mirror of
https://github.com/github/codeql.git
synced 2026-07-05 11:35:30 +02:00
Compare commits
1 Commits
codeql-cli
...
aml-auto-e
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
709cbb4316 |
@@ -1 +1 @@
|
|||||||
6.1.2
|
5.0.0
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"extensions": [
|
"extensions": [
|
||||||
"rust-lang.rust-analyzer",
|
"rust-lang.rust",
|
||||||
"bungcip.better-toml",
|
"bungcip.better-toml",
|
||||||
"github.vscode-codeql",
|
"github.vscode-codeql",
|
||||||
"hbenl.vscode-test-explorer",
|
"hbenl.vscode-test-explorer",
|
||||||
|
|||||||
@@ -1,21 +0,0 @@
|
|||||||
# .git-blame-ignore-revs
|
|
||||||
# Auto-formatted Java
|
|
||||||
730eae952139209fe9fdf598541d608f4c0c0c84
|
|
||||||
# Auto-formatted C#
|
|
||||||
5ad7ed49dd3de03ec6dcfcb6848758a6a987e11c
|
|
||||||
# Auto-formatted C/C++
|
|
||||||
ef97e539ec1971494d4bba5cafe82e00bc8217ac
|
|
||||||
# Auto-formatted Python
|
|
||||||
21d5fa836b3a7d020ba45e8b8168b145a9772131
|
|
||||||
# Auto-formatted JavaScript
|
|
||||||
8d97fe9ed327a9546ff2eaf515cf0f5214deddd9
|
|
||||||
# Auto-formatted Ruby
|
|
||||||
a5d229903d2f12d45f2c2c38822f1d0e7504ae7f
|
|
||||||
# Auto-formatted Go
|
|
||||||
08c658e66bf867090033ea096e244a93d46c0aa7
|
|
||||||
# Auto-formatted Swift
|
|
||||||
711d7057f79fb7d72fc3b35e010bd018f9009169
|
|
||||||
# Auto-formatted shared ql packs
|
|
||||||
3640b6d3a8ce9edf8e1d3ed106fe8526cf255bc0
|
|
||||||
# Auto-formatted taint tracking files
|
|
||||||
159d8e978c51959b380838c080d891b66e763b19
|
|
||||||
24
.github/ISSUE_TEMPLATE/lgtm-com---false-positive.md
vendored
Normal file
24
.github/ISSUE_TEMPLATE/lgtm-com---false-positive.md
vendored
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
---
|
||||||
|
name: LGTM.com - false positive
|
||||||
|
about: Tell us about an alert that shouldn't be reported
|
||||||
|
title: LGTM.com - false positive
|
||||||
|
labels: false-positive
|
||||||
|
assignees: ''
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
**Description of the false positive**
|
||||||
|
|
||||||
|
<!-- Please explain briefly why you think it shouldn't be included. -->
|
||||||
|
|
||||||
|
**URL to the alert on the project page on LGTM.com**
|
||||||
|
|
||||||
|
<!--
|
||||||
|
1. Open the project on LGTM.com.
|
||||||
|
For example, https://lgtm.com/projects/g/pallets/click/.
|
||||||
|
2. Switch to the `Alerts` tab. For example, https://lgtm.com/projects/g/pallets/click/alerts/.
|
||||||
|
3. Scroll to the alert that you would like to report.
|
||||||
|
4. Click on the right most icon `View this alert within the complete file`.
|
||||||
|
5. A new browser tab opens. Copy and paste the page URL here.
|
||||||
|
For example, https://lgtm.com/projects/g/pallets/click/snapshot/719fb7d8322b0767cdd1e5903ba3eb3233ba8dd5/files/click/_winconsole.py#xa08d213ab3289f87:1.
|
||||||
|
-->
|
||||||
2
.github/ISSUE_TEMPLATE/ql---general.md
vendored
2
.github/ISSUE_TEMPLATE/ql---general.md
vendored
@@ -10,5 +10,5 @@ assignees: ''
|
|||||||
**Description of the issue**
|
**Description of the issue**
|
||||||
|
|
||||||
<!-- Please explain briefly what is the problem.
|
<!-- Please explain briefly what is the problem.
|
||||||
If it is about a GitHub project, please include its URL. -->
|
If it is about an LGTM project, please include its URL.-->
|
||||||
|
|
||||||
|
|||||||
36
.github/ISSUE_TEMPLATE/ql--false-positive.md
vendored
36
.github/ISSUE_TEMPLATE/ql--false-positive.md
vendored
@@ -1,36 +0,0 @@
|
|||||||
---
|
|
||||||
name: CodeQL false positive
|
|
||||||
about: Report CodeQL alerts that you think should not have been detected (not applicable, not exploitable, etc.)
|
|
||||||
title: False positive
|
|
||||||
labels: false-positive
|
|
||||||
assignees: ''
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
**Description of the false positive**
|
|
||||||
|
|
||||||
<!-- Please explain briefly why you think it shouldn't be included. -->
|
|
||||||
|
|
||||||
**Code samples or links to source code**
|
|
||||||
|
|
||||||
<!--
|
|
||||||
For open source code: file links with line numbers on GitHub, for example:
|
|
||||||
https://github.com/github/codeql/blob/dc440aaee6695deb0d9676b87e06ea984e1b4ae5/javascript/ql/test/query-tests/Security/CWE-078/CommandInjection/exec-sh2.js#L10
|
|
||||||
|
|
||||||
For closed source code: (redacted) code samples that illustrate the problem, for example:
|
|
||||||
|
|
||||||
```
|
|
||||||
function execSh(command, options) {
|
|
||||||
return cp.spawn(getShell(), ["-c", command], options) // <- command line injection
|
|
||||||
};
|
|
||||||
```
|
|
||||||
-->
|
|
||||||
|
|
||||||
**URL to the alert on GitHub code scanning (optional)**
|
|
||||||
|
|
||||||
<!--
|
|
||||||
1. Open the project on GitHub.com.
|
|
||||||
2. Switch to the `Security` tab.
|
|
||||||
3. Browse to the alert that you would like to report.
|
|
||||||
4. Copy and paste the page URL here.
|
|
||||||
-->
|
|
||||||
149
.github/actions/cache-query-compilation/action.yml
vendored
149
.github/actions/cache-query-compilation/action.yml
vendored
@@ -1,149 +0,0 @@
|
|||||||
name: Cache query compilation
|
|
||||||
description: Caches CodeQL compilation caches - should be run both on PRs and pushes to main.
|
|
||||||
|
|
||||||
inputs:
|
|
||||||
key:
|
|
||||||
description: 'The cache key to use - should be unique to the workflow'
|
|
||||||
required: true
|
|
||||||
|
|
||||||
outputs:
|
|
||||||
cache-dir:
|
|
||||||
description: "The directory where the cache was stored"
|
|
||||||
value: ${{ steps.output-compilation-dir.outputs.compdir }}
|
|
||||||
|
|
||||||
runs:
|
|
||||||
using: composite
|
|
||||||
steps:
|
|
||||||
# calculate the merge-base with main, in a way that works both on PRs and pushes to main.
|
|
||||||
- name: Calculate merge-base
|
|
||||||
shell: bash
|
|
||||||
if: ${{ github.event_name == 'pull_request' }}
|
|
||||||
env:
|
|
||||||
BASE_BRANCH: ${{ github.base_ref }}
|
|
||||||
run: |
|
|
||||||
MERGE_BASE=$(git cat-file commit $GITHUB_SHA | grep '^parent ' | head -1 | cut -f 2 -d " ")
|
|
||||||
echo "merge_base=$MERGE_BASE" >> $GITHUB_ENV
|
|
||||||
- name: Restore cache (PR)
|
|
||||||
if: ${{ github.event_name == 'pull_request' }}
|
|
||||||
uses: actions/cache/restore@v3
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
**/.cache
|
|
||||||
~/.codeql/compile-cache
|
|
||||||
key: codeql-compile-${{ inputs.key }}-pr-${{ github.sha }}
|
|
||||||
restore-keys: |
|
|
||||||
codeql-compile-${{ inputs.key }}-${{ github.base_ref }}-${{ env.merge_base }}
|
|
||||||
codeql-compile-${{ inputs.key }}-${{ github.base_ref }}-
|
|
||||||
codeql-compile-${{ inputs.key }}-main-
|
|
||||||
- name: Fill cache (only branch push)
|
|
||||||
if: ${{ github.event_name != 'pull_request' }}
|
|
||||||
uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
**/.cache
|
|
||||||
~/.codeql/compile-cache
|
|
||||||
key: codeql-compile-${{ inputs.key }}-${{ github.ref_name }}-${{ github.sha }} # just fill on main
|
|
||||||
restore-keys: | # restore the latest cache if the exact cache is unavailable, to speed up compilation.
|
|
||||||
codeql-compile-${{ inputs.key }}-${{ github.ref_name }}-
|
|
||||||
codeql-compile-${{ inputs.key }}-main-
|
|
||||||
- name: Output-compilationdir
|
|
||||||
id: output-compilation-dir
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
echo "compdir=${COMBINED_CACHE_DIR}" >> $GITHUB_OUTPUT
|
|
||||||
env:
|
|
||||||
COMBINED_CACHE_DIR: ${{ runner.temp }}/compilation-dir
|
|
||||||
- name: Fill compilation cache directory
|
|
||||||
id: fill-compilation-dir
|
|
||||||
uses: actions/github-script@v6
|
|
||||||
env:
|
|
||||||
COMBINED_CACHE_DIR: ${{ runner.temp }}/compilation-dir
|
|
||||||
with:
|
|
||||||
script: |
|
|
||||||
// # Move all the existing cache into another folder, so we only preserve the cache for the current queries.
|
|
||||||
// mkdir -p ${COMBINED_CACHE_DIR}
|
|
||||||
// rm -f **/.cache/{lock,size} # -f to avoid errors if the cache is empty.
|
|
||||||
// # copy the contents of the .cache folders into the combined cache folder.
|
|
||||||
// cp -r **/.cache/* ${COMBINED_CACHE_DIR}/ || : # ignore missing files
|
|
||||||
// # clean up the .cache folders
|
|
||||||
// rm -rf **/.cache/*
|
|
||||||
|
|
||||||
const fs = require("fs");
|
|
||||||
const path = require("path");
|
|
||||||
const os = require("os");
|
|
||||||
|
|
||||||
// the first argv is the cache folder to create.
|
|
||||||
const COMBINED_CACHE_DIR = process.env.COMBINED_CACHE_DIR;
|
|
||||||
|
|
||||||
function* walkCaches(dir) {
|
|
||||||
const files = fs.readdirSync(dir, { withFileTypes: true });
|
|
||||||
for (const file of files) {
|
|
||||||
if (file.isDirectory()) {
|
|
||||||
const filePath = path.join(dir, file.name);
|
|
||||||
yield* walkCaches(filePath);
|
|
||||||
if (file.name === ".cache") {
|
|
||||||
yield filePath;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async function copyDir(src, dest) {
|
|
||||||
for await (const file of await fs.promises.readdir(src, { withFileTypes: true })) {
|
|
||||||
const srcPath = path.join(src, file.name);
|
|
||||||
const destPath = path.join(dest, file.name);
|
|
||||||
if (file.isDirectory()) {
|
|
||||||
if (!fs.existsSync(destPath)) {
|
|
||||||
fs.mkdirSync(destPath);
|
|
||||||
}
|
|
||||||
await copyDir(srcPath, destPath);
|
|
||||||
} else {
|
|
||||||
await fs.promises.copyFile(srcPath, destPath);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async function main() {
|
|
||||||
const cacheDirs = [...walkCaches(".")];
|
|
||||||
|
|
||||||
for (const dir of cacheDirs) {
|
|
||||||
console.log(`Found .cache dir at ${dir}`);
|
|
||||||
}
|
|
||||||
|
|
||||||
const globalCacheDir = path.join(os.homedir(), ".codeql", "compile-cache");
|
|
||||||
if (fs.existsSync(globalCacheDir)) {
|
|
||||||
console.log("Found global home dir: " + globalCacheDir);
|
|
||||||
cacheDirs.push(globalCacheDir);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (cacheDirs.length === 0) {
|
|
||||||
console.log("No cache dirs found");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// mkdir -p ${COMBINED_CACHE_DIR}
|
|
||||||
fs.mkdirSync(COMBINED_CACHE_DIR, { recursive: true });
|
|
||||||
|
|
||||||
// rm -f **/.cache/{lock,size} # -f to avoid errors if the cache is empty.
|
|
||||||
await Promise.all(
|
|
||||||
cacheDirs.map((cacheDir) =>
|
|
||||||
(async function () {
|
|
||||||
await fs.promises.rm(path.join(cacheDir, "lock"), { force: true });
|
|
||||||
await fs.promises.rm(path.join(cacheDir, "size"), { force: true });
|
|
||||||
})()
|
|
||||||
)
|
|
||||||
);
|
|
||||||
|
|
||||||
// # copy the contents of the .cache folders into the combined cache folder.
|
|
||||||
// cp -r **/.cache/* ${COMBINED_CACHE_DIR}/ || : # ignore missing files
|
|
||||||
await Promise.all(
|
|
||||||
cacheDirs.map((cacheDir) => copyDir(cacheDir, COMBINED_CACHE_DIR))
|
|
||||||
);
|
|
||||||
|
|
||||||
// # clean up the .cache folders
|
|
||||||
// rm -rf **/.cache/*
|
|
||||||
await Promise.all(
|
|
||||||
cacheDirs.map((cacheDir) => fs.promises.rm(cacheDir, { recursive: true }))
|
|
||||||
);
|
|
||||||
}
|
|
||||||
main();
|
|
||||||
16
.github/actions/fetch-codeql/action.yml
vendored
16
.github/actions/fetch-codeql/action.yml
vendored
@@ -1,24 +1,14 @@
|
|||||||
name: Fetch CodeQL
|
name: Fetch CodeQL
|
||||||
description: Fetches the latest version of CodeQL
|
description: Fetches the latest version of CodeQL
|
||||||
|
|
||||||
inputs:
|
|
||||||
channel:
|
|
||||||
description: 'The CodeQL channel to use'
|
|
||||||
required: false
|
|
||||||
default: 'nightly'
|
|
||||||
|
|
||||||
runs:
|
runs:
|
||||||
using: composite
|
using: composite
|
||||||
steps:
|
steps:
|
||||||
- name: Fetch CodeQL
|
- name: Fetch CodeQL
|
||||||
shell: bash
|
shell: bash
|
||||||
env:
|
|
||||||
GITHUB_TOKEN: ${{ github.token }}
|
|
||||||
CHANNEL: ${{ inputs.channel }}
|
|
||||||
run: |
|
run: |
|
||||||
gh extension install github/gh-codeql
|
gh extension install github/gh-codeql
|
||||||
gh codeql set-channel "$CHANNEL"
|
gh codeql set-channel nightly
|
||||||
gh codeql version
|
gh codeql version
|
||||||
printf "CODEQL_FETCHED_CODEQL_PATH=" >> "${GITHUB_ENV}"
|
|
||||||
gh codeql version --format=json | jq -r .unpackedLocation >> "${GITHUB_ENV}"
|
|
||||||
gh codeql version --format=json | jq -r .unpackedLocation >> "${GITHUB_PATH}"
|
gh codeql version --format=json | jq -r .unpackedLocation >> "${GITHUB_PATH}"
|
||||||
|
env:
|
||||||
|
GITHUB_TOKEN: ${{ github.token }}
|
||||||
|
|||||||
32
.github/actions/os-version/action.yml
vendored
32
.github/actions/os-version/action.yml
vendored
@@ -1,32 +0,0 @@
|
|||||||
name: OS Version
|
|
||||||
description: Get OS version.
|
|
||||||
|
|
||||||
outputs:
|
|
||||||
version:
|
|
||||||
description: "OS version"
|
|
||||||
value: ${{ steps.version.outputs.version }}
|
|
||||||
|
|
||||||
runs:
|
|
||||||
using: composite
|
|
||||||
steps:
|
|
||||||
- if: runner.os == 'Linux'
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
. /etc/os-release
|
|
||||||
echo "VERSION=${NAME} ${VERSION}" >> $GITHUB_ENV
|
|
||||||
- if: runner.os == 'Windows'
|
|
||||||
shell: powershell
|
|
||||||
run: |
|
|
||||||
$objects = systeminfo.exe /FO CSV | ConvertFrom-Csv
|
|
||||||
"VERSION=$($objects.'OS Name') $($objects.'OS Version')" >> $env:GITHUB_ENV
|
|
||||||
- if: runner.os == 'macOS'
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
echo "VERSION=$(sw_vers -productName) $(sw_vers -productVersion)" >> $GITHUB_ENV
|
|
||||||
- name: Emit OS version
|
|
||||||
id: version
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
echo "$VERSION"
|
|
||||||
echo "version=${VERSION}" >> $GITHUB_OUTPUT
|
|
||||||
|
|
||||||
13
.github/dependabot.yml
vendored
13
.github/dependabot.yml
vendored
@@ -1,12 +1,19 @@
|
|||||||
version: 2
|
version: 2
|
||||||
updates:
|
updates:
|
||||||
- package-ecosystem: "cargo"
|
- package-ecosystem: "cargo"
|
||||||
directory: "ruby"
|
directory: "ruby/node-types"
|
||||||
schedule:
|
schedule:
|
||||||
interval: "daily"
|
interval: "daily"
|
||||||
|
|
||||||
- package-ecosystem: "cargo"
|
- package-ecosystem: "cargo"
|
||||||
directory: "ql"
|
directory: "ruby/generator"
|
||||||
|
schedule:
|
||||||
|
interval: "daily"
|
||||||
|
- package-ecosystem: "cargo"
|
||||||
|
directory: "ruby/extractor"
|
||||||
|
schedule:
|
||||||
|
interval: "daily"
|
||||||
|
- package-ecosystem: "cargo"
|
||||||
|
directory: "ruby/autobuilder"
|
||||||
schedule:
|
schedule:
|
||||||
interval: "daily"
|
interval: "daily"
|
||||||
|
|
||||||
|
|||||||
11
.github/labeler.yml
vendored
11
.github/labeler.yml
vendored
@@ -43,14 +43,3 @@ documentation:
|
|||||||
"QL-for-QL":
|
"QL-for-QL":
|
||||||
- ql/**/*
|
- ql/**/*
|
||||||
- .github/workflows/ql-for-ql*
|
- .github/workflows/ql-for-ql*
|
||||||
|
|
||||||
# Since these are all shared files that need to be synced, just pick _one_ copy of each.
|
|
||||||
"DataFlow Library":
|
|
||||||
- "java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll"
|
|
||||||
- "java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll"
|
|
||||||
- "java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTrackingImpl.qll"
|
|
||||||
- "java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll"
|
|
||||||
- "java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll"
|
|
||||||
|
|
||||||
"ATM":
|
|
||||||
- javascript/ql/experimental/adaptivethreatmodeling/**/*
|
|
||||||
|
|||||||
7
.github/workflows/check-change-note.yml
vendored
7
.github/workflows/check-change-note.yml
vendored
@@ -8,7 +8,6 @@ on:
|
|||||||
- "*/ql/src/**/*.qll"
|
- "*/ql/src/**/*.qll"
|
||||||
- "*/ql/lib/**/*.ql"
|
- "*/ql/lib/**/*.ql"
|
||||||
- "*/ql/lib/**/*.qll"
|
- "*/ql/lib/**/*.qll"
|
||||||
- "*/ql/lib/**/*.yml"
|
|
||||||
- "!**/experimental/**"
|
- "!**/experimental/**"
|
||||||
- "!ql/**"
|
- "!ql/**"
|
||||||
- "!swift/**"
|
- "!swift/**"
|
||||||
@@ -27,9 +26,3 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
gh api 'repos/${{github.repository}}/pulls/${{github.event.number}}/files' --paginate --jq 'any(.[].filename ; test("/change-notes/.*[.]md$"))' |
|
gh api 'repos/${{github.repository}}/pulls/${{github.event.number}}/files' --paginate --jq 'any(.[].filename ; test("/change-notes/.*[.]md$"))' |
|
||||||
grep true -c
|
grep true -c
|
||||||
- name: Fail if the change note filename doesn't match the expected format. The file name must be of the form 'YYYY-MM-DD.md', 'YYYY-MM-DD-{title}.md', where '{title}' is arbitrary text, or released/x.y.z.md for released change-notes
|
|
||||||
env:
|
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
||||||
run: |
|
|
||||||
gh api 'repos/${{github.repository}}/pulls/${{github.event.number}}/files' --paginate --jq '[.[].filename | select(test("/change-notes/.*[.]md$"))] | all(test("/change-notes/[0-9]{4}-[0-9]{2}-[0-9]{2}.*[.]md$") or test("/change-notes/released/[0-9]*[.][0-9]*[.][0-9]*[.]md$"))' |
|
|
||||||
grep true -c
|
|
||||||
|
|||||||
3
.github/workflows/check-qldoc.yml
vendored
3
.github/workflows/check-qldoc.yml
vendored
@@ -26,8 +26,9 @@ jobs:
|
|||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
EXIT_CODE=0
|
EXIT_CODE=0
|
||||||
|
# TODO: remove the swift exception from the regex when we fix generated QLdoc
|
||||||
# TODO: remove the shared exception from the regex when coverage of qlpacks without dbschemes is supported
|
# TODO: remove the shared exception from the regex when coverage of qlpacks without dbschemes is supported
|
||||||
changed_lib_packs="$(git diff --name-only --diff-filter=ACMRT HEAD^ HEAD | { grep -Po '^(?!(shared))[a-z]*/ql/lib' || true; } | sort -u)"
|
changed_lib_packs="$(git diff --name-only --diff-filter=ACMRT HEAD^ HEAD | { grep -Po '^(?!(swift|shared))[a-z]*/ql/lib' || true; } | sort -u)"
|
||||||
for pack_dir in ${changed_lib_packs}; do
|
for pack_dir in ${changed_lib_packs}; do
|
||||||
lang="${pack_dir%/ql/lib}"
|
lang="${pack_dir%/ql/lib}"
|
||||||
codeql generate library-doc-coverage --output="${RUNNER_TEMP}/${lang}-current.txt" --dir="${pack_dir}"
|
codeql generate library-doc-coverage --output="${RUNNER_TEMP}/${lang}-current.txt" --dir="${pack_dir}"
|
||||||
|
|||||||
21
.github/workflows/check-query-ids.yml
vendored
21
.github/workflows/check-query-ids.yml
vendored
@@ -1,21 +0,0 @@
|
|||||||
name: Check query IDs
|
|
||||||
|
|
||||||
on:
|
|
||||||
pull_request:
|
|
||||||
paths:
|
|
||||||
- "**/src/**/*.ql"
|
|
||||||
- misc/scripts/check-query-ids.py
|
|
||||||
- .github/workflows/check-query-ids.yml
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
- "rc/*"
|
|
||||||
workflow_dispatch:
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
check:
|
|
||||||
name: Check query IDs
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Check for duplicate query IDs
|
|
||||||
run: python3 misc/scripts/check-query-ids.py
|
|
||||||
2
.github/workflows/close-stale.yml
vendored
2
.github/workflows/close-stale.yml
vendored
@@ -12,7 +12,7 @@ jobs:
|
|||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/stale@v8
|
- uses: actions/stale@v6
|
||||||
with:
|
with:
|
||||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||||
stale-issue-message: 'This issue is stale because it has been open 14 days with no activity. Comment or remove the `Stale` label in order to avoid having this issue closed in 7 days.'
|
stale-issue-message: 'This issue is stale because it has been open 14 days with no activity. Comment or remove the `Stale` label in order to avoid having this issue closed in 7 days.'
|
||||||
|
|||||||
4
.github/workflows/codeql-analysis.yml
vendored
4
.github/workflows/codeql-analysis.yml
vendored
@@ -28,9 +28,9 @@ jobs:
|
|||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Setup dotnet
|
- name: Setup dotnet
|
||||||
uses: actions/setup-dotnet@v3
|
uses: actions/setup-dotnet@v2
|
||||||
with:
|
with:
|
||||||
dotnet-version: 7.0.102
|
dotnet-version: 6.0.202
|
||||||
|
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
|
|||||||
37
.github/workflows/compile-queries.yml
vendored
37
.github/workflows/compile-queries.yml
vendored
@@ -1,37 +0,0 @@
|
|||||||
name: "Compile all queries using the latest stable CodeQL CLI"
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches: # makes sure the cache gets populated - running on the branches people tend to merge into.
|
|
||||||
- main
|
|
||||||
- "rc/*"
|
|
||||||
- "codeql-cli-*"
|
|
||||||
pull_request:
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
compile-queries:
|
|
||||||
runs-on: ubuntu-latest-xl
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Setup CodeQL
|
|
||||||
uses: ./.github/actions/fetch-codeql
|
|
||||||
with:
|
|
||||||
channel: 'release'
|
|
||||||
- name: Cache compilation cache
|
|
||||||
id: query-cache
|
|
||||||
uses: ./.github/actions/cache-query-compilation
|
|
||||||
with:
|
|
||||||
key: all-queries
|
|
||||||
- name: check formatting
|
|
||||||
run: find */ql -type f \( -name "*.qll" -o -name "*.ql" \) -print0 | xargs -0 -n 3000 -P 10 codeql query format -q --check-only
|
|
||||||
- name: compile queries - check-only
|
|
||||||
# run with --check-only if running in a PR (github.sha != main)
|
|
||||||
if : ${{ github.event_name == 'pull_request' }}
|
|
||||||
shell: bash
|
|
||||||
run: codeql query compile -q -j0 */ql/{src,examples} --keep-going --warnings=error --check-only --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
|
|
||||||
- name: compile queries - full
|
|
||||||
# do full compile if running on main - this populates the cache
|
|
||||||
if : ${{ github.event_name != 'pull_request' }}
|
|
||||||
shell: bash
|
|
||||||
run: codeql query compile -q -j0 */ql/{src,examples} --keep-going --warnings=error --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
|
|
||||||
86
.github/workflows/csharp-qltest.yml
vendored
86
.github/workflows/csharp-qltest.yml
vendored
@@ -1,86 +0,0 @@
|
|||||||
name: "C#: Run QL Tests"
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
paths:
|
|
||||||
- "csharp/**"
|
|
||||||
- "shared/**"
|
|
||||||
- .github/actions/fetch-codeql/action.yml
|
|
||||||
- codeql-workspace.yml
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
- "rc/*"
|
|
||||||
pull_request:
|
|
||||||
paths:
|
|
||||||
- "csharp/**"
|
|
||||||
- "shared/**"
|
|
||||||
- .github/workflows/csharp-qltest.yml
|
|
||||||
- .github/actions/fetch-codeql/action.yml
|
|
||||||
- codeql-workspace.yml
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
- "rc/*"
|
|
||||||
|
|
||||||
defaults:
|
|
||||||
run:
|
|
||||||
working-directory: csharp
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
qlupgrade:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ./.github/actions/fetch-codeql
|
|
||||||
- name: Check DB upgrade scripts
|
|
||||||
run: |
|
|
||||||
echo >empty.trap
|
|
||||||
codeql dataset import -S ql/lib/upgrades/initial/semmlecode.csharp.dbscheme testdb empty.trap
|
|
||||||
codeql dataset upgrade testdb --additional-packs ql/lib
|
|
||||||
diff -q testdb/semmlecode.csharp.dbscheme ql/lib/semmlecode.csharp.dbscheme
|
|
||||||
- name: Check DB downgrade scripts
|
|
||||||
run: |
|
|
||||||
echo >empty.trap
|
|
||||||
rm -rf testdb; codeql dataset import -S ql/lib/semmlecode.csharp.dbscheme testdb empty.trap
|
|
||||||
codeql resolve upgrades --format=lines --allow-downgrades --additional-packs downgrades \
|
|
||||||
--dbscheme=ql/lib/semmlecode.csharp.dbscheme --target-dbscheme=downgrades/initial/semmlecode.csharp.dbscheme |
|
|
||||||
xargs codeql execute upgrades testdb
|
|
||||||
diff -q testdb/semmlecode.csharp.dbscheme downgrades/initial/semmlecode.csharp.dbscheme
|
|
||||||
qltest:
|
|
||||||
runs-on: ubuntu-latest-xl
|
|
||||||
strategy:
|
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
|
||||||
slice: ["1/2", "2/2"]
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ./.github/actions/fetch-codeql
|
|
||||||
- uses: ./csharp/actions/create-extractor-pack
|
|
||||||
- name: Cache compilation cache
|
|
||||||
id: query-cache
|
|
||||||
uses: ./.github/actions/cache-query-compilation
|
|
||||||
with:
|
|
||||||
key: csharp-qltest-${{ matrix.slice }}
|
|
||||||
- name: Run QL tests
|
|
||||||
run: |
|
|
||||||
CODEQL_PATH=$(gh codeql version --format=json | jq -r .unpackedLocation)
|
|
||||||
# The legacy ASP extractor is not in this repo, so take the one from the nightly build
|
|
||||||
mv "$CODEQL_PATH/csharp/tools/extractor-asp.jar" "${{ github.workspace }}/csharp/extractor-pack/tools"
|
|
||||||
# Safe guard against using the bundled extractor
|
|
||||||
rm -rf "$CODEQL_PATH/csharp"
|
|
||||||
codeql test run --threads=0 --ram 50000 --slice ${{ matrix.slice }} --search-path "${{ github.workspace }}/csharp/extractor-pack" --check-databases --check-undefined-labels --check-repeated-labels --check-redefined-labels --consistency-queries ql/consistency-queries ql/test --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
|
|
||||||
env:
|
|
||||||
GITHUB_TOKEN: ${{ github.token }}
|
|
||||||
unit-tests:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Setup dotnet
|
|
||||||
uses: actions/setup-dotnet@v3
|
|
||||||
with:
|
|
||||||
dotnet-version: 7.0.102
|
|
||||||
- name: Extractor unit tests
|
|
||||||
run: |
|
|
||||||
dotnet test -p:RuntimeFrameworkVersion=7.0.2 "${{ github.workspace }}/csharp/extractor/Semmle.Util.Tests"
|
|
||||||
dotnet test -p:RuntimeFrameworkVersion=7.0.2 "${{ github.workspace }}/csharp/extractor/Semmle.Extraction.Tests"
|
|
||||||
dotnet test -p:RuntimeFrameworkVersion=7.0.2 "${{ github.workspace }}/csharp/autobuilder/Semmle.Autobuild.CSharp.Tests"
|
|
||||||
dotnet test -p:RuntimeFrameworkVersion=7.0.2 "${{ github.workspace }}/cpp/autobuilder/Semmle.Autobuild.Cpp.Tests"
|
|
||||||
50
.github/workflows/fast-forward.yml
vendored
50
.github/workflows/fast-forward.yml
vendored
@@ -1,50 +0,0 @@
|
|||||||
# Fast-forwards the branch specified in BRANCH_NAME
|
|
||||||
# to the github.ref/sha that this workflow is run on.
|
|
||||||
# Used as part of the release process, to ensure
|
|
||||||
# external query writers can always access a branch of github/codeql
|
|
||||||
# that is compatible with the latest stable release.
|
|
||||||
name: Fast-forward tracking branch for selected CodeQL version
|
|
||||||
on:
|
|
||||||
workflow_dispatch:
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
fast-forward:
|
|
||||||
name: Fast-forward tracking branch for selected CodeQL version
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
if: github.repository == 'github/codeql'
|
|
||||||
permissions:
|
|
||||||
contents: write
|
|
||||||
env:
|
|
||||||
BRANCH_NAME: 'lgtm.com'
|
|
||||||
steps:
|
|
||||||
- name: Validate chosen branch
|
|
||||||
if: ${{ !startsWith(github.ref_name, 'codeql-cli-') }}
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
echo "::error ::The $BRANCH_NAME tracking branch should only be fast-forwarded to the tip of a codeql-cli-* branch, got $GITHUB_REF_NAME instead."
|
|
||||||
exit 1
|
|
||||||
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v3
|
|
||||||
|
|
||||||
- name: Git config
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
git config user.name "github-actions[bot]"
|
|
||||||
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
|
||||||
|
|
||||||
- name: Fetch
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
set -x
|
|
||||||
echo "Fetching $BRANCH_NAME"
|
|
||||||
# Explicitly unshallow and fetch to ensure the remote ref is available.
|
|
||||||
git fetch --unshallow origin "$BRANCH_NAME"
|
|
||||||
git checkout -b "$BRANCH_NAME" "origin/$BRANCH_NAME"
|
|
||||||
|
|
||||||
- name: Fast-forward
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
echo "Fast-forwarding $BRANCH_NAME to ${GITHUB_REF}@${GITHUB_SHA}"
|
|
||||||
git merge --ff-only "$GITHUB_SHA"
|
|
||||||
git push origin "$BRANCH_NAME"
|
|
||||||
80
.github/workflows/go-tests-other-os.yml
vendored
80
.github/workflows/go-tests-other-os.yml
vendored
@@ -1,80 +0,0 @@
|
|||||||
name: "Go: Run Tests - Other OS"
|
|
||||||
on:
|
|
||||||
pull_request:
|
|
||||||
paths:
|
|
||||||
- "go/**"
|
|
||||||
- "!go/ql/**" # don't run other-os if only ql/ files changed
|
|
||||||
- .github/workflows/go-tests-other-os.yml
|
|
||||||
- .github/actions/**
|
|
||||||
- codeql-workspace.yml
|
|
||||||
jobs:
|
|
||||||
test-mac:
|
|
||||||
name: Test MacOS
|
|
||||||
runs-on: macos-latest
|
|
||||||
steps:
|
|
||||||
- name: Set up Go 1.20
|
|
||||||
uses: actions/setup-go@v4
|
|
||||||
with:
|
|
||||||
go-version: '1.20'
|
|
||||||
id: go
|
|
||||||
|
|
||||||
- name: Check out code
|
|
||||||
uses: actions/checkout@v2
|
|
||||||
|
|
||||||
- name: Set up CodeQL CLI
|
|
||||||
uses: ./.github/actions/fetch-codeql
|
|
||||||
|
|
||||||
- name: Enable problem matchers in repository
|
|
||||||
shell: bash
|
|
||||||
run: 'find .github/problem-matchers -name \*.json -exec echo "::add-matcher::{}" \;'
|
|
||||||
|
|
||||||
- name: Build
|
|
||||||
run: |
|
|
||||||
cd go
|
|
||||||
make
|
|
||||||
|
|
||||||
- name: Cache compilation cache
|
|
||||||
id: query-cache
|
|
||||||
uses: ./.github/actions/cache-query-compilation
|
|
||||||
with:
|
|
||||||
key: go-qltest
|
|
||||||
- name: Test
|
|
||||||
run: |
|
|
||||||
cd go
|
|
||||||
make test cache="${{ steps.query-cache.outputs.cache-dir }}"
|
|
||||||
|
|
||||||
test-win:
|
|
||||||
name: Test Windows
|
|
||||||
runs-on: windows-latest-xl
|
|
||||||
steps:
|
|
||||||
- name: Set up Go 1.20
|
|
||||||
uses: actions/setup-go@v4
|
|
||||||
with:
|
|
||||||
go-version: '1.20'
|
|
||||||
id: go
|
|
||||||
|
|
||||||
- name: Check out code
|
|
||||||
uses: actions/checkout@v2
|
|
||||||
|
|
||||||
- name: Set up CodeQL CLI
|
|
||||||
uses: ./.github/actions/fetch-codeql
|
|
||||||
|
|
||||||
- name: Enable problem matchers in repository
|
|
||||||
shell: bash
|
|
||||||
run: 'find .github/problem-matchers -name \*.json -exec echo "::add-matcher::{}" \;'
|
|
||||||
|
|
||||||
- name: Build
|
|
||||||
run: |
|
|
||||||
cd go
|
|
||||||
make
|
|
||||||
|
|
||||||
- name: Cache compilation cache
|
|
||||||
id: query-cache
|
|
||||||
uses: ./.github/actions/cache-query-compilation
|
|
||||||
with:
|
|
||||||
key: go-qltest
|
|
||||||
|
|
||||||
- name: Test
|
|
||||||
run: |
|
|
||||||
cd go
|
|
||||||
make test cache="${{ steps.query-cache.outputs.cache-dir }}"
|
|
||||||
87
.github/workflows/go-tests.yml
vendored
87
.github/workflows/go-tests.yml
vendored
@@ -1,29 +1,20 @@
|
|||||||
name: "Go: Run Tests"
|
name: "Go: Run Tests"
|
||||||
on:
|
on:
|
||||||
push:
|
|
||||||
paths:
|
|
||||||
- "go/**"
|
|
||||||
- .github/workflows/go-tests.yml
|
|
||||||
- .github/actions/**
|
|
||||||
- codeql-workspace.yml
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
- "rc/*"
|
|
||||||
pull_request:
|
pull_request:
|
||||||
paths:
|
paths:
|
||||||
- "go/**"
|
- "go/**"
|
||||||
- .github/workflows/go-tests.yml
|
- .github/workflows/go-tests.yml
|
||||||
- .github/actions/**
|
- .github/actions/fetch-codeql/action.yml
|
||||||
- codeql-workspace.yml
|
- codeql-workspace.yml
|
||||||
jobs:
|
jobs:
|
||||||
test-linux:
|
test-linux:
|
||||||
name: Test Linux (Ubuntu)
|
name: Test Linux (Ubuntu)
|
||||||
runs-on: ubuntu-latest-xl
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Set up Go 1.20
|
- name: Set up Go 1.19
|
||||||
uses: actions/setup-go@v4
|
uses: actions/setup-go@v3
|
||||||
with:
|
with:
|
||||||
go-version: '1.20'
|
go-version: 1.19
|
||||||
id: go
|
id: go
|
||||||
|
|
||||||
- name: Check out code
|
- name: Check out code
|
||||||
@@ -41,7 +32,7 @@ jobs:
|
|||||||
cd go
|
cd go
|
||||||
make
|
make
|
||||||
|
|
||||||
- name: Check that all Go code is autoformatted
|
- name: Check that all QL and Go code is autoformatted
|
||||||
run: |
|
run: |
|
||||||
cd go
|
cd go
|
||||||
make check-formatting
|
make check-formatting
|
||||||
@@ -52,18 +43,72 @@ jobs:
|
|||||||
env QHELP_OUT_DIR=qhelp-out make qhelp-to-markdown
|
env QHELP_OUT_DIR=qhelp-out make qhelp-to-markdown
|
||||||
|
|
||||||
- name: Upload qhelp markdown
|
- name: Upload qhelp markdown
|
||||||
uses: actions/upload-artifact@v3
|
uses: actions/upload-artifact@v2
|
||||||
with:
|
with:
|
||||||
name: qhelp-markdown
|
name: qhelp-markdown
|
||||||
path: go/qhelp-out/**/*.md
|
path: go/qhelp-out/**/*.md
|
||||||
|
|
||||||
- name: Cache compilation cache
|
- name: Test
|
||||||
id: query-cache
|
run: |
|
||||||
uses: ./.github/actions/cache-query-compilation
|
cd go
|
||||||
|
make test
|
||||||
|
|
||||||
|
test-mac:
|
||||||
|
name: Test MacOS
|
||||||
|
runs-on: macos-latest
|
||||||
|
steps:
|
||||||
|
- name: Set up Go 1.19
|
||||||
|
uses: actions/setup-go@v3
|
||||||
with:
|
with:
|
||||||
key: go-qltest
|
go-version: 1.19
|
||||||
|
id: go
|
||||||
|
|
||||||
|
- name: Check out code
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: Set up CodeQL CLI
|
||||||
|
uses: ./.github/actions/fetch-codeql
|
||||||
|
|
||||||
|
- name: Enable problem matchers in repository
|
||||||
|
shell: bash
|
||||||
|
run: 'find .github/problem-matchers -name \*.json -exec echo "::add-matcher::{}" \;'
|
||||||
|
|
||||||
|
- name: Build
|
||||||
|
run: |
|
||||||
|
cd go
|
||||||
|
make
|
||||||
|
|
||||||
- name: Test
|
- name: Test
|
||||||
run: |
|
run: |
|
||||||
cd go
|
cd go
|
||||||
make test cache="${{ steps.query-cache.outputs.cache-dir }}"
|
make test
|
||||||
|
|
||||||
|
test-win:
|
||||||
|
name: Test Windows
|
||||||
|
runs-on: windows-2019
|
||||||
|
steps:
|
||||||
|
- name: Set up Go 1.19
|
||||||
|
uses: actions/setup-go@v3
|
||||||
|
with:
|
||||||
|
go-version: 1.19
|
||||||
|
id: go
|
||||||
|
|
||||||
|
- name: Check out code
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: Set up CodeQL CLI
|
||||||
|
uses: ./.github/actions/fetch-codeql
|
||||||
|
|
||||||
|
- name: Enable problem matchers in repository
|
||||||
|
shell: bash
|
||||||
|
run: 'find .github/problem-matchers -name \*.json -exec echo "::add-matcher::{}" \;'
|
||||||
|
|
||||||
|
- name: Build
|
||||||
|
run: |
|
||||||
|
cd go
|
||||||
|
make
|
||||||
|
|
||||||
|
- name: Test
|
||||||
|
run: |
|
||||||
|
cd go
|
||||||
|
make test
|
||||||
|
|||||||
44
.github/workflows/js-ml-tests.yml
vendored
44
.github/workflows/js-ml-tests.yml
vendored
@@ -23,9 +23,22 @@ defaults:
|
|||||||
working-directory: javascript/ql/experimental/adaptivethreatmodeling
|
working-directory: javascript/ql/experimental/adaptivethreatmodeling
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
qltest:
|
qlformat:
|
||||||
name: Test QL
|
name: Check QL formatting
|
||||||
runs-on: ubuntu-latest-xl
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- uses: ./.github/actions/fetch-codeql
|
||||||
|
|
||||||
|
- name: Check QL formatting
|
||||||
|
run: |
|
||||||
|
find . "(" -name "*.ql" -or -name "*.qll" ")" -print0 | \
|
||||||
|
xargs -0 codeql query format --check-only
|
||||||
|
|
||||||
|
qlcompile:
|
||||||
|
name: Check QL compilation
|
||||||
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
|
|
||||||
@@ -33,33 +46,36 @@ jobs:
|
|||||||
|
|
||||||
- name: Install pack dependencies
|
- name: Install pack dependencies
|
||||||
run: |
|
run: |
|
||||||
for pack in modelbuilding src test; do
|
for pack in modelbuilding src; do
|
||||||
codeql pack install --mode verify -- "${pack}"
|
codeql pack install --mode verify -- "${pack}"
|
||||||
done
|
done
|
||||||
|
|
||||||
- name: Cache compilation cache
|
|
||||||
id: query-cache
|
|
||||||
uses: ./.github/actions/cache-query-compilation
|
|
||||||
with:
|
|
||||||
key: js-ml-test
|
|
||||||
|
|
||||||
- name: Check QL compilation
|
- name: Check QL compilation
|
||||||
run: |
|
run: |
|
||||||
codeql query compile \
|
codeql query compile \
|
||||||
--check-only \
|
--check-only \
|
||||||
--ram 50000 \
|
--ram 5120 \
|
||||||
--additional-packs "${{ github.workspace }}" \
|
--additional-packs "${{ github.workspace }}" \
|
||||||
--threads=0 \
|
--threads=0 \
|
||||||
--compilation-cache "${{ steps.query-cache.outputs.cache-dir }}" \
|
|
||||||
-- \
|
-- \
|
||||||
lib modelbuilding src
|
lib modelbuilding src
|
||||||
|
|
||||||
|
qltest:
|
||||||
|
name: Run QL tests
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- uses: ./.github/actions/fetch-codeql
|
||||||
|
|
||||||
|
- name: Install pack dependencies
|
||||||
|
run: codeql pack install -- test
|
||||||
|
|
||||||
- name: Run QL tests
|
- name: Run QL tests
|
||||||
run: |
|
run: |
|
||||||
codeql test run \
|
codeql test run \
|
||||||
--threads=0 \
|
--threads=0 \
|
||||||
--ram 50000 \
|
--ram 5120 \
|
||||||
--additional-packs "${{ github.workspace }}" \
|
--additional-packs "${{ github.workspace }}" \
|
||||||
--compilation-cache "${{ steps.query-cache.outputs.cache-dir }}" \
|
|
||||||
-- \
|
-- \
|
||||||
test
|
test
|
||||||
18
.github/workflows/mad_modelDiff.yml
vendored
18
.github/workflows/mad_modelDiff.yml
vendored
@@ -11,7 +11,7 @@ on:
|
|||||||
branches:
|
branches:
|
||||||
- main
|
- main
|
||||||
paths:
|
paths:
|
||||||
- "java/ql/src/utils/modelgenerator/**/*.*"
|
- "java/ql/src/utils/model-generator/**/*.*"
|
||||||
- ".github/workflows/mad_modelDiff.yml"
|
- ".github/workflows/mad_modelDiff.yml"
|
||||||
|
|
||||||
permissions:
|
permissions:
|
||||||
@@ -40,12 +40,12 @@ jobs:
|
|||||||
- name: Download database
|
- name: Download database
|
||||||
env:
|
env:
|
||||||
SLUG: ${{ matrix.slug }}
|
SLUG: ${{ matrix.slug }}
|
||||||
GH_TOKEN: ${{ github.token }}
|
|
||||||
run: |
|
run: |
|
||||||
set -x
|
set -x
|
||||||
mkdir lib-dbs
|
mkdir lib-dbs
|
||||||
SHORTNAME=${SLUG//[^a-zA-Z0-9_]/}
|
SHORTNAME=${SLUG//[^a-zA-Z0-9_]/}
|
||||||
gh api -H "Accept: application/zip" "/repos/${SLUG}/code-scanning/codeql/databases/java" > "$SHORTNAME.zip"
|
projectId=`curl -s https://lgtm.com/api/v1.0/projects/g/${SLUG} | jq .id`
|
||||||
|
curl -L "https://lgtm.com/api/v1.0/snapshots/$projectId/java" -o "$SHORTNAME.zip"
|
||||||
unzip -q -d "${SHORTNAME}-db" "${SHORTNAME}.zip"
|
unzip -q -d "${SHORTNAME}-db" "${SHORTNAME}.zip"
|
||||||
mkdir "lib-dbs/$SHORTNAME/"
|
mkdir "lib-dbs/$SHORTNAME/"
|
||||||
mv "${SHORTNAME}-db/"$(ls -1 "${SHORTNAME}"-db)/* "lib-dbs/${SHORTNAME}/"
|
mv "${SHORTNAME}-db/"$(ls -1 "${SHORTNAME}"-db)/* "lib-dbs/${SHORTNAME}/"
|
||||||
@@ -61,8 +61,8 @@ jobs:
|
|||||||
DATABASE=$2
|
DATABASE=$2
|
||||||
cd codeql-$QL_VARIANT
|
cd codeql-$QL_VARIANT
|
||||||
SHORTNAME=`basename $DATABASE`
|
SHORTNAME=`basename $DATABASE`
|
||||||
python java/ql/src/utils/modelgenerator/GenerateFlowModel.py --with-summaries --with-sinks $DATABASE ${SHORTNAME}.temp.model.yml
|
python java/ql/src/utils/model-generator/GenerateFlowModel.py --with-summaries --with-sinks $DATABASE $MODELS/${SHORTNAME}.qll
|
||||||
mv java/ql/lib/ext/generated/${SHORTNAME}.temp.model.yml $MODELS/${SHORTNAME}Generated_${QL_VARIANT}.model.yml
|
mv $MODELS/${SHORTNAME}.qll $MODELS/${SHORTNAME}Generated_${QL_VARIANT}.qll
|
||||||
cd ..
|
cd ..
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -85,21 +85,19 @@ jobs:
|
|||||||
set -x
|
set -x
|
||||||
MODELS=`pwd`/tmp-models
|
MODELS=`pwd`/tmp-models
|
||||||
ls -1 tmp-models/
|
ls -1 tmp-models/
|
||||||
for m in $MODELS/*_main.model.yml ; do
|
for m in $MODELS/*_main.qll ; do
|
||||||
t="${m/main/"pr"}"
|
t="${m/main/"pr"}"
|
||||||
basename=`basename $m`
|
basename=`basename $m`
|
||||||
name="diff_${basename/_main.model.yml/""}"
|
name="diff_${basename/_main.qll/""}"
|
||||||
(diff -w -u $m $t | diff2html -i stdin -F $MODELS/$name.html) || true
|
(diff -w -u $m $t | diff2html -i stdin -F $MODELS/$name.html) || true
|
||||||
done
|
done
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
name: models
|
name: models
|
||||||
path: tmp-models/*.model.yml
|
path: tmp-models/*.qll
|
||||||
retention-days: 20
|
retention-days: 20
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
name: diffs
|
name: diffs
|
||||||
path: tmp-models/*.html
|
path: tmp-models/*.html
|
||||||
# An html file is only produced if the generated models differ.
|
|
||||||
if-no-files-found: ignore
|
|
||||||
retention-days: 20
|
retention-days: 20
|
||||||
|
|||||||
4
.github/workflows/mad_regenerate-models.yml
vendored
4
.github/workflows/mad_regenerate-models.yml
vendored
@@ -50,10 +50,10 @@ jobs:
|
|||||||
SLUG: ${{ matrix.slug }}
|
SLUG: ${{ matrix.slug }}
|
||||||
run: |
|
run: |
|
||||||
SHORTNAME=${SLUG//[^a-zA-Z0-9_]/}
|
SHORTNAME=${SLUG//[^a-zA-Z0-9_]/}
|
||||||
java/ql/src/utils/modelgenerator/RegenerateModels.py "${SLUG}" dbs/${SHORTNAME}
|
java/ql/src/utils/model-generator/RegenerateModels.py "${SLUG}" dbs/${SHORTNAME}
|
||||||
- name: Stage changes
|
- name: Stage changes
|
||||||
run: |
|
run: |
|
||||||
find java -name "*.model.yml" -print0 | xargs -0 git add
|
find java -name "*.qll" -print0 | xargs -0 git add
|
||||||
git status
|
git status
|
||||||
git diff --cached > models.patch
|
git diff --cached > models.patch
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v3
|
||||||
|
|||||||
4
.github/workflows/qhelp-pr-preview.yml
vendored
4
.github/workflows/qhelp-pr-preview.yml
vendored
@@ -27,7 +27,7 @@ on:
|
|||||||
- main
|
- main
|
||||||
- "rc/*"
|
- "rc/*"
|
||||||
paths:
|
paths:
|
||||||
- "**/*.qhelp"
|
- "ruby/**/*.qhelp"
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
qhelp:
|
qhelp:
|
||||||
@@ -52,7 +52,7 @@ jobs:
|
|||||||
id: changes
|
id: changes
|
||||||
run: |
|
run: |
|
||||||
(git diff -z --name-only --diff-filter=ACMRT HEAD~1 HEAD | grep -z '.qhelp$' | grep -z -v '.inc.qhelp';
|
(git diff -z --name-only --diff-filter=ACMRT HEAD~1 HEAD | grep -z '.qhelp$' | grep -z -v '.inc.qhelp';
|
||||||
git diff -z --name-only --diff-filter=ACMRT HEAD~1 HEAD | grep -z '.inc.qhelp$' | xargs --null -rn1 basename -z | xargs --null -rn1 git grep -z -l) |
|
git diff -z --name-only --diff-filter=ACMRT HEAD~1 HEAD | grep -z '.inc.qhelp$' | xargs --null -rn1 basename | xargs --null -rn1 git grep -z -l) |
|
||||||
grep -z '.qhelp$' | grep -z -v '^-' | sort -z -u > "${RUNNER_TEMP}/paths.txt"
|
grep -z '.qhelp$' | grep -z -v '^-' | sort -z -u > "${RUNNER_TEMP}/paths.txt"
|
||||||
|
|
||||||
- name: QHelp preview
|
- name: QHelp preview
|
||||||
|
|||||||
150
.github/workflows/ql-for-ql-build.yml
vendored
150
.github/workflows/ql-for-ql-build.yml
vendored
@@ -5,6 +5,13 @@ on:
|
|||||||
branches: [main]
|
branches: [main]
|
||||||
pull_request:
|
pull_request:
|
||||||
branches: [main]
|
branches: [main]
|
||||||
|
paths:
|
||||||
|
- "ql/**"
|
||||||
|
- "**.qll"
|
||||||
|
- "**.ql"
|
||||||
|
- "**.dbscheme"
|
||||||
|
- "**/qlpack.yml"
|
||||||
|
- ".github/workflows/ql-for-ql-build.yml"
|
||||||
|
|
||||||
env:
|
env:
|
||||||
CARGO_TERM_COLOR: always
|
CARGO_TERM_COLOR: always
|
||||||
@@ -15,60 +22,137 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
### Build the queries ###
|
### Build the queries ###
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
- name: Find codeql
|
- name: Find codeql
|
||||||
id: find-codeql
|
id: find-codeql
|
||||||
uses: github/codeql-action/init@v2
|
uses: github/codeql-action/init@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca
|
||||||
with:
|
with:
|
||||||
languages: javascript # does not matter
|
languages: javascript # does not matter
|
||||||
- uses: ./.github/actions/os-version
|
- name: Get CodeQL version
|
||||||
id: os_version
|
id: get-codeql-version
|
||||||
|
run: |
|
||||||
|
echo "::set-output name=version::$("${CODEQL}" --version | head -n 1 | rev | cut -d " " -f 1 | rev)"
|
||||||
|
shell: bash
|
||||||
|
env:
|
||||||
|
CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
|
||||||
|
- name: Cache entire pack
|
||||||
|
id: cache-pack
|
||||||
|
uses: actions/cache@v3
|
||||||
|
with:
|
||||||
|
path: ${{ runner.temp }}/pack
|
||||||
|
key: ${{ runner.os }}-pack-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('ql/**/*.rs') }}-${{ hashFiles('ql/**/*.ql*') }}-${{ hashFiles('ql/**/qlpack.yml') }}-${{ hashFiles('ql/ql/src/ql.dbscheme*') }}-${{ steps.get-codeql-version.outputs.version }}--${{ hashFiles('.github/workflows/ql-for-ql-build.yml') }}
|
||||||
|
- name: Cache queries
|
||||||
|
if: steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
|
id: cache-queries
|
||||||
|
uses: actions/cache@v3
|
||||||
|
with:
|
||||||
|
path: ${{ runner.temp }}/queries
|
||||||
|
key: queries-${{ hashFiles('ql/**/*.ql*') }}-${{ hashFiles('ql/**/qlpack.yml') }}-${{ hashFiles('ql/ql/src/ql.dbscheme*') }}-${{ steps.get-codeql-version.outputs.version }}--${{ hashFiles('.github/workflows/ql-for-ql-build.yml') }}
|
||||||
|
- name: Build query pack
|
||||||
|
if: steps.cache-queries.outputs.cache-hit != 'true' && steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
|
run: |
|
||||||
|
cd ql/ql/src
|
||||||
|
"${CODEQL}" pack create -j 16
|
||||||
|
mv .codeql/pack/codeql/ql/0.0.0 ${{ runner.temp }}/queries
|
||||||
|
env:
|
||||||
|
CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
|
||||||
|
- name: Move cache queries to pack
|
||||||
|
if: steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
|
run: |
|
||||||
|
cp -r ${{ runner.temp }}/queries ${{ runner.temp }}/pack
|
||||||
|
env:
|
||||||
|
CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
|
||||||
|
|
||||||
### Build the extractor ###
|
### Build the extractor ###
|
||||||
- name: Cache entire extractor
|
- name: Cache entire extractor
|
||||||
|
if: steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
id: cache-extractor
|
id: cache-extractor
|
||||||
uses: actions/cache@v3
|
uses: actions/cache@v3
|
||||||
with:
|
with:
|
||||||
path: |
|
path: |
|
||||||
ql/extractor-pack/
|
ql/target/release/ql-autobuilder
|
||||||
ql/target/release/buramu
|
ql/target/release/ql-autobuilder.exe
|
||||||
key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-extractor-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('ql/**/*.rs') }}
|
ql/target/release/ql-extractor
|
||||||
|
ql/target/release/ql-extractor.exe
|
||||||
|
key: ${{ runner.os }}-extractor-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('ql/**/*.rs') }}
|
||||||
- name: Cache cargo
|
- name: Cache cargo
|
||||||
if: steps.cache-extractor.outputs.cache-hit != 'true'
|
if: steps.cache-extractor.outputs.cache-hit != 'true' && steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
uses: actions/cache@v3
|
uses: actions/cache@v3
|
||||||
with:
|
with:
|
||||||
path: |
|
path: |
|
||||||
~/.cargo/registry
|
~/.cargo/registry
|
||||||
~/.cargo/git
|
~/.cargo/git
|
||||||
ql/target
|
ql/target
|
||||||
key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-rust-cargo-${{ hashFiles('ql/**/Cargo.lock') }}
|
key: ${{ runner.os }}-rust-cargo-${{ hashFiles('ql/**/Cargo.lock') }}
|
||||||
|
- name: Check formatting
|
||||||
|
if: steps.cache-extractor.outputs.cache-hit != 'true' && steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
|
run: cd ql; cargo fmt --all -- --check
|
||||||
|
- name: Build
|
||||||
|
if: steps.cache-extractor.outputs.cache-hit != 'true' && steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
|
run: cd ql; cargo build --verbose
|
||||||
|
- name: Run tests
|
||||||
|
if: steps.cache-extractor.outputs.cache-hit != 'true' && steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
|
run: cd ql; cargo test --verbose
|
||||||
- name: Release build
|
- name: Release build
|
||||||
if: steps.cache-extractor.outputs.cache-hit != 'true'
|
if: steps.cache-extractor.outputs.cache-hit != 'true' && steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
run: cd ql; ./scripts/create-extractor-pack.sh
|
run: cd ql; cargo build --release
|
||||||
env:
|
- name: Generate dbscheme
|
||||||
GH_TOKEN: ${{ github.token }}
|
if: steps.cache-extractor.outputs.cache-hit != 'true' && steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
- name: Cache compilation cache
|
run: ql/target/release/ql-generator --dbscheme ql/ql/src/ql.dbscheme --library ql/ql/src/codeql_ql/ast/internal/TreeSitter.qll
|
||||||
id: query-cache
|
|
||||||
uses: ./.github/actions/cache-query-compilation
|
### Package the queries and extractor ###
|
||||||
with:
|
- name: Package pack
|
||||||
key: run-ql-for-ql
|
if: steps.cache-pack.outputs.cache-hit != 'true'
|
||||||
- name: Make database and analyze
|
|
||||||
run: |
|
run: |
|
||||||
./ql/target/release/buramu | tee deprecated.blame # Add a blame file for the extractor to parse.
|
cp -r ql/codeql-extractor.yml ql/tools ql/ql/src/ql.dbscheme.stats ${PACK}/
|
||||||
${CODEQL} database create -l=ql --search-path ql/extractor-pack ${DB}
|
mkdir -p ${PACK}/tools/linux64
|
||||||
${CODEQL} database analyze -j0 --format=sarif-latest --output=ql-for-ql.sarif ${DB} ql/ql/src/codeql-suites/ql-code-scanning.qls --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
|
cp ql/target/release/ql-autobuilder ${PACK}/tools/linux64/autobuilder
|
||||||
|
cp ql/target/release/ql-extractor ${PACK}/tools/linux64/extractor
|
||||||
|
chmod +x ${PACK}/tools/linux64/autobuilder
|
||||||
|
chmod +x ${PACK}/tools/linux64/extractor
|
||||||
env:
|
env:
|
||||||
CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
|
PACK: ${{ runner.temp }}/pack
|
||||||
DB: ${{ runner.temp }}/DB
|
|
||||||
LGTM_INDEX_FILTERS: |
|
### Run the analysis ###
|
||||||
exclude:ql/ql/test
|
- name: Hack codeql-action options
|
||||||
exclude:*/ql/lib/upgrades/
|
run: |
|
||||||
exclude:java/ql/integration-tests
|
JSON=$(jq -nc --arg pack "${PACK}" '.database."run-queries"=["--search-path", $pack] | .resolve.queries=["--search-path", $pack] | .resolve.extractor=["--search-path", $pack] | .resolve.languages=["--search-path", $pack] | .database.init=["--search-path", $pack]')
|
||||||
- name: Upload sarif to code-scanning
|
echo "CODEQL_ACTION_EXTRA_OPTIONS=${JSON}" >> ${GITHUB_ENV}
|
||||||
uses: github/codeql-action/upload-sarif@v2
|
env:
|
||||||
|
PACK: ${{ runner.temp }}/pack
|
||||||
|
|
||||||
|
- name: Create CodeQL config file
|
||||||
|
run: |
|
||||||
|
echo "paths-ignore:" >> ${CONF}
|
||||||
|
echo " - ql/ql/test" >> ${CONF}
|
||||||
|
echo " - \"*/ql/lib/upgrades/\"" >> ${CONF}
|
||||||
|
echo "disable-default-queries: true" >> ${CONF}
|
||||||
|
echo "queries:" >> ${CONF}
|
||||||
|
echo " - uses: ./ql/ql/src/codeql-suites/ql-code-scanning.qls" >> ${CONF}
|
||||||
|
echo "Config file: "
|
||||||
|
cat ${CONF}
|
||||||
|
env:
|
||||||
|
CONF: ./ql-for-ql-config.yml
|
||||||
|
- name: Initialize CodeQL
|
||||||
|
uses: github/codeql-action/init@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca
|
||||||
with:
|
with:
|
||||||
sarif_file: ql-for-ql.sarif
|
languages: ql
|
||||||
category: ql-for-ql
|
db-location: ${{ runner.temp }}/db
|
||||||
|
config-file: ./ql-for-ql-config.yml
|
||||||
|
- name: Move pack cache
|
||||||
|
run: |
|
||||||
|
cp -r ${PACK}/.cache ql/ql/src/.cache
|
||||||
|
env:
|
||||||
|
PACK: ${{ runner.temp }}/pack
|
||||||
|
|
||||||
|
- name: Perform CodeQL Analysis
|
||||||
|
uses: github/codeql-action/analyze@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca
|
||||||
|
with:
|
||||||
|
category: "ql-for-ql"
|
||||||
|
- name: Copy sarif file to CWD
|
||||||
|
run: cp ../results/ql.sarif ./ql-for-ql.sarif
|
||||||
|
- name: Fixup the $scema in sarif # Until https://github.com/microsoft/sarif-vscode-extension/pull/436/ is part in a stable release
|
||||||
|
run: |
|
||||||
|
sed -i 's/\$schema.*/\$schema": "https:\/\/raw.githubusercontent.com\/oasis-tcs\/sarif-spec\/master\/Schemata\/sarif-schema-2.1.0",/' ql-for-ql.sarif
|
||||||
- name: Sarif as artifact
|
- name: Sarif as artifact
|
||||||
uses: actions/upload-artifact@v3
|
uses: actions/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
|
|||||||
@@ -25,18 +25,16 @@ jobs:
|
|||||||
|
|
||||||
- name: Find codeql
|
- name: Find codeql
|
||||||
id: find-codeql
|
id: find-codeql
|
||||||
uses: github/codeql-action/init@v2
|
uses: github/codeql-action/init@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca
|
||||||
with:
|
with:
|
||||||
languages: javascript # does not matter
|
languages: javascript # does not matter
|
||||||
- uses: ./.github/actions/os-version
|
|
||||||
id: os_version
|
|
||||||
- uses: actions/cache@v3
|
- uses: actions/cache@v3
|
||||||
with:
|
with:
|
||||||
path: |
|
path: |
|
||||||
~/.cargo/registry
|
~/.cargo/registry
|
||||||
~/.cargo/git
|
~/.cargo/git
|
||||||
ql/target
|
ql/target
|
||||||
key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/**/Cargo.lock') }}
|
key: ${{ runner.os }}-qltest-cargo-${{ hashFiles('ql/**/Cargo.lock') }}
|
||||||
- name: Build Extractor
|
- name: Build Extractor
|
||||||
run: cd ql; env "PATH=$PATH:`dirname ${CODEQL}`" ./scripts/create-extractor-pack.sh
|
run: cd ql; env "PATH=$PATH:`dirname ${CODEQL}`" ./scripts/create-extractor-pack.sh
|
||||||
env:
|
env:
|
||||||
|
|||||||
73
.github/workflows/ql-for-ql-tests.yml
vendored
73
.github/workflows/ql-for-ql-tests.yml
vendored
@@ -6,13 +6,11 @@ on:
|
|||||||
paths:
|
paths:
|
||||||
- "ql/**"
|
- "ql/**"
|
||||||
- codeql-workspace.yml
|
- codeql-workspace.yml
|
||||||
- .github/workflows/ql-for-ql-tests.yml
|
|
||||||
pull_request:
|
pull_request:
|
||||||
branches: [main]
|
branches: [main]
|
||||||
paths:
|
paths:
|
||||||
- "ql/**"
|
- "ql/**"
|
||||||
- codeql-workspace.yml
|
- codeql-workspace.yml
|
||||||
- .github/workflows/ql-for-ql-tests.yml
|
|
||||||
|
|
||||||
env:
|
env:
|
||||||
CARGO_TERM_COLOR: always
|
CARGO_TERM_COLOR: always
|
||||||
@@ -24,86 +22,33 @@ jobs:
|
|||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- name: Find codeql
|
- name: Find codeql
|
||||||
id: find-codeql
|
id: find-codeql
|
||||||
uses: github/codeql-action/init@v2
|
uses: github/codeql-action/init@71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca
|
||||||
with:
|
with:
|
||||||
languages: javascript # does not matter
|
languages: javascript # does not matter
|
||||||
- uses: ./.github/actions/os-version
|
|
||||||
id: os_version
|
|
||||||
- uses: actions/cache@v3
|
- uses: actions/cache@v3
|
||||||
with:
|
with:
|
||||||
path: |
|
path: |
|
||||||
~/.cargo/registry
|
~/.cargo/registry
|
||||||
~/.cargo/git
|
~/.cargo/git
|
||||||
ql/target
|
ql/target
|
||||||
key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/rust-toolchain.toml', 'ql/**/Cargo.lock') }}
|
key: ${{ runner.os }}-qltest-cargo-${{ hashFiles('ql/**/Cargo.lock') }}
|
||||||
- name: Check formatting
|
|
||||||
run: cd ql; cargo fmt --all -- --check
|
|
||||||
- name: Build extractor
|
- name: Build extractor
|
||||||
run: |
|
run: |
|
||||||
cd ql;
|
cd ql;
|
||||||
codeqlpath=$(dirname ${{ steps.find-codeql.outputs.codeql-path }});
|
codeqlpath=$(dirname ${{ steps.find-codeql.outputs.codeql-path }});
|
||||||
env "PATH=$PATH:$codeqlpath" ./scripts/create-extractor-pack.sh
|
env "PATH=$PATH:$codeqlpath" ./scripts/create-extractor-pack.sh
|
||||||
- name: Cache compilation cache
|
|
||||||
id: query-cache
|
|
||||||
uses: ./.github/actions/cache-query-compilation
|
|
||||||
with:
|
|
||||||
key: ql-for-ql-tests
|
|
||||||
- name: Run QL tests
|
- name: Run QL tests
|
||||||
run: |
|
run: |
|
||||||
"${CODEQL}" test run --check-databases --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --search-path "${{ github.workspace }}/ql/extractor-pack" --consistency-queries ql/ql/consistency-queries --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}" ql/ql/test
|
"${CODEQL}" test run --check-databases --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --search-path "${{ github.workspace }}/ql/extractor-pack" --consistency-queries ql/ql/consistency-queries ql/ql/test
|
||||||
env:
|
env:
|
||||||
CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
|
CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
|
||||||
|
- name: Check QL formatting
|
||||||
other-os:
|
|
||||||
strategy:
|
|
||||||
matrix:
|
|
||||||
os: [macos-latest, windows-latest]
|
|
||||||
needs: [qltest]
|
|
||||||
runs-on: ${{ matrix.os }}
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Install GNU tar
|
|
||||||
if: runner.os == 'macOS'
|
|
||||||
run: |
|
run: |
|
||||||
brew install gnu-tar
|
find ql/ql/src "(" -name "*.ql" -or -name "*.qll" ")" -print0 | xargs -0 "${CODEQL}" query format --check-only
|
||||||
echo "/usr/local/opt/gnu-tar/libexec/gnubin" >> $GITHUB_PATH
|
|
||||||
- name: Find codeql
|
|
||||||
id: find-codeql
|
|
||||||
uses: github/codeql-action/init@v2
|
|
||||||
with:
|
|
||||||
languages: javascript # does not matter
|
|
||||||
- uses: ./.github/actions/os-version
|
|
||||||
id: os_version
|
|
||||||
- uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
~/.cargo/registry
|
|
||||||
~/.cargo/git
|
|
||||||
ql/target
|
|
||||||
key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/rust-toolchain.toml', 'ql/**/Cargo.lock') }}
|
|
||||||
- name: Build extractor
|
|
||||||
if: runner.os != 'Windows'
|
|
||||||
run: |
|
|
||||||
cd ql;
|
|
||||||
codeqlpath=$(dirname ${{ steps.find-codeql.outputs.codeql-path }});
|
|
||||||
env "PATH=$PATH:$codeqlpath" ./scripts/create-extractor-pack.sh
|
|
||||||
- name: Build extractor (Windows)
|
|
||||||
if: runner.os == 'Windows'
|
|
||||||
shell: pwsh
|
|
||||||
run: |
|
|
||||||
cd ql;
|
|
||||||
$Env:PATH += ";$(dirname ${{ steps.find-codeql.outputs.codeql-path }})"
|
|
||||||
pwsh ./scripts/create-extractor-pack.ps1
|
|
||||||
- name: Run a single QL tests - Unix
|
|
||||||
if: runner.os != 'Windows'
|
|
||||||
run: |
|
|
||||||
"${CODEQL}" test run --check-databases --search-path "${{ github.workspace }}/ql/extractor-pack" ql/ql/test/queries/style/DeadCode/DeadCode.qlref
|
|
||||||
env:
|
env:
|
||||||
CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
|
CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
|
||||||
- name: Run a single QL tests - Windows
|
- name: Check QL compilation
|
||||||
if: runner.os == 'Windows'
|
|
||||||
shell: pwsh
|
|
||||||
run: |
|
run: |
|
||||||
$Env:PATH += ";$(dirname ${{ steps.find-codeql.outputs.codeql-path }})"
|
"${CODEQL}" query compile --check-only --threads=4 --warnings=error --search-path "${{ github.workspace }}/ql/extractor-pack" "ql/ql/src" "ql/ql/examples"
|
||||||
codeql test run --check-databases --search-path "${{ github.workspace }}/ql/extractor-pack" ql/ql/test/queries/style/DeadCode/DeadCode.qlref
|
env:
|
||||||
|
CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
|
||||||
|
|||||||
158
.github/workflows/ruby-build.yml
vendored
158
.github/workflows/ruby-build.yml
vendored
@@ -48,51 +48,24 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
brew install gnu-tar
|
brew install gnu-tar
|
||||||
echo "/usr/local/opt/gnu-tar/libexec/gnubin" >> $GITHUB_PATH
|
echo "/usr/local/opt/gnu-tar/libexec/gnubin" >> $GITHUB_PATH
|
||||||
- name: Install cargo-cross
|
|
||||||
if: runner.os == 'Linux'
|
|
||||||
run: cargo install cross --version 0.2.5
|
|
||||||
- uses: ./.github/actions/os-version
|
|
||||||
id: os_version
|
|
||||||
- name: Cache entire extractor
|
|
||||||
uses: actions/cache@v3
|
|
||||||
id: cache-extractor
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
ruby/extractor/target/release/codeql-extractor-ruby
|
|
||||||
ruby/extractor/target/release/codeql-extractor-ruby.exe
|
|
||||||
ruby/extractor/ql/lib/codeql/ruby/ast/internal/TreeSitter.qll
|
|
||||||
key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-extractor-${{ hashFiles('ruby/extractor/rust-toolchain.toml', 'ruby/extractor/Cargo.lock') }}--${{ hashFiles('ruby/extractor/**/*.rs') }}
|
|
||||||
- uses: actions/cache@v3
|
- uses: actions/cache@v3
|
||||||
if: steps.cache-extractor.outputs.cache-hit != 'true'
|
|
||||||
with:
|
with:
|
||||||
path: |
|
path: |
|
||||||
~/.cargo/registry
|
~/.cargo/registry
|
||||||
~/.cargo/git
|
~/.cargo/git
|
||||||
ruby/target
|
ruby/target
|
||||||
key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-rust-cargo-${{ hashFiles('ruby/extractor/rust-toolchain.toml', 'ruby/extractor/**/Cargo.lock') }}
|
key: ${{ runner.os }}-ruby-rust-cargo-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }}
|
||||||
- name: Check formatting
|
- name: Check formatting
|
||||||
if: steps.cache-extractor.outputs.cache-hit != 'true'
|
run: cargo fmt --all -- --check
|
||||||
run: cd extractor && cargo fmt --all -- --check
|
|
||||||
- name: Build
|
- name: Build
|
||||||
if: steps.cache-extractor.outputs.cache-hit != 'true'
|
run: cargo build --verbose
|
||||||
run: cd extractor && cargo build --verbose
|
|
||||||
- name: Run tests
|
- name: Run tests
|
||||||
if: steps.cache-extractor.outputs.cache-hit != 'true'
|
run: cargo test --verbose
|
||||||
run: cd extractor && cargo test --verbose
|
- name: Release build
|
||||||
# On linux, build the extractor via cross in a centos7 container.
|
run: cargo build --release
|
||||||
# This ensures we don't depend on glibc > 2.17.
|
|
||||||
- name: Release build (linux)
|
|
||||||
if: steps.cache-extractor.outputs.cache-hit != 'true' && runner.os == 'Linux'
|
|
||||||
run: |
|
|
||||||
cd extractor
|
|
||||||
cross build --release
|
|
||||||
mv target/x86_64-unknown-linux-gnu/release/codeql-extractor-ruby target/release/
|
|
||||||
- name: Release build (windows and macos)
|
|
||||||
if: steps.cache-extractor.outputs.cache-hit != 'true' && runner.os != 'Linux'
|
|
||||||
run: cd extractor && cargo build --release
|
|
||||||
- name: Generate dbscheme
|
- name: Generate dbscheme
|
||||||
if: ${{ matrix.os == 'ubuntu-latest' && steps.cache-extractor.outputs.cache-hit != 'true'}}
|
if: ${{ matrix.os == 'ubuntu-latest' }}
|
||||||
run: extractor/target/release/codeql-extractor-ruby generate --dbscheme ql/lib/ruby.dbscheme --library ql/lib/codeql/ruby/ast/internal/TreeSitter.qll
|
run: target/release/ruby-generator --dbscheme ql/lib/ruby.dbscheme --library ql/lib/codeql/ruby/ast/internal/TreeSitter.qll
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v3
|
||||||
if: ${{ matrix.os == 'ubuntu-latest' }}
|
if: ${{ matrix.os == 'ubuntu-latest' }}
|
||||||
with:
|
with:
|
||||||
@@ -107,38 +80,33 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
name: extractor-${{ matrix.os }}
|
name: extractor-${{ matrix.os }}
|
||||||
path: |
|
path: |
|
||||||
ruby/extractor/target/release/codeql-extractor-ruby
|
ruby/target/release/ruby-autobuilder
|
||||||
ruby/extractor/target/release/codeql-extractor-ruby.exe
|
ruby/target/release/ruby-autobuilder.exe
|
||||||
|
ruby/target/release/ruby-extractor
|
||||||
|
ruby/target/release/ruby-extractor.exe
|
||||||
retention-days: 1
|
retention-days: 1
|
||||||
compile-queries:
|
compile-queries:
|
||||||
runs-on: ubuntu-latest-xl
|
runs-on: ubuntu-latest
|
||||||
|
env:
|
||||||
|
CODEQL_THREADS: 4 # TODO: remove this once it's set by the CLI
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- name: Fetch CodeQL
|
- name: Fetch CodeQL
|
||||||
uses: ./.github/actions/fetch-codeql
|
uses: ./.github/actions/fetch-codeql
|
||||||
- name: Cache compilation cache
|
|
||||||
id: query-cache
|
|
||||||
uses: ./.github/actions/cache-query-compilation
|
|
||||||
with:
|
|
||||||
key: ruby-build
|
|
||||||
- name: Build Query Pack
|
- name: Build Query Pack
|
||||||
run: |
|
run: |
|
||||||
PACKS=${{ runner.temp }}/query-packs
|
codeql pack create ../shared/ssa --output target/packs
|
||||||
rm -rf $PACKS
|
codeql pack create ql/lib --output target/packs
|
||||||
codeql pack create ../misc/suite-helpers --output "$PACKS"
|
codeql pack install ql/src
|
||||||
codeql pack create ../shared/regex --output "$PACKS"
|
codeql pack create ql/src --output target/packs
|
||||||
codeql pack create ../shared/ssa --output "$PACKS"
|
PACK_FOLDER=$(readlink -f target/packs/codeql/ruby-queries/*)
|
||||||
codeql pack create ../shared/tutorial --output "$PACKS"
|
|
||||||
codeql pack create ql/lib --output "$PACKS"
|
|
||||||
codeql pack create -j0 ql/src --output "$PACKS" --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
|
|
||||||
PACK_FOLDER=$(readlink -f "$PACKS"/codeql/ruby-queries/*)
|
|
||||||
codeql generate query-help --format=sarifv2.1.0 --output="${PACK_FOLDER}/rules.sarif" ql/src
|
codeql generate query-help --format=sarifv2.1.0 --output="${PACK_FOLDER}/rules.sarif" ql/src
|
||||||
(cd ql/src; find queries \( -name '*.qhelp' -o -name '*.rb' -o -name '*.erb' \) -exec bash -c 'mkdir -p "'"${PACK_FOLDER}"'/$(dirname "{}")"' \; -exec cp "{}" "${PACK_FOLDER}/{}" \;)
|
(cd ql/src; find queries \( -name '*.qhelp' -o -name '*.rb' -o -name '*.erb' \) -exec bash -c 'mkdir -p "'"${PACK_FOLDER}"'/$(dirname "{}")"' \; -exec cp "{}" "${PACK_FOLDER}/{}" \;)
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
name: codeql-ruby-queries
|
name: codeql-ruby-queries
|
||||||
path: |
|
path: |
|
||||||
${{ runner.temp }}/query-packs/*
|
ruby/target/packs/*
|
||||||
retention-days: 1
|
retention-days: 1
|
||||||
|
|
||||||
package:
|
package:
|
||||||
@@ -166,10 +134,13 @@ jobs:
|
|||||||
mkdir -p ruby
|
mkdir -p ruby
|
||||||
cp -r codeql-extractor.yml tools ql/lib/ruby.dbscheme.stats ruby/
|
cp -r codeql-extractor.yml tools ql/lib/ruby.dbscheme.stats ruby/
|
||||||
mkdir -p ruby/tools/{linux64,osx64,win64}
|
mkdir -p ruby/tools/{linux64,osx64,win64}
|
||||||
cp linux64/codeql-extractor-ruby ruby/tools/linux64/extractor
|
cp linux64/ruby-autobuilder ruby/tools/linux64/autobuilder
|
||||||
cp osx64/codeql-extractor-ruby ruby/tools/osx64/extractor
|
cp osx64/ruby-autobuilder ruby/tools/osx64/autobuilder
|
||||||
cp win64/codeql-extractor-ruby.exe ruby/tools/win64/extractor.exe
|
cp win64/ruby-autobuilder.exe ruby/tools/win64/autobuilder.exe
|
||||||
chmod +x ruby/tools/{linux64,osx64}/extractor
|
cp linux64/ruby-extractor ruby/tools/linux64/extractor
|
||||||
|
cp osx64/ruby-extractor ruby/tools/osx64/extractor
|
||||||
|
cp win64/ruby-extractor.exe ruby/tools/win64/extractor.exe
|
||||||
|
chmod +x ruby/tools/{linux64,osx64}/{autobuilder,extractor}
|
||||||
zip -rq codeql-ruby.zip ruby
|
zip -rq codeql-ruby.zip ruby
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
@@ -210,6 +181,11 @@ jobs:
|
|||||||
- name: Fetch CodeQL
|
- name: Fetch CodeQL
|
||||||
uses: ./.github/actions/fetch-codeql
|
uses: ./.github/actions/fetch-codeql
|
||||||
|
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
with:
|
||||||
|
repository: Shopify/example-ruby-app
|
||||||
|
ref: 67a0decc5eb550f3a9228eda53925c3afd40dfe9
|
||||||
|
|
||||||
- name: Download Ruby bundle
|
- name: Download Ruby bundle
|
||||||
uses: actions/download-artifact@v3
|
uses: actions/download-artifact@v3
|
||||||
with:
|
with:
|
||||||
@@ -218,67 +194,27 @@ jobs:
|
|||||||
- name: Unzip Ruby bundle
|
- name: Unzip Ruby bundle
|
||||||
shell: bash
|
shell: bash
|
||||||
run: unzip -q -d "${{ runner.temp }}/ruby-bundle" "${{ runner.temp }}/codeql-ruby-bundle.zip"
|
run: unzip -q -d "${{ runner.temp }}/ruby-bundle" "${{ runner.temp }}/codeql-ruby-bundle.zip"
|
||||||
|
- name: Prepare test files
|
||||||
|
shell: bash
|
||||||
|
run: |
|
||||||
|
echo "import codeql.ruby.AST select count(File f)" > "test.ql"
|
||||||
|
echo "| 4 |" > "test.expected"
|
||||||
|
echo 'name: sample-tests
|
||||||
|
version: 0.0.0
|
||||||
|
dependencies:
|
||||||
|
codeql/ruby-all: 0.0.1
|
||||||
|
extractor: ruby
|
||||||
|
tests: .
|
||||||
|
' > qlpack.yml
|
||||||
- name: Run QL test
|
- name: Run QL test
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
codeql test run --search-path "${{ runner.temp }}/ruby-bundle" --additional-packs "${{ runner.temp }}/ruby-bundle" ruby/ql/test/library-tests/ast/constants/
|
codeql test run --search-path "${{ runner.temp }}/ruby-bundle" --additional-packs "${{ runner.temp }}/ruby-bundle" .
|
||||||
- name: Create database
|
- name: Create database
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
codeql database create --search-path "${{ runner.temp }}/ruby-bundle" --language ruby --source-root ruby/ql/test/library-tests/ast/constants/ ../database
|
codeql database create --search-path "${{ runner.temp }}/ruby-bundle" --language ruby --source-root . ../database
|
||||||
- name: Analyze database
|
- name: Analyze database
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
codeql database analyze --search-path "${{ runner.temp }}/ruby-bundle" --format=sarifv2.1.0 --output=out.sarif ../database ruby-code-scanning.qls
|
codeql database analyze --search-path "${{ runner.temp }}/ruby-bundle" --format=sarifv2.1.0 --output=out.sarif ../database ruby-code-scanning.qls
|
||||||
|
|
||||||
# This is a copy of the 'test' job that runs in a centos7 container.
|
|
||||||
# This tests that the extractor works correctly on systems with an old glibc.
|
|
||||||
test-centos7:
|
|
||||||
defaults:
|
|
||||||
run:
|
|
||||||
working-directory: ${{ github.workspace }}
|
|
||||||
strategy:
|
|
||||||
fail-fast: false
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
container:
|
|
||||||
image: centos:centos7
|
|
||||||
env:
|
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
||||||
needs: [package]
|
|
||||||
steps:
|
|
||||||
- name: Install gh cli
|
|
||||||
run: |
|
|
||||||
yum-config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.repo
|
|
||||||
# fetch-codeql requires unzip and jq
|
|
||||||
# jq is available in epel-release (https://docs.fedoraproject.org/en-US/epel/)
|
|
||||||
yum install -y gh unzip epel-release
|
|
||||||
yum install -y jq
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Fetch CodeQL
|
|
||||||
uses: ./.github/actions/fetch-codeql
|
|
||||||
|
|
||||||
# Due to a bug in Actions, we can't use runner.temp in the run blocks here.
|
|
||||||
# https://github.com/actions/runner/issues/2185
|
|
||||||
|
|
||||||
- name: Download Ruby bundle
|
|
||||||
uses: actions/download-artifact@v3
|
|
||||||
with:
|
|
||||||
name: codeql-ruby-bundle
|
|
||||||
path: ${{ runner.temp }}
|
|
||||||
- name: Unzip Ruby bundle
|
|
||||||
shell: bash
|
|
||||||
run: unzip -q -d "$RUNNER_TEMP"/ruby-bundle "$RUNNER_TEMP"/codeql-ruby-bundle.zip
|
|
||||||
|
|
||||||
- name: Run QL test
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
codeql test run --search-path "$RUNNER_TEMP"/ruby-bundle --additional-packs "$RUNNER_TEMP"/ruby-bundle ruby/ql/test/library-tests/ast/constants/
|
|
||||||
- name: Create database
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
codeql database create --search-path "$RUNNER_TEMP"/ruby-bundle --language ruby --source-root ruby/ql/test/library-tests/ast/constants/ ../database
|
|
||||||
- name: Analyze database
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
codeql database analyze --search-path "$RUNNER_TEMP"/ruby-bundle --format=sarifv2.1.0 --output=out.sarif ../database ruby-code-scanning.qls
|
|
||||||
|
|||||||
31
.github/workflows/ruby-qltest.yml
vendored
31
.github/workflows/ruby-qltest.yml
vendored
@@ -4,8 +4,7 @@ on:
|
|||||||
push:
|
push:
|
||||||
paths:
|
paths:
|
||||||
- "ruby/**"
|
- "ruby/**"
|
||||||
- "shared/**"
|
- .github/workflows/ruby-qltest.yml
|
||||||
- .github/workflows/ruby-build.yml
|
|
||||||
- .github/actions/fetch-codeql/action.yml
|
- .github/actions/fetch-codeql/action.yml
|
||||||
- codeql-workspace.yml
|
- codeql-workspace.yml
|
||||||
branches:
|
branches:
|
||||||
@@ -29,6 +28,23 @@ defaults:
|
|||||||
working-directory: ruby
|
working-directory: ruby
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
|
qlformat:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
- uses: ./.github/actions/fetch-codeql
|
||||||
|
- name: Check QL formatting
|
||||||
|
run: find ql "(" -name "*.ql" -or -name "*.qll" ")" -print0 | xargs -0 codeql query format --check-only
|
||||||
|
qlcompile:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
- uses: ./.github/actions/fetch-codeql
|
||||||
|
- name: Check QL compilation
|
||||||
|
run: |
|
||||||
|
codeql query compile --check-only --threads=0 --ram 5000 --warnings=error "ql/src" "ql/examples"
|
||||||
|
env:
|
||||||
|
GITHUB_TOKEN: ${{ github.token }}
|
||||||
qlupgrade:
|
qlupgrade:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
@@ -49,20 +65,17 @@ jobs:
|
|||||||
xargs codeql execute upgrades testdb
|
xargs codeql execute upgrades testdb
|
||||||
diff -q testdb/ruby.dbscheme downgrades/initial/ruby.dbscheme
|
diff -q testdb/ruby.dbscheme downgrades/initial/ruby.dbscheme
|
||||||
qltest:
|
qltest:
|
||||||
runs-on: ubuntu-latest-xl
|
runs-on: ubuntu-latest
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
fail-fast: false
|
||||||
|
matrix:
|
||||||
|
slice: ["1/2", "2/2"]
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- uses: ./.github/actions/fetch-codeql
|
- uses: ./.github/actions/fetch-codeql
|
||||||
- uses: ./ruby/actions/create-extractor-pack
|
- uses: ./ruby/actions/create-extractor-pack
|
||||||
- name: Cache compilation cache
|
|
||||||
id: query-cache
|
|
||||||
uses: ./.github/actions/cache-query-compilation
|
|
||||||
with:
|
|
||||||
key: ruby-qltest
|
|
||||||
- name: Run QL tests
|
- name: Run QL tests
|
||||||
run: |
|
run: |
|
||||||
codeql test run --threads=0 --ram 50000 --search-path "${{ github.workspace }}/ruby/extractor-pack" --check-databases --check-undefined-labels --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --consistency-queries ql/consistency-queries ql/test --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
|
codeql test run --threads=0 --ram 5000 --slice ${{ matrix.slice }} --search-path "${{ github.workspace }}/ruby/extractor-pack" --check-databases --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --consistency-queries ql/consistency-queries ql/test
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ github.token }}
|
GITHUB_TOKEN: ${{ github.token }}
|
||||||
|
|||||||
39
.github/workflows/swift-codegen.yml
vendored
Normal file
39
.github/workflows/swift-codegen.yml
vendored
Normal file
@@ -0,0 +1,39 @@
|
|||||||
|
name: "Swift: Check code generation"
|
||||||
|
|
||||||
|
on:
|
||||||
|
pull_request:
|
||||||
|
paths:
|
||||||
|
- "swift/**"
|
||||||
|
- "misc/bazel/**"
|
||||||
|
- "*.bazel*"
|
||||||
|
- .github/workflows/swift-codegen.yml
|
||||||
|
- .github/actions/fetch-codeql/action.yml
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
codegen:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
- uses: ./.github/actions/fetch-codeql
|
||||||
|
- uses: bazelbuild/setup-bazelisk@v2
|
||||||
|
- uses: actions/setup-python@v3
|
||||||
|
- uses: pre-commit/action@v3.0.0
|
||||||
|
name: Check that python code is properly formatted
|
||||||
|
with:
|
||||||
|
extra_args: autopep8 --all-files
|
||||||
|
- name: Run unit tests
|
||||||
|
run: |
|
||||||
|
bazel test //swift/codegen/test --test_output=errors
|
||||||
|
- uses: pre-commit/action@v3.0.0
|
||||||
|
name: Check that QL generated code was checked in
|
||||||
|
with:
|
||||||
|
extra_args: swift-codegen --all-files
|
||||||
|
- name: Generate C++ files
|
||||||
|
run: |
|
||||||
|
bazel run //swift/codegen:codegen -- --generate=trap,cpp --cpp-output=$PWD/swift-generated-cpp-files
|
||||||
|
- uses: actions/upload-artifact@v3
|
||||||
|
with:
|
||||||
|
name: swift-generated-cpp-files
|
||||||
|
path: swift-generated-cpp-files/**
|
||||||
45
.github/workflows/swift-integration-tests.yml
vendored
Normal file
45
.github/workflows/swift-integration-tests.yml
vendored
Normal file
@@ -0,0 +1,45 @@
|
|||||||
|
name: "Swift: Run Integration Tests"
|
||||||
|
|
||||||
|
on:
|
||||||
|
pull_request:
|
||||||
|
paths:
|
||||||
|
- "swift/**"
|
||||||
|
- "misc/bazel/**"
|
||||||
|
- "*.bazel*"
|
||||||
|
- .github/workflows/swift-integration-tests.yml
|
||||||
|
- .github/actions/fetch-codeql/action.yml
|
||||||
|
- codeql-workspace.yml
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
defaults:
|
||||||
|
run:
|
||||||
|
working-directory: swift
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
integration-tests:
|
||||||
|
runs-on: ${{ matrix.os }}
|
||||||
|
strategy:
|
||||||
|
fail-fast: false
|
||||||
|
matrix:
|
||||||
|
os:
|
||||||
|
- ubuntu-20.04
|
||||||
|
# - macos-latest TODO
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
- uses: ./.github/actions/fetch-codeql
|
||||||
|
- uses: bazelbuild/setup-bazelisk@v2
|
||||||
|
- uses: actions/setup-python@v3
|
||||||
|
- name: Build Swift extractor
|
||||||
|
run: |
|
||||||
|
bazel run //swift:create-extractor-pack
|
||||||
|
- name: Get Swift version
|
||||||
|
id: get_swift_version
|
||||||
|
run: |
|
||||||
|
VERSION=$(bazel run //swift/extractor -- --version | sed -ne 's/.*version \(\S*\).*/\1/p')
|
||||||
|
echo "::set-output name=version::$VERSION"
|
||||||
|
- uses: swift-actions/setup-swift@v1
|
||||||
|
with:
|
||||||
|
swift-version: "${{steps.get_swift_version.outputs.version}}"
|
||||||
|
- name: Run integration tests
|
||||||
|
run: |
|
||||||
|
python integration-tests/runner.py
|
||||||
43
.github/workflows/swift-qltest.yml
vendored
Normal file
43
.github/workflows/swift-qltest.yml
vendored
Normal file
@@ -0,0 +1,43 @@
|
|||||||
|
name: "Swift: Run QL Tests"
|
||||||
|
|
||||||
|
on:
|
||||||
|
pull_request:
|
||||||
|
paths:
|
||||||
|
- "swift/**"
|
||||||
|
- "misc/bazel/**"
|
||||||
|
- "*.bazel*"
|
||||||
|
- .github/workflows/swift-qltest.yml
|
||||||
|
- .github/actions/fetch-codeql/action.yml
|
||||||
|
- codeql-workspace.yml
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
defaults:
|
||||||
|
run:
|
||||||
|
working-directory: swift
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
qlformat:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
- uses: ./.github/actions/fetch-codeql
|
||||||
|
- name: Check QL formatting
|
||||||
|
run: find ql "(" -name "*.ql" -or -name "*.qll" ")" -print0 | xargs -0 codeql query format --check-only
|
||||||
|
qltest:
|
||||||
|
runs-on: ${{ matrix.os }}
|
||||||
|
strategy:
|
||||||
|
fail-fast: false
|
||||||
|
matrix:
|
||||||
|
os : [ubuntu-20.04, macos-latest]
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
- uses: ./.github/actions/fetch-codeql
|
||||||
|
- uses: bazelbuild/setup-bazelisk@v2
|
||||||
|
- name: Build Swift extractor
|
||||||
|
run: |
|
||||||
|
bazel run //swift:create-extractor-pack
|
||||||
|
- name: Run QL tests
|
||||||
|
run: |
|
||||||
|
codeql test run --threads=0 --ram 5000 --search-path "${{ github.workspace }}/swift/extractor-pack" --check-databases --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition ql/test
|
||||||
|
env:
|
||||||
|
GITHUB_TOKEN: ${{ github.token }}
|
||||||
107
.github/workflows/swift.yml
vendored
107
.github/workflows/swift.yml
vendored
@@ -1,107 +0,0 @@
|
|||||||
name: "Swift"
|
|
||||||
|
|
||||||
on:
|
|
||||||
pull_request:
|
|
||||||
paths:
|
|
||||||
- "swift/**"
|
|
||||||
- "misc/bazel/**"
|
|
||||||
- "misc/codegen/**"
|
|
||||||
- "*.bazel*"
|
|
||||||
- .github/workflows/swift.yml
|
|
||||||
- .github/actions/**
|
|
||||||
- codeql-workspace.yml
|
|
||||||
- .pre-commit-config.yaml
|
|
||||||
- "!**/*.md"
|
|
||||||
- "!**/*.qhelp"
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
- rc/*
|
|
||||||
- codeql-cli-*
|
|
||||||
push:
|
|
||||||
paths:
|
|
||||||
- "swift/**"
|
|
||||||
- "misc/bazel/**"
|
|
||||||
- "misc/codegen/**"
|
|
||||||
- "*.bazel*"
|
|
||||||
- .github/workflows/swift.yml
|
|
||||||
- .github/actions/**
|
|
||||||
- codeql-workspace.yml
|
|
||||||
- "!**/*.md"
|
|
||||||
- "!**/*.qhelp"
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
- rc/*
|
|
||||||
- codeql-cli-*
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
# not using a matrix as you cannot depend on a specific job in a matrix, and we want to start linux checks
|
|
||||||
# without waiting for the macOS build
|
|
||||||
build-and-test-macos:
|
|
||||||
runs-on: macos-12-xl
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ./swift/actions/build-and-test
|
|
||||||
build-and-test-linux:
|
|
||||||
runs-on: ubuntu-latest-xl
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ./swift/actions/build-and-test
|
|
||||||
qltests-linux:
|
|
||||||
needs: build-and-test-linux
|
|
||||||
runs-on: ubuntu-latest-xl
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ./swift/actions/run-ql-tests
|
|
||||||
qltests-macos:
|
|
||||||
if : ${{ github.event_name == 'pull_request' }}
|
|
||||||
needs: build-and-test-macos
|
|
||||||
runs-on: macos-12-xl
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ./swift/actions/run-ql-tests
|
|
||||||
integration-tests-linux:
|
|
||||||
needs: build-and-test-linux
|
|
||||||
runs-on: ubuntu-latest-xl
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ./swift/actions/run-integration-tests
|
|
||||||
integration-tests-macos:
|
|
||||||
if : ${{ github.event_name == 'pull_request' }}
|
|
||||||
needs: build-and-test-macos
|
|
||||||
runs-on: macos-12-xl
|
|
||||||
timeout-minutes: 60
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ./swift/actions/run-integration-tests
|
|
||||||
codegen:
|
|
||||||
if : ${{ github.event_name == 'pull_request' }}
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: bazelbuild/setup-bazelisk@v2
|
|
||||||
- uses: actions/setup-python@v4
|
|
||||||
with:
|
|
||||||
python-version-file: 'swift/.python-version'
|
|
||||||
- uses: pre-commit/action@v3.0.0
|
|
||||||
name: Check that python code is properly formatted
|
|
||||||
with:
|
|
||||||
extra_args: autopep8 --all-files
|
|
||||||
- uses: ./.github/actions/fetch-codeql
|
|
||||||
- uses: pre-commit/action@v3.0.0
|
|
||||||
name: Check that QL generated code was checked in
|
|
||||||
with:
|
|
||||||
extra_args: swift-codegen --all-files
|
|
||||||
- name: Generate C++ files
|
|
||||||
run: |
|
|
||||||
bazel run //swift/codegen:codegen -- --generate=trap,cpp --cpp-output=$PWD/generated-cpp-files
|
|
||||||
- uses: actions/upload-artifact@v3
|
|
||||||
with:
|
|
||||||
name: swift-generated-cpp-files
|
|
||||||
path: generated-cpp-files/**
|
|
||||||
database-upgrade-scripts:
|
|
||||||
if : ${{ github.event_name == 'pull_request' }}
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ./.github/actions/fetch-codeql
|
|
||||||
- uses: ./swift/actions/database-upgrade-scripts
|
|
||||||
46
.github/workflows/tree-sitter-extractor-test.yml
vendored
46
.github/workflows/tree-sitter-extractor-test.yml
vendored
@@ -1,46 +0,0 @@
|
|||||||
name: Test tree-sitter-extractor
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
paths:
|
|
||||||
- "shared/tree-sitter-extractor/**"
|
|
||||||
- .github/workflows/tree-sitter-extractor-test.yml
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
- "rc/*"
|
|
||||||
pull_request:
|
|
||||||
paths:
|
|
||||||
- "shared/tree-sitter-extractor/**"
|
|
||||||
- .github/workflows/tree-sitter-extractor-test.yml
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
- "rc/*"
|
|
||||||
|
|
||||||
env:
|
|
||||||
CARGO_TERM_COLOR: always
|
|
||||||
|
|
||||||
defaults:
|
|
||||||
run:
|
|
||||||
working-directory: shared/tree-sitter-extractor
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
test:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Check formatting
|
|
||||||
run: cargo fmt --all -- --check
|
|
||||||
- name: Run tests
|
|
||||||
run: cargo test --verbose
|
|
||||||
fmt:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Check formatting
|
|
||||||
run: cargo fmt --check
|
|
||||||
clippy:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Run clippy
|
|
||||||
run: cargo clippy -- --no-deps -D warnings -A clippy::new_without_default -A clippy::too_many_arguments
|
|
||||||
2
.gitignore
vendored
2
.gitignore
vendored
@@ -27,6 +27,8 @@
|
|||||||
# It's useful (though not required) to be able to unpack codeql in the ql checkout itself
|
# It's useful (though not required) to be able to unpack codeql in the ql checkout itself
|
||||||
/codeql/
|
/codeql/
|
||||||
|
|
||||||
|
csharp/extractor/Semmle.Extraction.CSharp.Driver/Properties/launchSettings.json
|
||||||
|
|
||||||
# Avoid committing cached package components
|
# Avoid committing cached package components
|
||||||
.codeql
|
.codeql
|
||||||
|
|
||||||
|
|||||||
@@ -19,7 +19,7 @@ repos:
|
|||||||
rev: v1.6.0
|
rev: v1.6.0
|
||||||
hooks:
|
hooks:
|
||||||
- id: autopep8
|
- id: autopep8
|
||||||
files: ^misc/codegen/.*\.py
|
files: ^swift/codegen/.*\.py
|
||||||
|
|
||||||
- repo: local
|
- repo: local
|
||||||
hooks:
|
hooks:
|
||||||
@@ -31,7 +31,7 @@ repos:
|
|||||||
|
|
||||||
- id: sync-files
|
- id: sync-files
|
||||||
name: Fix files required to be identical
|
name: Fix files required to be identical
|
||||||
files: \.(qll?|qhelp|swift)$|^config/identical-files\.json$
|
files: \.(qll?|qhelp|swift)$
|
||||||
language: system
|
language: system
|
||||||
entry: python3 config/sync-files.py --latest
|
entry: python3 config/sync-files.py --latest
|
||||||
pass_filenames: false
|
pass_filenames: false
|
||||||
@@ -44,7 +44,7 @@ repos:
|
|||||||
|
|
||||||
- id: swift-codegen
|
- id: swift-codegen
|
||||||
name: Run Swift checked in code generation
|
name: Run Swift checked in code generation
|
||||||
files: ^swift/(schema.py$|codegen/|.*/generated/|ql/lib/(swift\.dbscheme$|codeql/swift/elements)|ql/\.generated.list)
|
files: ^swift/(codegen/|.*/generated/|ql/lib/(swift\.dbscheme$|codeql/swift/elements))
|
||||||
language: system
|
language: system
|
||||||
entry: bazel run //swift/codegen -- --quiet
|
entry: bazel run //swift/codegen -- --quiet
|
||||||
pass_filenames: false
|
pass_filenames: false
|
||||||
@@ -53,5 +53,5 @@ repos:
|
|||||||
name: Run Swift code generation unit tests
|
name: Run Swift code generation unit tests
|
||||||
files: ^swift/codegen/.*\.py$
|
files: ^swift/codegen/.*\.py$
|
||||||
language: system
|
language: system
|
||||||
entry: bazel test //misc/codegen/test
|
entry: bazel test //swift/codegen/test
|
||||||
pass_filenames: false
|
pass_filenames: false
|
||||||
|
|||||||
4
.vscode/settings.json
vendored
4
.vscode/settings.json
vendored
@@ -1,5 +1,3 @@
|
|||||||
{
|
{
|
||||||
"omnisharp.autoStart": false,
|
"omnisharp.autoStart": false
|
||||||
"cmake.sourceDirectory": "${workspaceFolder}/swift",
|
|
||||||
"cmake.buildDirectory": "${workspaceFolder}/bazel-cmake-build"
|
|
||||||
}
|
}
|
||||||
|
|||||||
16
.vscode/tasks.json
vendored
16
.vscode/tasks.json
vendored
@@ -22,22 +22,6 @@
|
|||||||
"command": "${config:python.pythonPath}",
|
"command": "${config:python.pythonPath}",
|
||||||
},
|
},
|
||||||
"problemMatcher": []
|
"problemMatcher": []
|
||||||
},
|
|
||||||
{
|
|
||||||
"label": "Accept .expected changes from CI",
|
|
||||||
"type": "process",
|
|
||||||
// Non-Windows OS will usually have Python 3 already installed at /usr/bin/python3.
|
|
||||||
"command": "python3",
|
|
||||||
"args": [
|
|
||||||
"misc/scripts/accept-expected-changes-from-ci.py"
|
|
||||||
],
|
|
||||||
"group": "build",
|
|
||||||
"windows": {
|
|
||||||
// On Windows, use whatever Python interpreter is configured for this workspace. The default is
|
|
||||||
// just `python`, so if Python is already on the path, this will find it.
|
|
||||||
"command": "${config:python.pythonPath}",
|
|
||||||
},
|
|
||||||
"problemMatcher": []
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
22
CODEOWNERS
22
CODEOWNERS
@@ -5,18 +5,24 @@
|
|||||||
/javascript/ @github/codeql-javascript
|
/javascript/ @github/codeql-javascript
|
||||||
/python/ @github/codeql-python
|
/python/ @github/codeql-python
|
||||||
/ruby/ @github/codeql-ruby
|
/ruby/ @github/codeql-ruby
|
||||||
/swift/ @github/codeql-swift
|
/swift/ @github/codeql-c
|
||||||
/misc/codegen/ @github/codeql-swift
|
|
||||||
/java/kotlin-extractor/ @github/codeql-kotlin
|
/java/kotlin-extractor/ @github/codeql-kotlin
|
||||||
/java/kotlin-explorer/ @github/codeql-kotlin
|
/java/kotlin-explorer/ @github/codeql-kotlin
|
||||||
|
|
||||||
# ML-powered queries
|
# ML-powered queries
|
||||||
/javascript/ql/experimental/adaptivethreatmodeling/ @github/codeql-ml-powered-queries-reviewers
|
/javascript/ql/experimental/adaptivethreatmodeling/ @github/codeql-ml-powered-queries-reviewers
|
||||||
|
|
||||||
|
# Notify members of codeql-go about PRs to the shared data-flow library files
|
||||||
|
/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl.qll @github/codeql-java @github/codeql-go
|
||||||
|
/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl2.qll @github/codeql-java @github/codeql-go
|
||||||
|
/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll @github/codeql-java @github/codeql-go
|
||||||
|
/java/ql/src/semmle/code/java/dataflow/internal/tainttracking1/TaintTrackingImpl.qll @github/codeql-java @github/codeql-go
|
||||||
|
/java/ql/src/semmle/code/java/dataflow/internal/tainttracking2/TaintTrackingImpl.qll @github/codeql-java @github/codeql-go
|
||||||
|
|
||||||
# CodeQL tools and associated docs
|
# CodeQL tools and associated docs
|
||||||
/docs/codeql/codeql-cli/ @github/codeql-cli-reviewers
|
/docs/codeql-cli/ @github/codeql-cli-reviewers
|
||||||
/docs/codeql/codeql-for-visual-studio-code/ @github/codeql-vscode-reviewers
|
/docs/codeql-for-visual-studio-code/ @github/codeql-vscode-reviewers
|
||||||
/docs/codeql/ql-language-reference/ @github/codeql-frontend-reviewers
|
/docs/ql-language-reference/ @github/codeql-frontend-reviewers
|
||||||
/docs/query-*-style-guide.md @github/codeql-analysis-reviewers
|
/docs/query-*-style-guide.md @github/codeql-analysis-reviewers
|
||||||
|
|
||||||
# QL for QL reviewers
|
# QL for QL reviewers
|
||||||
@@ -34,12 +40,8 @@ WORKSPACE.bazel @github/codeql-ci-reviewers
|
|||||||
|
|
||||||
# Workflows
|
# Workflows
|
||||||
/.github/workflows/ @github/codeql-ci-reviewers
|
/.github/workflows/ @github/codeql-ci-reviewers
|
||||||
/.github/workflows/atm-* @github/codeql-ml-powered-queries-reviewers
|
|
||||||
/.github/workflows/go-* @github/codeql-go
|
/.github/workflows/go-* @github/codeql-go
|
||||||
/.github/workflows/js-ml-tests.yml @github/codeql-ml-powered-queries-reviewers
|
/.github/workflows/js-ml-tests.yml @github/codeql-ml-powered-queries-reviewers
|
||||||
/.github/workflows/ql-for-ql-* @github/codeql-ql-for-ql-reviewers
|
/.github/workflows/ql-for-ql-* @github/codeql-ql-for-ql-reviewers
|
||||||
/.github/workflows/ruby-* @github/codeql-ruby
|
/.github/workflows/ruby-* @github/codeql-ruby
|
||||||
/.github/workflows/swift.yml @github/codeql-swift
|
/.github/workflows/swift-* @github/codeql-c
|
||||||
|
|
||||||
# Misc
|
|
||||||
/misc/scripts/accept-expected-changes-from-ci.py @RasmusWL
|
|
||||||
|
|||||||
@@ -25,7 +25,6 @@ If you have an idea for a query that you would like to share with other CodeQL u
|
|||||||
|
|
||||||
Each language-specific directory contains further subdirectories that group queries based on their `@tags` or purpose.
|
Each language-specific directory contains further subdirectories that group queries based on their `@tags` or purpose.
|
||||||
- Experimental queries and libraries are stored in the `experimental` subdirectory within each language-specific directory in the [CodeQL repository](https://github.com/github/codeql). For example, experimental Java queries and libraries are stored in `java/ql/src/experimental` and any corresponding tests in `java/ql/test/experimental`.
|
- Experimental queries and libraries are stored in the `experimental` subdirectory within each language-specific directory in the [CodeQL repository](https://github.com/github/codeql). For example, experimental Java queries and libraries are stored in `java/ql/src/experimental` and any corresponding tests in `java/ql/test/experimental`.
|
||||||
- Experimental queries need to include `experimental` in their `@tags`
|
|
||||||
- The structure of an `experimental` subdirectory mirrors the structure of its parent directory.
|
- The structure of an `experimental` subdirectory mirrors the structure of its parent directory.
|
||||||
- Select or create an appropriate directory in `experimental` based on the existing directory structure of `experimental` or its parent directory.
|
- Select or create an appropriate directory in `experimental` based on the existing directory structure of `experimental` or its parent directory.
|
||||||
|
|
||||||
|
|||||||
@@ -4,14 +4,13 @@ This open source repository contains the standard CodeQL libraries and queries t
|
|||||||
|
|
||||||
## How do I learn CodeQL and run queries?
|
## How do I learn CodeQL and run queries?
|
||||||
|
|
||||||
There is [extensive documentation](https://codeql.github.com/docs/) on getting started with writing CodeQL using the [CodeQL extension for Visual Studio Code](https://codeql.github.com/docs/codeql-for-visual-studio-code/) and the [CodeQL CLI](https://codeql.github.com/docs/codeql-cli/).
|
There is [extensive documentation](https://codeql.github.com/docs/) on getting started with writing CodeQL.
|
||||||
|
You can use the [CodeQL for Visual Studio Code](https://codeql.github.com/docs/codeql-for-visual-studio-code/) extension or the [interactive query console](https://lgtm.com/help/lgtm/using-query-console) on LGTM.com (Semmle Legacy product) to try out your queries on any open source project that's currently being analyzed.
|
||||||
|
|
||||||
## Contributing
|
## Contributing
|
||||||
|
|
||||||
We welcome contributions to our standard library and standard checks. Do you have an idea for a new check, or how to improve an existing query? Then please go ahead and open a pull request! Before you do, though, please take the time to read our [contributing guidelines](CONTRIBUTING.md). You can also consult our [style guides](https://github.com/github/codeql/tree/main/docs) to learn how to format your code for consistency and clarity, how to write query metadata, and how to write query help documentation for your query.
|
We welcome contributions to our standard library and standard checks. Do you have an idea for a new check, or how to improve an existing query? Then please go ahead and open a pull request! Before you do, though, please take the time to read our [contributing guidelines](CONTRIBUTING.md). You can also consult our [style guides](https://github.com/github/codeql/tree/main/docs) to learn how to format your code for consistency and clarity, how to write query metadata, and how to write query help documentation for your query.
|
||||||
|
|
||||||
For information on contributing to CodeQL documentation, see the "[contributing guide](docs/codeql/CONTRIBUTING.md)" for docs.
|
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
The code in this repository is licensed under the [MIT License](LICENSE) by [GitHub](https://github.com).
|
The code in this repository is licensed under the [MIT License](LICENSE) by [GitHub](https://github.com).
|
||||||
|
|||||||
@@ -52,7 +52,7 @@
|
|||||||
| Unneeded defensive code | More true positive and fewer false positive results | This query now recognizes additional defensive code patterns. |
|
| Unneeded defensive code | More true positive and fewer false positive results | This query now recognizes additional defensive code patterns. |
|
||||||
| Unsafe dynamic method access | Fewer false positive results | This query no longer flags concatenated strings as unsafe method names. |
|
| Unsafe dynamic method access | Fewer false positive results | This query no longer flags concatenated strings as unsafe method names. |
|
||||||
| Unused parameter | Fewer false positive results | This query no longer flags parameters with leading underscore. |
|
| Unused parameter | Fewer false positive results | This query no longer flags parameters with leading underscore. |
|
||||||
| Unused variable, import, function or class | Fewer false positive results | This query now flags fewer variables that are implicitly used by JSX elements. It no longer flags variables with a leading underscore and variables in dead code. |
|
| Unused variable, import, function or class | Fewer false positive results | This query now flags fewer variables that are implictly used by JSX elements. It no longer flags variables with a leading underscore and variables in dead code. |
|
||||||
| Unvalidated dynamic method call | More true positive results | This query now flags concatenated strings as unvalidated method names in more cases. |
|
| Unvalidated dynamic method call | More true positive results | This query now flags concatenated strings as unvalidated method names in more cases. |
|
||||||
| Useless assignment to property. | Fewer false positive results | This query now treats assignments with complex right-hand sides correctly. |
|
| Useless assignment to property. | Fewer false positive results | This query now treats assignments with complex right-hand sides correctly. |
|
||||||
| Useless conditional | Fewer results | Additional defensive coding patterns are now ignored. |
|
| Useless conditional | Fewer results | Additional defensive coding patterns are now ignored. |
|
||||||
|
|||||||
@@ -19,7 +19,7 @@ The following changes in version 1.23 affect C/C++ analysis in all applications.
|
|||||||
| Hard-coded Japanese era start date in call (`cpp/japanese-era/constructor-or-method-with-exact-era-date`) | Deprecated | This query has been deprecated. Use the new combined query Hard-coded Japanese era start date (`cpp/japanese-era/exact-era-date`) instead. |
|
| Hard-coded Japanese era start date in call (`cpp/japanese-era/constructor-or-method-with-exact-era-date`) | Deprecated | This query has been deprecated. Use the new combined query Hard-coded Japanese era start date (`cpp/japanese-era/exact-era-date`) instead. |
|
||||||
| Hard-coded Japanese era start date in struct (`cpp/japanese-era/struct-with-exact-era-date`) | Deprecated | This query has been deprecated. Use the new combined query Hard-coded Japanese era start date (`cpp/japanese-era/exact-era-date`) instead. |
|
| Hard-coded Japanese era start date in struct (`cpp/japanese-era/struct-with-exact-era-date`) | Deprecated | This query has been deprecated. Use the new combined query Hard-coded Japanese era start date (`cpp/japanese-era/exact-era-date`) instead. |
|
||||||
| Hard-coded Japanese era start date (`cpp/japanese-era/exact-era-date`) | More correct results | This query now checks for the beginning date of the Reiwa era (1st May 2019). |
|
| Hard-coded Japanese era start date (`cpp/japanese-era/exact-era-date`) | More correct results | This query now checks for the beginning date of the Reiwa era (1st May 2019). |
|
||||||
| Non-constant format string (`cpp/non-constant-format`) | Fewer false positive results | Fixed false positive results triggered by mismatching declarations of a formatting function. |
|
| Non-constant format string (`cpp/non-constant-format`) | Fewer false positive results | Fixed false positive results triggrered by mismatching declarations of a formatting function. |
|
||||||
| Sign check of bitwise operation (`cpp/bitwise-sign-check`) | Fewer false positive results | Results involving `>=` or `<=` are no longer reported. |
|
| Sign check of bitwise operation (`cpp/bitwise-sign-check`) | Fewer false positive results | Results involving `>=` or `<=` are no longer reported. |
|
||||||
| Too few arguments to formatting function (`cpp/wrong-number-format-arguments`) | Fewer false positive results | Fixed false positive results triggered by mismatching declarations of a formatting function. |
|
| Too few arguments to formatting function (`cpp/wrong-number-format-arguments`) | Fewer false positive results | Fixed false positive results triggered by mismatching declarations of a formatting function. |
|
||||||
| Too many arguments to formatting function (`cpp/too-many-format-arguments`) | Fewer false positive results | Fixed false positive results triggered by mismatching declarations of a formatting function. |
|
| Too many arguments to formatting function (`cpp/too-many-format-arguments`) | Fewer false positive results | Fixed false positive results triggered by mismatching declarations of a formatting function. |
|
||||||
|
|||||||
@@ -91,7 +91,7 @@
|
|||||||
|
|
||||||
## Changes to libraries
|
## Changes to libraries
|
||||||
|
|
||||||
* The predicates `RegExpTerm.getSuccessor` and `RegExpTerm.getPredecessor` have been changed to reflect textual, not operational, matching order. This only makes a difference in lookbehind assertions, which are operationally matched backwards. Previously, `getSuccessor` would mimic this, so in an assertion `(?<=ab)` the term `b` would be considered the predecessor, not the successor, of `a`. Textually, however, `a` is still matched before `b`, and this is the order we now follow.
|
* The predicates `RegExpTerm.getSuccessor` and `RegExpTerm.getPredecessor` have been changed to reflect textual, not operational, matching order. This only makes a difference in lookbehind assertions, which are operationally matched backwards. Previously, `getSuccessor` would mimick this, so in an assertion `(?<=ab)` the term `b` would be considered the predecessor, not the successor, of `a`. Textually, however, `a` is still matched before `b`, and this is the order we now follow.
|
||||||
* An extensible model of the `EventEmitter` pattern has been implemented.
|
* An extensible model of the `EventEmitter` pattern has been implemented.
|
||||||
* Taint-tracking configurations now interact differently with the `data` flow label, which may affect queries
|
* Taint-tracking configurations now interact differently with the `data` flow label, which may affect queries
|
||||||
that combine taint-tracking and flow labels.
|
that combine taint-tracking and flow labels.
|
||||||
|
|||||||
@@ -17,7 +17,6 @@ provide:
|
|||||||
# - "javascript/ql/experimental/adaptivethreatmodeling/model/qlpack.yml"
|
# - "javascript/ql/experimental/adaptivethreatmodeling/model/qlpack.yml"
|
||||||
- "javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/qlpack.yml"
|
- "javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/qlpack.yml"
|
||||||
- "javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml"
|
- "javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml"
|
||||||
- "javascript/ql/experimental/adaptivethreatmodeling/test/qlpack.yml"
|
|
||||||
- "csharp/ql/campaigns/Solorigate/lib/qlpack.yml"
|
- "csharp/ql/campaigns/Solorigate/lib/qlpack.yml"
|
||||||
- "csharp/ql/campaigns/Solorigate/src/qlpack.yml"
|
- "csharp/ql/campaigns/Solorigate/src/qlpack.yml"
|
||||||
- "csharp/ql/campaigns/Solorigate/test/qlpack.yml"
|
- "csharp/ql/campaigns/Solorigate/test/qlpack.yml"
|
||||||
@@ -25,8 +24,7 @@ provide:
|
|||||||
- "misc/suite-helpers/qlpack.yml"
|
- "misc/suite-helpers/qlpack.yml"
|
||||||
- "ruby/extractor-pack/codeql-extractor.yml"
|
- "ruby/extractor-pack/codeql-extractor.yml"
|
||||||
- "swift/extractor-pack/codeql-extractor.yml"
|
- "swift/extractor-pack/codeql-extractor.yml"
|
||||||
- "swift/integration-tests/qlpack.yml"
|
- "ql/extractor-pack/codeql-extractor.ym"
|
||||||
- "ql/extractor-pack/codeql-extractor.yml"
|
|
||||||
|
|
||||||
versionPolicies:
|
versionPolicies:
|
||||||
default:
|
default:
|
||||||
|
|||||||
@@ -1,21 +0,0 @@
|
|||||||
const mongoose = require('mongoose');
|
|
||||||
|
|
||||||
Logger = require('./logger').Logger;
|
|
||||||
Note = require('./models/note').Note;
|
|
||||||
|
|
||||||
(async () => {
|
|
||||||
if (process.argv.length != 5) {
|
|
||||||
Logger.log("Creates a private note. Usage: node add-note.js <token> <title> <body>")
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Open the default mongoose connection
|
|
||||||
await mongoose.connect('mongodb://localhost:27017/notes', { useFindAndModify: false });
|
|
||||||
|
|
||||||
const [userToken, title, body] = process.argv.slice(2);
|
|
||||||
await Note.create({ title, body, userToken });
|
|
||||||
|
|
||||||
Logger.log(`Created private note with title ${title} and body ${body} belonging to user with token ${userToken}.`);
|
|
||||||
|
|
||||||
await mongoose.connection.close();
|
|
||||||
})();
|
|
||||||
@@ -1,68 +0,0 @@
|
|||||||
const bodyParser = require('body-parser');
|
|
||||||
const express = require('express');
|
|
||||||
const mongoose = require('mongoose');
|
|
||||||
|
|
||||||
const notesApi = require('./notes-api');
|
|
||||||
const usersApi = require('./users-api');
|
|
||||||
|
|
||||||
const addSampleData = module.exports.addSampleData = async () => {
|
|
||||||
const [userA, userB] = await User.create([
|
|
||||||
{
|
|
||||||
name: "A",
|
|
||||||
token: "tokenA"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "B",
|
|
||||||
token: "tokenB"
|
|
||||||
}
|
|
||||||
]);
|
|
||||||
|
|
||||||
await Note.create([
|
|
||||||
{
|
|
||||||
title: "Public note belonging to A",
|
|
||||||
body: "This is a public note belonging to A",
|
|
||||||
isPublic: true,
|
|
||||||
ownerToken: userA.token
|
|
||||||
},
|
|
||||||
{
|
|
||||||
title: "Public note belonging to B",
|
|
||||||
body: "This is a public note belonging to B",
|
|
||||||
isPublic: true,
|
|
||||||
ownerToken: userB.token
|
|
||||||
},
|
|
||||||
{
|
|
||||||
title: "Private note belonging to A",
|
|
||||||
body: "This is a private note belonging to A",
|
|
||||||
ownerToken: userA.token
|
|
||||||
},
|
|
||||||
{
|
|
||||||
title: "Private note belonging to B",
|
|
||||||
body: "This is a private note belonging to B",
|
|
||||||
ownerToken: userB.token
|
|
||||||
}
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
|
|
||||||
module.exports.startApp = async () => {
|
|
||||||
// Open the default mongoose connection
|
|
||||||
await mongoose.connect('mongodb://mongo:27017/notes', { useFindAndModify: false });
|
|
||||||
// Drop contents of DB
|
|
||||||
mongoose.connection.dropDatabase();
|
|
||||||
// Add some sample data
|
|
||||||
await addSampleData();
|
|
||||||
|
|
||||||
const app = express();
|
|
||||||
|
|
||||||
app.use(bodyParser.json());
|
|
||||||
app.use(bodyParser.urlencoded());
|
|
||||||
|
|
||||||
app.get('/', async (_req, res) => {
|
|
||||||
res.send('Hello World');
|
|
||||||
});
|
|
||||||
|
|
||||||
app.use('/api/notes', notesApi.router);
|
|
||||||
app.use('/api/users', usersApi.router);
|
|
||||||
|
|
||||||
app.listen(3000);
|
|
||||||
Logger.log('Express started on port 3000');
|
|
||||||
};
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
const startApp = require('./app').startApp;
|
|
||||||
|
|
||||||
Logger = require('./logger').Logger;
|
|
||||||
Note = require('./models/note').Note;
|
|
||||||
User = require('./models/user').User;
|
|
||||||
|
|
||||||
startApp();
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
module.exports.Logger = class {
|
|
||||||
log(message, ...objs) {
|
|
||||||
console.log(message, objs);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
@@ -1,8 +0,0 @@
|
|||||||
const mongoose = require('mongoose');
|
|
||||||
|
|
||||||
module.exports.Note = mongoose.model('Note', new mongoose.Schema({
|
|
||||||
title: String,
|
|
||||||
body: String,
|
|
||||||
ownerToken: String,
|
|
||||||
isPublic: Boolean
|
|
||||||
}));
|
|
||||||
@@ -1,6 +0,0 @@
|
|||||||
const mongoose = require('mongoose');
|
|
||||||
|
|
||||||
module.exports.User = mongoose.model('User', new mongoose.Schema({
|
|
||||||
name: String,
|
|
||||||
token: String
|
|
||||||
}));
|
|
||||||
@@ -1,44 +0,0 @@
|
|||||||
const express = require('express')
|
|
||||||
|
|
||||||
const router = module.exports.router = express.Router();
|
|
||||||
|
|
||||||
function serializeNote(note) {
|
|
||||||
return {
|
|
||||||
title: note.title,
|
|
||||||
body: note.body
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
router.post('/find', async (req, res) => {
|
|
||||||
const notes = await Note.find({
|
|
||||||
ownerToken: req.body.token
|
|
||||||
}).exec();
|
|
||||||
res.json({
|
|
||||||
notes: notes.map(serializeNote)
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/findPublic', async (_req, res) => {
|
|
||||||
const notes = await Note.find({
|
|
||||||
isPublic: true
|
|
||||||
}).exec();
|
|
||||||
res.json({
|
|
||||||
notes: notes.map(serializeNote)
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post('/findVisible', async (req, res) => {
|
|
||||||
const notes = await Note.find({
|
|
||||||
$or: [
|
|
||||||
{
|
|
||||||
isPublic: true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
ownerToken: req.body.token
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}).exec();
|
|
||||||
res.json({
|
|
||||||
notes: notes.map(serializeNote)
|
|
||||||
});
|
|
||||||
});
|
|
||||||
@@ -1,37 +0,0 @@
|
|||||||
const mongoose = require('mongoose');
|
|
||||||
|
|
||||||
Logger = require('./logger').Logger;
|
|
||||||
Note = require('./models/note').Note;
|
|
||||||
User = require('./models/user').User;
|
|
||||||
|
|
||||||
(async () => {
|
|
||||||
if (process.argv.length != 3) {
|
|
||||||
Logger.log("Outputs all notes visible to a user. Usage: node read-notes.js <token>")
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Open the default mongoose connection
|
|
||||||
await mongoose.connect('mongodb://localhost:27017/notes', { useFindAndModify: false });
|
|
||||||
|
|
||||||
const ownerToken = process.argv[2];
|
|
||||||
|
|
||||||
const user = await User.findOne({
|
|
||||||
token: ownerToken
|
|
||||||
}).exec();
|
|
||||||
|
|
||||||
const notes = await Note.find({
|
|
||||||
$or: [
|
|
||||||
{ isPublic: true },
|
|
||||||
{ ownerToken }
|
|
||||||
]
|
|
||||||
}).exec();
|
|
||||||
|
|
||||||
notes.map(note => {
|
|
||||||
Logger.log("Title:" + note.title);
|
|
||||||
Logger.log("By:" + user.name);
|
|
||||||
Logger.log("Body:" + note.body);
|
|
||||||
Logger.log();
|
|
||||||
});
|
|
||||||
|
|
||||||
await mongoose.connection.close();
|
|
||||||
})();
|
|
||||||
@@ -1,25 +0,0 @@
|
|||||||
const express = require('express')
|
|
||||||
|
|
||||||
Logger = require('./logger').Logger;
|
|
||||||
const router = module.exports.router = express.Router();
|
|
||||||
|
|
||||||
router.post('/updateName', async (req, res) => {
|
|
||||||
Logger.log("/updateName called with new name", req.body.name);
|
|
||||||
await User.findOneAndUpdate({
|
|
||||||
token: req.body.token
|
|
||||||
}, {
|
|
||||||
name: req.body.name
|
|
||||||
}).exec();
|
|
||||||
res.json({
|
|
||||||
name: req.body.name
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post('/getName', async (req, res) => {
|
|
||||||
const user = await User.findOne({
|
|
||||||
token: req.body.token
|
|
||||||
}).exec();
|
|
||||||
res.json({
|
|
||||||
name: user.name
|
|
||||||
});
|
|
||||||
});
|
|
||||||
@@ -1,91 +1,66 @@
|
|||||||
{
|
{
|
||||||
"DataFlow Java/C++/C#/Go/Python/Ruby/Swift": [
|
"DataFlow Java/C++/C#/Python": [
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlow.qll",
|
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlow.qll",
|
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlow.qll",
|
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlow.qll",
|
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/DataFlow.qll",
|
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlow.qll",
|
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlow.qll",
|
|
||||||
"swift/ql/lib/codeql/swift/dataflow/internal/DataFlow.qll"
|
|
||||||
],
|
|
||||||
"DataFlowImpl Java/C++/C#/Go/Python/Ruby/Swift": [
|
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll",
|
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll",
|
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll",
|
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll",
|
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll",
|
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll",
|
|
||||||
"swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll"
|
|
||||||
],
|
|
||||||
"DataFlow Java/C++/C#/Go/Python/Ruby/Swift Legacy Configuration": [
|
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl1.qll",
|
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll",
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll",
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll",
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll",
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl1.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll",
|
||||||
|
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForOnActivityResult.qll",
|
||||||
|
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll",
|
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll",
|
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll",
|
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll",
|
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl1.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl1.qll",
|
"cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll",
|
||||||
|
"cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll",
|
||||||
|
"cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll",
|
||||||
|
"cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll",
|
||||||
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll",
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl1.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplForContentDataFlow.qll",
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl2.qll",
|
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll",
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/DataFlowImplForStringsNewReplacer.qll",
|
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl1.qll",
|
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll",
|
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll",
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll",
|
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll",
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll",
|
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl1.qll",
|
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll",
|
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll",
|
||||||
|
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForLibraries.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForHttpClientLibraries.qll",
|
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForHttpClientLibraries.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForPathname.qll",
|
"swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll"
|
||||||
"swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl1.qll"
|
|
||||||
],
|
],
|
||||||
"DataFlow Java/C++/C#/Go/Python/Ruby/Swift Common": [
|
"DataFlow Java/C++/C#/Python Common": [
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll",
|
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll",
|
||||||
|
"cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll",
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/DataFlowImplCommon.qll",
|
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll",
|
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplCommon.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll",
|
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll",
|
||||||
"swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll"
|
"swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll"
|
||||||
],
|
],
|
||||||
"TaintTracking Java/C++/C#/Go/Python/Ruby/Swift": [
|
"TaintTracking::Configuration Java/C++/C#/Python": [
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTracking.qll",
|
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTracking.qll",
|
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTracking.qll",
|
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/tainttracking1/TaintTracking.qll",
|
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTracking.qll",
|
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/tainttracking1/TaintTracking.qll",
|
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/tainttracking1/TaintTracking.qll",
|
|
||||||
"swift/ql/lib/codeql/swift/dataflow/internal/tainttracking1/TaintTracking.qll"
|
|
||||||
],
|
|
||||||
"TaintTracking Legacy Configuration Java/C++/C#/Go/Python/Ruby/Swift": [
|
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
|
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking3/TaintTrackingImpl.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking3/TaintTrackingImpl.qll",
|
||||||
|
"cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
||||||
|
"cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
|
||||||
|
"cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/tainttracking3/TaintTrackingImpl.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking3/TaintTrackingImpl.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking3/TaintTrackingImpl.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking4/TaintTrackingImpl.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking4/TaintTrackingImpl.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking5/TaintTrackingImpl.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking5/TaintTrackingImpl.qll",
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
|
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/tainttracking3/TaintTrackingImpl.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/tainttracking3/TaintTrackingImpl.qll",
|
||||||
@@ -94,21 +69,22 @@
|
|||||||
"python/ql/lib/semmle/python/dataflow/new/internal/tainttracking3/TaintTrackingImpl.qll",
|
"python/ql/lib/semmle/python/dataflow/new/internal/tainttracking3/TaintTrackingImpl.qll",
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/tainttracking4/TaintTrackingImpl.qll",
|
"python/ql/lib/semmle/python/dataflow/new/internal/tainttracking4/TaintTrackingImpl.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
"ruby/ql/lib/codeql/ruby/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
|
||||||
|
"ruby/ql/lib/codeql/ruby/dataflow/internal/tainttrackingforlibraries/TaintTrackingImpl.qll",
|
||||||
"swift/ql/lib/codeql/swift/dataflow/internal/tainttracking1/TaintTrackingImpl.qll"
|
"swift/ql/lib/codeql/swift/dataflow/internal/tainttracking1/TaintTrackingImpl.qll"
|
||||||
],
|
],
|
||||||
"DataFlow Java/C++/C#/Python/Ruby/Swift Consistency checks": [
|
"DataFlow Java/C++/C#/Python Consistency checks": [
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll",
|
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll",
|
||||||
|
"cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplConsistency.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplConsistency.qll",
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplConsistency.qll",
|
"python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplConsistency.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplConsistency.qll",
|
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplConsistency.qll",
|
||||||
"swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll"
|
"swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll"
|
||||||
],
|
],
|
||||||
"DataFlow Java/C#/Go/Ruby/Python/Swift Flow Summaries": [
|
"DataFlow Java/C#/Ruby/Python/Swift Flow Summaries": [
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll",
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll",
|
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll",
|
"ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll",
|
||||||
"python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll",
|
"python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll",
|
||||||
"swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll"
|
"swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll"
|
||||||
@@ -118,12 +94,8 @@
|
|||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll"
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll"
|
||||||
],
|
],
|
||||||
"Model as Data Generation Java/C# - CaptureModels": [
|
"Model as Data Generation Java/C# - CaptureModels": [
|
||||||
"java/ql/src/utils/modelgenerator/internal/CaptureModels.qll",
|
"java/ql/src/utils/model-generator/internal/CaptureModels.qll",
|
||||||
"csharp/ql/src/utils/modelgenerator/internal/CaptureModels.qll"
|
"csharp/ql/src/utils/model-generator/internal/CaptureModels.qll"
|
||||||
],
|
|
||||||
"Model as Data Generation Java/C# - CaptureModelsPrinting": [
|
|
||||||
"java/ql/src/utils/modelgenerator/internal/CaptureModelsPrinting.qll",
|
|
||||||
"csharp/ql/src/utils/modelgenerator/internal/CaptureModelsPrinting.qll"
|
|
||||||
],
|
],
|
||||||
"Sign Java/C#": [
|
"Sign Java/C#": [
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/Sign.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/Sign.qll",
|
||||||
@@ -281,11 +253,6 @@
|
|||||||
"cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/IRBlockImports.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/IRBlockImports.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/IRBlockImports.qll"
|
"cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/IRBlockImports.qll"
|
||||||
],
|
],
|
||||||
"C++ IR IRConsistencyImports": [
|
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/IRConsistencyImports.qll",
|
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/IRConsistencyImports.qll",
|
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/IRConsistencyImports.qll"
|
|
||||||
],
|
|
||||||
"C++ IR IRFunctionImports": [
|
"C++ IR IRFunctionImports": [
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/IRFunctionImports.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/IRFunctionImports.qll",
|
||||||
"cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/IRFunctionImports.qll",
|
"cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/IRFunctionImports.qll",
|
||||||
@@ -429,6 +396,16 @@
|
|||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/ControlFlowReachability.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/ControlFlowReachability.qll",
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ControlFlowReachability.qll"
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ControlFlowReachability.qll"
|
||||||
],
|
],
|
||||||
|
"Inline Test Expectations": [
|
||||||
|
"cpp/ql/test/TestUtilities/InlineExpectationsTest.qll",
|
||||||
|
"csharp/ql/test/TestUtilities/InlineExpectationsTest.qll",
|
||||||
|
"java/ql/test/TestUtilities/InlineExpectationsTest.qll",
|
||||||
|
"python/ql/test/TestUtilities/InlineExpectationsTest.qll",
|
||||||
|
"ruby/ql/test/TestUtilities/InlineExpectationsTest.qll",
|
||||||
|
"ql/ql/test/TestUtilities/InlineExpectationsTest.qll",
|
||||||
|
"go/ql/test/TestUtilities/InlineExpectationsTest.qll",
|
||||||
|
"swift/ql/test/TestUtilities/InlineExpectationsTest.qll"
|
||||||
|
],
|
||||||
"C++ ExternalAPIs": [
|
"C++ ExternalAPIs": [
|
||||||
"cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll",
|
"cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll",
|
||||||
"cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll"
|
"cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll"
|
||||||
@@ -487,10 +464,6 @@
|
|||||||
"javascript/ql/src/Comments/CommentedOutCodeReferences.inc.qhelp",
|
"javascript/ql/src/Comments/CommentedOutCodeReferences.inc.qhelp",
|
||||||
"python/ql/src/Lexical/CommentedOutCodeReferences.inc.qhelp"
|
"python/ql/src/Lexical/CommentedOutCodeReferences.inc.qhelp"
|
||||||
],
|
],
|
||||||
"ThreadResourceAbuse qhelp": [
|
|
||||||
"java/ql/src/experimental/Security/CWE/CWE-400/LocalThreadResourceAbuse.qhelp",
|
|
||||||
"java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qhelp"
|
|
||||||
],
|
|
||||||
"IDE Contextual Queries": [
|
"IDE Contextual Queries": [
|
||||||
"cpp/ql/lib/IDEContextual.qll",
|
"cpp/ql/lib/IDEContextual.qll",
|
||||||
"csharp/ql/lib/IDEContextual.qll",
|
"csharp/ql/lib/IDEContextual.qll",
|
||||||
@@ -513,6 +486,40 @@
|
|||||||
"python/ql/lib/semmle/python/security/internal/SensitiveDataHeuristics.qll",
|
"python/ql/lib/semmle/python/security/internal/SensitiveDataHeuristics.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/security/internal/SensitiveDataHeuristics.qll"
|
"ruby/ql/lib/codeql/ruby/security/internal/SensitiveDataHeuristics.qll"
|
||||||
],
|
],
|
||||||
|
"ReDoS Util Python/JS/Ruby/Java": [
|
||||||
|
"javascript/ql/lib/semmle/javascript/security/regexp/NfaUtils.qll",
|
||||||
|
"python/ql/lib/semmle/python/security/regexp/NfaUtils.qll",
|
||||||
|
"ruby/ql/lib/codeql/ruby/security/regexp/NfaUtils.qll",
|
||||||
|
"java/ql/lib/semmle/code/java/security/regexp/NfaUtils.qll"
|
||||||
|
],
|
||||||
|
"ReDoS Exponential Python/JS/Ruby/Java": [
|
||||||
|
"javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll",
|
||||||
|
"python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll",
|
||||||
|
"ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll",
|
||||||
|
"java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll"
|
||||||
|
],
|
||||||
|
"ReDoS Polynomial Python/JS/Ruby/Java": [
|
||||||
|
"javascript/ql/lib/semmle/javascript/security/regexp/SuperlinearBackTracking.qll",
|
||||||
|
"python/ql/lib/semmle/python/security/regexp/SuperlinearBackTracking.qll",
|
||||||
|
"ruby/ql/lib/codeql/ruby/security/regexp/SuperlinearBackTracking.qll",
|
||||||
|
"java/ql/lib/semmle/code/java/security/regexp/SuperlinearBackTracking.qll"
|
||||||
|
],
|
||||||
|
"RegexpMatching Python/JS/Ruby": [
|
||||||
|
"javascript/ql/lib/semmle/javascript/security/regexp/RegexpMatching.qll",
|
||||||
|
"python/ql/lib/semmle/python/security/regexp/RegexpMatching.qll",
|
||||||
|
"ruby/ql/lib/codeql/ruby/security/regexp/RegexpMatching.qll"
|
||||||
|
],
|
||||||
|
"BadTagFilterQuery Python/JS/Ruby": [
|
||||||
|
"javascript/ql/lib/semmle/javascript/security/BadTagFilterQuery.qll",
|
||||||
|
"python/ql/lib/semmle/python/security/BadTagFilterQuery.qll",
|
||||||
|
"ruby/ql/lib/codeql/ruby/security/BadTagFilterQuery.qll"
|
||||||
|
],
|
||||||
|
"OverlyLargeRange Python/JS/Ruby/Java": [
|
||||||
|
"javascript/ql/lib/semmle/javascript/security/OverlyLargeRangeQuery.qll",
|
||||||
|
"python/ql/lib/semmle/python/security/OverlyLargeRangeQuery.qll",
|
||||||
|
"ruby/ql/lib/codeql/ruby/security/OverlyLargeRangeQuery.qll",
|
||||||
|
"java/ql/lib/semmle/code/java/security/OverlyLargeRangeQuery.qll"
|
||||||
|
],
|
||||||
"CFG": [
|
"CFG": [
|
||||||
"csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImplShared.qll",
|
"csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImplShared.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImplShared.qll",
|
"ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImplShared.qll",
|
||||||
@@ -522,9 +529,16 @@
|
|||||||
"python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll",
|
"python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/typetracking/TypeTracker.qll"
|
"ruby/ql/lib/codeql/ruby/typetracking/TypeTracker.qll"
|
||||||
],
|
],
|
||||||
|
"CodeQL Tutorial": [
|
||||||
|
"cpp/ql/lib/tutorial.qll",
|
||||||
|
"csharp/ql/lib/tutorial.qll",
|
||||||
|
"java/ql/lib/tutorial.qll",
|
||||||
|
"javascript/ql/lib/tutorial.qll",
|
||||||
|
"python/ql/lib/tutorial.qll",
|
||||||
|
"ruby/ql/lib/tutorial.qll"
|
||||||
|
],
|
||||||
"AccessPathSyntax": [
|
"AccessPathSyntax": [
|
||||||
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/AccessPathSyntax.qll",
|
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/AccessPathSyntax.qll",
|
||||||
"go/ql/lib/semmle/go/dataflow/internal/AccessPathSyntax.qll",
|
|
||||||
"java/ql/lib/semmle/code/java/dataflow/internal/AccessPathSyntax.qll",
|
"java/ql/lib/semmle/code/java/dataflow/internal/AccessPathSyntax.qll",
|
||||||
"javascript/ql/lib/semmle/javascript/frameworks/data/internal/AccessPathSyntax.qll",
|
"javascript/ql/lib/semmle/javascript/frameworks/data/internal/AccessPathSyntax.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/dataflow/internal/AccessPathSyntax.qll",
|
"ruby/ql/lib/codeql/ruby/dataflow/internal/AccessPathSyntax.qll",
|
||||||
@@ -540,16 +554,16 @@
|
|||||||
"ruby/ql/lib/codeql/ruby/internal/ConceptsShared.qll",
|
"ruby/ql/lib/codeql/ruby/internal/ConceptsShared.qll",
|
||||||
"javascript/ql/lib/semmle/javascript/internal/ConceptsShared.qll"
|
"javascript/ql/lib/semmle/javascript/internal/ConceptsShared.qll"
|
||||||
],
|
],
|
||||||
|
"Hostname Regexp queries": [
|
||||||
|
"javascript/ql/src/Security/CWE-020/HostnameRegexpShared.qll",
|
||||||
|
"python/ql/src/Security/CWE-020/HostnameRegexpShared.qll",
|
||||||
|
"ruby/ql/src/queries/security/cwe-020/HostnameRegexpShared.qll"
|
||||||
|
],
|
||||||
"ApiGraphModels": [
|
"ApiGraphModels": [
|
||||||
"javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModels.qll",
|
"javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModels.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModels.qll",
|
"ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModels.qll",
|
||||||
"python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModels.qll"
|
"python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModels.qll"
|
||||||
],
|
],
|
||||||
"ApiGraphModelsExtensions": [
|
|
||||||
"javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll",
|
|
||||||
"ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll",
|
|
||||||
"python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll"
|
|
||||||
],
|
|
||||||
"TaintedFormatStringQuery Ruby/JS": [
|
"TaintedFormatStringQuery Ruby/JS": [
|
||||||
"javascript/ql/lib/semmle/javascript/security/dataflow/TaintedFormatStringQuery.qll",
|
"javascript/ql/lib/semmle/javascript/security/dataflow/TaintedFormatStringQuery.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/security/TaintedFormatStringQuery.qll"
|
"ruby/ql/lib/codeql/ruby/security/TaintedFormatStringQuery.qll"
|
||||||
@@ -586,16 +600,8 @@
|
|||||||
"swift/ql/test/extractor-tests/patterns/patterns.swift",
|
"swift/ql/test/extractor-tests/patterns/patterns.swift",
|
||||||
"swift/ql/test/library-tests/ast/patterns.swift"
|
"swift/ql/test/library-tests/ast/patterns.swift"
|
||||||
],
|
],
|
||||||
"Swift control flow test file": [
|
|
||||||
"swift/ql/test/library-tests/controlflow/graph/cfg.swift",
|
|
||||||
"swift/ql/test/library-tests/ast/cfg.swift"
|
|
||||||
],
|
|
||||||
"IncompleteMultiCharacterSanitization JS/Ruby": [
|
"IncompleteMultiCharacterSanitization JS/Ruby": [
|
||||||
"javascript/ql/lib/semmle/javascript/security/IncompleteMultiCharacterSanitizationQuery.qll",
|
"javascript/ql/lib/semmle/javascript/security/IncompleteMultiCharacterSanitizationQuery.qll",
|
||||||
"ruby/ql/lib/codeql/ruby/security/IncompleteMultiCharacterSanitizationQuery.qll"
|
"ruby/ql/lib/codeql/ruby/security/IncompleteMultiCharacterSanitizationQuery.qll"
|
||||||
],
|
|
||||||
"EncryptionKeySizes Python/Java": [
|
|
||||||
"python/ql/lib/semmle/python/security/internal/EncryptionKeySizes.qll",
|
|
||||||
"java/ql/lib/semmle/code/java/security/internal/EncryptionKeySizes.qll"
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
@@ -1,6 +1,5 @@
|
|||||||
using Xunit;
|
using Xunit;
|
||||||
using Semmle.Autobuild.Shared;
|
using Semmle.Autobuild.Shared;
|
||||||
using Semmle.Util;
|
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System;
|
using System;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
@@ -76,15 +75,6 @@ namespace Semmle.Autobuild.Cpp.Tests
|
|||||||
throw new ArgumentException("Missing RunProcess " + pattern);
|
throw new ArgumentException("Missing RunProcess " + pattern);
|
||||||
}
|
}
|
||||||
|
|
||||||
int IBuildActions.RunProcess(string cmd, string args, string? workingDirectory, IDictionary<string, string>? env, BuildOutputHandler onOutput, BuildOutputHandler onError)
|
|
||||||
{
|
|
||||||
var ret = (this as IBuildActions).RunProcess(cmd, args, workingDirectory, env, out var stdout);
|
|
||||||
|
|
||||||
stdout.ForEach(line => onOutput(line));
|
|
||||||
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
public IList<string> DirectoryDeleteIn = new List<string>();
|
public IList<string> DirectoryDeleteIn = new List<string>();
|
||||||
|
|
||||||
void IBuildActions.DirectoryDelete(string dir, bool recursive)
|
void IBuildActions.DirectoryDelete(string dir, bool recursive)
|
||||||
@@ -141,14 +131,6 @@ namespace Semmle.Autobuild.Cpp.Tests
|
|||||||
|
|
||||||
bool IBuildActions.IsWindows() => IsWindows;
|
bool IBuildActions.IsWindows() => IsWindows;
|
||||||
|
|
||||||
public bool IsMacOs { get; set; }
|
|
||||||
|
|
||||||
bool IBuildActions.IsMacOs() => IsMacOs;
|
|
||||||
|
|
||||||
public bool IsArm { get; set; }
|
|
||||||
|
|
||||||
bool IBuildActions.IsArm() => IsArm;
|
|
||||||
|
|
||||||
string IBuildActions.PathCombine(params string[] parts)
|
string IBuildActions.PathCombine(params string[] parts)
|
||||||
{
|
{
|
||||||
return string.Join(IsWindows ? '\\' : '/', parts.Where(p => !string.IsNullOrWhiteSpace(p)));
|
return string.Join(IsWindows ? '\\' : '/', parts.Where(p => !string.IsNullOrWhiteSpace(p)));
|
||||||
@@ -194,15 +176,6 @@ namespace Semmle.Autobuild.Cpp.Tests
|
|||||||
if (!DownloadFiles.Contains((address, fileName)))
|
if (!DownloadFiles.Contains((address, fileName)))
|
||||||
throw new ArgumentException($"Missing DownloadFile, {address}, {fileName}");
|
throw new ArgumentException($"Missing DownloadFile, {address}, {fileName}");
|
||||||
}
|
}
|
||||||
|
|
||||||
public IDiagnosticsWriter CreateDiagnosticsWriter(string filename) => new TestDiagnosticWriter();
|
|
||||||
}
|
|
||||||
|
|
||||||
internal class TestDiagnosticWriter : IDiagnosticsWriter
|
|
||||||
{
|
|
||||||
public IList<DiagnosticMessage> Diagnostics { get; } = new List<DiagnosticMessage>();
|
|
||||||
|
|
||||||
public void AddEntry(DiagnosticMessage message) => this.Diagnostics.Add(message);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
@@ -262,7 +235,6 @@ namespace Semmle.Autobuild.Cpp.Tests
|
|||||||
Actions.GetEnvironmentVariable[$"CODEQL_EXTRACTOR_{codeqlUpperLanguage}_TRAP_DIR"] = "";
|
Actions.GetEnvironmentVariable[$"CODEQL_EXTRACTOR_{codeqlUpperLanguage}_TRAP_DIR"] = "";
|
||||||
Actions.GetEnvironmentVariable[$"CODEQL_EXTRACTOR_{codeqlUpperLanguage}_SOURCE_ARCHIVE_DIR"] = "";
|
Actions.GetEnvironmentVariable[$"CODEQL_EXTRACTOR_{codeqlUpperLanguage}_SOURCE_ARCHIVE_DIR"] = "";
|
||||||
Actions.GetEnvironmentVariable[$"CODEQL_EXTRACTOR_{codeqlUpperLanguage}_ROOT"] = $@"C:\codeql\{codeqlUpperLanguage.ToLowerInvariant()}";
|
Actions.GetEnvironmentVariable[$"CODEQL_EXTRACTOR_{codeqlUpperLanguage}_ROOT"] = $@"C:\codeql\{codeqlUpperLanguage.ToLowerInvariant()}";
|
||||||
Actions.GetEnvironmentVariable[$"CODEQL_EXTRACTOR_{codeqlUpperLanguage}_DIAGNOSTIC_DIR"] = "";
|
|
||||||
Actions.GetEnvironmentVariable["CODEQL_JAVA_HOME"] = @"C:\codeql\tools\java";
|
Actions.GetEnvironmentVariable["CODEQL_JAVA_HOME"] = @"C:\codeql\tools\java";
|
||||||
Actions.GetEnvironmentVariable["CODEQL_PLATFORM"] = "win64";
|
Actions.GetEnvironmentVariable["CODEQL_PLATFORM"] = "win64";
|
||||||
Actions.GetEnvironmentVariable["SEMMLE_DIST"] = @"C:\odasa";
|
Actions.GetEnvironmentVariable["SEMMLE_DIST"] = @"C:\odasa";
|
||||||
@@ -285,11 +257,11 @@ namespace Semmle.Autobuild.Cpp.Tests
|
|||||||
Actions.GetCurrentDirectory = cwd;
|
Actions.GetCurrentDirectory = cwd;
|
||||||
Actions.IsWindows = isWindows;
|
Actions.IsWindows = isWindows;
|
||||||
|
|
||||||
var options = new CppAutobuildOptions(Actions);
|
var options = new AutobuildOptions(Actions, Language.Cpp);
|
||||||
return new CppAutobuilder(Actions, options);
|
return new CppAutobuilder(Actions, options);
|
||||||
}
|
}
|
||||||
|
|
||||||
void TestAutobuilderScript(CppAutobuilder autobuilder, int expectedOutput, int commandsRun)
|
void TestAutobuilderScript(Autobuilder autobuilder, int expectedOutput, int commandsRun)
|
||||||
{
|
{
|
||||||
Assert.Equal(expectedOutput, autobuilder.GetBuildScript().Run(Actions, StartCallback, EndCallback));
|
Assert.Equal(expectedOutput, autobuilder.GetBuildScript().Run(Actions, StartCallback, EndCallback));
|
||||||
|
|
||||||
@@ -327,7 +299,7 @@ namespace Semmle.Autobuild.Cpp.Tests
|
|||||||
{
|
{
|
||||||
Actions.RunProcess[@"cmd.exe /C nuget restore C:\Project\test.sln -DisableParallelProcessing"] = 1;
|
Actions.RunProcess[@"cmd.exe /C nuget restore C:\Project\test.sln -DisableParallelProcessing"] = 1;
|
||||||
Actions.RunProcess[@"cmd.exe /C C:\Project\.nuget\nuget.exe restore C:\Project\test.sln -DisableParallelProcessing"] = 0;
|
Actions.RunProcess[@"cmd.exe /C C:\Project\.nuget\nuget.exe restore C:\Project\test.sln -DisableParallelProcessing"] = 0;
|
||||||
Actions.RunProcess[@"cmd.exe /C CALL ^""C:\Program Files ^(x86^)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat^"" && set Platform=&& type NUL && msbuild C:\Project\test.sln /t:rebuild /p:Platform=""x86"" /p:Configuration=""Release"""] = 0;
|
Actions.RunProcess[@"cmd.exe /C CALL ^""C:\Program Files ^(x86^)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat^"" && set Platform=&& type NUL && C:\odasa\tools\odasa index --auto msbuild C:\Project\test.sln /t:rebuild /p:Platform=""x86"" /p:Configuration=""Release"" /p:MvcBuildViews=true"] = 0;
|
||||||
Actions.RunProcessOut[@"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vswhere.exe -prerelease -legacy -property installationPath"] = "";
|
Actions.RunProcessOut[@"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vswhere.exe -prerelease -legacy -property installationPath"] = "";
|
||||||
Actions.RunProcess[@"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vswhere.exe -prerelease -legacy -property installationPath"] = 1;
|
Actions.RunProcess[@"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vswhere.exe -prerelease -legacy -property installationPath"] = 1;
|
||||||
Actions.RunProcess[@"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vswhere.exe -prerelease -legacy -property installationVersion"] = 0;
|
Actions.RunProcess[@"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vswhere.exe -prerelease -legacy -property installationVersion"] = 0;
|
||||||
|
|||||||
@@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
<PropertyGroup>
|
<PropertyGroup>
|
||||||
<OutputType>Exe</OutputType>
|
<OutputType>Exe</OutputType>
|
||||||
<TargetFramework>net7.0</TargetFramework>
|
<TargetFramework>net6.0</TargetFramework>
|
||||||
<GenerateAssemblyInfo>false</GenerateAssemblyInfo>
|
<GenerateAssemblyInfo>false</GenerateAssemblyInfo>
|
||||||
<RuntimeIdentifiers>win-x64;linux-x64;osx-x64</RuntimeIdentifiers>
|
<RuntimeIdentifiers>win-x64;linux-x64;osx-x64</RuntimeIdentifiers>
|
||||||
<Nullable>enable</Nullable>
|
<Nullable>enable</Nullable>
|
||||||
@@ -11,12 +11,11 @@
|
|||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<PackageReference Include="System.IO.FileSystem" Version="4.3.0" />
|
<PackageReference Include="System.IO.FileSystem" Version="4.3.0" />
|
||||||
<PackageReference Include="System.IO.FileSystem.Primitives" Version="4.3.0" />
|
<PackageReference Include="System.IO.FileSystem.Primitives" Version="4.3.0" />
|
||||||
<PackageReference Include="xunit" Version="2.4.2" />
|
<PackageReference Include="xunit" Version="2.4.1" />
|
||||||
<PackageReference Include="xunit.runner.visualstudio" Version="2.4.5">
|
<PackageReference Include="xunit.runner.visualstudio" Version="2.4.1">
|
||||||
<PrivateAssets>all</PrivateAssets>
|
<PrivateAssets>all</PrivateAssets>
|
||||||
<IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
|
<IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
|
||||||
</PackageReference>
|
</PackageReference>
|
||||||
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.4.0" />
|
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
|
|||||||
@@ -1,28 +1,10 @@
|
|||||||
using Semmle.Autobuild.Shared;
|
using Semmle.Autobuild.Shared;
|
||||||
using Semmle.Util;
|
|
||||||
|
|
||||||
namespace Semmle.Autobuild.Cpp
|
namespace Semmle.Autobuild.Cpp
|
||||||
{
|
{
|
||||||
/// <summary>
|
public class CppAutobuilder : Autobuilder
|
||||||
/// Encapsulates C++ build options.
|
|
||||||
/// </summary>
|
|
||||||
public class CppAutobuildOptions : AutobuildOptionsShared
|
|
||||||
{
|
{
|
||||||
public override Language Language => Language.Cpp;
|
public CppAutobuilder(IBuildActions actions, AutobuildOptions options) : base(actions, options) { }
|
||||||
|
|
||||||
|
|
||||||
/// <summary>
|
|
||||||
/// Reads options from environment variables.
|
|
||||||
/// Throws ArgumentOutOfRangeException for invalid arguments.
|
|
||||||
/// </summary>
|
|
||||||
public CppAutobuildOptions(IBuildActions actions) : base(actions)
|
|
||||||
{
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public class CppAutobuilder : Autobuilder<CppAutobuildOptions>
|
|
||||||
{
|
|
||||||
public CppAutobuilder(IBuildActions actions, CppAutobuildOptions options) : base(actions, options, new DiagnosticClassifier()) { }
|
|
||||||
|
|
||||||
public override BuildScript GetBuildScript()
|
public override BuildScript GetBuildScript()
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -11,14 +11,14 @@ namespace Semmle.Autobuild.Cpp
|
|||||||
try
|
try
|
||||||
{
|
{
|
||||||
var actions = SystemBuildActions.Instance;
|
var actions = SystemBuildActions.Instance;
|
||||||
var options = new CppAutobuildOptions(actions);
|
var options = new AutobuildOptions(actions, Language.Cpp);
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
Console.WriteLine("CodeQL C++ autobuilder");
|
Console.WriteLine("CodeQL C++ autobuilder");
|
||||||
var builder = new CppAutobuilder(actions, options);
|
var builder = new CppAutobuilder(actions, options);
|
||||||
return builder.AttemptBuild();
|
return builder.AttemptBuild();
|
||||||
}
|
}
|
||||||
catch (InvalidEnvironmentException ex)
|
catch(InvalidEnvironmentException ex)
|
||||||
{
|
{
|
||||||
Console.WriteLine("The environment is invalid: {0}", ex.Message);
|
Console.WriteLine("The environment is invalid: {0}", ex.Message);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
<Project Sdk="Microsoft.NET.Sdk">
|
<Project Sdk="Microsoft.NET.Sdk">
|
||||||
|
|
||||||
<PropertyGroup>
|
<PropertyGroup>
|
||||||
<TargetFramework>net7.0</TargetFramework>
|
<TargetFramework>net6.0</TargetFramework>
|
||||||
<AssemblyName>Semmle.Autobuild.Cpp</AssemblyName>
|
<AssemblyName>Semmle.Autobuild.Cpp</AssemblyName>
|
||||||
<RootNamespace>Semmle.Autobuild.Cpp</RootNamespace>
|
<RootNamespace>Semmle.Autobuild.Cpp</RootNamespace>
|
||||||
<ApplicationIcon />
|
<ApplicationIcon />
|
||||||
@@ -17,7 +17,7 @@
|
|||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<PackageReference Include="Microsoft.Build" Version="17.3.2" />
|
<PackageReference Include="Microsoft.Build" Version="16.11.0" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -1,4 +0,0 @@
|
|||||||
description: Revert support for repeated initializers, which are allowed in C with designated initializers.
|
|
||||||
compatibility: full
|
|
||||||
aggregate_field_init.rel: reorder aggregate_field_init.rel (int aggregate, int initializer, int field, int position) aggregate initializer field
|
|
||||||
aggregate_array_init.rel: reorder aggregate_array_init.rel (int aggregate, int initializer, int element_index, int position) aggregate initializer element_index
|
|
||||||
@@ -13,5 +13,5 @@ predicate isExprWithNewBuiltin(Expr expr) {
|
|||||||
from Expr expr, int kind, int kind_new, Location location
|
from Expr expr, int kind, int kind_new, Location location
|
||||||
where
|
where
|
||||||
exprs(expr, kind, location) and
|
exprs(expr, kind, location) and
|
||||||
if isExprWithNewBuiltin(expr) then kind_new = 1 else kind_new = kind
|
if isExprWithNewBuiltin(expr) then kind_new = 0 else kind_new = kind
|
||||||
select expr, kind_new, location
|
select expr, kind_new, location
|
||||||
|
|||||||
@@ -9,5 +9,5 @@ class Location extends @location_expr {
|
|||||||
from Expr expr, int kind, int kind_new, Location location
|
from Expr expr, int kind, int kind_new, Location location
|
||||||
where
|
where
|
||||||
exprs(expr, kind, location) and
|
exprs(expr, kind, location) and
|
||||||
if expr instanceof @blockassignexpr then kind_new = 1 else kind_new = kind
|
if expr instanceof @blockassignexpr then kind_new = 0 else kind_new = kind
|
||||||
select expr, kind_new, location
|
select expr, kind_new, location
|
||||||
|
|||||||
@@ -1,11 +0,0 @@
|
|||||||
class BuiltinType extends @builtintype {
|
|
||||||
string toString() { none() }
|
|
||||||
}
|
|
||||||
|
|
||||||
from BuiltinType type, string name, int kind, int kind_new, int size, int sign, int alignment
|
|
||||||
where
|
|
||||||
builtintypes(type, name, kind, size, sign, alignment) and
|
|
||||||
if type instanceof @float16 or type instanceof @complex_float16
|
|
||||||
then kind_new = 2
|
|
||||||
else kind_new = kind
|
|
||||||
select type, name, kind_new, size, sign, alignment
|
|
||||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -1,3 +0,0 @@
|
|||||||
description: Introduce (_Complex) _Float16 type
|
|
||||||
compatibility: backwards
|
|
||||||
builtintypes.rel: run builtintypes.qlo
|
|
||||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -1,2 +0,0 @@
|
|||||||
description: Uncomment case splits in dbscheme
|
|
||||||
compatibility: full
|
|
||||||
@@ -3,4 +3,4 @@ groups:
|
|||||||
- cpp
|
- cpp
|
||||||
- examples
|
- examples
|
||||||
dependencies:
|
dependencies:
|
||||||
codeql/cpp-all: ${workspace}
|
codeql/cpp-all: "*"
|
||||||
|
|||||||
1
cpp/ql/examples/queries.xml
Normal file
1
cpp/ql/examples/queries.xml
Normal file
@@ -0,0 +1 @@
|
|||||||
|
<queries language="cpp"/>
|
||||||
@@ -1,174 +1,3 @@
|
|||||||
## 0.7.2
|
|
||||||
|
|
||||||
### New Features
|
|
||||||
|
|
||||||
* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library.
|
|
||||||
* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API.
|
|
||||||
|
|
||||||
### Major Analysis Improvements
|
|
||||||
|
|
||||||
* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library.
|
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
|
||||||
|
|
||||||
* The `StdNamespace` class now also includes all inline namespaces that are children of `std` namespace.
|
|
||||||
* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables.
|
|
||||||
|
|
||||||
## 0.7.1
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.7.0
|
|
||||||
|
|
||||||
### Breaking Changes
|
|
||||||
|
|
||||||
* The internal `SsaConsistency` module has been moved from `SSAConstruction` to `SSAConsitency`, and the deprecated `SSAConsistency` module has been removed.
|
|
||||||
|
|
||||||
### Deprecated APIs
|
|
||||||
|
|
||||||
* The single-parameter predicates `ArrayOrVectorAggregateLiteral.getElementExpr` and `ClassAggregateLiteral.getFieldExpr` have been deprecated in favor of `ArrayOrVectorAggregateLiteral.getAnElementExpr` and `ClassAggregateLiteral.getAFieldExpr`.
|
|
||||||
* The recently introduced new data flow and taint tracking APIs have had a
|
|
||||||
number of module and predicate renamings. The old APIs remain in place for
|
|
||||||
now.
|
|
||||||
* The `SslContextCallAbstractConfig`, `SslContextCallConfig`, `SslContextCallBannedProtocolConfig`, `SslContextCallTls12ProtocolConfig`, `SslContextCallTls13ProtocolConfig`, `SslContextCallTlsProtocolConfig`, `SslContextFlowsToSetOptionConfig`, `SslOptionConfig` dataflow configurations from `BoostorgAsio` have been deprecated. Please use `SslContextCallConfigSig`, `SslContextCallGlobal`, `SslContextCallFlow`, `SslContextCallBannedProtocolFlow`, `SslContextCallTls12ProtocolFlow`, `SslContextCallTls13ProtocolFlow`, `SslContextCallTlsProtocolFlow`, `SslContextFlowsToSetOptionFlow`.
|
|
||||||
|
|
||||||
### New Features
|
|
||||||
|
|
||||||
* Added overridable predicates `getSizeExpr` and `getSizeMult` to the `BufferAccess` class (`semmle.code.cpp.security.BufferAccess.qll`). This makes it possible to model a larger class of buffer reads and writes using the library.
|
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
|
||||||
|
|
||||||
* The `BufferAccess` library (`semmle.code.cpp.security.BufferAccess`) no longer matches buffer accesses inside unevaluated contexts (such as inside `sizeof` or `decltype` expressions). As a result, queries using this library may see fewer false positives.
|
|
||||||
|
|
||||||
### Bug Fixes
|
|
||||||
|
|
||||||
* Fixed some accidental predicate visibility in the backwards-compatible wrapper for data flow configurations. In particular `DataFlow::hasFlowPath`, `DataFlow::hasFlow`, `DataFlow::hasFlowTo`, and `DataFlow::hasFlowToExpr` were accidentally exposed in a single version.
|
|
||||||
|
|
||||||
## 0.6.1
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.6.0
|
|
||||||
|
|
||||||
### Breaking Changes
|
|
||||||
|
|
||||||
* The `semmle.code.cpp.commons.Buffer` and `semmle.code.cpp.commons.NullTermination` libraries no longer expose `semmle.code.cpp.dataflow.DataFlow`. Please import `semmle.code.cpp.dataflow.DataFlow` directly.
|
|
||||||
|
|
||||||
### Deprecated APIs
|
|
||||||
|
|
||||||
* The `WriteConfig` taint tracking configuration has been deprecated. Please use `WriteFlow`.
|
|
||||||
|
|
||||||
### New Features
|
|
||||||
|
|
||||||
* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
|
|
||||||
|
|
||||||
### Major Analysis Improvements
|
|
||||||
|
|
||||||
* A new C/C++ dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) has been added.
|
|
||||||
The new library behaves much more like the dataflow library of other CodeQL supported
|
|
||||||
languages by following use-use dataflow paths instead of def-use dataflow paths.
|
|
||||||
The new library also better supports dataflow through indirections, and new predicates
|
|
||||||
such as `Node::asIndirectExpr` have been added to facilitate working with indirections.
|
|
||||||
|
|
||||||
The `semmle.code.cpp.ir.dataflow.DataFlow` library is now identical to the new
|
|
||||||
`semmle.code.cpp.dataflow.new.DataFlow` library.
|
|
||||||
* The main data flow and taint tracking APIs have been changed. The old APIs
|
|
||||||
remain in place for now and translate to the new through a
|
|
||||||
backwards-compatible wrapper. If multiple configurations are in scope
|
|
||||||
simultaneously, then this may affect results slightly. The new API is quite
|
|
||||||
similar to the old, but makes use of a configuration module instead of a
|
|
||||||
configuration class.
|
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
|
||||||
|
|
||||||
* Deleted the deprecated `hasGeneratedCopyConstructor` and `hasGeneratedCopyAssignmentOperator` predicates from the `Folder` class.
|
|
||||||
* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
|
|
||||||
* Deleted the deprecated `getMustlockFunction`, `getTrylockFunction`, `getLockFunction`, and `getUnlockFunction` predicates from the `MutexType` class.
|
|
||||||
* Deleted the deprecated `getPosInBasicBlock` predicate from the `SubBasicBlock` class.
|
|
||||||
* Deleted the deprecated `getExpr` predicate from the `PointerDereferenceExpr` class.
|
|
||||||
* Deleted the deprecated `getUseInstruction` and `getDefinitionInstruction` predicates from the `Operand` class.
|
|
||||||
* Deleted the deprecated `isInParameter`, `isInParameterPointer`, and `isInQualifier` predicates from the `FunctionInput` class.
|
|
||||||
* Deleted the deprecated `isOutParameterPointer`, `isOutQualifier`, `isOutReturnValue`, and `isOutReturnPointer` predicate from the `FunctionOutput` class.
|
|
||||||
* Deleted the deprecated 3-argument `isGuardPhi` predicate from the `RangeSsaDefinition` class.
|
|
||||||
|
|
||||||
## 0.5.4
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.5.3
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.5.2
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.5.1
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.5.0
|
|
||||||
|
|
||||||
### Breaking Changes
|
|
||||||
|
|
||||||
The predicates in the `MustFlow::Configuration` class used by the `MustFlow` library (`semmle.code.cpp.ir.dataflow.MustFlow`) have changed to be defined directly in terms of the C++ IR instead of IR dataflow nodes.
|
|
||||||
|
|
||||||
### Deprecated APIs
|
|
||||||
|
|
||||||
* Deprecated `semmle.code.cpp.ir.dataflow.DefaultTaintTracking`. Use `semmle.code.cpp.ir.dataflow.TaintTracking`.
|
|
||||||
* Deprecated `semmle.code.cpp.security.TaintTrackingImpl`. Use `semmle.code.cpp.ir.dataflow.TaintTracking`.
|
|
||||||
* Deprecated `semmle.code.cpp.valuenumbering.GlobalValueNumberingImpl`. Use `semmle.code.cpp.valuenumbering.GlobalValueNumbering`, which exposes the same API.
|
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
|
||||||
|
|
||||||
* The `ArgvSource` flow source now uses the second parameter of `main` as its source instead of the uses of this parameter.
|
|
||||||
* The `ArgvSource` flow source has been generalized to handle cases where the argument vector of `main` is not named `argv`.
|
|
||||||
* The `getaddrinfo` function is now recognized as a flow source.
|
|
||||||
* The `secure_getenv` and `_wgetenv` functions are now recognized as local flow sources.
|
|
||||||
* The `scanf` and `fscanf` functions and their variants are now recognized as flow sources.
|
|
||||||
* Deleted the deprecated `getName` and `getShortName` predicates from the `Folder` class.
|
|
||||||
|
|
||||||
## 0.4.6
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.4.5
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.4.4
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.4.3
|
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
|
||||||
|
|
||||||
* Fixed bugs in the `FormatLiteral` class that were causing `getMaxConvertedLength` and related predicates to return no results when the format literal was `%e`, `%f` or `%g` and an explicit precision was specified.
|
|
||||||
|
|
||||||
## 0.4.2
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.4.1
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
|
|
||||||
## 0.4.0
|
|
||||||
|
|
||||||
### Deprecated APIs
|
|
||||||
|
|
||||||
* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
|
|
||||||
The old name still exists as a deprecated alias.
|
|
||||||
|
|
||||||
### New Features
|
|
||||||
|
|
||||||
* Added subclasses of `BuiltInOperations` for `__is_same`, `__is_function`, `__is_layout_compatible`, `__is_pointer_interconvertible_base_of`, `__is_array`, `__array_rank`, `__array_extent`, `__is_arithmetic`, `__is_complete_type`, `__is_compound`, `__is_const`, `__is_floating_point`, `__is_fundamental`, `__is_integral`, `__is_lvalue_reference`, `__is_member_function_pointer`, `__is_member_object_pointer`, `__is_member_pointer`, `__is_object`, `__is_pointer`, `__is_reference`, `__is_rvalue_reference`, `__is_scalar`, `__is_signed`, `__is_unsigned`, `__is_void`, and `__is_volatile`.
|
|
||||||
|
|
||||||
### Bug Fixes
|
|
||||||
|
|
||||||
* Fixed an issue in the taint tracking analysis where implicit reads were not allowed by default in sinks or additional taint steps that used flow states.
|
|
||||||
|
|
||||||
## 0.3.5
|
## 0.3.5
|
||||||
|
|
||||||
## 0.3.4
|
## 0.3.4
|
||||||
|
|||||||
@@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
category: feature
|
||||||
|
---
|
||||||
|
* Added subclasses of `BuiltInOperations` for `__is_same`, `__is_function`, `__is_layout_compatible`, `__is_pointer_interconvertible_base_of`, `__is_array`, `__array_rank`, `__array_extent`, `__is_arithmetic`, `__is_complete_type`, `__is_compound`, `__is_const`, `__is_floating_point`, `__is_fundamental`, `__is_integral`, `__is_lvalue_reference`, `__is_member_function_pointer`, `__is_member_object_pointer`, `__is_member_pointer`, `__is_object`, `__is_pointer`, `__is_reference`, `__is_rvalue_reference`, `__is_scalar`, `__is_signed`, `__is_unsigned`, `__is_void`, and `__is_volatile`.
|
||||||
@@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
category: fix
|
||||||
|
---
|
||||||
|
* Fixed an issue in the taint tracking analysis where implicit reads were not allowed by default in sinks or additional taint steps that used flow states.
|
||||||
5
cpp/ql/lib/change-notes/2022-09-12-uppercase.md
Normal file
5
cpp/ql/lib/change-notes/2022-09-12-uppercase.md
Normal file
@@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
category: deprecated
|
||||||
|
---
|
||||||
|
* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
|
||||||
|
The old name still exists as a deprecated alias.
|
||||||
@@ -1,14 +0,0 @@
|
|||||||
## 0.4.0
|
|
||||||
|
|
||||||
### Deprecated APIs
|
|
||||||
|
|
||||||
* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
|
|
||||||
The old name still exists as a deprecated alias.
|
|
||||||
|
|
||||||
### New Features
|
|
||||||
|
|
||||||
* Added subclasses of `BuiltInOperations` for `__is_same`, `__is_function`, `__is_layout_compatible`, `__is_pointer_interconvertible_base_of`, `__is_array`, `__array_rank`, `__array_extent`, `__is_arithmetic`, `__is_complete_type`, `__is_compound`, `__is_const`, `__is_floating_point`, `__is_fundamental`, `__is_integral`, `__is_lvalue_reference`, `__is_member_function_pointer`, `__is_member_object_pointer`, `__is_member_pointer`, `__is_object`, `__is_pointer`, `__is_reference`, `__is_rvalue_reference`, `__is_scalar`, `__is_signed`, `__is_unsigned`, `__is_void`, and `__is_volatile`.
|
|
||||||
|
|
||||||
### Bug Fixes
|
|
||||||
|
|
||||||
* Fixed an issue in the taint tracking analysis where implicit reads were not allowed by default in sinks or additional taint steps that used flow states.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.4.1
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.4.2
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
## 0.4.3
|
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
|
||||||
|
|
||||||
* Fixed bugs in the `FormatLiteral` class that were causing `getMaxConvertedLength` and related predicates to return no results when the format literal was `%e`, `%f` or `%g` and an explicit precision was specified.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.4.4
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.4.5
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.4.6
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,20 +0,0 @@
|
|||||||
## 0.5.0
|
|
||||||
|
|
||||||
### Breaking Changes
|
|
||||||
|
|
||||||
The predicates in the `MustFlow::Configuration` class used by the `MustFlow` library (`semmle.code.cpp.ir.dataflow.MustFlow`) have changed to be defined directly in terms of the C++ IR instead of IR dataflow nodes.
|
|
||||||
|
|
||||||
### Deprecated APIs
|
|
||||||
|
|
||||||
* Deprecated `semmle.code.cpp.ir.dataflow.DefaultTaintTracking`. Use `semmle.code.cpp.ir.dataflow.TaintTracking`.
|
|
||||||
* Deprecated `semmle.code.cpp.security.TaintTrackingImpl`. Use `semmle.code.cpp.ir.dataflow.TaintTracking`.
|
|
||||||
* Deprecated `semmle.code.cpp.valuenumbering.GlobalValueNumberingImpl`. Use `semmle.code.cpp.valuenumbering.GlobalValueNumbering`, which exposes the same API.
|
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
|
||||||
|
|
||||||
* The `ArgvSource` flow source now uses the second parameter of `main` as its source instead of the uses of this parameter.
|
|
||||||
* The `ArgvSource` flow source has been generalized to handle cases where the argument vector of `main` is not named `argv`.
|
|
||||||
* The `getaddrinfo` function is now recognized as a flow source.
|
|
||||||
* The `secure_getenv` and `_wgetenv` functions are now recognized as local flow sources.
|
|
||||||
* The `scanf` and `fscanf` functions and their variants are now recognized as flow sources.
|
|
||||||
* Deleted the deprecated `getName` and `getShortName` predicates from the `Folder` class.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.5.1
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.5.2
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.5.3
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.5.4
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,42 +0,0 @@
|
|||||||
## 0.6.0
|
|
||||||
|
|
||||||
### Breaking Changes
|
|
||||||
|
|
||||||
* The `semmle.code.cpp.commons.Buffer` and `semmle.code.cpp.commons.NullTermination` libraries no longer expose `semmle.code.cpp.dataflow.DataFlow`. Please import `semmle.code.cpp.dataflow.DataFlow` directly.
|
|
||||||
|
|
||||||
### Deprecated APIs
|
|
||||||
|
|
||||||
* The `WriteConfig` taint tracking configuration has been deprecated. Please use `WriteFlow`.
|
|
||||||
|
|
||||||
### New Features
|
|
||||||
|
|
||||||
* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
|
|
||||||
|
|
||||||
### Major Analysis Improvements
|
|
||||||
|
|
||||||
* A new C/C++ dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) has been added.
|
|
||||||
The new library behaves much more like the dataflow library of other CodeQL supported
|
|
||||||
languages by following use-use dataflow paths instead of def-use dataflow paths.
|
|
||||||
The new library also better supports dataflow through indirections, and new predicates
|
|
||||||
such as `Node::asIndirectExpr` have been added to facilitate working with indirections.
|
|
||||||
|
|
||||||
The `semmle.code.cpp.ir.dataflow.DataFlow` library is now identical to the new
|
|
||||||
`semmle.code.cpp.dataflow.new.DataFlow` library.
|
|
||||||
* The main data flow and taint tracking APIs have been changed. The old APIs
|
|
||||||
remain in place for now and translate to the new through a
|
|
||||||
backwards-compatible wrapper. If multiple configurations are in scope
|
|
||||||
simultaneously, then this may affect results slightly. The new API is quite
|
|
||||||
similar to the old, but makes use of a configuration module instead of a
|
|
||||||
configuration class.
|
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
|
||||||
|
|
||||||
* Deleted the deprecated `hasGeneratedCopyConstructor` and `hasGeneratedCopyAssignmentOperator` predicates from the `Folder` class.
|
|
||||||
* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
|
|
||||||
* Deleted the deprecated `getMustlockFunction`, `getTrylockFunction`, `getLockFunction`, and `getUnlockFunction` predicates from the `MutexType` class.
|
|
||||||
* Deleted the deprecated `getPosInBasicBlock` predicate from the `SubBasicBlock` class.
|
|
||||||
* Deleted the deprecated `getExpr` predicate from the `PointerDereferenceExpr` class.
|
|
||||||
* Deleted the deprecated `getUseInstruction` and `getDefinitionInstruction` predicates from the `Operand` class.
|
|
||||||
* Deleted the deprecated `isInParameter`, `isInParameterPointer`, and `isInQualifier` predicates from the `FunctionInput` class.
|
|
||||||
* Deleted the deprecated `isOutParameterPointer`, `isOutQualifier`, `isOutReturnValue`, and `isOutReturnPointer` predicate from the `FunctionOutput` class.
|
|
||||||
* Deleted the deprecated 3-argument `isGuardPhi` predicate from the `RangeSsaDefinition` class.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.6.1
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,25 +0,0 @@
|
|||||||
## 0.7.0
|
|
||||||
|
|
||||||
### Breaking Changes
|
|
||||||
|
|
||||||
* The internal `SsaConsistency` module has been moved from `SSAConstruction` to `SSAConsitency`, and the deprecated `SSAConsistency` module has been removed.
|
|
||||||
|
|
||||||
### Deprecated APIs
|
|
||||||
|
|
||||||
* The single-parameter predicates `ArrayOrVectorAggregateLiteral.getElementExpr` and `ClassAggregateLiteral.getFieldExpr` have been deprecated in favor of `ArrayOrVectorAggregateLiteral.getAnElementExpr` and `ClassAggregateLiteral.getAFieldExpr`.
|
|
||||||
* The recently introduced new data flow and taint tracking APIs have had a
|
|
||||||
number of module and predicate renamings. The old APIs remain in place for
|
|
||||||
now.
|
|
||||||
* The `SslContextCallAbstractConfig`, `SslContextCallConfig`, `SslContextCallBannedProtocolConfig`, `SslContextCallTls12ProtocolConfig`, `SslContextCallTls13ProtocolConfig`, `SslContextCallTlsProtocolConfig`, `SslContextFlowsToSetOptionConfig`, `SslOptionConfig` dataflow configurations from `BoostorgAsio` have been deprecated. Please use `SslContextCallConfigSig`, `SslContextCallGlobal`, `SslContextCallFlow`, `SslContextCallBannedProtocolFlow`, `SslContextCallTls12ProtocolFlow`, `SslContextCallTls13ProtocolFlow`, `SslContextCallTlsProtocolFlow`, `SslContextFlowsToSetOptionFlow`.
|
|
||||||
|
|
||||||
### New Features
|
|
||||||
|
|
||||||
* Added overridable predicates `getSizeExpr` and `getSizeMult` to the `BufferAccess` class (`semmle.code.cpp.security.BufferAccess.qll`). This makes it possible to model a larger class of buffer reads and writes using the library.
|
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
|
||||||
|
|
||||||
* The `BufferAccess` library (`semmle.code.cpp.security.BufferAccess`) no longer matches buffer accesses inside unevaluated contexts (such as inside `sizeof` or `decltype` expressions). As a result, queries using this library may see fewer false positives.
|
|
||||||
|
|
||||||
### Bug Fixes
|
|
||||||
|
|
||||||
* Fixed some accidental predicate visibility in the backwards-compatible wrapper for data flow configurations. In particular `DataFlow::hasFlowPath`, `DataFlow::hasFlow`, `DataFlow::hasFlowTo`, and `DataFlow::hasFlowToExpr` were accidentally exposed in a single version.
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
## 0.7.1
|
|
||||||
|
|
||||||
No user-facing changes.
|
|
||||||
@@ -1,15 +0,0 @@
|
|||||||
## 0.7.2
|
|
||||||
|
|
||||||
### New Features
|
|
||||||
|
|
||||||
* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library.
|
|
||||||
* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API.
|
|
||||||
|
|
||||||
### Major Analysis Improvements
|
|
||||||
|
|
||||||
* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library.
|
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
|
||||||
|
|
||||||
* The `StdNamespace` class now also includes all inline namespaces that are children of `std` namespace.
|
|
||||||
* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables.
|
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.7.2
|
lastReleaseVersion: 0.3.5
|
||||||
|
|||||||
@@ -12,8 +12,8 @@ import IDEContextual
|
|||||||
*
|
*
|
||||||
* In some cases it is preferable to modify locations (the
|
* In some cases it is preferable to modify locations (the
|
||||||
* `hasLocationInfo()` predicate) so that they are short, and
|
* `hasLocationInfo()` predicate) so that they are short, and
|
||||||
* non-overlapping with other locations that might be reported as
|
* non-overlapping with other locations that might be highlighted in
|
||||||
* code scanning alerts on GitHub.
|
* the LGTM interface.
|
||||||
*
|
*
|
||||||
* We need to give locations that may not be in the database, so
|
* We need to give locations that may not be in the database, so
|
||||||
* we use `hasLocationInfo()` rather than `getLocation()`.
|
* we use `hasLocationInfo()` rather than `getLocation()`.
|
||||||
@@ -123,13 +123,6 @@ private predicate constructorCallTypeMention(ConstructorCall cc, TypeMention tm)
|
|||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Holds if `loc` has the container `container` and is on the line starting at `startLine`. */
|
|
||||||
pragma[nomagic]
|
|
||||||
private predicate hasContainerAndStartLine(Location loc, Container container, int startLine) {
|
|
||||||
loc.getStartLine() = startLine and
|
|
||||||
loc.getContainer() = container
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets an element, of kind `kind`, that element `e` uses, if any.
|
* Gets an element, of kind `kind`, that element `e` uses, if any.
|
||||||
* Attention: This predicate yields multiple definitions for a single location.
|
* Attention: This predicate yields multiple definitions for a single location.
|
||||||
@@ -166,9 +159,9 @@ Top definitionOf(Top e, string kind) {
|
|||||||
// Multiple type mentions can be generated when a typedef is used, and
|
// Multiple type mentions can be generated when a typedef is used, and
|
||||||
// in such cases we want to exclude all but the originating typedef.
|
// in such cases we want to exclude all but the originating typedef.
|
||||||
not exists(Type secondary |
|
not exists(Type secondary |
|
||||||
exists(File f, int startline, int startcol |
|
exists(TypeMention tm, File f, int startline, int startcol |
|
||||||
typeMentionStartLoc(e, result, f, startline, startcol) and
|
typeMentionStartLoc(e, result, f, startline, startcol) and
|
||||||
typeMentionStartLoc(_, secondary, f, startline, startcol) and
|
typeMentionStartLoc(tm, secondary, f, startline, startcol) and
|
||||||
(
|
(
|
||||||
result = secondary.(TypedefType).getBaseType() or
|
result = secondary.(TypedefType).getBaseType() or
|
||||||
result = secondary.(TypedefType).getBaseType().(SpecifiedType).getBaseType()
|
result = secondary.(TypedefType).getBaseType().(SpecifiedType).getBaseType()
|
||||||
@@ -191,9 +184,11 @@ Top definitionOf(Top e, string kind) {
|
|||||||
kind = "I" and
|
kind = "I" and
|
||||||
result = e.(Include).getIncludedFile() and
|
result = e.(Include).getIncludedFile() and
|
||||||
// exclude `#include` directives containing macros
|
// exclude `#include` directives containing macros
|
||||||
not exists(MacroInvocation mi, Container container, int startLine |
|
not exists(MacroInvocation mi, Location l1, Location l2 |
|
||||||
hasContainerAndStartLine(e.(Include).getLocation(), container, startLine) and
|
l1 = e.(Include).getLocation() and
|
||||||
hasContainerAndStartLine(mi.getLocation(), container, startLine)
|
l2 = mi.getLocation() and
|
||||||
|
l1.getContainer() = l2.getContainer() and
|
||||||
|
l1.getStartLine() = l2.getStartLine()
|
||||||
// (an #include directive must be always on it's own line)
|
// (an #include directive must be always on it's own line)
|
||||||
)
|
)
|
||||||
) and
|
) and
|
||||||
|
|||||||
@@ -1,149 +1,17 @@
|
|||||||
import semmle.code.cpp.ir.dataflow.DataFlow
|
import experimental.semmle.code.cpp.ir.dataflow.DataFlow
|
||||||
private import semmle.code.cpp.ir.dataflow.internal.DataFlowPrivate
|
import experimental.semmle.code.cpp.ir.dataflow.DataFlow2
|
||||||
private import semmle.code.cpp.ir.dataflow.internal.DataFlowUtil
|
|
||||||
private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplCommon
|
|
||||||
private import codeql.util.Unit
|
|
||||||
|
|
||||||
module ProductFlow {
|
module ProductFlow {
|
||||||
signature module ConfigSig {
|
abstract class Configuration extends string {
|
||||||
|
bindingset[this]
|
||||||
|
Configuration() { any() }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds if `(source1, source2)` is a relevant data flow source.
|
* Holds if `(source1, source2)` is a relevant data flow source.
|
||||||
*
|
*
|
||||||
* `source1` and `source2` must belong to the same callable.
|
* `source1` and `source2` must belong to the same callable.
|
||||||
*/
|
*/
|
||||||
predicate isSourcePair(DataFlow::Node source1, DataFlow::Node source2);
|
predicate isSourcePair(DataFlow::Node source1, DataFlow::Node source2) { none() }
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if `(sink1, sink2)` is a relevant data flow sink.
|
|
||||||
*
|
|
||||||
* `sink1` and `sink2` must belong to the same callable.
|
|
||||||
*/
|
|
||||||
predicate isSinkPair(DataFlow::Node sink1, DataFlow::Node sink2);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow through `node` is prohibited through the first projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrier1(DataFlow::Node node) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow through `node` is prohibited through the second projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrier2(DataFlow::Node node) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow out of `node` is prohibited in the first projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrierOut1(DataFlow::Node node) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow out of `node` is prohibited in the second projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrierOut2(DataFlow::Node node) { none() }
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Holds if data may flow from `node1` to `node2` in addition to the normal data-flow steps in
|
|
||||||
* the first projection of the product dataflow graph.
|
|
||||||
*/
|
|
||||||
|
|
||||||
default predicate isAdditionalFlowStep1(DataFlow::Node node1, DataFlow::Node node2) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data may flow from `node1` to `node2` in addition to the normal data-flow steps in
|
|
||||||
* the second projection of the product dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isAdditionalFlowStep2(DataFlow::Node node1, DataFlow::Node node2) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow into `node` is prohibited in the first projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrierIn1(DataFlow::Node node) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow into `node` is prohibited in the second projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrierIn2(DataFlow::Node node) { none() }
|
|
||||||
}
|
|
||||||
|
|
||||||
module Global<ConfigSig Config> {
|
|
||||||
private module StateConfig implements StateConfigSig {
|
|
||||||
class FlowState1 = Unit;
|
|
||||||
|
|
||||||
class FlowState2 = Unit;
|
|
||||||
|
|
||||||
predicate isSourcePair(
|
|
||||||
DataFlow::Node source1, FlowState1 state1, DataFlow::Node source2, FlowState2 state2
|
|
||||||
) {
|
|
||||||
exists(state1) and
|
|
||||||
exists(state2) and
|
|
||||||
Config::isSourcePair(source1, source2)
|
|
||||||
}
|
|
||||||
|
|
||||||
predicate isSinkPair(
|
|
||||||
DataFlow::Node sink1, FlowState1 state1, DataFlow::Node sink2, FlowState2 state2
|
|
||||||
) {
|
|
||||||
exists(state1) and
|
|
||||||
exists(state2) and
|
|
||||||
Config::isSinkPair(sink1, sink2)
|
|
||||||
}
|
|
||||||
|
|
||||||
predicate isBarrier1(DataFlow::Node node, FlowState1 state) {
|
|
||||||
exists(state) and
|
|
||||||
Config::isBarrier1(node)
|
|
||||||
}
|
|
||||||
|
|
||||||
predicate isBarrier2(DataFlow::Node node, FlowState2 state) {
|
|
||||||
exists(state) and
|
|
||||||
Config::isBarrier2(node)
|
|
||||||
}
|
|
||||||
|
|
||||||
predicate isBarrier1 = Config::isBarrier1/1;
|
|
||||||
|
|
||||||
predicate isBarrier2 = Config::isBarrier2/1;
|
|
||||||
|
|
||||||
predicate isBarrierOut1 = Config::isBarrierOut1/1;
|
|
||||||
|
|
||||||
predicate isBarrierOut2 = Config::isBarrierOut2/1;
|
|
||||||
|
|
||||||
predicate isAdditionalFlowStep1 = Config::isAdditionalFlowStep1/2;
|
|
||||||
|
|
||||||
predicate isAdditionalFlowStep1(
|
|
||||||
DataFlow::Node node1, FlowState1 state1, DataFlow::Node node2, FlowState1 state2
|
|
||||||
) {
|
|
||||||
exists(state1) and
|
|
||||||
exists(state2) and
|
|
||||||
Config::isAdditionalFlowStep1(node1, node2)
|
|
||||||
}
|
|
||||||
|
|
||||||
predicate isAdditionalFlowStep2 = Config::isAdditionalFlowStep2/2;
|
|
||||||
|
|
||||||
predicate isAdditionalFlowStep2(
|
|
||||||
DataFlow::Node node1, FlowState2 state1, DataFlow::Node node2, FlowState2 state2
|
|
||||||
) {
|
|
||||||
exists(state1) and
|
|
||||||
exists(state2) and
|
|
||||||
Config::isAdditionalFlowStep2(node1, node2)
|
|
||||||
}
|
|
||||||
|
|
||||||
predicate isBarrierIn1 = Config::isBarrierIn1/1;
|
|
||||||
|
|
||||||
predicate isBarrierIn2 = Config::isBarrierIn2/1;
|
|
||||||
}
|
|
||||||
|
|
||||||
import GlobalWithState<StateConfig>
|
|
||||||
}
|
|
||||||
|
|
||||||
signature module StateConfigSig {
|
|
||||||
bindingset[this]
|
|
||||||
class FlowState1;
|
|
||||||
|
|
||||||
bindingset[this]
|
|
||||||
class FlowState2;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds if `(source1, source2)` is a relevant data flow source with initial states `state1`
|
* Holds if `(source1, source2)` is a relevant data flow source with initial states `state1`
|
||||||
@@ -152,8 +20,19 @@ module ProductFlow {
|
|||||||
* `source1` and `source2` must belong to the same callable.
|
* `source1` and `source2` must belong to the same callable.
|
||||||
*/
|
*/
|
||||||
predicate isSourcePair(
|
predicate isSourcePair(
|
||||||
DataFlow::Node source1, FlowState1 state1, DataFlow::Node source2, FlowState2 state2
|
DataFlow::Node source1, string state1, DataFlow::Node source2, string state2
|
||||||
);
|
) {
|
||||||
|
state1 = "" and
|
||||||
|
state2 = "" and
|
||||||
|
this.isSourcePair(source1, source2)
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Holds if `(sink1, sink2)` is a relevant data flow sink.
|
||||||
|
*
|
||||||
|
* `sink1` and `sink2` must belong to the same callable.
|
||||||
|
*/
|
||||||
|
predicate isSinkPair(DataFlow::Node sink1, DataFlow::Node sink2) { none() }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds if `(sink1, sink2)` is a relevant data flow sink with final states `state1`
|
* Holds if `(sink1, sink2)` is a relevant data flow sink with final states `state1`
|
||||||
@@ -162,390 +41,125 @@ module ProductFlow {
|
|||||||
* `sink1` and `sink2` must belong to the same callable.
|
* `sink1` and `sink2` must belong to the same callable.
|
||||||
*/
|
*/
|
||||||
predicate isSinkPair(
|
predicate isSinkPair(
|
||||||
DataFlow::Node sink1, FlowState1 state1, DataFlow::Node sink2, FlowState2 state2
|
DataFlow::Node sink1, DataFlow::FlowState state1, DataFlow::Node sink2,
|
||||||
);
|
DataFlow::FlowState state2
|
||||||
|
) {
|
||||||
|
state1 = "" and
|
||||||
|
state2 = "" and
|
||||||
|
this.isSinkPair(sink1, sink2)
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
predicate hasFlowPath(
|
||||||
* Holds if data flow through `node` is prohibited through the first projection of the product
|
DataFlow::PathNode source1, DataFlow2::PathNode source2, DataFlow::PathNode sink1,
|
||||||
* dataflow graph when the flow state is `state`.
|
DataFlow2::PathNode sink2
|
||||||
*/
|
) {
|
||||||
predicate isBarrier1(DataFlow::Node node, FlowState1 state);
|
reachable(this, source1, source2, sink1, sink2)
|
||||||
|
}
|
||||||
/**
|
|
||||||
* Holds if data flow through `node` is prohibited through the second projection of the product
|
|
||||||
* dataflow graph when the flow state is `state`.
|
|
||||||
*/
|
|
||||||
predicate isBarrier2(DataFlow::Node node, FlowState2 state);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow through `node` is prohibited through the first projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrier1(DataFlow::Node node) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow through `node` is prohibited through the second projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrier2(DataFlow::Node node) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow out of `node` is prohibited in the first projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrierOut1(DataFlow::Node node) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow out of `node` is prohibited in the second projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrierOut2(DataFlow::Node node) { none() }
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Holds if data may flow from `node1` to `node2` in addition to the normal data-flow steps in
|
|
||||||
* the first projection of the product dataflow graph.
|
|
||||||
*/
|
|
||||||
|
|
||||||
default predicate isAdditionalFlowStep1(DataFlow::Node node1, DataFlow::Node node2) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data may flow from `node1` to `node2` in addition to the normal data-flow steps in
|
|
||||||
* the first projection of the product dataflow graph.
|
|
||||||
*
|
|
||||||
* This step is only applicable in `state1` and updates the flow state to `state2`.
|
|
||||||
*/
|
|
||||||
predicate isAdditionalFlowStep1(
|
|
||||||
DataFlow::Node node1, FlowState1 state1, DataFlow::Node node2, FlowState1 state2
|
|
||||||
);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data may flow from `node1` to `node2` in addition to the normal data-flow steps in
|
|
||||||
* the second projection of the product dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isAdditionalFlowStep2(DataFlow::Node node1, DataFlow::Node node2) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data may flow from `node1` to `node2` in addition to the normal data-flow steps in
|
|
||||||
* the second projection of the product dataflow graph.
|
|
||||||
*
|
|
||||||
* This step is only applicable in `state1` and updates the flow state to `state2`.
|
|
||||||
*/
|
|
||||||
predicate isAdditionalFlowStep2(
|
|
||||||
DataFlow::Node node1, FlowState2 state1, DataFlow::Node node2, FlowState2 state2
|
|
||||||
);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow into `node` is prohibited in the first projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrierIn1(DataFlow::Node node) { none() }
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Holds if data flow into `node` is prohibited in the second projection of the product
|
|
||||||
* dataflow graph.
|
|
||||||
*/
|
|
||||||
default predicate isBarrierIn2(DataFlow::Node node) { none() }
|
|
||||||
}
|
}
|
||||||
|
|
||||||
module GlobalWithState<StateConfigSig Config> {
|
private import Internal
|
||||||
class PathNode1 = Flow1::PathNode;
|
|
||||||
|
|
||||||
class PathNode2 = Flow2::PathNode;
|
module Internal {
|
||||||
|
class Conf1 extends DataFlow::Configuration {
|
||||||
|
Conf1() { this = "Conf1" }
|
||||||
|
|
||||||
module PathGraph1 = Flow1::PathGraph;
|
override predicate isSource(DataFlow::Node source, string state) {
|
||||||
|
exists(Configuration conf | conf.isSourcePair(source, state, _, _))
|
||||||
|
}
|
||||||
|
|
||||||
module PathGraph2 = Flow2::PathGraph;
|
override predicate isSink(DataFlow::Node sink, string state) {
|
||||||
|
exists(Configuration conf | conf.isSinkPair(sink, state, _, _))
|
||||||
class FlowState1 = Config::FlowState1;
|
}
|
||||||
|
|
||||||
class FlowState2 = Config::FlowState2;
|
|
||||||
|
|
||||||
predicate flowPath(
|
|
||||||
Flow1::PathNode source1, Flow2::PathNode source2, Flow1::PathNode sink1, Flow2::PathNode sink2
|
|
||||||
) {
|
|
||||||
reachable(source1, source2, sink1, sink2)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private module Config1 implements DataFlow::StateConfigSig {
|
class Conf2 extends DataFlow2::Configuration {
|
||||||
class FlowState = FlowState1;
|
Conf2() { this = "Conf2" }
|
||||||
|
|
||||||
predicate isSource(DataFlow::Node source, FlowState state) {
|
override predicate isSource(DataFlow::Node source, string state) {
|
||||||
Config::isSourcePair(source, state, _, _)
|
exists(Configuration conf, DataFlow::Node source1 |
|
||||||
}
|
conf.isSourcePair(source1, _, source, state) and
|
||||||
|
any(Conf1 c).hasFlow(source1, _)
|
||||||
predicate isSink(DataFlow::Node sink, FlowState state) {
|
|
||||||
Config::isSinkPair(sink, state, _, _)
|
|
||||||
}
|
|
||||||
|
|
||||||
predicate isBarrier(DataFlow::Node node, FlowState state) { Config::isBarrier1(node, state) }
|
|
||||||
|
|
||||||
predicate isBarrierOut(DataFlow::Node node) { Config::isBarrierOut1(node) }
|
|
||||||
|
|
||||||
predicate isAdditionalFlowStep(
|
|
||||||
DataFlow::Node node1, FlowState1 state1, DataFlow::Node node2, FlowState state2
|
|
||||||
) {
|
|
||||||
Config::isAdditionalFlowStep1(node1, state1, node2, state2)
|
|
||||||
}
|
|
||||||
|
|
||||||
predicate isBarrierIn(DataFlow::Node node) { Config::isBarrierIn1(node) }
|
|
||||||
}
|
|
||||||
|
|
||||||
private module Flow1 = DataFlow::GlobalWithState<Config1>;
|
|
||||||
|
|
||||||
private module Config2 implements DataFlow::StateConfigSig {
|
|
||||||
class FlowState = FlowState2;
|
|
||||||
|
|
||||||
predicate isSource(DataFlow::Node source, FlowState state) {
|
|
||||||
exists(Flow1::PathNode source1 |
|
|
||||||
Config::isSourcePair(source1.getNode(), source1.getState(), source, state) and
|
|
||||||
Flow1::flowPath(source1, _)
|
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
predicate isSink(DataFlow::Node sink, FlowState state) {
|
override predicate isSink(DataFlow::Node sink, string state) {
|
||||||
exists(Flow1::PathNode sink1 |
|
exists(Configuration conf, DataFlow::Node sink1 |
|
||||||
Config::isSinkPair(sink1.getNode(), sink1.getState(), sink, state) and
|
conf.isSinkPair(sink1, _, sink, state) and any(Conf1 c).hasFlow(_, sink1)
|
||||||
Flow1::flowPath(_, sink1)
|
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
predicate isBarrier(DataFlow::Node node, FlowState state) { Config::isBarrier2(node, state) }
|
|
||||||
|
|
||||||
predicate isBarrierOut(DataFlow::Node node) { Config::isBarrierOut2(node) }
|
|
||||||
|
|
||||||
predicate isAdditionalFlowStep(
|
|
||||||
DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2
|
|
||||||
) {
|
|
||||||
Config::isAdditionalFlowStep2(node1, state1, node2, state2)
|
|
||||||
}
|
|
||||||
|
|
||||||
predicate isBarrierIn(DataFlow::Node node) { Config::isBarrierIn2(node) }
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
private module Flow2 = DataFlow::GlobalWithState<Config2>;
|
private predicate reachableInterprocEntry(
|
||||||
|
Configuration conf, DataFlow::PathNode source1, DataFlow2::PathNode source2,
|
||||||
|
DataFlow::PathNode node1, DataFlow2::PathNode node2
|
||||||
|
) {
|
||||||
|
conf.isSourcePair(node1.getNode(), _, node2.getNode(), _) and
|
||||||
|
node1 = source1 and
|
||||||
|
node2 = source2
|
||||||
|
or
|
||||||
|
exists(
|
||||||
|
DataFlow::PathNode midEntry1, DataFlow2::PathNode midEntry2, DataFlow::PathNode midExit1,
|
||||||
|
DataFlow2::PathNode midExit2
|
||||||
|
|
|
||||||
|
reachableInterprocEntry(conf, source1, source2, midEntry1, midEntry2) and
|
||||||
|
interprocEdgePair(midExit1, midExit2, node1, node2) and
|
||||||
|
localPathStep1*(midEntry1, midExit1) and
|
||||||
|
localPathStep2*(midEntry2, midExit2)
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
private predicate isSourcePair(Flow1::PathNode node1, Flow2::PathNode node2) {
|
private predicate localPathStep1(DataFlow::PathNode pred, DataFlow::PathNode succ) {
|
||||||
Config::isSourcePair(node1.getNode(), node1.getState(), node2.getNode(), node2.getState())
|
DataFlow::PathGraph::edges(pred, succ) and
|
||||||
}
|
pragma[only_bind_out](pred.getNode().getEnclosingCallable()) =
|
||||||
|
pragma[only_bind_out](succ.getNode().getEnclosingCallable())
|
||||||
|
}
|
||||||
|
|
||||||
private predicate isSinkPair(Flow1::PathNode node1, Flow2::PathNode node2) {
|
private predicate localPathStep2(DataFlow2::PathNode pred, DataFlow2::PathNode succ) {
|
||||||
Config::isSinkPair(node1.getNode(), node1.getState(), node2.getNode(), node2.getState())
|
DataFlow2::PathGraph::edges(pred, succ) and
|
||||||
}
|
pragma[only_bind_out](pred.getNode().getEnclosingCallable()) =
|
||||||
|
pragma[only_bind_out](succ.getNode().getEnclosingCallable())
|
||||||
|
}
|
||||||
|
|
||||||
pragma[assume_small_delta]
|
pragma[nomagic]
|
||||||
pragma[nomagic]
|
private predicate interprocEdge1(
|
||||||
private predicate fwdReachableInterprocEntry(Flow1::PathNode node1, Flow2::PathNode node2) {
|
Declaration predDecl, Declaration succDecl, DataFlow::PathNode pred1, DataFlow::PathNode succ1
|
||||||
isSourcePair(node1, node2)
|
) {
|
||||||
or
|
DataFlow::PathGraph::edges(pred1, succ1) and
|
||||||
fwdIsSuccessor(_, _, node1, node2)
|
predDecl != succDecl and
|
||||||
}
|
pred1.getNode().getEnclosingCallable() = predDecl and
|
||||||
|
succ1.getNode().getEnclosingCallable() = succDecl
|
||||||
|
}
|
||||||
|
|
||||||
pragma[nomagic]
|
pragma[nomagic]
|
||||||
private predicate fwdIsSuccessorExit(
|
private predicate interprocEdge2(
|
||||||
Flow1::PathNode mid1, Flow2::PathNode mid2, Flow1::PathNode succ1, Flow2::PathNode succ2
|
Declaration predDecl, Declaration succDecl, DataFlow2::PathNode pred2, DataFlow2::PathNode succ2
|
||||||
) {
|
) {
|
||||||
isSinkPair(mid1, mid2) and
|
DataFlow2::PathGraph::edges(pred2, succ2) and
|
||||||
succ1 = mid1 and
|
predDecl != succDecl and
|
||||||
succ2 = mid2
|
pred2.getNode().getEnclosingCallable() = predDecl and
|
||||||
or
|
succ2.getNode().getEnclosingCallable() = succDecl
|
||||||
interprocEdgePair(mid1, mid2, succ1, succ2)
|
}
|
||||||
}
|
|
||||||
|
|
||||||
private predicate fwdIsSuccessor1(
|
private predicate interprocEdgePair(
|
||||||
Flow1::PathNode pred1, Flow2::PathNode pred2, Flow1::PathNode mid1, Flow2::PathNode mid2,
|
DataFlow::PathNode pred1, DataFlow2::PathNode pred2, DataFlow::PathNode succ1,
|
||||||
Flow1::PathNode succ1, Flow2::PathNode succ2
|
DataFlow2::PathNode succ2
|
||||||
) {
|
) {
|
||||||
fwdReachableInterprocEntry(pred1, pred2) and
|
exists(Declaration predDecl, Declaration succDecl |
|
||||||
localPathStep1*(pred1, mid1) and
|
interprocEdge1(predDecl, succDecl, pred1, succ1) and
|
||||||
fwdIsSuccessorExit(pragma[only_bind_into](mid1), pragma[only_bind_into](mid2), succ1, succ2)
|
interprocEdge2(predDecl, succDecl, pred2, succ2)
|
||||||
}
|
)
|
||||||
|
}
|
||||||
|
|
||||||
private predicate fwdIsSuccessor2(
|
private predicate reachable(
|
||||||
Flow1::PathNode pred1, Flow2::PathNode pred2, Flow1::PathNode mid1, Flow2::PathNode mid2,
|
Configuration conf, DataFlow::PathNode source1, DataFlow2::PathNode source2,
|
||||||
Flow1::PathNode succ1, Flow2::PathNode succ2
|
DataFlow::PathNode sink1, DataFlow2::PathNode sink2
|
||||||
) {
|
) {
|
||||||
fwdReachableInterprocEntry(pred1, pred2) and
|
exists(DataFlow::PathNode mid1, DataFlow2::PathNode mid2 |
|
||||||
localPathStep2*(pred2, mid2) and
|
reachableInterprocEntry(conf, source1, source2, mid1, mid2) and
|
||||||
fwdIsSuccessorExit(pragma[only_bind_into](mid1), pragma[only_bind_into](mid2), succ1, succ2)
|
conf.isSinkPair(sink1.getNode(), _, sink2.getNode(), _) and
|
||||||
}
|
localPathStep1*(mid1, sink1) and
|
||||||
|
localPathStep2*(mid2, sink2)
|
||||||
pragma[assume_small_delta]
|
)
|
||||||
private predicate fwdIsSuccessor(
|
|
||||||
Flow1::PathNode pred1, Flow2::PathNode pred2, Flow1::PathNode succ1, Flow2::PathNode succ2
|
|
||||||
) {
|
|
||||||
exists(Flow1::PathNode mid1, Flow2::PathNode mid2 |
|
|
||||||
fwdIsSuccessor1(pred1, pred2, mid1, mid2, succ1, succ2) and
|
|
||||||
fwdIsSuccessor2(pred1, pred2, mid1, mid2, succ1, succ2)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
pragma[assume_small_delta]
|
|
||||||
pragma[nomagic]
|
|
||||||
private predicate revReachableInterprocEntry(Flow1::PathNode node1, Flow2::PathNode node2) {
|
|
||||||
fwdReachableInterprocEntry(node1, node2) and
|
|
||||||
isSinkPair(node1, node2)
|
|
||||||
or
|
|
||||||
exists(Flow1::PathNode succ1, Flow2::PathNode succ2 |
|
|
||||||
revReachableInterprocEntry(succ1, succ2) and
|
|
||||||
fwdIsSuccessor(node1, node2, succ1, succ2)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
private newtype TNodePair =
|
|
||||||
TMkNodePair(Flow1::PathNode node1, Flow2::PathNode node2) {
|
|
||||||
revReachableInterprocEntry(node1, node2)
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate pathSucc(TNodePair n1, TNodePair n2) {
|
|
||||||
exists(Flow1::PathNode n11, Flow2::PathNode n12, Flow1::PathNode n21, Flow2::PathNode n22 |
|
|
||||||
n1 = TMkNodePair(n11, n12) and
|
|
||||||
n2 = TMkNodePair(n21, n22) and
|
|
||||||
fwdIsSuccessor(n11, n12, n21, n22)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate pathSuccPlus(TNodePair n1, TNodePair n2) = fastTC(pathSucc/2)(n1, n2)
|
|
||||||
|
|
||||||
private predicate localPathStep1(Flow1::PathNode pred, Flow1::PathNode succ) {
|
|
||||||
Flow1::PathGraph::edges(pred, succ) and
|
|
||||||
pragma[only_bind_out](pred.getNode().getEnclosingCallable()) =
|
|
||||||
pragma[only_bind_out](succ.getNode().getEnclosingCallable())
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate localPathStep2(Flow2::PathNode pred, Flow2::PathNode succ) {
|
|
||||||
Flow2::PathGraph::edges(pred, succ) and
|
|
||||||
pragma[only_bind_out](pred.getNode().getEnclosingCallable()) =
|
|
||||||
pragma[only_bind_out](succ.getNode().getEnclosingCallable())
|
|
||||||
}
|
|
||||||
|
|
||||||
private newtype TKind =
|
|
||||||
TInto(DataFlowCall call) {
|
|
||||||
intoImpl1(_, _, call) or
|
|
||||||
intoImpl2(_, _, call)
|
|
||||||
} or
|
|
||||||
TOutOf(DataFlowCall call) {
|
|
||||||
outImpl1(_, _, call) or
|
|
||||||
outImpl2(_, _, call)
|
|
||||||
} or
|
|
||||||
TJump()
|
|
||||||
|
|
||||||
private predicate intoImpl1(Flow1::PathNode pred1, Flow1::PathNode succ1, DataFlowCall call) {
|
|
||||||
Flow1::PathGraph::edges(pred1, succ1) and
|
|
||||||
pred1.getNode().(ArgumentNode).getCall() = call and
|
|
||||||
succ1.getNode() instanceof ParameterNode
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate into1(Flow1::PathNode pred1, Flow1::PathNode succ1, TKind kind) {
|
|
||||||
exists(DataFlowCall call |
|
|
||||||
kind = TInto(call) and
|
|
||||||
intoImpl1(pred1, succ1, call)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate outImpl1(Flow1::PathNode pred1, Flow1::PathNode succ1, DataFlowCall call) {
|
|
||||||
Flow1::PathGraph::edges(pred1, succ1) and
|
|
||||||
exists(ReturnKindExt returnKind |
|
|
||||||
succ1.getNode() = returnKind.getAnOutNode(call) and
|
|
||||||
pred1.getNode().(ReturnNodeExt).getKind() = returnKind
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate out1(Flow1::PathNode pred1, Flow1::PathNode succ1, TKind kind) {
|
|
||||||
exists(DataFlowCall call |
|
|
||||||
outImpl1(pred1, succ1, call) and
|
|
||||||
kind = TOutOf(call)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate intoImpl2(Flow2::PathNode pred2, Flow2::PathNode succ2, DataFlowCall call) {
|
|
||||||
Flow2::PathGraph::edges(pred2, succ2) and
|
|
||||||
pred2.getNode().(ArgumentNode).getCall() = call and
|
|
||||||
succ2.getNode() instanceof ParameterNode
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate into2(Flow2::PathNode pred2, Flow2::PathNode succ2, TKind kind) {
|
|
||||||
exists(DataFlowCall call |
|
|
||||||
kind = TInto(call) and
|
|
||||||
intoImpl2(pred2, succ2, call)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate outImpl2(Flow2::PathNode pred2, Flow2::PathNode succ2, DataFlowCall call) {
|
|
||||||
Flow2::PathGraph::edges(pred2, succ2) and
|
|
||||||
exists(ReturnKindExt returnKind |
|
|
||||||
succ2.getNode() = returnKind.getAnOutNode(call) and
|
|
||||||
pred2.getNode().(ReturnNodeExt).getKind() = returnKind
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate out2(Flow2::PathNode pred2, Flow2::PathNode succ2, TKind kind) {
|
|
||||||
exists(DataFlowCall call |
|
|
||||||
kind = TOutOf(call) and
|
|
||||||
outImpl2(pred2, succ2, call)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
pragma[nomagic]
|
|
||||||
private predicate interprocEdge1(
|
|
||||||
Declaration predDecl, Declaration succDecl, Flow1::PathNode pred1, Flow1::PathNode succ1,
|
|
||||||
TKind kind
|
|
||||||
) {
|
|
||||||
Flow1::PathGraph::edges(pred1, succ1) and
|
|
||||||
predDecl != succDecl and
|
|
||||||
pred1.getNode().getEnclosingCallable() = predDecl and
|
|
||||||
succ1.getNode().getEnclosingCallable() = succDecl and
|
|
||||||
(
|
|
||||||
into1(pred1, succ1, kind)
|
|
||||||
or
|
|
||||||
out1(pred1, succ1, kind)
|
|
||||||
or
|
|
||||||
kind = TJump() and
|
|
||||||
not into1(pred1, succ1, _) and
|
|
||||||
not out1(pred1, succ1, _)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
pragma[nomagic]
|
|
||||||
private predicate interprocEdge2(
|
|
||||||
Declaration predDecl, Declaration succDecl, Flow2::PathNode pred2, Flow2::PathNode succ2,
|
|
||||||
TKind kind
|
|
||||||
) {
|
|
||||||
Flow2::PathGraph::edges(pred2, succ2) and
|
|
||||||
predDecl != succDecl and
|
|
||||||
pred2.getNode().getEnclosingCallable() = predDecl and
|
|
||||||
succ2.getNode().getEnclosingCallable() = succDecl and
|
|
||||||
(
|
|
||||||
into2(pred2, succ2, kind)
|
|
||||||
or
|
|
||||||
out2(pred2, succ2, kind)
|
|
||||||
or
|
|
||||||
kind = TJump() and
|
|
||||||
not into2(pred2, succ2, _) and
|
|
||||||
not out2(pred2, succ2, _)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate interprocEdgePair(
|
|
||||||
Flow1::PathNode pred1, Flow2::PathNode pred2, Flow1::PathNode succ1, Flow2::PathNode succ2
|
|
||||||
) {
|
|
||||||
exists(Declaration predDecl, Declaration succDecl, TKind kind |
|
|
||||||
interprocEdge1(predDecl, succDecl, pred1, succ1, kind) and
|
|
||||||
interprocEdge2(predDecl, succDecl, pred2, succ2, kind)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
private predicate reachable(
|
|
||||||
Flow1::PathNode source1, Flow2::PathNode source2, Flow1::PathNode sink1, Flow2::PathNode sink2
|
|
||||||
) {
|
|
||||||
isSourcePair(source1, source2) and
|
|
||||||
isSinkPair(sink1, sink2) and
|
|
||||||
exists(TNodePair n1, TNodePair n2 |
|
|
||||||
n1 = TMkNodePair(source1, source2) and
|
|
||||||
n2 = TMkNodePair(sink1, sink2)
|
|
||||||
|
|
|
||||||
pathSuccPlus(n1, n2) or
|
|
||||||
n1 = n2
|
|
||||||
)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,26 @@
|
|||||||
|
/**
|
||||||
|
* Provides a library for local (intra-procedural) and global (inter-procedural)
|
||||||
|
* data flow analysis: deciding whether data can flow from a _source_ to a
|
||||||
|
* _sink_. This library differs from the one in `semmle.code.cpp.dataflow` in that
|
||||||
|
* this library uses the IR (Intermediate Representation) library, which provides
|
||||||
|
* a more precise semantic representation of the program, whereas the other dataflow
|
||||||
|
* library uses the more syntax-oriented ASTs. This library should provide more accurate
|
||||||
|
* results than the AST-based library in most scenarios.
|
||||||
|
*
|
||||||
|
* Unless configured otherwise, _flow_ means that the exact value of
|
||||||
|
* the source may reach the sink. We do not track flow across pointer
|
||||||
|
* dereferences or array indexing.
|
||||||
|
*
|
||||||
|
* To use global (interprocedural) data flow, extend the class
|
||||||
|
* `DataFlow::Configuration` as documented on that class. To use local
|
||||||
|
* (intraprocedural) data flow between expressions, call
|
||||||
|
* `DataFlow::localExprFlow`. For more general cases of local data flow, call
|
||||||
|
* `DataFlow::localFlow` or `DataFlow::localFlowStep` with arguments of type
|
||||||
|
* `DataFlow::Node`.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import cpp
|
||||||
|
|
||||||
|
module DataFlow {
|
||||||
|
import experimental.semmle.code.cpp.ir.dataflow.internal.DataFlowImpl
|
||||||
|
}
|
||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user