hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-03 01:30:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
f21871d275 JS: relax instantiation requirement for .prototype field 2019-03-06 14:31:37 +00:00
Asger F
96f1d91150 JS: Add a new test 2019-03-06 14:31:37 +00:00
Tom Hvitved
7825642954 C#: Dispatch.qll performance tweaks 2019-03-06 14:54:36 +01:00
Tom Hvitved
d0c442a950 C#: Use explicit recursion in TupleExpr::isReadAccess() 2019-03-06 14:54:25 +01:00
Max Schaefer
48c0949705 Merge pull request #1036 from asger-semmle/hide-implicit-ssa-defs 
JS: Omit uninteresting nodes from path explanations
 2019-03-06 13:30:11 +00:00
semmle-qlci
420b14b1e7 Merge pull request #1029 from jcreedcmu/jcreed/surgery 
Approved by xiemaisi
 2019-03-06 13:27:21 +00:00
Asger F
732ddbcbbd JS: Mark API as experimental 2019-03-06 13:04:34 +00:00
Asger F
81476cff0b JS: Expand test case with call/return matching for backtracking 2019-03-06 12:58:52 +00:00
Asger F
3422fa328d JS: Add test 2019-03-06 12:50:59 +00:00
Asger F
e6a1374218 JS: Make separate type for back-tracking types 2019-03-06 12:50:50 +00:00
Calum Grant
4bdcfec674 Merge pull request #990 from hvitved/csharp/cfg/get-a-thrown-exception 
C#: Reduce size of `getAThrownException()`
 2019-03-06 12:31:00 +00:00
Asger F
0b2c94684d JS: Add TypeTracker library 2019-03-06 11:52:28 +00:00
Geoffrey White
693937367d Merge pull request #1047 from jbj/dataflow-StmtExpr 
C++: Data flow through StmtExpr
 2019-03-06 10:33:12 +00:00
Geoffrey White
2bac7f1516 CPP: Deprecate old mechanisms FormattingFunction.isWideCharDefault and FormatLiteral.isWideCharDefault. 2019-03-06 10:23:46 +00:00
Geoffrey White
5b8a6c8335 CPP: Remove no longer used FormatLiteral.getEffectiveCharConversionChar. 2019-03-06 10:23:45 +00:00
Geoffrey White
e1447787e3 CPP: Remove dubious case from FormatLiteral.getMaxConvertedLength. 2019-03-06 10:23:45 +00:00
Geoffrey White
1b71accbfe CPP: Fix a bug in FormattingFunction.getDefaultCharType. 2019-03-06 10:23:45 +00:00
Geoffrey White
e59b3c28e4 CPP: Modernize FormatLiteral.getConversionType1b. 2019-03-06 10:23:45 +00:00
Geoffrey White
ac708a569e CPP: Clean up formatting in FormatLiteral.getEffectiveCharConversionChar somewhat. 2019-03-06 10:23:45 +00:00
Geoffrey White
9f9712047c CPP: Add a few more tests of '%c'. 2019-03-06 10:23:45 +00:00
Jason Reed
8829fde86b JS: Add test for zipslip basename sanitization. 2019-03-06 09:46:41 +00:00
Jason Reed
126e207bd0 JS: Add change note. 2019-03-06 09:46:41 +00:00
Jason Reed
0a91d919b0 JS: Allow path.basename sanitization in zipslip. 2019-03-06 09:46:41 +00:00
Jonas Jensen
80b0765618 C++: Make IR DataFlow dispatch use non-IR version 
This removes code duplication and ensures that the IR version also gets
the support for flow across link targets.
 2019-03-06 10:08:14 +01:00
Jonas Jensen
10ce13d1e9 C++: Tests for cross-target dispatch 2019-03-06 10:08:13 +01:00
Jonas Jensen
14f1ecb456 C++: Data flow dispatch across link targets 2019-03-06 10:08:13 +01:00
Asger F
50a77ea843 JS: update test expectations 2019-03-06 08:41:03 +00:00
Asger F
ee7461380e JS: Omit uninteresting nodes from path explanations 2019-03-06 08:41:03 +00:00
Jonas Jensen
94699175a4 Merge pull request #1046 from xiemaisi/rc/1.20 
Merge rc/1.20 into master
 2019-03-06 07:49:15 +00:00
Tom Hvitved
440809623b C#: Fix whitespaces 2019-03-06 08:15:46 +01:00
semmle-qlci
69a048d102 Merge pull request #1045 from jbj/import-additional-ir-TaintTracking 
Approved by rdmarsh2
 2019-03-05 20:52:29 +00:00
Tom Hvitved
0afb85cb91 C#: Address review comments 2019-03-05 19:27:36 +01:00
calum
58fdcd8703 C#: Regression test case demonstrating extractor error. 2019-03-05 18:24:01 +00:00
Asger F
eb08dcfbd0 Merge pull request #1044 from xiemaisi/js/fix-javadoc 
JavaScript: Remove a `@link` in Javadoc.
 2019-03-05 18:09:10 +01:00
Jonas Jensen
6ef946c2b0 C++: Make IR TaintTracking available on LGTM 
Because this new library is not used in a default query, it needs to be
imported here in order to be available in the LGTM query console.
 2019-03-05 18:05:27 +01:00
Max Schaefer
832dff54e8 JavaScript: Remove a @link in Javadoc. 
Javadoc claims not to be able to resolve this link, while Eclipse manages to do so without any problems, failing an internal PR check.

It's only in a test, though, so I just removed it.
 2019-03-05 17:02:44 +00:00
Mark Shannon
38a5fb715a Python: Avoid cross-talk between unrelated sources in py/stack-trace-exposure query. 2019-03-05 16:52:28 +00:00
Calum Grant
926ee7425a Merge pull request #1014 from hvitved/csharp/same-children-modulo-type-params 
C#: Speedup `sameChildrenModuloTypeParameters()`
 2019-03-05 16:43:33 +00:00
Calum Grant
b17de116f8 Merge pull request #995 from hvitved/csharp/split-guards-performance 
C#: Speedup guards predicates
 2019-03-05 16:42:39 +00:00
Geoffrey White
d5627fdc9e Merge pull request #1040 from jbj/dominanceFrontier-iterated 
C++: Implement dominanceFrontier with recursion
 2019-03-05 16:27:53 +00:00
Mark Shannon
32dabcee1e Python: Ignore dead objects from library trap files. 2019-03-05 15:27:45 +00:00
Jonas Jensen
b3d935063f Merge pull request #815 from geoffw0/keyset 
CPP: dbscheme annotations
 2019-03-05 14:53:46 +00:00
semmle-qlci
dedefe0f9e Merge pull request #1039 from xiemaisi/js/parallel-extraction-env-vars 
Approved by asger-semmle
 2019-03-05 14:42:01 +00:00
Tom Hvitved
b2ede5e2a1 Revise logic for reducing size of getAThrownException() 
When determining which core library a "tried control flow element" is compiled against,
first look at exceptions caught by the surrounding `try` block, then look at assembly
attributes, and finally choose (randomly) the core library with the highest lexicographic
order.
 2019-03-05 14:57:46 +01:00
Jonas Jensen
0a57767cc6 C++: Data flow through StmtExpr 2019-03-05 14:36:40 +01:00
Jonas Jensen
a2de057c26 C++: Test for StmtExpr data flow 2019-03-05 14:34:19 +01:00
Jonas Jensen
9d595aa5ea Merge pull request #1033 from geoffw0/newdelete-perf 
CPP: NewDelete.qll performance
 2019-03-05 12:52:59 +00:00
semmle-qlci
1327b9f552 Merge pull request #1038 from xiemaisi/js/consolidate-tests 
Approved by esben-semmle
 2019-03-05 11:02:33 +00:00
Jonas Jensen
d310338c9b C++: Implement dominanceFrontier with recursion 
This implementation is borrowed from Java's QL library and offers a
great performance improvement. For example, on Wireshark the performance
goes from

    Dominance::bbDominates#ff ....... 40.3s
    SSAUtils::dominanceFrontier#ff .. 30s

to

    SSAUtils::dominanceFrontier#ff .. 418ms (executed 67 times)

The big performance problem before was the need to materialize
`bbDominates`, which is the reflexive-transitive "basic block dominates"
relation. It had 79 million rows on Wireshark.
 2019-03-05 11:54:45 +01:00
Geoffrey White
4e1e3131ac CPP: Revert annotation on 'externalData'. 2019-03-05 10:22:33 +00:00