hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 06:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,684 Branches 159 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mark Shannon
55eac7d555 Python points-to: Fix up handling of recursive 'from ... import *'. 2019-04-26 16:21:46 +01:00
Mark Shannon
0b2421eb23 Python points-to. Tidy up a bit. 2019-04-26 16:21:46 +01:00
Mark Shannon
5644072a8d Python points-to: make sure builtin tuples are visible. 2019-04-26 16:21:46 +01:00
Mark Shannon
b47c2dd083 Python remove old MRO module and rename MRO2 to MRO. 2019-04-26 16:21:46 +01:00
Mark Shannon
f543adcd38 Python points-to: Fix up matching arguments to parameters. 2019-04-26 16:21:46 +01:00
Mark Shannon
662aedcb13 Python points-to: Fix up module attributes and classmethods. 2019-04-26 16:21:46 +01:00
Mark Shannon
fc2c46fe4a Python: Fix error in update Module to use new points-to API. 2019-04-26 16:21:46 +01:00
Mark Shannon
782311f805 Python: Update taint-tracking to use new points-to API. 2019-04-26 16:21:46 +01:00
Mark Shannon
3c30480845 Python: Extend API a bit. 2019-04-26 16:21:46 +01:00
Mark Shannon
31a95ceeec Python points-to: Use strongly typed version of CfgOrigin. 2019-04-26 16:21:46 +01:00
Mark Shannon
162bf5143b Python points-to: Assorted improvements to performance and better compatibility. 2019-04-26 16:21:46 +01:00
Mark Shannon
ef0a6b6713 Python points-to: Rationalize handling of expressions and conditions. Tweak API to be a bit more backward-compatible. 2019-04-26 16:21:46 +01:00
Mark Shannon
54c27e1d4b Python points-to: Various minor performance tweaks. 2019-04-26 16:21:46 +01:00
Mark Shannon
23ca403728 Python points-to: Understand callable and hasattr. 2019-04-26 16:21:46 +01:00
Mark Shannon
8af6cb6644 Python points-to: Use objects, not booleans when doing evaluation of tests. 2019-04-26 16:21:46 +01:00
Mark Shannon
610a35c187 Python points-to: Improve backwards compatibility for comparisons. 2019-04-26 16:21:45 +01:00
Mark Shannon
f7edbcc6d9 Python points-to: Clean up interface, and deprecate old interface. 2019-04-26 16:21:45 +01:00
Mark Shannon
d3762ac5a1 Rename 'points_to' to 'pointsTo'. 2019-04-26 16:21:45 +01:00
Mark Shannon
931100c772 Python points-to: Add float objects for better backwards compatibility. 2019-04-26 16:21:45 +01:00
Mark Shannon
e9f58ba3a7 Python: refactor ConstantObjects. 2019-04-26 16:21:45 +01:00
Mark Shannon
0b0a6337f3 Python points-to: Support descriptor protocols, particularly functions. 2019-04-26 16:21:45 +01:00
Mark Shannon
dbf228d005 Python points-to: Better handling of *args, **kwargs and procedures. 2019-04-26 16:21:45 +01:00
Mark Shannon
f5c32421f4 Python points-to: Handle list, dict and float literals as instances. 2019-04-26 16:21:45 +01:00
Mark Shannon
48297e299e Python points-to: Improve handling of 'type' object. 2019-04-26 16:21:45 +01:00
Mark Shannon
85a9016c8c Python points-to: make 'self' instances distinct from other instances. 2019-04-26 16:21:45 +01:00
Mark Shannon
12853ccf30 Python points-to: Add support for tuples. 2019-04-26 16:21:45 +01:00
Mark Shannon
dd83149cc3 Python points-to: Port old API classes to use new points-to. 2019-04-26 16:21:45 +01:00
Mark Shannon
aa30745492 Python points-to: Further types and flow. 2019-04-26 16:21:45 +01:00
Mark Shannon
e3ed8c6abf Python points-to: Simplify handling of booleans and comparisons. 2019-04-26 16:21:45 +01:00
Mark Shannon
84c9866c50 Python points-to: Add generic instances and handle returns for builtin functions. Move attribute lookup handling to objects. 2019-04-26 16:21:45 +01:00
Mark Shannon
ce9d0f1a06 Python points-to: Add support for some more ESSA definitions. 2019-04-26 16:21:45 +01:00
Mark Shannon
ec151e9b02 Python points-to: Convert two pairs of predicates to methods on booleans. 2019-04-26 16:21:45 +01:00
Mark Shannon
39b9723054 Python: Add support for bound-methods. 2019-04-26 16:21:45 +01:00
Mark Shannon
bf692f4aad Python: Add better class support, including inheritance. 2019-04-26 16:21:45 +01:00
Mark Shannon
5a46df2132 Python: Add ADTs for ints and strings. Add some global data-flow. 2019-04-26 16:21:45 +01:00
Mark Shannon
051683fadf Python: Break-up internal object modules. 2019-04-26 16:21:45 +01:00
Mark Shannon
c48d63f2ec Python: First draft of ADT based objects and attendant points-to. 2019-04-26 16:21:45 +01:00
Taus
7d2c17f27c Merge pull request #1271 from markshannon/python-fix-fp-http-prefix 
Python: Fix false positive in 'Incomplete URL substring sanitization' query
 2019-04-26 15:23:04 +02:00
Max Schaefer
e2666a9203 Update javascript/ql/src/semmle/javascript/frameworks/SocketIO.qll 
Co-Authored-By: esben-semmle <42067045+esben-semmle@users.noreply.github.com>
 2019-04-26 11:58:40 +02:00
Esben Sparre Andreasen
27f88c38ac JS: help the optimizer with NPMPackage/File relations 2019-04-26 11:49:07 +02:00
Jonas Jensen
bdb678a318 Merge pull request #1267 from rdmarsh2/rdmarsh/cpp/def-by-ref-taint 
C++: add taint edges to DefinitionByReferenceNode
 2019-04-26 08:50:20 +02:00
Robert Marsh
f5c57b77e6 C++: fix whitespace 2019-04-25 16:16:27 -07:00
Mark Shannon
2db06f9881 Merge pull request #1282 from taus-semmle/python-various-dist-compare-fixes 
Python: Add missing `override` annotations.
 2019-04-25 18:39:01 +01:00
Mark Shannon
28799441af Python: Fix false positive in 'Incomplete URL substring sanitization' query. 2019-04-25 18:11:01 +01:00
Geoffrey White
63b6942d0d CPP: Improve performance of RedundantNullCheckSimple.ql. 2019-04-25 15:56:49 +01:00
Taus Brock-Nannestad
c8cbae37d9 Python: Add missing override annotations. 2019-04-25 16:48:47 +02:00
Felicity Chapman
156c826f86 Update supported versions for C# 2019-04-25 15:36:01 +01:00
Jonas Jensen
48a3385809 C++: Work around extractor issue CPP-383 
This fixes `PointlessComparison.ql` on https://github.com/an-tao/drogon.
The QL is a bit obfuscated because it looks for a pattern that's
impossible according to the dbscheme. There is no accompanying test
because we haven't been able to boil this problem down to a simple test
case. If we could, we'd fix it directly in the extractor instead.
 2019-04-25 15:05:27 +02:00
semmle-qlci
3231b60e6b Merge pull request #1272 from asger-semmle/access-path-capture 
Approved by xiemaisi
 2019-04-25 11:32:54 +01:00
Asger F
47ba7d3004 Merge pull request #1278 from xiemaisi/js/symbolic-constants 
JavaScript: Generalise `ConstantComparison` sanitisers.
 2019-04-25 11:17:22 +01:00