hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-15 07:24:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,681 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
f70453c544 autoformat 2020-06-05 10:10:57 +02:00
Erik Krogh Kristensen
05d7be8e23 autoformat 2020-06-05 09:59:45 +02:00
Erik Krogh Kristensen
96ca4cf7eb add missing quote 2020-06-04 19:45:24 +00:00
Erik Krogh Kristensen
815671f5d0 add sanitizer guard for typeof undefined 2020-06-04 21:32:26 +02:00
Henning Makholm
269fa3a140 comments from alexet 
Put 'the query directory of the current file` back in the description.
 2020-06-04 20:41:54 +02:00
Jonas Jensen
ad2d1d531b Merge pull request #3616 from dbartol/dbartol/sync-missing 
Allow missing files in `sync-files --latest`
 2020-06-04 16:52:44 +02:00
Rasmus Wriedt Larsen
1ff369f62d Python: Update test results for fabric.api.execute 2020-06-04 16:30:03 +02:00
Erik Krogh Kristensen
58f4f7129e change-note 2020-06-04 16:25:26 +02:00
Erik Krogh Kristensen
5ce2987cb2 adjust comments to reflect that tainted-path have no array-steps 2020-06-04 16:15:37 +02:00
Erik Krogh Kristensen
ed4e1bbbdf don't have a MembershipTestBarrierGuard in Configuration.qll 2020-06-04 16:13:49 +02:00
Erik Krogh Kristensen
b7a3c4a3d6 autoformat 2020-06-04 16:07:28 +02:00
semmle-qlci
22a651cb5c Merge pull request #3621 from max-schaefer/js/qltest-experimental 
Approved by asgerf, erik-krogh
 2020-06-04 14:19:17 +01:00
Dave Bartolomeo
0666a2e587 Remove usage of f-string 2020-06-04 08:48:14 -04:00
Esben Sparre Andreasen
f618d430e7 JS: simplify HTTP::ContainerCollection, and improve expressivity(!) 2020-06-04 14:34:52 +02:00
Esben Sparre Andreasen
44ebf84f4c JS: more express tests 2020-06-04 14:33:03 +02:00
Dave Bartolomeo
e2afad91dd Merge pull request #3620 from MathiasVP/fix-missing-case-in-getkind 
C++: Fix missing case in ValueNumber::getKind
 2020-06-04 07:27:30 -04:00
Max Schaefer
9549b01e3c JavaScript: Turn on experimental language features for two tests. 
All other tests already pass with experimental features turned on, so once this is merged we can do so by default.
 2020-06-04 11:27:31 +01:00
Mathias Vorreiter Pedersen
7328429ef1 C++: Sync identical files 2020-06-04 11:31:32 +02:00
Mathias Vorreiter Pedersen
36cfe3624b C++: Add TConstantValueNumber case to ValueNumber::getKind 2020-06-04 11:31:02 +02:00
Erik Krogh Kristensen
e47770281a update change-note 
Co-authored-by: Asger F <asgerf@github.com>
 2020-06-04 11:14:25 +02:00
semmle-qlci
c806e229aa Merge pull request #3618 from aschackmull/java/typeflow-test 
Approved by aibaars
 2020-06-04 10:09:44 +01:00
Mathias Vorreiter Pedersen
4b16067af2 C++: Fix testcases after merge from master 2020-06-04 11:02:03 +02:00
Erik Krogh Kristensen
60320a9d78 update TaintedPath to use new consistency checking 2020-06-04 11:00:40 +02:00
Erik Krogh Kristensen
68ca8e23c0 introduce consistency-checking utility predicates 2020-06-04 11:00:01 +02:00
Erik Krogh Kristensen
c7c46ea3d6 update test comments to be consistent 2020-06-04 10:55:09 +02:00
Mathias Vorreiter Pedersen
2cf9bcef86 Merge branch 'master' into flat-structs 2020-06-04 10:52:25 +02:00
Erik Krogh Kristensen
550c578c3c use MemberShipTest in TaintedPath 2020-06-04 10:51:08 +02:00
Erik Krogh Kristensen
d513e6c5b5 update comments in TaintedPath tests 2020-06-04 10:40:14 +02:00
Anders Schack-Mulligen
64225c31a6 Java: Add test case. 2020-06-04 10:31:08 +02:00
semmle-qlci
70131e6ac8 Merge pull request #3598 from asger-semmle/js/regexp-test 
Approved by esbena
 2020-06-04 09:05:21 +01:00
Mathias Vorreiter Pedersen
b48fe6ac32 Merge pull request #3123 from jbj/dataflow-indirect-args 
C++: Wire up param/arg indirections in data flow
 2020-06-04 09:38:57 +02:00
Dave Bartolomeo
cb2370cc7d C++/C#: Fix formatting 2020-06-04 02:36:51 -04:00
Jonas Jensen
df96f8e4e8 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 2020-06-04 08:20:00 +02:00
Dave Bartolomeo
a409b9d451 Merge remote-tracking branch 'github/master' into github/codeql-c-analysis-team/69_union 2020-06-03 16:10:22 -04:00
Dave Bartolomeo
15f41c0107 C++/C#: Remove dead QL code 2020-06-03 15:42:30 -04:00
yo-h
5cdc29e49a Merge pull request #3607 from aschackmull/java/array-instanceof-typeflow 
Java: Add instanceof type bounds for ArrayAccess.
 2020-06-03 15:29:37 -04:00
Dave Bartolomeo
a18eba2c4c Allow missing files in sync-files --latest 
When running `sync-files` (or `sync-identical-files`) with the `--latest` switch, if one or more of the files in a group does not exist, the script will crash. This happens all the time when I add a new group, or add a new file path in an existing group. This has bothered me for a long time, so I finally fixed it when I ran into it again today.

I've changed the script as follows:
- If _none_ of the paths in the group exist, print an error message listing the paths in the group. This happens with or without `--latest`.
- If `--latest` is specified, copy the master file to the paths of the missing files.
 2020-06-03 14:53:31 -04:00
Tom Hvitved
9e7ca25732 C#: Add call-sensitivity to data-flow call resolution 2020-06-03 20:43:49 +02:00
Dave Bartolomeo
bbadf4b4bb C#: Port TInstruction-sharing support from C++ 
This updates C#'s IR to share `TInstruction` across stages the same way C++ does. The only interesting part is that, since we have not yet ported full alias analysis to C#, I stubbed out the required parts of the aliased SSA interface in `AliasedSSAStub.qll`.
 2020-06-03 13:52:19 -04:00
Dave Bartolomeo
e65a5c921e C++: Add missing QLDoc 2020-06-03 13:49:14 -04:00
Alexander Eyers-Taylor
5dd1b1d1a9 QL Specification: Fix mistake in dispatch computation 2020-06-03 18:38:00 +01:00
Dave Bartolomeo
f93c2e4e64 C++: Remove resultType from the IPA constructors for TInstruction 
Making these part of the IPA object identity changes the failure mode for cases where we assign multiple result types to an instruction. Previously, we would just have one instruction with two result types, but now we'd have two instructions, which breaks things worse. This change goes back to how things were before, to avoid any new surprises on real-world code with invalid ASTs or IR.
 2020-06-03 10:11:27 -04:00
Jonas Jensen
e292eee3d1 C++: Autoformat fixup 2020-06-03 15:48:50 +02:00
Erik Krogh Kristensen
a90c8769ee update expected output 2020-06-03 15:24:04 +02:00
Erik Krogh Kristensen
7c26efbc12 case insensitive authorization header 2020-06-03 15:23:51 +02:00
Erik Krogh Kristensen
b508ad41c8 don't have a separate fetch module 2020-06-03 15:20:06 +02:00
Erik Krogh Kristensen
46cd0143d8 Update javascript/ql/src/semmle/javascript/frameworks/ClientRequests.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2020-06-03 15:18:10 +02:00
Mathias Vorreiter Pedersen
d295e2139a C++: Accept tests after merge from master 2020-06-03 15:13:44 +02:00
Mathias Vorreiter Pedersen
43a0d4c97d Merge branch 'master' into flat-structs 2020-06-03 15:11:14 +02:00
Esben Sparre Andreasen
8316121a44 JS: formatting 2020-06-03 15:02:36 +02:00