hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-27 21:33:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,685 Branches 159 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pavel Avgustinov
eb77b86b03 YAML extraction: Improve toString computation 2019-08-13 12:59:52 +01:00
Geoffrey White
e4bbfb9a79 CPP: Corrections. 2019-08-13 11:25:39 +01:00
Tom Hvitved
36043d04bd Merge pull request #1729 from xiemaisi/data-flow-nodes-location 
Java/C++/C#: Provide path-node locations via `hasLocationInfo`, not `getLocation`.
 2019-08-13 12:22:59 +02:00
Geoffrey White
95749bdff8 CPP: Examples Stmt.qll. 2019-08-13 10:56:59 +01:00
semmle-qlci
e24137324f Merge pull request #1711 from aschackmull/java/arithmetic-barriers 
Approved by yh-semmle
 2019-08-13 10:19:09 +01:00
Jonas Jensen
38ec693ead C++: Improved ConstructorCall field flow 
This commit changes C++ `ConstructorCall` to behave like
`new`-expressions in Java: they are both `ExprNode`s and
`PostUpdateNodes`, and there's a "pre-update node" (here called
`PreConstructorCallNode`) to play the role of the qualifier argument
when calling a constructor.
 2019-08-13 11:05:13 +02:00
Taus
34106ec739 Merge pull request #1730 from markshannon/python-prepare-for-unrolling 
Python prepare for implementing loop unrolling in extractor.
 2019-08-13 10:54:24 +02:00
Taus
ee06c4021f Merge pull request #1727 from markshannon/python-no-rhs-tuple-points-to 
Python points-to: Do not track tuples on lhs of assignment or in deletions.
 2019-08-13 10:53:40 +02:00
Taus
e956b057e4 Merge pull request #1690 from markshannon/python-modernize-snippets 
Python examples: Modernize example snippets.
 2019-08-13 10:52:40 +02:00
Tom Hvitved
e4bd1980ab C#: Search from delegate creation in delegateCallSource() 2019-08-13 10:22:29 +02:00
Jonas Jensen
18c3bfe596 Merge pull request #1731 from geoffw0/qldoceg5 
CPP: Add syntax examples to QLDoc in Initializer.qll, Parameter.qll
 2019-08-13 08:52:05 +02:00
Ziemowit Laski
50813541f4 Squelch Jenkins error (hopefully). 
More progress.  Attempts to create bold monospace have failed.
 2019-08-12 14:19:36 -07:00
semmle-qlci
e27b373062 Merge pull request #1548 from hvitved/csharp/cfg/simplify-goto-completions 
Approved by calumgrant
 2019-08-12 19:20:48 +01:00
Ziemowit Laski
e98ff57e6f Progress. 2019-08-12 08:53:36 -07:00
Jonas Jensen
1f1824cb9b C++: Exclude BlockVar computation for "large" vars 2019-08-12 16:53:48 +02:00
Taus
5f55cb046d Merge pull request #1691 from markshannon/python-fewer-missing-edges 
Python: Make a few more expressions point-to the 'unknown' value.
 2019-08-12 16:15:09 +02:00
Geoffrey White
beada95014 CPP: Examples Block.qll. 2019-08-12 15:08:37 +01:00
Dave Bartolomeo
5d6ac2bb74 Merge pull request #1583 from jbj/ir-sanity-qlcfg 
C++: Share tests between IR and QL-CFG
 2019-08-12 07:04:40 -07:00
Max Schaefer
485d4269a0 C#: Fix use of PathNode.getLocation(). 2019-08-12 15:04:37 +01:00
Jonas Jensen
3f531380d1 C++: Reduce number of SubBasicBlocks in FlowVar 
by cutting basic blocks at the same place for the `x.a` partial
definition in `x.a = ...` as they were already cut for assignment to
`a`.
 2019-08-12 15:58:35 +02:00
Dave Bartolomeo
19d2f3a54e Merge pull request #1550 from jbj/array-aggregate-perf 
C++ IR: Fix performance of large value-initialized arrays
 2019-08-12 06:53:16 -07:00
Mark Shannon
8dd3963546 Python tests: Temporarily remove some analysis tests prior to implementing loop-unrolling in extractor. 2019-08-12 14:12:02 +01:00
Mark Shannon
d96a009975 Python tests: Temporarily comment out loops prior to implementing loop-unrolling in extractor. 2019-08-12 14:10:44 +01:00
Geoffrey White
2d2890e401 CPP: Add examples Parameter.qll. 2019-08-12 13:29:07 +01:00
Geoffrey White
ceec0278e5 CPP: Add examples Initializer.qll. 2019-08-12 13:16:34 +01:00
Max Schaefer
eb8087f4ea Java/C++/C#: Provide path-node locations via hasLocationInfo, not getLocation. 2019-08-12 12:52:30 +01:00
Mark Shannon
5e0b263aef Python docs: Fix up grammar and links for type inference page. 2019-08-12 12:42:58 +01:00
Mark Shannon
06dd8e97f0 Python docs: Modernize the learn-ql pages to use the Value API. 2019-08-12 12:42:58 +01:00
Jonas Jensen
0652d2a92b Merge pull request #1705 from geoffw0/qldoceg2 
CPP: Add syntax examples to QLDoc in Enum.qll.
 2019-08-12 13:39:05 +02:00
semmle-qlci
0bf9529bc9 Merge pull request #1726 from xiemaisi/js/help-fixes 
Approved by esben-semmle
 2019-08-12 11:41:36 +01:00
Geoffrey White
dc1ec635fb CPP: Undo an accidentally committed change to the test. 2019-08-12 11:17:02 +01:00
Mark Shannon
96ba9a2dfd Python points-to. Do not track tuples on lhs of assignment or in deletions. 2019-08-12 11:04:28 +01:00
semmle-qlci
e890aba4fe Merge pull request #1712 from hvitved/csharp/remove-nomagic 
Approved by calumgrant
 2019-08-12 10:59:10 +01:00
Max Schaefer
020d31c3b6 JavaScript: Fix inconisstency in TaintedPath.qhelp. 2019-08-12 10:29:41 +01:00
Max Schaefer
80cfe070d4 JavaScript: Fix inconsistency in MissingRegExpAnchor.qhelp. 2019-08-12 10:29:21 +01:00
Anders Schack-Mulligen
de13d0cced Java: Adjust change note. 2019-08-12 10:39:59 +02:00
Tom Hvitved
98ab2b26dc C#: Fix bad join-order in guardImpliesNotEqual() 2019-08-12 09:50:17 +02:00
Jonas Jensen
5724fb0df0 Merge pull request #1706 from geoffw0/qldoceg3 
CPP: Add syntax examples to QLDoc in Struct.qll, Union.qll.
 2019-08-12 07:57:40 +02:00
Ziemowit Laski
6eda7f354a Remove builtin functions and macros; minor fixes and tweaks. 2019-08-09 13:06:14 -07:00
Geoffrey White
208f533245 CPP: Brace placement. 2019-08-09 17:48:57 +01:00
Geoffrey White
11d17b891e CPP: Brace placement. 2019-08-09 17:44:55 +01:00
Geoffrey White
e149b6a332 CPP: Brace placement. 2019-08-09 17:42:02 +01:00
semmle-qlci
a6cae2bf3e Merge pull request #1723 from xiemaisi/js/overlapping-barriers 
Approved by asger-semmle
 2019-08-09 16:19:32 +01:00
Jonas Jensen
0507d51f0c C++: Prune getAReachedBlockVarSBB using live vars 
On a Postgres snapshot, where the `getAReachedBlockVarSBB` predicate
performs badly because of a Yacc-generated 20,000-line parser loop, that
predicate is reduced from 4m22s to 1m32s plus 5.2s for the live
variables analysis.

This change removes 17,142 rows from `BlockVar.getAnAccess` on Postgres.
I sampled some of them, and they were all of the following form:

    while (...) {
      T x;
      f1(&x); // access
      f2(&x); // definition
    }

Such accesses are ruled out now because we deliberately lose track of
variables when they go out of scope.
 2019-08-09 16:06:28 +02:00
Anders Schack-Mulligen
41763e6025 Java: Treat SecureJDKXercesXMLReader as a secure XMLReader. 2019-08-09 16:00:41 +02:00
Jonas Jensen
b348803a66 Merge pull request #1594 from geoffw0/erafix7 
CPP: Add test coverage for LeapYearFieldAccess.isModifiedByArithmeticOperation.
 2019-08-09 15:57:35 +02:00
Felicity Chapman
ab07128833 Merge pull request #1722 from jf205/rename-docs-folder 
docs: add CODEOWNERS entries and rename `ql-documentation` > `language`
 2019-08-09 14:56:14 +01:00
Max Schaefer
d2f4575978 JavaScript: Expand qldoc for {Barrier,Sanitizer}GuardNode. 2019-08-09 14:19:53 +01:00
Jonas Jensen
8aa24fe5c9 C++: Improve QLDoc on assignmentLikeOperation 2019-08-09 15:06:19 +02:00
semmle-qlci
3b0ddf54bc Merge pull request #1719 from Semmle/xiemaisi-patch-2 
Approved by jf205
 2019-08-09 12:46:57 +01:00