github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
60 163 коммитов 1 541 ветка 132 Теги 497 MiB
Граф коммитов

2645 Коммитов

Автор SHA1 Сообщение Дата
erik-krogh 4bc4e0845d
delete the deprecated `isBarrierGuard` predicate from the shared dataflow library, and its uses 2023-10-07 21:48:49 +02:00
Robert Marsh 30a9656ebb Swift: change note for autoclosure cfg 2023-10-06 20:19:35 +00:00
Robert Marsh cb749bd973 Swift: CFG for normal autoclosure exprs 2023-10-06 20:14:49 +00:00
Robert Marsh 661da76838 Swift: add function call autoclosure tests 2023-10-06 19:49:33 +00:00
Geoffrey White 0918e50b05 Swift: Switch pragma to inline_late. 2023-10-06 20:23:51 +01:00
Geoffrey White 7c28528eac Swift: Change note. 2023-10-06 18:26:21 +01:00
Geoffrey White 676179620a Swift: Get sqlite3 C API results (model Data.withUnsafeBytes, Data.withUnsafeMutableBytes, permit flow out of collections at the query sink) 2023-10-06 18:26:20 +01:00
Geoffrey White bc9d8cc40f Swift: Get another SQLite.swift result. 2023-10-06 18:26:20 +01:00
Geoffrey White 691665fca8 Swift: Add models for SQLite.swift. 2023-10-06 18:26:19 +01:00
Geoffrey White bece2e8689 Swift: Add models for sqlite3 C API. 2023-10-06 18:26:19 +01:00
Geoffrey White 9a628d4165 Swift: Add test for sqlite3 C API. 2023-10-06 18:26:18 +01:00
Geoffrey White 8006996f46 Swift: Add test for SQLite.swift. 2023-10-06 18:26:18 +01:00
Robert Marsh 85587413d0 Swift: fix QLDoc formatting for getSequence 2023-10-06 15:29:56 +00:00
Robert Marsh c281db6b5b Swift: improve QLDoc for getSequence 2023-10-06 15:23:58 +00:00
Robert Marsh ec292ca4e1 Swift: Split for-each change note into two lines 2023-10-06 15:21:55 +00:00
Geoffrey White 66637e8c03 Swift: Autoformat. 2023-10-05 18:53:30 +01:00
Geoffrey White 81d4ec1e98 pragma node 2023-10-05 18:30:50 +01:00
Geoffrey White fdcc6b482d Swift: Simplify allowImplicitRead slightly. 2023-10-05 16:42:43 +01:00
Geoffrey White 7ddece1560 Swift: Update .expected after merge. 2023-10-05 16:20:56 +01:00
Geoffrey White 6bea7f89a8 Merge branch 'main' into sqlpathinject2 2023-10-05 16:15:37 +01:00
Geoffrey White e31ca58a2f Swift: Post-merge fix. 2023-10-05 15:45:22 +01:00
Geoffrey White 17894db501 Merge branch 'main' into conversions2 2023-10-05 15:33:05 +01:00
Robert Marsh a402bfcfb0 Swift: update for-in change note 2023-10-04 20:05:11 +00:00
Robert Marsh 5dd7c14d36 Swift: add getSequence back to ForEachStmt 2023-10-04 20:05:00 +00:00
Robert Marsh 9c3b72cf3f Swift: remove TODO comment 2023-10-04 15:59:12 +00:00
Robert Marsh 00068d6157 Merge branch 'main' into rdmarsh2/swift/for-in 
Fix conflict in AST test output
 2023-10-04 15:58:36 +00:00
github-actions[bot] 9fe993bec3 Release preparation for version 2.15.0 2023-10-04 14:15:27 +00:00
Robert Marsh b5f1296cc2
Swift: Use getFullyConverted in CFG generation 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-10-04 09:44:48 -04:00
Robert Marsh f7ca8e5b39
Merge pull request #14224 from rdmarsh2/rdmarsh2/swift/nil-coalescing-cfg 
Swift: CFG and data flow for nil coalescing operator
 2023-10-04 09:43:31 -04:00
Henry Mercer 99646ba2a3
Merge pull request #14367 from github/henrymercer/rc-3.11-mergeback 
Merge `rc/3.11` into `main`
 2023-10-04 10:05:38 +01:00
Robert Marsh 06da5fd05c Swift: move import to make codegen happy 2023-10-03 17:23:00 +00:00
Geoffrey White d258f69ab0
Merge pull request #14329 from geoffw0/sinks 
Swift: Update summary queries
 2023-10-03 17:39:00 +01:00
Geoffrey White 34b33e1577
Merge pull request #14328 from geoffw0/debugdesc 
Swift: Model .description, .debugDescription more generally
 2023-10-03 17:37:22 +01:00
Henry Mercer da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
Henry Mercer f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Robert Marsh cdef0796e3 Swift: QLDoc for NilCoalescingExpr.qll 2023-10-03 15:00:03 +00:00
Robert Marsh 497f0aa8ab Swift: sync test files and update expectation 2023-10-03 14:57:04 +00:00
Geoffrey White 0f1711fe1e Swift: Test insertMany. 2023-10-02 23:04:07 +01:00
Geoffrey White bbd3c66d5a Swift: Update for CollectionContent. 2023-10-02 20:32:24 +01:00
Geoffrey White 81b358a711 Swift: Replace a similar additional taint step in another query. 2023-10-02 20:19:40 +01:00
Geoffrey White 27bdee8058 Swift: Replace additional taint step with implict read. 
Now that we have array content, this is a more principled approach than having a special case data step.
 2023-10-02 20:19:30 +01:00
Robert Marsh ca722dc74c Swift: add NilCoalescingTest node to CFG 
Fixes an issue where a nil-coalescing operation used in a boolean
context would result in no control flow out of the default operand of
the nil-coalescing operator.
 2023-10-02 18:07:11 +00:00
Geoffrey White db5e0ff7a8 Swift: Autoformat. 2023-10-02 16:06:38 +01:00
Geoffrey White 3d552d7d5d Swift: Simplify FloatPoint model now that it works to do so. 2023-10-02 11:59:26 +01:00
Geoffrey White 3265d49a98 Swift: Remove duplicate row. 2023-10-02 11:59:26 +01:00
Geoffrey White f83456a398 Swift: Change note. 2023-10-02 11:59:25 +01:00
Geoffrey White c61edc13e7 Swift: Model RangeReplaceableCollection initializers. 2023-10-02 11:59:25 +01:00
Geoffrey White 0c534b69eb Swift: Extend Numeric models. 2023-10-02 11:59:25 +01:00
Geoffrey White 2863a14cd1 Swift: Add more tests for Arrays. 2023-10-02 11:59:24 +01:00
Geoffrey White df1bc1a597 Swift: Add more tests for Numerics. 2023-10-02 11:59:24 +01:00
Asger F 0d96ed8aee
Merge pull request #14305 from asgerf/shared/flow-state-inout-barriers 
Shared: add in/out barriers with flow state
 2023-09-28 11:07:23 +02:00
Geoffrey White 8e9ca7bc26 Swift: Improve RegexEvals.ql and summary regex reporting. 2023-09-28 08:31:45 +01:00
Robert Marsh 9975a18a29 Swift: Hopefully fix codegen test failure 2023-09-27 20:06:13 +00:00
Geoffrey White e4e4c5be61 Swift: Make QL-for-QL happy. 2023-09-27 19:12:04 +01:00
Geoffrey White 98b2ef0a2f Swift: Autoformat. 2023-09-27 19:09:23 +01:00
Geoffrey White 87696e58ab Swift: Break the 'taint reach' metric off into its own query (it's expensive to compute). 2023-09-27 18:34:55 +01:00
Geoffrey White ec573bdda8 Swift: Clean up and improve consistency. 2023-09-27 18:34:40 +01:00
Geoffrey White ee83ad730b Swift: Add a summary query for regex evals. 2023-09-27 18:34:32 +01:00
Geoffrey White 9f1332bdb2 Swift: Add a summary query for query sinks. 2023-09-27 18:34:32 +01:00
Geoffrey White e6dc4d324f Swift: Change note. 2023-09-27 16:58:59 +01:00
Geoffrey White b6f0160760 Swift: Effect on recently added tests. 2023-09-27 16:52:31 +01:00
Geoffrey White 6a2911ae01 Swift: Make the tests more accurate. 2023-09-27 16:39:55 +01:00
Geoffrey White 086002f7cb Swift: Add a general model for description, debugDescription. 2023-09-27 16:39:54 +01:00
Geoffrey White f12e45b243 Swift: Delete the specific description, debugDescription models. 2023-09-27 16:39:54 +01:00
Robert Marsh 293400a623 Swift: change note for for-in dataflow 2023-09-26 15:13:05 +00:00
Robert Marsh ae1072e09f Merge branch 'main' into rdmarsh2/swift/for-in 2023-09-26 15:12:46 +00:00
Geoffrey White 49d47a3da4
Merge pull request #14209 from geoffw0/regexport 
Swift: Port regex mode flag fix from Python to Swift
 2023-09-26 15:41:10 +01:00
Geoffrey White eb78d401da Swift: Add to change note. 2023-09-26 14:56:32 +01:00
Geoffrey White 6b0271d4e5 Swift: Address review comment. 2023-09-26 13:40:46 +01:00
Geoffrey White 7a450c9941 Swift: Change note for mode flags. 2023-09-26 13:40:46 +01:00
Geoffrey White 33a5ba04cb Swift: Add explanatory comments and (minimal) support for additional regex mode flags. 2023-09-26 13:40:46 +01:00
Robert Marsh 92fdb7a35f Swift: finish upgrade script for for-in PR 2023-09-25 20:13:52 +00:00
Geoffrey White f9a617c714 Swift: Change note. 2023-09-25 20:31:00 +01:00
Geoffrey White 51ed824adf Swift: Add more SQLite.swift models. 2023-09-25 20:30:59 +01:00
Geoffrey White 6be01eac04 Swift: Add implict read steps for dictionary content. 2023-09-25 20:30:59 +01:00
Geoffrey White 4350060b0f Swift: Add SQLite.swift models. 2023-09-25 20:30:59 +01:00
Geoffrey White 839b9635b9 Swift: Effect of fixing string interpolation bug. 2023-09-25 20:30:58 +01:00
Geoffrey White 16ae637238 Swift: Add sqlite3 models. 2023-09-25 20:30:48 +01:00
Geoffrey White 4245a38de9 Swift: Add SQLite.swift and sqlite3 C API test cases for swift/cleartext-storage-database. 2023-09-25 20:30:48 +01:00
Anders Schack-Mulligen 06cb277eb0
Merge pull request #14299 from aschackmull/dataflow/more-defaults 
Dataflow: Make use of defaults for language-specific hooks.
 2023-09-25 11:19:44 +02:00
Asger F d501856519 Update DataFlowImpl.qll copies 2023-09-25 10:05:29 +02:00
Robert Marsh 325d6f738c Swift: add expr types to for-in upgrade script 2023-09-22 18:14:37 +00:00
Robert Marsh 5b77e7db8a Swift: for-in upgrade script passing CFG test 2023-09-22 17:44:45 +00:00
Geoffrey White ab6e8b9ecd
Merge pull request #14252 from geoffw0/protocol3 
Swift: Improve getABaseType implementions
 2023-09-22 18:13:12 +01:00
Geoffrey White 2c9433c621
Merge pull request #13946 from geoffw0/arraysteptest 
Swift: Models and tests for numeric conversions
 2023-09-22 16:26:38 +01:00
Anders Schack-Mulligen 66da997b7b Dataflow: Make use of defaults for language-specific hooks. 2023-09-22 14:54:22 +02:00
Geoffrey White ab54f0cc6c
Merge pull request #14286 from geoffw0/interp 
Swift: Fix bug in taint flow through string interpolation
 2023-09-22 08:52:56 +01:00
Geoffrey White f2689dd515 Swift: Fix for string interpolation taint flow. 2023-09-21 19:02:16 +01:00
Geoffrey White c7be9b42b3 Swift: Test demonstrating an issue with taint through string interpolation. 2023-09-21 19:02:06 +01:00
Geoffrey White 05309810b8
Merge pull request #14266 from geoffw0/quickfix 
Swift: Improve taint models for NSString
 2023-09-21 13:09:01 +01:00
Anders Schack-Mulligen 13f7daf71e
Merge pull request #13982 from aschackmull/dataflow/typeflow-calledge-pruning 
Dataflow: Add type-based call-edge pruning.
 2023-09-21 13:33:08 +02:00
Geoffrey White fef5a49fcb Swift: Remove now duplicate extension logic. 2023-09-20 15:36:15 +01:00
github-actions[bot] 3acf5244b0 Post-release preparation for codeql-cli-2.14.6 2023-09-20 10:25:10 +00:00
Geoffrey White af315c5072 Swift: Change note. 2023-09-19 23:02:14 +01:00
Geoffrey White 1b74b49bb3 Swift: Improve NSString models for varargs functions. 2023-09-19 23:02:14 +01:00
Robert Marsh 30b30695e4 Swift: WIP upgrade script for for-each refactor 2023-09-19 19:28:05 +00:00
Geoffrey White f8c5a9a264 Swift: Test localizedStringWithFormat a bit better. 2023-09-19 18:43:54 +01:00
Geoffrey White ae159924a3 Swift: Add numeric barrier to the regular expression injection query as well. 2023-09-19 16:21:43 +01:00
Geoffrey White 935b7600ca Swift: Fix typos. 2023-09-19 15:19:00 +01:00
Geoffrey White e011951e1f Swift: Added change note for the new barriers. 2023-09-19 14:59:27 +01:00
Geoffrey White 32a2930c2f Swift: Accept bad tag filter test fixes. 2023-09-19 14:47:56 +01:00
Geoffrey White 5975546098 Swift: Add numeric barrier for predicate injection query as well. 2023-09-19 14:33:24 +01:00
Geoffrey White 2983295ba3 Swift: Add numeric barrier for uncontrolled format string query. 2023-09-19 14:33:23 +01:00
Geoffrey White f98de85e36 Swift: Add numeric barrier for command injection query. 2023-09-19 14:33:23 +01:00
Geoffrey White 903b0f5bab Swift: Add numeric barrier for the SQL Injinjection query. 2023-09-19 14:33:23 +01:00
Geoffrey White ee9a5c751c Swift: Add numeric barrier for to the JS eval query. 2023-09-19 14:33:22 +01:00
Geoffrey White 158008ac4f Swift: New results in tests. 2023-09-19 13:08:08 +01:00
github-actions[bot] 0a3670727f Release preparation for version 2.14.6 2023-09-19 11:40:30 +00:00
Geoffrey White 48d1b667cf Swift: Autoformat. 2023-09-19 11:22:12 +01:00
Geoffrey White 2d05b85bb4 Swift: Fix uses of legacy CArrayElement. 2023-09-19 11:20:05 +01:00
Geoffrey White 311daa2539 Swift: Accept fixed test case having merged in main. 2023-09-19 10:39:59 +01:00
Geoffrey White 037f246cda Merge branch 'main' into arraysteptest 2023-09-19 10:33:32 +01:00
Geoffrey White 34240f7328 Swift: Accept generated changes. 2023-09-19 10:08:08 +01:00
Geoffrey White bcf990b362 Swift: Add change note. 2023-09-18 22:17:43 +01:00
Geoffrey White df29f3974b Swift: Update uses of getABaseType() and similar to do things correctly now. 2023-09-18 20:50:47 +01:00
Geoffrey White 37edcad1b0 Swift: Go through protocols added in extensions also. 2023-09-18 20:03:08 +01:00
Geoffrey White f604b28ab5 Swift: Resolve type aliases (1) in base class declarations, not before them and (2) consistently. This is not behaviour preserving. 2023-09-18 20:01:46 +01:00
Geoffrey White c78f5ce4cc Swift: Move NominalType.getABaseType() implementation out from NominalType (inconsistent, difficult to find) to Type. 2023-09-18 20:00:22 +01:00
Geoffrey White b048268042 Swift: Add some QLDoc. 2023-09-18 20:00:19 +01:00
Geoffrey White 4f39cb65c2 ed test 2023-09-18 19:59:59 +01:00
Geoffrey White ef8a997c99 Swift: Extend the test. 2023-09-18 19:37:20 +01:00
Paolo Tranquilli dc299fc9fa
Merge pull request #14208 from github/redsun82/swift-unordered-base-types 
Swift: rename `base_types` in `TypeDecl` to `inherited_types`
 2023-09-18 14:21:20 +02:00
Geoffrey White 86b0fae77e Swift: Update uses of deprecated ArrayContent. 2023-09-18 10:28:45 +01:00
Geoffrey White d15420c42c Swift: Consequences of change in main on the test internals. 2023-09-18 10:07:23 +01:00
Geoffrey White c3ea0cea91 Merge branch 'main' into logfix 2023-09-18 10:00:16 +01:00
Robert Marsh 2b54ad58b0 Swift: change note for nil-coalesing operator 2023-09-15 20:44:05 +00:00
Robert Marsh eddca7f3f6 Swift: autoformat for for-in changes 2023-09-14 16:48:19 +00:00
Robert Marsh ab7cd5254a Swift: update dataflow test for nil coalescing 2023-09-14 16:28:00 +00:00
Robert Marsh 9a5fa42dbe Swift: CFG for nil coalescing operator 2023-09-14 16:16:30 +00:00
Robert Marsh 56b646a74c Merge branch 'main' into rdmarsh2/swift/for-in 2023-09-14 14:14:06 +00:00
Robert Marsh 55546fe61c
Merge pull request #14205 from rdmarsh2/rdmarsh2/swift/unify-array-collection-content 
Swift: Unify `ArrayContent` and `CollectionContent`
 2023-09-14 10:08:37 -04:00
Robert Marsh dd01da4938 Swift: AST and CFG tests for nil coalescing 2023-09-14 13:26:41 +00:00
Mathias Vorreiter Pedersen 6ce7a56b41
Merge pull request #14190 from github/alexdenisov/await-inconsistencies 
Swift: fix CFG for identity expressions (await, dot_self, parent)
 2023-09-14 14:15:31 +01:00
Robert Marsh 62953cb250
Swift: document "ArrayElement" case in MaD 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-09-14 09:11:35 -04:00
Robert Marsh 6ad78eba05 Swift: ArrayContent aliased to CollectionContent 2023-09-14 13:08:36 +00:00
Paolo Tranquilli 168aca0af4 Swift: add release notes 2023-09-14 10:25:16 +02:00
Paolo Tranquilli fc51f4a80e Swift: add update/downgrade scripts 2023-09-14 10:22:59 +02:00
Paolo Tranquilli 270c6407f0 Swift: accept test changes 2023-09-14 10:18:41 +02:00
Paolo Tranquilli 8d02bcc3cb Swift: change non-generated `TypeDecl.ql` 2023-09-14 10:18:24 +02:00
Paolo Tranquilli 4d3aecfff6 Swift: rename `base_types` to `syntactic_base_types` in `TypeDecl` 2023-09-14 10:03:52 +02:00
Robert Marsh e0fae764f1 Swift: move IteratorProtocol model to its own file 2023-09-13 20:09:17 +00:00
Robert Marsh 20de4c625c Swift: autoformat DataFlowPrivate 2023-09-13 18:57:27 +00:00
Robert Marsh 86bd2168ec Swift: breaking change note for array content removal 2023-09-13 18:34:30 +00:00
Robert Marsh 0b66be5f07 Swift: restore ArrayElement as an alias for CollectionElement 2023-09-13 18:29:03 +00:00
Robert Marsh 43ca192ceb Swift: remove ArrayContent in UnsafeJsEvalQuery 2023-09-13 18:26:06 +00:00
Geoffrey White 6aa8daeeb6 Swift: Fix inline expectations. 2023-09-13 19:06:54 +01:00
Geoffrey White 535a69cd8b Merge branch 'main' into logfix 2023-09-13 19:01:52 +01:00
Geoffrey White e109892388
Merge pull request #14189 from geoffw0/protocol2 
Swift: Consistent additional taint steps between the cleartext-* queries
 2023-09-13 18:44:20 +01:00
Geoffrey White d01a3e26d6 Swift: Change note. 2023-09-13 18:20:49 +01:00
Geoffrey White 200d9a4dfb Swift: Port regex mode flag character fix from Python. 2023-09-13 18:19:02 +01:00