hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-13 22:44:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,651 Commits 1,679 Branches 158 Tags
codeql-cli/v2.5.2
Commit Graph

21651 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
d828bc5f3a Merge pull request #4251 from yoff/SharedDataflow_BarrierGuards 
Python: Implement `BarrierGuard`
 2020-09-16 10:00:26 +02:00
Mathias Vorreiter Pedersen
c8a3baf356 Merge pull request #4272 from jbj/dataflow-partial-access 
C++: Add AST flow through arrays
 2020-09-16 09:29:39 +02:00
Rasmus Lerchedahl Petersen
e46ae9b98d Python: Move some query predicates to debug 2020-09-15 21:45:47 +02:00
Matthew Gretton-Dann
17bd678699 Merge pull request #4140 from github/matt-gretton-dann/fix-deleted-constructors 
Update tests for extractor changes with ctors
 2020-09-15 19:34:42 +01:00
Matthew Gretton-Dann
795bf0d93c Update tests for extractor changes with ctors 2020-09-15 17:58:37 +01:00
Matthew Gretton-Dann
9296a12a91 Merge pull request #4260 from github/igfoo/coroutines 
C++: Add coroutines* tables
 2020-09-15 17:39:38 +01:00
Taus Brock-Nannestad
7cdd290b90 Python: Disregard module-time reads. 2020-09-15 18:25:24 +02:00
Joe
7e9b1a2975 Java: PrintAst: Fix more formatting issues 2020-09-15 17:15:00 +01:00
Ian Lynagh
a912a328a2 C++: Add an upgrade script 2020-09-15 15:36:19 +01:00
Ian Lynagh
56388b57bd C++: Update stats for new coroutines* tables 2020-09-15 15:36:19 +01:00
Ian Lynagh
99c4bc5175 C++: Add coroutine metadata tables 2020-09-15 15:36:19 +01:00
lcartey@github.com
eaea860d3e C++: Test for overriding existing simple range analysis ranges. 2020-09-15 15:34:48 +01:00
Jonas Jensen
78560833a1 C++: Add a test distilled from real code 
Author: @rvermeulen.

The consistency warnings go away because `sink` is defined with a body
in this file.
 2020-09-15 16:24:37 +02:00
Joe
3be8fa5155 Java: PrintAst: Fix formatting 2020-09-15 15:10:56 +01:00
Mathias Vorreiter Pedersen
50ad4cfec4 C++: Add comments to {Array,Pointer}StoreNode and arrayStoreStepChi. 2020-09-15 16:03:21 +02:00
Joe
28338eb32e Java: PrintAst: Various minor fixes of typos 
Fix references to C#

Fix getAPrimaryQlClass for JavadocTag

Fix typo for Import

Update test outputs
 2020-09-15 15:02:56 +01:00
Jonas Jensen
b3c50aed5e Merge pull request #4262 from github/igfoo/location 
C++: Deprecate Location subclasses
 2020-09-15 15:49:36 +02:00
Joe
53ab8dac06 Java: PrintAst: Fix failing tests 2020-09-15 14:45:48 +01:00
Joe
112b6d28a1 Java: PrintAst: Handle multiple javadocs in one element correctly 2020-09-15 14:45:48 +01:00
Joe
e38b583ec4 Java: PrintAst: Add tests 2020-09-15 14:45:48 +01:00
Joe
b73e7d8390 Java: PrintAST: Support Javadoc 2020-09-15 14:45:48 +01:00
Joe
c3320eeb3c Java: Improve getAPrimaryQlClass 
Implement it for more types
Fix typos
 2020-09-15 14:45:48 +01:00
Joe
908f025888 Java: PrintAst: Fix a couple of issues related to Annotations 2020-09-15 14:45:48 +01:00
Joe
c20f802666 Java: PrintAst: Supprt generic parameters 2020-09-15 14:45:48 +01:00
Joe
19af3e5e30 Java: Add PrintAST 2020-09-15 14:45:48 +01:00
lcartey@github.com
084992d40b C++: Support overriding existing range bounds 
The current support only allows the user to supply bounds for previously
unsupported expressions or for variable accesses. This commit allows
SimpleRangeAnalysisExprs to override built-in range definitions.
 2020-09-15 14:43:34 +01:00
Anders Schack-Mulligen
159353d545 Merge pull request #4269 from joefarebrother/PrintAST-java-rename 
Java: Rename PrintAst.qll to PrettyPrintAst.qll
 2020-09-15 15:43:24 +02:00
Jonas Jensen
bdce24735c C++: Add flow through arrays 
This works by adding data-flow edges to skip over array expressions when
reading from arrays. On the post-update side, there was already code to
skip over array expressions when storing to arrays. That happens in
`valueToUpdate` in `AddressFlow.qll`, which needed just a small tweak to
support assignments with non-field expressions at the top-level LHS,
like `*a = ...` or `a[0] = ...`.

The new code in `AddressFlow.qll` is copy-pasted from `EscapesTree.qll`,
and there is already a note in these files saying that they share a lot
of code and must be maintained in sync.
 2020-09-15 14:46:11 +02:00
Matthew Gretton-Dann
99fd323ded Don't trace through pkill or pgrep on macOS. 2020-09-15 13:37:22 +01:00
Taus Brock-Nannestad
2e737eda1e Python: Add a few function-local import tests 2020-09-15 14:25:26 +02:00
Taus Brock-Nannestad
d5e9f36747 Python: Add "enclosing callable" for ModuleVariableNode 
I've named this `DataFlowModuleScope` since it's not really a
callable (and all of the relevant methods are empty anyway).
 2020-09-15 14:23:20 +02:00
Jonas Jensen
27b8dc2b13 C++: Add tests for flow through arrays 2020-09-15 14:19:34 +02:00
Mathias Vorreiter Pedersen
3005f252ca C++: Fix annotation 2020-09-15 13:34:50 +02:00
Mathias Vorreiter Pedersen
0ba72c6685 C++: Accept changes. 2020-09-15 12:49:22 +02:00
Mathias Vorreiter Pedersen
265a641d06 C++: Use the underlying type to check whether a type is a single-field struct. 2020-09-15 12:49:16 +02:00
CodeQL CI
951e3093d2 Merge pull request #4231 from erik-krogh/CVE767 
Approved by asgerf
 2020-09-15 03:47:40 -07:00
Mathias Vorreiter Pedersen
d18dd5ab09 C++: Add testcase demonstrating the underlying problem in 6ca9c449af. 2020-09-15 12:32:15 +02:00
Joe
efe3ac0a37 Java: Rename the existing file called PrintAst.qll 2020-09-15 11:30:56 +01:00
Erik Krogh Kristensen
2de94abe9f Merge pull request #4244 from erik-krogh/badJQueryJoin 
JS: Fix Bad join orders in UnsafeJQueryPlugin
 2020-09-15 12:29:25 +02:00
Erik Krogh Kristensen
fa255f3534 add test for self.importScripts(..) 2020-09-15 12:23:48 +02:00
Jonas Jensen
25412da845 Merge pull request #4253 from geoffw0/stringstream2 
C++: Model more stringstream features
 2020-09-15 12:19:26 +02:00
Erik Krogh Kristensen
cc5109d693 Update change-notes/1.26/analysis-javascript.md 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-09-15 12:14:51 +02:00
Tamas Vajk
23a9d0764e Java: Fix range analysis false negative 2020-09-15 12:09:05 +02:00
Mathias Vorreiter Pedersen
1fbb0fbf54 Merge pull request #4266 from geoffw0/cwe190tests 
C++: CWE-190 Tests.
 2020-09-15 12:08:00 +02:00
Tamas Vajk
c66473cb8a Java: Add test for range analysis 2020-09-15 12:07:30 +02:00
Asger Feldthaus
d728c3948c JS: Log the amount of memory passed to TypeScript process 2020-09-15 09:17:42 +01:00
Tom Hvitved
d095d6b56b Merge pull request #4139 from hvitved/csharp/cfg/foreach-loop-empty 
C#: Skip `foreach` loop bodies in the CFG when the iteration expression is empty
 2020-09-15 09:30:29 +02:00
Robert Marsh
5f2cafc4f5 C++: Interprocedural iterator flow 2020-09-14 14:36:19 -07:00
Erik Krogh Kristensen
c5b5a4fd55 improve performance of NodeJS::NodeModule::exports 2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen
c1cb19abd7 add level PreCallGrapSteps to the callgraph 2020-09-14 23:28:35 +02:00