hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-26 20:03:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,694 Branches 161 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chelsea Boling
96d11b7966 Create ServiceStack.qll 2020-12-17 16:17:24 -08:00
yoff
39acc9a40b Merge pull request #4735 from RasmusWL/python-untrusted-flow 
Python: Untrusted data used in external APIs
 2020-12-18 00:15:08 +01:00
yoff
9dd6439e3c Merge pull request #4749 from RasmusWL/command-injection-tests 
Python: Add some command injection tests
 2020-12-17 23:36:06 +01:00
yoff
8a44405365 Merge pull request #4827 from RasmusWL/reword-qldoc-for-type-tracking-classes 
Python: Reword QLDoc for class modeling with type-tracking
 2020-12-17 23:28:19 +01:00
Tamas Vajk
8eeab8fdd0 Add new stats file 2020-12-17 21:22:58 +01:00
Nick Rolfe
a87fe410af Simplify examples for unary plus/minus 2020-12-17 18:35:01 +00:00
Nick Rolfe
8b7af665b4 Simplify imports 2020-12-17 18:33:49 +00:00
Tom Hvitved
6893f57978 Merge pull request #74 from github/hvitved/cfg/fix-join-order 
CFG: Fix bad join-order
 2020-12-17 16:58:23 +01:00
Tom Hvitved
07c464b753 CFG: Fix bad join-order 
Before:
```
[2020-12-17 11:33:46] (211s) Tuple counts for ControlFlowGraphImpl::Trees::RescueEnsureBlockTree::nestedEnsure_dispred#ff/2@2ea588:
                      11409019   ~0%     {2} r1 = SCAN ControlFlowGraphImpl::getScope#ff AS I OUTPUT I.<1>, I.<0> 'this'
                      3714296409 ~0%     {3} r2 = JOIN r1 WITH ControlFlowGraphImpl::Trees::getAChildInScope#fff_102#join_rhs AS R ON FIRST 1 OUTPUT r1.<1> 'this', R.<1>, R.<2>
                      2359       ~0%     {2} r3 = JOIN r2 WITH ControlFlowGraphImpl::Trees::RescueEnsureBlockTree::getAnEnsureDescendant#ff AS R ON FIRST 2 OUTPUT r2.<2>, r2.<0> 'this'
                      1          ~0%     {2} r4 = JOIN r3 WITH ControlFlowGraphImpl::Trees::RescueEnsureBlockTree::getEnsure_dispred#ff_10#join_rhs AS R ON FIRST 1 OUTPUT r3.<1> 'this', R.<1> 'innerBlock'
                                         return r4
```

After:
```
[2020-12-17 15:20:37] (51s) Tuple counts for ControlFlowGraphImpl::Trees::RescueEnsureBlockTree::nestedEnsure_dispred#ff/2@c4f57d:
                      635      ~1%     {3} r1 = JOIN ControlFlowGraphImpl::Trees::RescueEnsureBlockTree::getEnsure_dispred#ff_10#join_rhs AS L WITH ControlFlowGraphImpl::Trees::getAChildInScope#fff_201#join_rhs AS R ON FIRST 1 OUTPUT R.<1>, L.<1> 'innerBlock', R.<2>
                      1        ~0%     {3} r2 = JOIN r1 WITH ControlFlowGraphImpl::Trees::RescueEnsureBlockTree::getAnEnsureDescendant#ff_10#join_rhs AS R ON FIRST 1 OUTPUT R.<1> 'this', r1.<2>, r1.<1> 'innerBlock'
                      1        ~0%     {2} r3 = JOIN r2 WITH ControlFlowGraphImpl::getScope#ff AS R ON FIRST 2 OUTPUT r2.<0> 'this', r2.<2> 'innerBlock'
                                       return r3
```
 2020-12-17 16:46:03 +01:00
Arthur Baars
ff751b97d2 CFG: make all simple nodes instance of StandardLeftToRight{Pre,Post}Tree 2020-12-17 16:39:54 +01:00
Arthur Baars
a15a066414 Merge pull request #72 from github/aibaars/fix-cfg 
CFG improvements
 2020-12-17 16:39:19 +01:00
Arthur Baars
b676c95218 Address comments 2020-12-17 16:35:51 +01:00
Nick Rolfe
73798312b9 Add classes and tests for operations 2020-12-17 15:16:37 +00:00
Tamas Vajk
f3a0d1d138 Add test to list all custom modifiers extracted from IL 2020-12-17 15:43:41 +01:00
Tamas Vajk
7662b55ecc C#: Extract init only accessors and custom modifiers 2020-12-17 15:43:41 +01:00
luchua-bc
bfb138d415 Update qldoc 2020-12-17 14:42:14 +00:00
Tom Hvitved
7a132149a2 C#: Add change note 2020-12-17 15:39:01 +01:00
Tom Hvitved
fe559c190e C#: Recognize format methods without insertion parameters 2020-12-17 15:39:01 +01:00
Geoffrey White
fda531da49 C++: Add query precision. 2020-12-17 14:31:43 +00:00
luchua-bc
7b44ee50ea Revamp the functions to have a string parameter 2020-12-17 14:26:13 +00:00
Tamas Vajk
57c163f314 C#: Add test for CIL setter extraction 2020-12-17 15:23:33 +01:00
Tamás Vajk
45893ab084 Merge pull request #4775 from tamasvajk/feature/cil-attribute-decoding2 
C#: Improve CIL attribute decoding
 2020-12-17 15:20:44 +01:00
Tamás Vajk
65c58edbed Merge pull request #4617 from tamasvajk/feature/csharp9-implicit-obj-creation 
C#: Extract 'ImplicitObjectCreationExpressionSyntax'
 2020-12-17 15:20:13 +01:00
Tamas Vajk
f12befdcd0 Add extra test for collection initialization 2020-12-17 13:49:02 +01:00
Tom Hvitved
46fc17da58 CFG: Fix multiple abnormal successors 2020-12-17 11:15:17 +01:00
Tom Hvitved
1033b8610a CFG: Add more tests 2020-12-17 11:14:10 +01:00
Arthur Baars
91ae237434 Use latest CodeQL for CI 2020-12-17 11:04:57 +01:00
Arthur Baars
dd954ea943 CFG: correct flow for lambda bodies 
Lambda bodies are parsed as nested do-blocks or normal blocks.
This is actually incorrect, as the body of a lambda can't have
parameters. However, we can "inline" such blocks to get the
desired control flow.
 2020-12-17 10:04:01 +01:00
Arthur Baars
eafec4331b CFG: add nodes for block arguments 2020-12-17 10:04:01 +01:00
Arthur Baars
d016e3cae0 CFG: methods are evaluated before their arguments 2020-12-17 10:04:01 +01:00
Arthur Baars
81c907a87a CFG: fix BEGIN and END blocks 2020-12-17 10:04:01 +01:00
Arthur Baars
f2fd1c7931 CFG: make def nodes visible 2020-12-17 10:04:01 +01:00
Arthur Baars
f2effce786 CFG: improve handling of block and lambda 2020-12-17 10:04:01 +01:00
Arthur Baars
30895e634c CFG: refactor CfgScope 2020-12-17 10:04:01 +01:00
Arthur Baars
bc47338b52 CFG: add test-case for conditional method declarations 2020-12-17 10:04:01 +01:00
Arthur Baars
69de81bdd5 CFG: have alternative flow for the definition and call of methods etc. 2020-12-17 10:04:01 +01:00
Arthur Baars
fd14770542 CFG: drop getObject from flow of singleton method 2020-12-17 09:59:30 +01:00
Arthur Baars
8501e30b6a CFG: fix linking heredoc start to heredoc body 2020-12-17 09:59:30 +01:00
Arthur Baars
edbd997f15 Merge pull request #71 from github/kinds 
Create disjoint db types for different operators
 2020-12-17 09:58:52 +01:00
luchua-bc
b44f01a87b Enhance the check for embedded passwords 2020-12-17 03:47:38 +00:00
luchua-bc
bed8a68d28 Exclude broken algorithms from the list of secure algorithms 2020-12-17 00:41:23 +00:00
Aditya Sharad
a79f1e145b Merge pull request #4832 from github/docs/add-favicon 
[docs] Add GitHub favicon to CodeQL docs
 2020-12-16 13:29:32 -08:00
Chris Smowton
faa08c10e0 Merge branch 'rc/1.26' of https://github.com/github/codeql into smowton/admin/mergeback-126-2020-12-16 2020-12-16 21:08:20 +00:00
Nick Rolfe
282d20d766 Remove redundant field on ChildNode struct 2020-12-16 20:57:06 +00:00
Nick Rolfe
a873cb9f3d Update dbscheme stats 2020-12-16 20:53:41 +00:00
James Fletcher
7bfc2853cb Merge pull request #4839 from github/docs/css-fixes-126 
[CodeQL docs] Fix two CSS bugs (rc/1.26)
 2020-12-16 18:10:18 +00:00
Nick Rolfe
d1a9572b0e Merge remote-tracking branch 'origin/main' into kinds 2020-12-16 17:55:20 +00:00
Nick Rolfe
f5282edfc1 Simplifications based on PR feedback 2020-12-16 17:54:40 +00:00
James Fletcher
58f17d79c2 Merge pull request #4838 from github/docs/css-fixes 
[CodeQL docs] Fix two CSS bugs
 2020-12-16 16:44:59 +00:00
james
6c430ce0c7 align list items correctly 2020-12-16 16:41:27 +00:00