hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-01 00:27:24 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
2b803693f1 JS: add comment about how to generate isLodashMember 2019-01-10 14:00:20 +00:00
Ian Lynagh
8ce2890824 C++: Add a changenote for Namespace.isInline() 2019-01-10 12:56:16 +00:00
Ian Lynagh
e5b6e61d45 C++: Update stats to include namespace_inline 2019-01-10 11:35:49 +00:00
Geoffrey White
346bc1ac62 CPP: Autoformat some code from Critical. 2019-01-10 10:40:39 +00:00
Geoffrey White
b7febb06af CPP: Autoformat some Power of 10 queries. 2019-01-10 10:40:39 +00:00
semmle-qlci
f474fdd0f9 Merge pull request #731 from xiemaisi/js/performance-fiddling 
Approved by asger-semmle, esben-semmle
 2019-01-10 10:01:02 +00:00
Jonas Jensen
7ff94e894a C++: Change note for UsingStrcpyAsBoolean.ql 2019-01-10 08:35:54 +01:00
Jonas Jensen
92fbea4e41 C++: UsingStrcpyAsBoolean.ql: use getName 
We agreed in the review of the original PR that `getName` is more
appropriate here than `getQualifiedName`. Using `getName` ensures that
we also match the `std::`-prefixed versions of these functions as well
as user-defined versions.
 2019-01-10 08:35:54 +01:00
Jonas Jensen
aa0f2f2da3 C++: Support ?: in UsingStrcpyAsBoolean.ql 
I removed some unnecessary parentheses for symmetry, causing whitespace
changes.
 2019-01-10 08:35:54 +01:00
Jonas Jensen
0f88a4b312 C++: Test ?: support in UsingStrcpyAsBoolean.ql 
This test shows that the query only supports the ternary operator in
C++, not C.
 2019-01-10 08:35:54 +01:00
Jonas Jensen
4dd36772ef C++: Remove UsingStrcpyAsBoolean.ql duplicates 2019-01-10 08:35:54 +01:00
Jonas Jensen
3a6a515a1d C++: Tabs to spaces and // Bug comments in test 
This changes the column numbers in the expected test output.
 2019-01-10 08:35:53 +01:00
Jonas Jensen
aafb4abc3d C++: Use more specific predicates than getChild 
This commit doesn't change any behavior but just uses the preferred
high-level predicates. The `getChild` predicate inspects the raw
database more or less directly, and the database layout could change in
the future.
 2019-01-10 08:35:53 +01:00
Jonas Jensen
657fe0eda3 C++: Tweak docs of UsingStrcpyAsBoolean.ql 
This should make the documentation more in line with the documentation
for our other queries. The @name of the query is changed to "Use of
string copy function in a condition".
 2019-01-10 08:35:53 +01:00
Jonas Jensen
563f8158d7 C++: Autoformat UsingStrcpyAsBoolean.ql 2019-01-10 08:35:53 +01:00
Jonas Jensen
9219214d64 Merge pull request #695 from raulgarciamsft/users/raulga/c6324 
cpp - Using the return value of a strcpy or related string copy function in an if statement
 2019-01-10 08:34:17 +01:00
Geoffrey White
7a877bfe14 CPP: Add exception for wrapped whitelisted functions. 2019-01-09 18:30:19 +00:00
Max Schaefer
583734a4e2 JavaScript: Fix semantic merge conflict. 
https://github.com/Semmle/ql/pull/698 removed `document.cookie` as a remote flow source, which some of the tests relied on. We now use `location.search` instead.
 2019-01-09 16:09:06 +00:00
Taus Brock-Nannestad
41836cdf8c Add descriptions and remove leftovers from old change note. 2019-01-09 16:23:02 +01:00
semmle-qlci
79734603ce Merge pull request #734 from xiemaisi/js/remove-deprecated 
Approved by esben-semmle
 2019-01-09 15:20:04 +00:00
Geoffrey White
f983391cbf CPP: Add exception for pow. 2019-01-09 15:06:23 +00:00
Geoffrey White
11013b0ec6 CPP: Add a few more test cases. 2019-01-09 14:58:25 +00:00
Ian Lynagh
7a0ed57916 C++: Add namespace_inline 2019-01-09 14:47:27 +00:00
Calum Grant
89becbce9a Merge pull request #726 from hvitved/csharp/cfg/foreach-multi-variables 
C#: Fix CFG for `foreach` statements with tuple declarations
 2019-01-09 14:47:01 +00:00
Geoffrey White
82e54568a5 CPP: Add qhelp. 2019-01-09 14:03:28 +00:00
Geoffrey White
45cd030a99 CPP: Change note. 2019-01-09 14:03:28 +00:00
Jonas Jensen
9146b8e32e C++: Add example of conditional destruction 
The QL CFG and extractor CFG are the same, so the test passes. Neither
of them model that `ref` may or may not be destructed.
 2019-01-09 15:02:25 +01:00
Jonas Jensen
8ac826a62a C++: Factor out base case of normalGroupMember 
This recursive predicate is made faster by working around a known
optimizer problem (QL-796) that causes the optimizer to insert extra
type checks in recursive case even when they are only needed in the
base case.
 2019-01-09 15:02:25 +01:00
Geoffrey White
cbe69f2daf CPP: Fix false positive. 2019-01-09 13:59:24 +00:00
Geoffrey White
e26c709dbf CPP: Add a test for LossyFunctionResultCast.ql. 2019-01-09 13:59:24 +00:00
Geoffrey White
0e092ae88d CPP: Tag LossyFunctionResultCast.ql. Will be run on LGTM. 2019-01-09 13:59:24 +00:00
Jonas Jensen
c74b89119e C++: Reorder parameters to subEdge relations 
This improves performance slightly by putting the parameters in the
order in which they'll be needed in `qlCFGSuccessor`.
 2019-01-09 14:58:43 +01:00
ian-semmle
b3bcabf7c6 Merge pull request #724 from jbj/cfg-pr 
C++: Construct a CFG with QL
 2019-01-09 13:12:39 +00:00
Geoffrey White
6088ca5d5b CPP: Update our uses of MacroInvocationExpr. 2019-01-09 12:17:29 +00:00
Geoffrey White
b59c2868cd CPP: Add test cases for the macro logic and other details of ArithmeticUncontrolled.ql. 2019-01-09 12:17:29 +00:00
Geoffrey White
a1caa85172 CPP: Deprecate MacroInvocationExpr. 2019-01-09 11:45:08 +00:00
Geoffrey White
75b1fb36ec CPP: Deprecate MacroInvocationStmt. 2019-01-09 11:45:08 +00:00
Calum Grant
bd9a2d71ba Merge pull request #719 from hvitved/csharp/autoformat/queries 
C#: Autoformat QL queries
 2019-01-09 10:48:22 +00:00
Max Schaefer
89447846f1 JavaScript: Add change note. 2019-01-09 09:24:22 +00:00
Max Schaefer
97e6c75b94 JavaScript: Remove a few other deprecated predicates and classes. 2019-01-09 09:23:59 +00:00
Max Schaefer
db8e436046 JavaScript: Remove deprecated flow tracking predicates. 2019-01-09 09:23:59 +00:00
Max Schaefer
8a93c6aa65 JavaScript: Remove a few deprecated classes. 2019-01-09 09:23:59 +00:00
Max Schaefer
5d1d94ebf1 JavaScript: Remove deprecated old call graph library. 2019-01-09 09:23:59 +00:00
Max Schaefer
db713fb359 JavaScript: Remove deprecated backward-compatibility layer in security libraries. 2019-01-09 09:23:59 +00:00
Max Schaefer
feb9693fea JavaScript: Remove old data flow library. 2019-01-09 09:23:59 +00:00
Max Schaefer
3d44f0c6e0 JavaScript: Autoformat new libraries. 2019-01-09 09:13:14 +00:00
Max Schaefer
fb53a69880 Revert "JavaScript: Add ImportFromCSV to javascript.qll." 
This reverts commit d03f82beb1f7d4634615f527b3d275043eeda1c5.
 2019-01-09 09:10:45 +00:00
Max Schaefer
e960bd967f JavaScript: Make configuration IDs explicit in the API. 2019-01-09 09:10:45 +00:00
Max Schaefer
8f1c5db8be JavaScript: Change encoding of member and parameter portals for readability. 2019-01-09 09:10:45 +00:00
Max Schaefer
a7ea7309d4 JavaScript: Fold a predicate to improve performance in the presence of many configurations with many sources/sinks. 2019-01-09 09:10:44 +00:00