hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-20 01:44:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,683 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
8ea6070120 add indirect command injection sink for a concatenated array 2020-02-07 11:04:34 +01:00
Asger Feldthaus
a2fa6bb41f JS: Add test case for lazy-cache 2020-02-07 09:50:37 +00:00
Jonas Jensen
19286bd82a Merge pull request #2765 from MathiasVP/ir-gvn-ast-wrapper-fixup 
C++: Make AST GVN a wrapper for IR-based GVN
 2020-02-07 08:49:15 +01:00
semmle-qlci
e05dd352ad Merge pull request #2768 from asger-semmle/js/protopol-packages 
Approved by esbena
 2020-02-07 07:21:04 +00:00
yo-h
9c3fed7550 Merge pull request #2734 from aschackmull/java/taint-postupdate 
Java: Improve taint step modeling to use postupdate nodes.
 2020-02-06 21:17:55 -05:00
Robert Marsh
dac4f0fac0 Merge pull request #2763 from jbj/ir-VariableNode 
C++: DefaultTaintTracking perf fix for globals
 2020-02-06 18:54:14 -05:00
Robert Marsh
2d3a742b7f C++: autoformat and accept test changes 2020-02-06 13:41:00 -08:00
Robert Marsh
692207472a Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-02-06 11:42:30 -08:00
Tom Hvitved
b3af3ad12f Data flow: Fix bad join order in getReturnPosition() 
Joining on the enclosing callable before the kind is crucial, as witnessed by this pipeline:

```
[2020-02-06 17:58:21] (1086s) Starting to evaluate predicate DataFlowImplCommon::getReturnPosition#ff/2@83c546
[2020-02-06 18:53:16] (4382s) Tuple counts for DataFlowImplCommon::getReturnPosition#ff:
                      385478      ~1%     {3} r1 = SCAN DataFlowImplCommon::Cached::TReturnPosition0#fff@staged_ext AS I OUTPUT I.<2>, I.<0>, I.<1>
                      385478      ~2%     {3} r2 = JOIN r1 WITH DataFlowImplCommon::Cached::TReturnPosition0#fff_2#join_rhs AS R ON FIRST 1 OUTPUT r1.<2>, r1.<1>, r1.<0>
                      58638116860 ~0%     {3} r3 = JOIN r2 WITH DataFlowImplCommon::ReturnNodeExt::getKind_dispred#ff_10#join_rhs AS R ON FIRST 1 OUTPUT R.<1>, r2.<1>, r2.<2>
                      914049      ~0%     {2} r4 = JOIN r3 WITH DataFlowImplCommon::returnNodeGetEnclosingCallable#ff AS R ON FIRST 2 OUTPUT r3.<0>, r3.<2>
                                          return r4
```
 2020-02-06 19:06:40 +01:00
Mathias Vorreiter Pedersen
538c2b205d C++: Accept output 2020-02-06 18:44:08 +01:00
Asger Feldthaus
91a5385e7f JS: Add libraries to change note 2020-02-06 14:59:52 +00:00
Asger Feldthaus
a628f787e8 JS: Fix qldoc comment 2020-02-06 14:59:52 +00:00
Asger Feldthaus
f84af74d1d JS: Handle more libraries 2020-02-06 14:59:52 +00:00
Asger Feldthaus
c559ab13e7 JS: Add test and handle parameter with source object 2020-02-06 14:59:52 +00:00
Asger Feldthaus
34a9dce33d JS: Detect property enumeration through for-own 2020-02-06 14:59:52 +00:00
Asger Feldthaus
418f841749 JS: Handle imports through lazy-cache 2020-02-06 14:59:52 +00:00
semmle-qlci
180e9d4731 Merge pull request #2779 from asger-semmle/js/protopol-regression-fix 
Approved by esbena
 2020-02-06 14:58:19 +00:00
Mathias Vorreiter Pedersen
2017ca8154 C++/C#: Sync identical files 2020-02-06 15:53:23 +01:00
Mathias Vorreiter Pedersen
f02513e376 C++: Exclude UnknownLocation results from getLocation if there is a location that's known 2020-02-06 15:53:22 +01:00
Mathias Vorreiter Pedersen
23ca363b87 C++: Formatting 2020-02-06 15:53:22 +01:00
Mathias Vorreiter Pedersen
98969e3bf9 C++: Accepted ir_gvn output after toString change 2020-02-06 15:53:22 +01:00
Erik Krogh Kristensen
75f23a189d update docstring 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-02-06 15:53:03 +01:00
Mathias Vorreiter Pedersen
0d181a7101 C++: Add tests and accept output 2020-02-06 15:48:08 +01:00
Erik Krogh Kristensen
2865723059 add test for new barrier 2020-02-06 15:44:33 +01:00
Erik Krogh Kristensen
ade93e66e1 move the if(!x) from DataFLow to TaintTracking 2020-02-06 15:44:22 +01:00
Mathias Vorreiter Pedersen
69e085dda7 C++: Add getDebugString predicate and use it in ValueNumberPropertyProvider 2020-02-06 15:43:57 +01:00
Mathias Vorreiter Pedersen
ef89e3bdb5 C++: Added charpred to ensure that only instructions that have a source representation have a GVN 2020-02-06 15:43:57 +01:00
Mathias Vorreiter Pedersen
63f1d3ded7 C++: Replace rank[1] with min 2020-02-06 15:43:57 +01:00
Mathias Vorreiter Pedersen
2303dac0b7 C++: Implemented getKind to new GVN class and added predicates for obtaining expressions from a GVN 2020-02-06 15:43:57 +01:00
Mathias Vorreiter Pedersen
8041804bac C#: Include TValueNumber in internal files 2020-02-06 15:39:27 +01:00
Robert Marsh
2f91778e7e C++: add IR-based wrapper for value numbering 2020-02-06 15:35:20 +01:00
Robert Marsh
ffaaed0550 C++: separate IR ValueNumber newtype and interface 2020-02-06 15:35:20 +01:00
Asger Feldthaus
75c008eec1 JS: Change note 2020-02-06 14:33:20 +00:00
Asger Feldthaus
7090124a1d JS: Implement type inference through export * as ns 2020-02-06 14:29:35 +00:00
Asger Feldthaus
a252a41459 JS: Rename/deprecate a predicate to loosen its return type 2020-02-06 14:27:23 +00:00
Asger Feldthaus
2b77c7969d JS: Add tests for 'export * as ns' 2020-02-06 14:04:12 +00:00
Asger Feldthaus
f5c805bad1 JS: Move tests into one file 2020-02-06 13:55:29 +00:00
Asger Feldthaus
54c521d41c JS: Fix typo in test query 2020-02-06 13:50:06 +00:00
Rasmus Wriedt Larsen
c0b7dcc019 Python: Remove ignored automatic_locations in qltest options files 2020-02-06 14:28:10 +01:00
Rasmus Wriedt Larsen
397c17c4ff Python: Use --lang=3 in tests 
With internal update to qltest it will not actually do something.

- also remove it from the tests that never needed it.
 2020-02-06 14:20:59 +01:00
Jonas Jensen
4997aa7428 Merge pull request #2772 from MathiasVP/more-gvn-loads 
C++: Better value numbering support for loading fields in IR
 2020-02-06 14:15:27 +01:00
Rasmus Wriedt Larsen
cb891a1a49 Python: Clean up six tests 
We can't understand the real `six.py` file, so we have some internal plumbing
that enables us to handle six anyway. While updating that, I had a hell of a lot
of trouble with these tests.

What we actually want, is to see that we can understand what the values imported
from six are (i.e., their points-to information). I added a few more, that I
think would be useful. If we can figure out all of these, I don't actually care
if we're doing it by understanding the real `six.py` file, or by some internal
trick.

I verified that we don't get results with the real `six.py` file by disabling
our internal tricks, and putting a copy of six.py just next to test.py.

We used to have an other file that would list all the properties we knew and
their value, but that turned out to be a fragile and annoying test, since the
results differed from which version of python you ran it with (3.5 vs 3.8) and
which machine you ran it on (my machien vs jenkins). I don't care about the
results in this file, and I can certainly not eyeball it to see if it's correct
or not.
 2020-02-06 13:50:51 +01:00
Jonas Jensen
2e883ab4b2 Merge pull request #2760 from geoffw0/defaulttainttest3 
C++: Emulate old security library's use of predictable more accurately.
 2020-02-06 13:47:27 +01:00
semmle-qlci
75bdf42850 Merge pull request #2770 from asger-semmle/js/update-extractor-version-string 
Approved by erik-krogh
 2020-02-06 12:41:46 +00:00
Erik Krogh Kristensen
1f7dda7fbc add dataflow barrier for if(xrandr) 2020-02-06 12:55:44 +01:00
Anders Schack-Mulligen
aa8ebf4fe1 Merge pull request #2764 from JLLeitschuh/patch-1 
Add DefaultFullHttpResponse to Netty Check
 2020-02-06 12:19:04 +01:00
Asger Feldthaus
0345c48503 JS: Bump extractor version string 2020-02-06 11:04:59 +00:00
Mathias Vorreiter Pedersen
19e1d82708 Merge pull request #2686 from jbj/ir-crement-load 
C++: Move the LoadInstruction from `++` to `e` in `e++`.
 2020-02-06 11:53:55 +01:00
Rasmus Wriedt Larsen
d5c6092920 Python: Fix typo (trakcing => tracking) 2020-02-06 11:50:44 +01:00
Asger Feldthaus
38ef07ce73 JS: Fix join ordering 2020-02-06 10:29:05 +00:00