hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-24 11:52:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,686 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
c0b7538cf0 made the blacklist for methods named "function" work again 2019-10-02 14:56:41 +02:00
Erik Krogh Kristensen
e5290f3bb0 remove some parentheses 2019-10-02 14:51:47 +02:00
Erik Krogh Kristensen
22aac8e723 ensure that the existence of non-synthetic constructor is checked correctly 2019-10-02 14:49:33 +02:00
Anders Schack-Mulligen
f87cb4d6ac Java/C++/C#: Address review comments and fix test. 2019-10-02 14:32:17 +02:00
Shati Patel
9c54eef45a QL HB: Update aggregation section 2019-10-02 12:48:16 +01:00
Shati Patel
3dd2a6c325 QL etudes: Add further explanation + link 2019-10-02 12:21:23 +01:00
Anders Schack-Mulligen
0154e31e64 Java: Add change note. 2019-10-02 11:47:53 +02:00
Calum Grant
28c34ad41e C#: Address review comments. 2019-10-02 10:42:06 +01:00
semmle-qlci
47024dc6ec Merge pull request #2069 from felicitymay/1.22/SD-3940-golang 
Approved by jf205
 2019-10-02 10:40:38 +01:00
Felicity Chapman
56ed2f618d Add alias for easier user-searching 2019-10-02 09:05:31 +01:00
Robert Marsh
bace8c723d C++: side effect instrs for constructor qualifiers 
This adds IndirectMustWriteSideEffects for constructor qualifiers. The
introduced sanity failures result from constructor calls without qualifier
operands in the IR
 2019-10-01 14:53:37 -07:00
Calum Grant
39f550b6d2 Merge pull request #2054 from hvitved/csharp/autobuilder/log-cleanup 
C#: Cleanup more files after failed autobuilder attempt
 2019-10-01 15:55:58 +01:00
Calum Grant
b4da63b3f2 Merge pull request #2061 from hvitved/csharp/local-function-label 
C#: Prepend enclosing method in local function TRAP labels
 2019-10-01 15:19:04 +01:00
Erik Krogh Kristensen
a66e33ea5e add references to TypeScript spec for "new" and "constructor" keywords 2019-10-01 15:56:45 +02:00
Jonas Jensen
3c7d79481f C++: Autoformat FlowVar.qll 2019-10-01 15:54:41 +02:00
Erik Krogh Kristensen
584b9d4e30 update expected test output 2019-10-01 15:53:37 +02:00
Erik Krogh Kristensen
2ad85d16bd refactor a list of negated conjunctions to a disjunction 2019-10-01 15:53:22 +02:00
Erik Krogh Kristensen
6c176fc967 introduce name as a variable, and adjust alert messages 2019-10-01 15:28:57 +02:00
Erik Krogh Kristensen
26a0bfac39 refactor js/suspicious-method-name-declaration to use isSynthetic predicate 2019-10-01 15:06:45 +02:00
Erik Krogh Kristensen
1e2aad5a29 fix pointer in .qlref, and update expected test results 2019-10-01 14:56:00 +02:00
Erik Krogh Kristensen
aa1368741b rename suspicious-method-name to suspicious-method-name-declaration 2019-10-01 14:37:07 +02:00
Jonas Jensen
0990ceb09a C++: Remove bbNotInLoop and its caller in FlowVar 
This change is needed when enabling the QL CFG on certain snapshots such
as notaz/picodrive. It removes the `bbNotInLoop` predicate, which was
always a liability because it's inherently quadratic. The real slowdown
came in `skipLoop`, where all true-upon-entry loops were crossed with
all definitions of variables that should take their definition from the
loop body.
 2019-10-01 14:33:28 +02:00
Jonas Jensen
eed24f1933 C++: Improve join orders with QL CFG 
Size estimates are slightly different when we enable the QL CFG, and
this caused bad join orders in these predicates.
 2019-10-01 14:33:28 +02:00
ian-semmle
e048207e2f Merge pull request #2055 from matt-gretton-dann/cpp-439-test-cases 
C++: Add test cases for constant initializers
 2019-10-01 12:43:46 +01:00
Shati Patel
427325b04a QL etudes: Update with Robert's suggestions 2019-10-01 11:23:41 +01:00
Jonas Jensen
34b625900a C++: Avoid extends Operation in LeapYear.qll 
The `Operation` class is abstract, and extending it caused cached stages
to be recomputed all the way down to the AST. This meant that the leap
year queries evaluated their own copy of SSA and data flow.
 2019-10-01 11:50:33 +02:00
Jonas Jensen
7434702958 Merge pull request #1735 from rdmarsh2/rdmarsh/cpp/ir-dataflow-def-by-ref-2 
C++: side effect IR instructions for pointer arguments
 2019-10-01 11:35:19 +02:00
Calum Grant
fdc29aa81d Merge pull request #2062 from hvitved/csharp/suppress-similar-file 
C#: Suppress `cs/similar-file` alerts
 2019-10-01 10:21:55 +01:00
Jonas Jensen
7c319efb8b C++: Data flow through reference parameters 2019-10-01 10:43:49 +02:00
Tom Hvitved
413926f675 C#: Prepend enclosing method in local function TRAP labels 2019-10-01 10:25:18 +02:00
Robert Marsh
d1e2ddcf99 C#: sync unalised_ssa IR stage and add to check 2019-09-30 12:53:00 -07:00
Robert Marsh
ee3b40bd89 C#: sync changes and accept test output 2019-09-30 12:00:55 -07:00
Robert Marsh
a45a6e48f8 C++: remove side effect operands from non-reads 2019-09-30 12:00:55 -07:00
Robert Marsh
9f20cb83c3 C++/C#: Autoformat 2019-09-30 12:00:55 -07:00
Robert Marsh
fcfc11052a C++: add QLDoc to side effect functions 2019-09-30 12:00:54 -07:00
Robert Marsh
8649978a43 C++: add indexes for specific side effects 2019-09-30 12:00:53 -07:00
Robert Marsh
24574be007 C++: add SizedBuffer side effect instructions 2019-09-30 12:00:53 -07:00
Robert Marsh
554d6390f7 C++: clean up after rebase 2019-09-30 12:00:53 -07:00
Robert Marsh
49088e7f09 C++: Fix formatting and dropped line 2019-09-30 12:00:53 -07:00
Robert Marsh
3d562243e4 C++: add side effects for outparams 2019-09-30 12:00:52 -07:00
Ziemowit Laski
a0cbd87d1f [zlaski/memset-model] Rename predicate usage as per PR/1938. 2019-09-30 10:47:59 -07:00
Ziemowit Laski
ae169e9c33 [zlaski/memset-model] Add AliasFunction as base class of MemsetFunction; override predicates parameterNeverEscapes, parameterEscapesOnlyViaReturn and parameterIsAlwaysReturned. 2019-09-30 10:44:12 -07:00
Ziemowit Laski
aaa2a60b93 [zlaski/memset-model] Remove taint tracking from Memset.qll. Add Memset.qll to Models.qll. 2019-09-30 10:44:12 -07:00
Ziemowit Laski
144aacb09d [zlaski/memset-model] New Memset.qll file. 2019-09-30 10:44:12 -07:00
Tom Hvitved
4f2ca11d2c C#: Suppress cs/similar-file alerts 2019-09-30 19:26:02 +02:00
Calum Grant
ad8ae35c82 Merge pull request #1956 from hvitved/csharp/get-an-out-node 
C#: Refactor `getAnOutNode()` predicate
 2019-09-30 16:58:21 +01:00
Matthew Gretton-Dann
b76f66e83b C++: Add test cases for constant initializers 
Adds test cases for initialisation of constants which aren't simple
zeros.  Example: int x = int();
 2019-09-30 14:57:26 +01:00
Taus
fb20cab4c8 Merge pull request #2012 from RasmusWL/python-modernise-cls-self-checks 
Python: modernise cls self argument name checks
 2019-09-30 15:50:32 +02:00
shati-patel
ff093c26a1 Merge pull request #2057 from jf205/small-fixes 
QL training slides: increase release number and small css tweaks
 2019-09-30 14:28:30 +01:00
Jonas Jensen
f417640da4 Merge pull request #1938 from dave-bartolomeo/dave/InNOut 
C++: Rename predicates in `FunctionInputsAndOutputs.qll` and add QLDoc
 2019-09-30 13:30:19 +02:00