github-actions[bot]
f107d16b4e
Post-release preparation for codeql-cli-2.19.3
2024-11-04 17:20:08 +00:00
github-actions[bot]
cc7b724123
Release preparation for version 2.19.3
2024-11-04 16:37:28 +00:00
Tom Hvitved
2b37c6cd32
Merge pull request #17548 from hvitved/shared/inline-test-post-process
...
Shared: Post-processing query for inline test expectations
2024-10-31 11:40:11 +01:00
Tom Hvitved
c936468b17
Merge pull request #17739 from hvitved/dataflow/big-step-quadratic
2024-10-31 08:16:16 +01:00
Anders Schack-Mulligen
b556590ef8
Merge pull request #17663 from aschackmull/dataflow/speculative-flow
...
Dataflow: Add support for speculative taint flow.
2024-10-31 08:12:43 +01:00
Tom Hvitved
540b433f5a
Go: Post-processing query for inline test expectations
2024-10-29 13:35:35 +01:00
Tom Hvitved
b111194fbc
Shared: Simplify `PrettyPrintModels.ql`
2024-10-29 13:35:28 +01:00
Tom Hvitved
7a2105b1d5
Go: Update expected test output
2024-10-23 10:41:13 +02:00
Cornelius Riemenschneider
1ccadbc3f6
Add comment.
2024-10-22 11:26:02 +02:00
Cornelius Riemenschneider
ad1ef65539
Go: Fix makefile to use bash to look up bazel path.
...
On Windows, make's path resolution algorithm is incorrect.
It picks up a bazel.exe in PATH that's _after_ a bazel binary.
In particular, on actions, the non-exe binary is a bazelisk
instance, whereas bazel.exe is a bazel (at the current time 7.3.2)
installation.
This means we pick up the wrong bazel version, and
if the differences between the bazel we want and that we actually
get are too big, the build fails.
2024-10-22 10:51:10 +02:00
Owen Mansel-Chan
23a1ea7191
Merge pull request #17717 from owen-mc/go/update-incorrect-integer-conversion-qhelp
...
Go: Update `go/incorrect-integer-conversion` qhelp to explain possible source of FPs
2024-10-21 21:53:32 +01:00
Owen Mansel-Chan
f3abe549f3
Merge pull request #17794 from owen-mc/go/ast-viewer-typeparamdecl
...
Go: Fix type param declarations in AST viewer
2024-10-18 10:14:51 +01:00
Owen Mansel-Chan
bacf448388
Add change note
2024-10-17 22:06:49 +01:00
Owen Mansel-Chan
7ed82068ef
Add type param decls to AST viewer hierarchy
2024-10-17 15:39:16 +01:00
Owen Mansel-Chan
b8ea8400d1
Add type param decls to PrintAST tests
2024-10-17 15:37:31 +01:00
Owen Mansel-Chan
1318504aa5
Add QLDoc
2024-10-17 12:06:46 +01:00
Owen Mansel-Chan
87992fac88
Revert change to `hasEmbeddedField`
2024-10-17 11:50:17 +01:00
Owen Mansel-Chan
5007666d6e
Add helper predicate `lookThroughPointerType`
2024-10-17 11:26:24 +01:00
Anders Schack-Mulligen
c20f12fa6c
Add qldoc.
2024-10-16 14:35:23 +02:00
Anders Schack-Mulligen
fae71756eb
Go: Add tentative support for speculative taint flow.
2024-10-16 14:35:21 +02:00
Anders Schack-Mulligen
c80627a3d3
Dataflow: add plumbing for adding provenance to state-steps.
2024-10-16 14:35:18 +02:00
Owen Mansel-Chan
5efb88ed1f
Merge pull request #17737 from owen-mc/go/extractor/objecttypes-consistency-generics-2
...
Go: extractor/objecttypes consistency generics (second try)
2024-10-15 15:50:45 +01:00
github-actions[bot]
079ab77a38
Post-release preparation for codeql-cli-2.19.2
2024-10-15 12:16:59 +00:00
github-actions[bot]
255f55cf1a
Release preparation for version 2.19.2
2024-10-15 10:29:25 +00:00
Owen Mansel-Chan
1626af0ae1
Merge pull request #17748 from owen-mc/go/join-order-fix/data-flow-node-gettype
...
Go: Fix bad join order in `SummarizedParameterNode.gettype`
2024-10-15 10:14:38 +01:00
Edward Minnix III
ade5686e52
Merge pull request #17335 from egregius313/egregius313/go/dataflow/models/stdin
...
Go: Implement `stdin` models
2024-10-14 10:38:27 -04:00
Owen Mansel-Chan
1456ec2119
Fix bad join order in SummarizedParameterNode.gettype
...
Specifically the disjunct for this.getPos() != -1. Running on
uber/aresdb, before we had this:
2403 ~1% {3} r6 = JOIN `DataFlowUtil::SummarizedParameterNode.getPos/0#dispred#70a2aab4` WITH `DataFlowPrivate::FlowSummaryNode.getSummarizedCallable/0#dispred#e79ea9be` ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Rhs.1
9149774 ~5% {4} | JOIN WITH `Types::SignatureType.getParameterType/1#dispred#2c11bb7b_102#join_rhs` ON FIRST 1 OUTPUT Lhs.2, Rhs.1, Lhs.1, Rhs.2
923 ~9% {2} | JOIN WITH `Scopes::Callable.getType/0#dispred#55a0e6a2` ON FIRST 2 OUTPUT Lhs.2, Lhs.3
We add a binding pragma to make it not bind on this.getPos() until
necessary. After we have this:
2403 ~0% {3} r6 = JOIN `DataFlowUtil::SummarizedParameterNode.getPos/0#dispred#70a2aab4` WITH `DataFlowPrivate::FlowSummaryNode.getSummarizedCallable/0#dispred#e79ea9be` ON FIRST 1 OUTPUT Rhs.1, Lhs.0, Lhs.1
2373 ~0% {3} | JOIN WITH `Scopes::Callable.getType/0#dispred#55a0e6a2` ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Lhs.1
923 ~9% {2} | JOIN WITH `Types::SignatureType.getParameterType/1#dispred#2c11bb7b` ON FIRST 2 OUTPUT Lhs.2, Rhs.2
2024-10-13 14:27:51 +01:00
Owen Mansel-Chan
9381dda4a9
Use un-specialized field when extracting struct types
2024-10-11 11:30:02 +01:00
Owen Mansel-Chan
6bf6ed6f48
Add check for object for specialized named type
2024-10-11 11:30:00 +01:00
Owen Mansel-Chan
a810309160
Add check for specialized objects
2024-10-11 11:29:58 +01:00
Owen Mansel-Chan
45710e23c6
Always use generic method object
2024-10-11 11:29:57 +01:00
Owen Mansel-Chan
d013c8940d
Revert "Go: extractor/objecttypes consistency generics"
2024-10-10 21:37:44 +01:00
Owen Mansel-Chan
513efe222d
Add check for object for specialized named type
2024-10-10 13:59:51 +01:00
Owen Mansel-Chan
6f6b4a0bfe
Add check for specialized objects
2024-10-10 13:59:49 +01:00
Owen Mansel-Chan
d295cac697
Always use generic method object
2024-10-10 13:59:47 +01:00
Edward Minnix III
0abc0d1a67
Fix: ActiveThreatModelSource
2024-10-09 11:35:07 -04:00
Owen Mansel-Chan
500992c499
Update qhelp to explain possible source of FPs
2024-10-09 15:08:48 +01:00
Chris Smowton
58fd1a2241
Merge pull request #17357 from smowton/smowton/feature/go-indistinguishable-types
...
Go: extract and expose struct tags, interface method IDs
2024-10-09 11:06:02 +01:00
Chris Smowton
837387aeae
Re-optimise isSensitive routine
2024-10-08 19:23:31 +01:00
Chris Smowton
629a7a601d
Further optimise guardingFunction: remove redundant condition, and order guard -> guardFunction case to work backwards from interesting return sites, allowing us to go backwards not forwards through BasicBlock::dominates
2024-10-08 19:23:30 +01:00
Chris Smowton
d401891d30
copyedit
2024-10-08 19:23:29 +01:00
Chris Smowton
c79da8b2b5
Avoid pathological case where getExampleMethodName picks a very common method name
2024-10-08 19:23:28 +01:00
Chris Smowton
ed9a6bd820
Further join order optimisations
2024-10-08 19:23:27 +01:00
Chris Smowton
bf5ba33c2e
Improve join orders for top 5 perf regressions in QA
2024-10-08 19:23:26 +01:00
Chris Smowton
365ccf4903
autoformat
2024-10-08 19:23:25 +01:00
Chris Smowton
36a031833f
Further optimisation
2024-10-08 19:23:24 +01:00
Chris Smowton
ab99509a11
Rework interface for querying private interface method ids
2024-10-08 19:23:22 +01:00
Chris Smowton
0f95a8d724
Clarify doc
2024-10-08 19:23:21 +01:00
Chris Smowton
288e0ec565
component_tags -> struct_tags
2024-10-08 19:23:20 +01:00
Chris Smowton
c1a1edf24e
Autoformat
2024-10-08 19:23:19 +01:00