hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-01 08:42:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
dd84b6063b Merge pull request #794 from xiemaisi/js/parallel-extraction 
Approved by asger-semmle, esben-semmle
 2019-01-20 00:22:38 +00:00
Mark Shannon
261cd36b8c Merge pull request #781 from kevinbackhouse/HashedButNoHash 
Python: fix false positive result.
 2019-01-18 21:56:12 +00:00
Kevin Backhouse
9e79e1bc8c Simplify the logic with theTypeErrorType(). 2019-01-18 16:33:48 +00:00
Geoffrey White
bff23f546d CPP: Clearer naming. 2019-01-18 16:21:28 +00:00
calum
63653cd0f7 C#: Analysis change notes. 2019-01-18 15:49:05 +00:00
calum
c9ffb38e4b C#: Add sources and sinks in Winforms. Update some queries with new sources and sinks. 2019-01-18 15:42:44 +00:00
Asger F
4b4daa645f JS: handle accessors separately 2019-01-18 15:42:05 +00:00
Asger F
e18b635314 JS: add getADirectSuperClass() 2019-01-18 15:42:05 +00:00
Asger F
c82690f4c1 JS: address comments 2019-01-18 15:42:05 +00:00
Asger F
cc1204acef JS: remove isAmbient() check 2019-01-18 15:42:05 +00:00
Asger F
1eb0ca4b4a JS: make ClassNode::Range abstract 2019-01-18 15:42:05 +00:00
Geoffrey White
458fddd28e CPP: Use strictconcat. 2019-01-18 15:01:47 +00:00
Taus
bcc65dbad3 Merge pull request #554 from markshannon/python-named-module-utility 
Python: named module utility
 2019-01-18 16:01:36 +01:00
Asger F
3cb2341e63 JS: split ClassNode into two classes 2019-01-18 14:46:38 +00:00
Asger F
5b7675d972 JS: introduce DataFlow::ClassNode 2019-01-18 14:46:38 +00:00
Taus
8d99186d74 Merge pull request #795 from markshannon/remove-builtin-class-test 
Python: Remove fragile and unnecessary test.
 2019-01-18 15:17:39 +01:00
Taus
92d2e18bf2 Merge pull request #712 from markshannon/python-fix-odasa-7307 
Python: Detect a wider range of generated files.
 2019-01-18 14:38:08 +01:00
Tom Hvitved
ceb9ccf811 C#: Add change note 2019-01-18 13:56:27 +01:00
Tom Hvitved
dd99525566 C#: Redefine AccessorCall 
The syntactic node assiociated with accessor calls was previously always the
underlying member access. For example, in

```
x.Prop = y.Prop;
```

the implicit call to `x.set_Prop()` was at the syntactic node `x.Prop`, while the
implicit call to `y.get_Prop()` was at the syntactic node `y.Prop`.

However, this breaks the invariant that arguments to calls dominate the call itself,
as the argument `y.Prop` for the implicit `value` parameter in `x.set_Prop()` will
be evaluated after the call (the left-hand side in an assignment is evaluated before
the right-hand side).

The solution is to redefine the access call to `x.set_Prop()` to point to the whole
assignment `x.Prop = y.Prop`, instead of the access `x.Prop`. For reads, we still want
to associate the accessor call with the member access.

A corner case arises when multiple setters are called in a tuple assignment:

```
(x.Prop1, x.Prop2) = (0, 1)
```

In this case, we cannot associate the assignment with both `x.set_Prop1()` and
`x.set_Prop2()`, so we instead revert to using the underlying member accesses as
before.
 2019-01-18 13:56:23 +01:00
Mark Shannon
ad2481f498 Python: Hide 'CheckClass' class which is old and should only be used by those queries it is specifically designed for. 2019-01-18 12:31:19 +00:00
Mark Shannon
e82e7791fa Fix typos in change note. 2019-01-18 11:51:11 +00:00
Mark Shannon
c1a549ddff Python. Improve grammar in qldoc comment. 2019-01-18 11:49:59 +00:00
Mark Shannon
9f93bf8d17 Python: Fix 'unused import' to no longer give alerts for imported modules used in doctests. 2019-01-18 11:08:53 +00:00
Anders Schack-Mulligen
2c0e1f943d Java: Extend change note. 2019-01-18 12:08:00 +01:00
Tom Hvitved
2caf724826 C#: Add more tests 2019-01-18 12:07:22 +01:00
Anders Schack-Mulligen
15e18013c8 Java: Fix qhelp. 2019-01-18 11:47:43 +01:00
Anders Schack-Mulligen
d8fe21be7e Java: Update qhelp as per review. 2019-01-18 11:42:34 +01:00
Asger F
cf3dfcae21 JS: recognize A.substr(0, B.length) == B 2019-01-18 10:40:48 +00:00
Asger F
f9951f67fe JS: add simple variants of StringOps::EndsWith 2019-01-18 10:40:48 +00:00
Asger F
b6626995cf JS: bugfix in indexOf-based include test 2019-01-18 10:40:48 +00:00
Asger F
d603824feb JS: add StringOps::StartsWith and StringOps::Includes 2019-01-18 10:40:18 +00:00
Asger F
107ec3b687 JS: add test with self=this variable 2019-01-18 10:39:02 +00:00
Asger F
78bd76048a JS: add test with closures 2019-01-18 10:39:02 +00:00
Asger F
0bb6692c19 JS: add 'this' as possible access path root 2019-01-18 10:39:02 +00:00
Anders Schack-Mulligen
17b4276699 Java: Fix bug in qltest and query for immutable types. 2019-01-18 11:37:38 +01:00
Jonas Jensen
189d82b79a C++: Change exclusion to not be only operator= 2019-01-18 11:19:38 +01:00
Mark Shannon
4398670ecc Merge pull request #775 from taus-semmle/python-dill-pickle-support 
Python: dill pickle support.
 2019-01-18 10:01:22 +00:00
Max Schaefer
740acc12e8 JavaScript: Add change note. 2019-01-18 09:36:07 +00:00
semmle-qlci
5e712b3ff6 Merge pull request #784 from asger-semmle/dedup-promiseTaintStep 
Approved by esben-semmle
 2019-01-18 08:52:09 +00:00
Henning Makholm
fda08181c1 fix ODASA-6859 2019-01-18 00:08:36 +01:00
Henning Makholm
26b6581bdb test example for ODASA-6859 2019-01-17 23:30:39 +01:00
Robert Marsh
64ed9305d3 C++: new query for futile arguments to C functions 2019-01-17 10:45:10 -08:00
Dave Bartolomeo
6af8948a3f Merge pull request #783 from jbj/ir-reachable-perf 
C++: Speed up getAFeasiblePredecessorBlock
 2019-01-17 10:19:07 -08:00
Kevin Backhouse
56efe3adb7 Fix false positive result. 2019-01-17 16:22:48 +00:00
Kevin Backhouse
5fc056beb3 Add regression test for false positive result. 2019-01-17 16:22:19 +00:00
Jonas Jensen
f147b63bb8 Merge pull request #654 from geoffw0/lossyresultcast 
CPP: Work on Lossy function result cast query
 2019-01-17 17:07:29 +01:00
semmle-qlci
beed51924e Merge pull request #780 from Semmle/xiemaisi-patch-4 
Approved by esben-semmle
 2019-01-17 16:04:00 +00:00
Anders Schack-Mulligen
944c082a8d Java: Fix FP in DoubleCheckedLocking.ql 2019-01-17 16:38:25 +01:00
Asger F
a8d750f086 JS: update header doc in Promises.qll 2019-01-17 15:26:45 +00:00
Taus Brock-Nannestad
1d15d46b38 Add change note. 2019-01-17 14:47:21 +01:00