hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 21:34:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,554 Commits 1,697 Branches 161 Tags
codeql-cli/v2.9.2
Commit Graph

36554 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
39590a39cb Python: Rename helper predicate based on review 2020-11-18 09:26:53 +01:00
Erik Krogh Kristensen
55f2f86a26 limit the search of state-pairs to the ones that are reachable within the given length 2020-11-18 09:23:35 +01:00
Mathias Vorreiter Pedersen
f16591dffc C++: Respond to qhelp review comments. 2020-11-18 09:18:14 +01:00
Rasmus Wriedt Larsen
14136154d6 Python: Fix bad join order in TypeTracker::callStep 
From a local evaluation against flask DB, after
https://github.com/github/codeql/pull/4649 was merged we would get:

```
Tuple counts for TypeTracker::callStep#ff/2@a21b71:
9876     ~0%     {3} r1 = SCAN DataFlowPrivate::DataFlowCall::getArg_dispred#fff AS I OUTPUT I.<2>, I.<0>, I.<1>
9876     ~2%     {3} r2 = JOIN r1 WITH project#DataFlowPrivate::DataFlowCall::getArg_dispred#fff AS R ON FIRST 1 OUTPUT r1.<2>, R.<0>, r1.<1>
72388997 ~0%     {4} r3 = JOIN r2 WITH DataFlowPublic::ParameterNode::isParameterOf_dispred#fff_201#join_rhs AS R ON FIRST 1 OUTPUT r2.<2>, R.<2>, r2.<1>, R.<1>
4952     ~0%     {2} r4 = JOIN r3 WITH DataFlowPrivate::DataFlowCall::getCallable_dispred#ff AS R ON FIRST 2 OUTPUT r3.<2>, r3.<3>
                     return r4
```
 2020-11-18 09:17:31 +01:00
Dave Bartolomeo
ab715ec302 Merge pull request #4680 from criemen/printast-performance 
C++: Improve PrintAST performance.
 2020-11-17 23:13:26 -05:00
Robert Marsh
5aed82a210 C++: Autoformat more 2020-11-17 13:44:20 -08:00
luchua-bc
85434ca410 Format the source code and update qldoc 2020-11-17 21:20:53 +00:00
Robert Marsh
04641a3f2d Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2020-11-17 12:55:12 -08:00
Aditya Sharad
9a65962912 Merge pull request #4647 from github/codeql-docs-reorg-2 
Update CodeQL docs directory structure
 2020-11-17 11:07:54 -08:00
Cornelius Riemenschneider
a92f7a4563 C++: Include trailing whitespace in Type.getSpecifierString(). 2020-11-17 18:50:34 +01:00
Arthur Baars
f9c1bbd8f9 Merge pull request #41 from github/gitignore 
Update .gitignore
 2020-11-17 18:31:35 +01:00
Robert Marsh
c2e44fa180 C++: autoformat 2020-11-17 09:28:39 -08:00
Cornelius Riemenschneider
5c3de06b6d C++: Improve PrintAST performance. 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-11-17 17:47:16 +01:00
Nick Rolfe
9d1eec8fe8 Update .gitignore 2020-11-17 16:45:10 +00:00
Aditya Sharad
b9b6a35564 Merge pull request #4629 from pwntester/improve_bean_validation_query 
Java: add some improvements to the bean validation query
 2020-11-17 08:35:49 -08:00
Erik Krogh Kristensen
c4d7533701 Merge branch 'main' into moreReDoS 2020-11-17 17:34:49 +01:00
Erik Krogh Kristensen
97acf1fd87 fix FP related to inverted character classes choosing a char that was not matched by the char class 2020-11-17 17:34:43 +01:00
Mathias Vorreiter Pedersen
52bbb326ca QLDoc: Wrap lines and disambiguate explanation. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
d93d3c8699 C++: Use the getSourceType predicate on RemoteFlowSources for better alert messages. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
d1272d3a79 C++: Use strictcount instead of count. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
4cb25d8e18 C++: Add isParameterDerefOrQualifierObject helper predicate to FunctionInput and FunctionOutput. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
dea16d4d62 QLDoc/C++: Rename {IR}ExternalAPIsUsedWithUntrustedData to {IR}CountUntrustedDataToExternalAPI 2020-11-17 16:23:13 +01:00
Mathias Vorreiter Pedersen
eabc69b98e C++: Autoformat 2020-11-17 16:09:25 +01:00
Matthew Gretton-Dann
62767e7e0d Update expected results for `constinit' support 2020-11-17 14:01:00 +00:00
Anders Schack-Mulligen
f74fc0ff26 Dataflow: Fix bad join-orders. 2020-11-17 14:28:25 +01:00
Mathias Vorreiter Pedersen
5d2b85fcf5 Update cpp/ql/src/semmle/code/cpp/models/implementations/Getenv.qll 
Co-authored-by: hubwriter <hubwriter@github.com>
 2020-11-17 13:02:28 +01:00
Tom Hvitved
7f0ad2d232 Merge pull request #4646 from hvitved/csharp/cfg/post-order-exprs 
C#: Represent all expressions in post-order in the CFG
 2020-11-17 13:01:35 +01:00
Mathias Vorreiter Pedersen
c37093f4bc C++: Add copies of qhelp files for IR. 2020-11-17 12:28:31 +01:00
Mathias Vorreiter Pedersen
3b8580efaf C++: Add qhelp and example files (modeled after the Java examples). 2020-11-17 12:27:53 +01:00
Mathias Vorreiter Pedersen
c3c29b8dd0 C++: Add qldoc to new library files. 2020-11-17 12:27:53 +01:00
Mathias Vorreiter Pedersen
5c9b8f1cff C++: Update sync-identical-files. 2020-11-17 12:27:53 +01:00
Mathias Vorreiter Pedersen
5ad18eb748 C++: Add ExternalAPI query files (for AST and IR). 2020-11-17 12:27:40 +01:00
Nick Rolfe
12d4224e8e Merge pull request #40 from github/refactor 
Move all naming decisions to shared library
 2020-11-17 11:19:18 +00:00
Jonas Jensen
10de931b92 C++: Decrease largeVariable cut-off to 100k 
This 10x lower cut-off has on at least one snapshot made it possible to
compute AST data flow where it was infeasible before.

Also fix an integer overflow that happened in practice on at least one
snapshot and prevented the cut-off from being applied.
 2020-11-17 09:48:32 +01:00
Jonas Jensen
55a38803cb Merge pull request #4673 from MathiasVP/ir-post-dominance 
C++: IR post dominance
 2020-11-17 09:35:51 +01:00
Tamás Vajk
f2259de5f1 Merge pull request #4666 from tamasvajk/feature/roslyn-3.8.0 
C#: Upgrade Roslyn dependencies to 3.8.0
 2020-11-17 08:59:55 +01:00
Rasmus Lerchedahl Petersen
71830abda0 Python: remaining c# tests, except lambdas 
both via nonlocal and via dict
 2020-11-17 08:28:11 +01:00
Robert Marsh
db8766ca69 Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2020-11-16 17:46:20 -08:00
Mathias Vorreiter Pedersen
057bb14eee C++: Add ExternalAPI library files (for AST and IR). 2020-11-16 22:59:54 +01:00
Nick Rolfe
1a9663ff7d Replace single-branch match with if let 2020-11-16 18:43:54 +00:00
Nick Rolfe
68c97a2d13 Use .. to ignore fields 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2020-11-16 18:41:18 +00:00
Nick Rolfe
ad61f7a0a6 Use references instead of owned strings in generator 2020-11-16 17:54:16 +00:00
Nick Rolfe
bbe7c70d34 more refactoring of names 2020-11-16 17:54:16 +00:00
Nick Rolfe
83a0e5fea6 Refactor to move naming decisions to shared library 2020-11-16 17:54:14 +00:00
luchua-bc
0bd6255c41 Query for cleartext storage using Android SharedPreferences 2020-11-16 17:23:01 +00:00
Robert Marsh
a94826dc81 C++: common superclass for Remote/LocalFlowSource 2020-11-16 18:05:17 +01:00
Robert Marsh
31d3e94cec C++: Grammar/style fixes from code review 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-11-16 18:03:44 +01:00
Robert Marsh
74e05c111e C++: add local flow sources 2020-11-16 18:02:19 +01:00
Rasmus Lerchedahl Petersen
27b4c67b9f Python: Start of tests for captured variables 2020-11-16 17:25:39 +01:00
Tamas Vajk
8bef5f417e C#: Upgrade Roslyn dependencies to 3.8.0 2020-11-16 16:44:14 +01:00