Commit Graph

34755 Commits

Author SHA1 Message Date
Matthew Gretton-Dann
d06e3d79c6 C++: Add DB Upgrade script 2019-10-03 15:16:50 +01:00
Matthew Gretton-Dann
618d0a9603 C++: Update DB Stats 2019-10-03 15:16:50 +01:00
Matthew Gretton-Dann
a7f682a9be C++: Update *variables keysets. 2019-10-03 15:16:50 +01:00
Matthew Gretton-Dann
d62730a9f3 C++: Update synthetic_destructor_call keysets.
Reorder the [ destructor_call, expr ] tuple.
Add a [ expr, i ] tuple.
2019-10-03 15:16:50 +01:00
Matthew Gretton-Dann
06d1d6ed5d C++: Fix synthetic_destructor_call key uniqueness. 2019-10-03 15:16:50 +01:00
Jonas Jensen
dca39f0fad Merge pull request #2027 from zlaski-semmle/zlaski/memset-model
[zlaski/memset-model] QL model for `memset` and friends
2019-10-03 14:31:23 +02:00
Jonas Jensen
01a3a037bc C++: Make complex_numbers/expr.ql less brittle
This test used `getAQlClass`, which caused it to break when new classes
were added anywhere in the libraries. That's now avoided by switching to
`getCanonicalQLClass`. It turns out that `getCanonicalQLClass` didn't
support arithmetic expressions on complex numbers, so that support had
to be added.
2019-10-03 13:19:16 +02:00
AlexTereshenkov
3e6f8fb6be Add bind-socket-all-network-interfaces Python query (#2048)
Add bind-socket-all-network-interfaces Python query
2019-10-03 11:23:11 +01:00
Jonas Jensen
41d344a8b7 C++: Support if constexpr in QL CFG
This fixes the test `cpp/ql/test/library-tests/constexpr_if/cfg.ql`,
which broke when the QL CFG was enabled.

The new cases are just copy-pastes of the `IfStmt` cases (they don't
share a useful common superclass) with added checks for whether their
constant value equals 0.
2019-10-03 12:21:41 +02:00
Jonas Jensen
2eed38e2d4 C++: Accept slight CFG regression in static init
Hopefully it does not make a difference in practice whether
uninstantiated template functions are considered to have control flow
through initializers of their static variables.
2019-10-03 11:48:03 +02:00
semmle-qlci
a019c456e9 Merge pull request #1985 from shati-patel/ql-etudes
Approved by jf205
2019-10-03 09:16:22 +01:00
semmle-qlci
a8a7de963c Merge pull request #2070 from shati-patel/hb/updates
Approved by jf205
2019-10-03 09:14:58 +01:00
Jonas Jensen
8bed418022 C++: enable the QL-based CFG code 2019-10-03 10:04:24 +02:00
Robert Marsh
4018ed67a6 C++: respond to PR comments 2019-10-02 11:38:20 -07:00
Robert Marsh
68c38ba34a C++: Add change note 2019-10-02 11:38:20 -07:00
Robert Marsh
03f72d207c C++: use Declaration.hasGlobalOrStdName 2019-10-02 11:37:37 -07:00
Robert Marsh
bff68a00ac C++: Add Declaration.hasStdName 2019-10-02 11:37:37 -07:00
Robert Marsh
98b97b09be C++: add hasGlobalOrStdName to Declaration 2019-10-02 11:37:37 -07:00
Robert Marsh
53f522c7f6 C++: respond to PR comments and autoformat 2019-10-02 10:11:58 -07:00
yh-semmle
3313af5189 Merge pull request #2036 from aschackmull/java/eq-ssa-guard
Java: Improve guards for equal ssa variables.
2019-10-02 12:00:59 -04:00
Taus Brock-Nannestad
384013e0dc Python: Add tests for reachability when using nonlocal. 2019-10-02 17:13:00 +02:00
Tom Hvitved
e5380aa6a7 Merge pull request #2038 from aschackmull/java/dataflow-fixes
Java/C++/C#: Misc. dataflow fixes.
2019-10-02 16:39:01 +02:00
Calum Grant
eb893fbc5d Merge pull request #2024 from hvitved/csharp/conversion-unbound
C#: Handle unbound types in conversion library
2019-10-02 15:36:38 +01:00
Tom Hvitved
b66479c028 C#: Add change note 2019-10-02 16:31:26 +02:00
Tom Hvitved
17085dc05c C#: Fix typo 2019-10-02 16:26:38 +02:00
Tom Hvitved
6ebefbb67d C#: Improve a few join-orders in Splitting.qll 2019-10-02 16:23:08 +02:00
Erik Krogh Kristensen
2b5e3aebb7 change tabs to spaces 2019-10-02 15:03:38 +02:00
Erik Krogh Kristensen
0c46e5c1a8 update description of js/suspicious-method-name-declaration 2019-10-02 15:01:25 +02:00
Erik Krogh Kristensen
c0b7538cf0 made the blacklist for methods named "function" work again 2019-10-02 14:56:41 +02:00
Erik Krogh Kristensen
e5290f3bb0 remove some parentheses 2019-10-02 14:51:47 +02:00
Erik Krogh Kristensen
22aac8e723 ensure that the existence of non-synthetic constructor is checked correctly 2019-10-02 14:49:33 +02:00
Anders Schack-Mulligen
f87cb4d6ac Java/C++/C#: Address review comments and fix test. 2019-10-02 14:32:17 +02:00
Shati Patel
9c54eef45a QL HB: Update aggregation section 2019-10-02 12:48:16 +01:00
Shati Patel
3dd2a6c325 QL etudes: Add further explanation + link 2019-10-02 12:21:23 +01:00
Anders Schack-Mulligen
0154e31e64 Java: Add change note. 2019-10-02 11:47:53 +02:00
Calum Grant
28c34ad41e C#: Address review comments. 2019-10-02 10:42:06 +01:00
semmle-qlci
47024dc6ec Merge pull request #2069 from felicitymay/1.22/SD-3940-golang
Approved by jf205
2019-10-02 10:40:38 +01:00
Felicity Chapman
56ed2f618d Add alias for easier user-searching 2019-10-02 09:05:31 +01:00
Robert Marsh
bace8c723d C++: side effect instrs for constructor qualifiers
This adds IndirectMustWriteSideEffects for constructor qualifiers. The
introduced sanity failures result from constructor calls without qualifier
operands in the IR
2019-10-01 14:53:37 -07:00
Calum Grant
39f550b6d2 Merge pull request #2054 from hvitved/csharp/autobuilder/log-cleanup
C#: Cleanup more files after failed autobuilder attempt
2019-10-01 15:55:58 +01:00
Calum Grant
b4da63b3f2 Merge pull request #2061 from hvitved/csharp/local-function-label
C#: Prepend enclosing method in local function TRAP labels
2019-10-01 15:19:04 +01:00
Erik Krogh Kristensen
a66e33ea5e add references to TypeScript spec for "new" and "constructor" keywords 2019-10-01 15:56:45 +02:00
Jonas Jensen
3c7d79481f C++: Autoformat FlowVar.qll 2019-10-01 15:54:41 +02:00
Erik Krogh Kristensen
584b9d4e30 update expected test output 2019-10-01 15:53:37 +02:00
Erik Krogh Kristensen
2ad85d16bd refactor a list of negated conjunctions to a disjunction 2019-10-01 15:53:22 +02:00
Erik Krogh Kristensen
6c176fc967 introduce name as a variable, and adjust alert messages 2019-10-01 15:28:57 +02:00
Erik Krogh Kristensen
26a0bfac39 refactor js/suspicious-method-name-declaration to use isSynthetic predicate 2019-10-01 15:06:45 +02:00
Erik Krogh Kristensen
1e2aad5a29 fix pointer in .qlref, and update expected test results 2019-10-01 14:56:00 +02:00
Erik Krogh Kristensen
aa1368741b rename suspicious-method-name to suspicious-method-name-declaration 2019-10-01 14:37:07 +02:00
Jonas Jensen
0990ceb09a C++: Remove bbNotInLoop and its caller in FlowVar
This change is needed when enabling the QL CFG on certain snapshots such
as notaz/picodrive. It removes the `bbNotInLoop` predicate, which was
always a liability because it's inherently quadratic. The real slowdown
came in `skipLoop`, where all true-upon-entry loops were crossed with
all definitions of variables that should take their definition from the
loop body.
2019-10-01 14:33:28 +02:00