:32:00 +01:00
Tom Hvitved
a0c834c83d Java/C++/C#: Improve data flow join orders for field flow 2019-08-20 10:14:08 +02:00
Jonas Jensen
432b0a4698 Merge pull request #1766 from aschackmull/java/nested-storestep 
Java/C++/C#: Add field flow support for stores in nested fields.
 2019-08-20 10:06:19 +02:00
Ziemowit Laski
d9b0b64af1 [CPP-387] Begin pretty-printing code examples. 2019-08-19 20:52:40 -07:00
Asger F
75e85e4402 TS: Fix handling of erroneous rest pattern with default 2019-08-19 17:34:45 +01:00
Taus
b33e9f229b Merge pull request #1767 from markshannon/temporary-test-removal 
Python tests: TEMPORARILY remove 5 tests to allow modification of extractor CFG pass
 2019-08-19 18:06:19 +02:00
Tom Hvitved
1e46509a2a C#: Use TaintTracking2 in cs/inappropriate-encoding 2019-08-19 17:18:49 +02:00
Tom Hvitved
2a2e07d2fc C#: Avoid recomputation in last data flow stage 
Avoid recomputing the `ControlFlowReachabilityConfiguration` predicates, as well
as `DispatchCall::getStaticTarget()`.
 2019-08-19 17:17:47 +02:00
Mark Shannon
edb50c129d Python tests: TEMPORARILY remove 5 tests to allow modification of extractor CFG pass. 2019-08-19 16:00:28 +01:00
Geoffrey White
f045035f5d CPP: Examples Include.qll. 2019-08-19 15:58:44 +01:00
Geoffrey White
abd4d39710 CPP: Examples NameQualifiers.qll. 2019-08-19 15:06:39 +01:00
Geoffrey White
3eec627321 CPP: Add a test of NameQualifiableElement and NameQualifyingElement. 2019-08-19 15:05:50 +01:00
Asger F
ca79b083cf TS: Add debugging flag and document how to run the debugger 2019-08-19 15:04:02 +01:00
Anders Schack-Mulligen
6ff4fe38ec Java/C++/C#: Add field flow support for stores in nested fields. 2019-08-19 14:41:06 +02:00
Geoffrey White
a889a79816 CPP: Examples Field.qll. 2019-08-19 11:48:58 +01:00
Geoffrey White
f6ccaa5caf CPP: Examples FriendDecl.qll. 2019-08-19 11:31:33 +01:00
Geoffrey White
b69df9113a CPP: Examples Comments.qll. 2019-08-19 11:29:24 +01:00
Asger F
ad67015720 JS: Address comments 2019-08-19 10:57:26 +01:00
Geoffrey White
bc3e4e4143 CPP: Examples Lambda.qll. 2019-08-19 09:59:26 +01:00
Geoffrey White
d29eefd235 CPP: Examples Macro.qll. 2019-08-19 09:59:26 +01:00
Geoffrey White
4ea999872b Merge pull request #1746 from jbj/ast-field-flow-ctor 
C++: Field flow through ConstructorFieldInit
 2019-08-19 09:14:02 +01:00
Anders Schack-Mulligen
4dc460bba9 Merge pull request #1764 from yh-semmle/java-vcs-remove 
Java: remove unused VCS relations, library and queries
 2019-08-19 10:04:01 +02:00
zlaski-semmle
ce71b45649 Zlaski/cpp386a (#1753) 
* [CPP-386] Cumulative patch.

* Restore dataflow libraries clobbered by my last commit.
 2019-08-19 10:03:18 +02:00
yh-semmle
7bfed6e517 Java: add change note for VCS.qll removal 2019-08-18 15:37:25 -04:00
yh-semmle
73d8e16cd0 Java: remove obsolete VCS.qll and associated queries 2019-08-18 14:53:46 -04:00
Pavel Avgustinov
127c33700c Add Java stubs readme 2019-08-17 18:57:50 +01:00
Pavel Avgustinov
7934218a48 Add PSF license 2019-08-17 16:31:19 +01:00
Pavel Avgustinov
cb6d38314f Add Babylon license 2019-08-17 16:31:19 +01:00
Pavel Avgustinov
c92eb58300 Add j2objc license 2019-08-17 16:31:18 +01:00
Pavel Avgustinov
b52ea1e21b Add Apache Shiro third-party notice 2019-08-17 16:31:18 +01:00
Pavel Avgustinov
ca951f1669 Add jquery-datatables license to make it clear which option we choose 2019-08-17 16:31:18 +01:00
yh-semmle
8cada4b154 Merge pull request #1758 from aschackmull/java/silly-dataflow-perf-fix 
Java: Improve performance in all dataflow queries.
 2019-08-16 21:21:10 -04:00
Geoffrey White
9b9986be58 Merge pull request #1762 from jbj/ast-field-flow-LambdaExpression 
C++: Support flow through LambdaExpression
 2019-08-16 16:45:59 +01:00
Jonas Jensen
84adeda167 C++: Support flow through LambdaExpression 
I've checked with a temporary workaround for the locations problem that
my annotations in the test cpp files are on the correct lines.
 2019-08-16 16:20:22 +02:00
Tom Hvitved
d1755500e4 C#: Data flow through fields 
Initial implementation of data flow through fields, using the algorithm of the
shared data flow implementation. Fields (and field-like properties) are covered,
and stores can be either
 - ordinary assignments, `Foo = x`,
 - object initializers, `new C() { Foo = x }`, or
 - field initializers, `int Foo = x`.

For field initializers, we need to synthesize calls (`SynthesizedCall`),
callables (`SynthesizedCallable`), parameters (`InstanceParameterNode`), and
arguments (`SynthesizedThisArgumentNode`), as the C# extractor does not (yet)
extract such entities. For example, in

```
class C
{
    int Field1 = 1;
    int Field2 = 2;

    C() { }
}
```

there is a synthesized call from the constructor `C`, with a synthesized `this`
argument, and the targets of that call are two synthesized callables with bodies
`this.Field1 = 1` and `this.Field2 = 2`, respectively.

A consequence of this is that `DataFlowCallable` is no longer an alias for
`DotNet::Callable`, but instead an IPA type.
 2019-08-16 15:49:37 +02:00
Anders Schack-Mulligen
9e4f2f8594 Java: Don't use default dataflow in libs imported by default. 2019-08-16 13:27:53 +02:00
Calum Grant
0df9a625ba Merge pull request #1717 from hvitved/csharp/ssa/adjacent-perf 
C#: Improve performance of SSA adjacent reads calculation
 2019-08-16 12:11:57 +01:00
Tom Hvitved
b7e732fddb C#: Generalize CFG entry/exit nodes to include field/property initializers 2019-08-16 13:06:51 +02:00
Asger F
d05b90473c JS: Add type tracking templates to cheat sheet 2019-08-16 12:06:32 +01:00
Asger F
54661f0e14 JS: Rename the two tutorials 2019-08-16 12:01:28 +01:00
Calum Grant
b28241ac6d Merge pull request #1741 from hvitved/csharp/extract-field-inits 
C#: Extract assignments for field/property initializers
 2019-08-16 11:51:37 +01:00
Asger F
366ebbcbf5 JS: Address review comments 2019-08-16 11:39:55 +01:00
Taus
a6db9efd0c Merge pull request #1756 from markshannon/python-forward-compatible-taint-api 
Python points-to: add .getAstNode() method to TaintedNode
 2019-08-16 12:34:08 +02:00
Geoffrey White
eb39346d85 Merge pull request #1744 from jbj/ast-field-flow-aggregate-init 
C++: Field flow through ClassAggregateLiteral
 2019-08-16 09:56:11 +01:00
Mark Shannon
453ae19881 Python points-to: Add .getAstNode() method to TaintedNode for forward compatibility with upcoming taint-tracking enhancements. 2019-08-16 09:54:11 +01:00