Mark Shannon
73095c53b8
Python: Add another AST test.
2019-01-17 11:24:41 +00:00
Mark Shannon
7b8468d81b
Python: Add bulk regression test for CFG successors.
2019-01-16 11:48:58 +00:00
Mark Shannon
e506bf85e8
Python: Add some regression tests for CFG of comparisons.
2019-01-16 11:45:20 +00:00
Mark Shannon
d1d898efac
Python: Add regression test for code that proved problematic with the new parser.
2019-01-16 11:44:11 +00:00
Mark Shannon
bc4301f7b1
Python: Add an extra test for import parsing.
2019-01-16 11:32:59 +00:00
Mark Shannon
b8a91d4b1e
Python tests: Add a few tests to check parsing and location of comparisons.
2019-01-16 11:27:57 +00:00
Mark Shannon
b4e8808582
Python, Exec used query: Remove restriction that call to exec function must be Python 3. For upcoming unified parser.
2019-01-16 10:19:35 +00:00
Mark Shannon
c9a929fb23
Python tests: Increase import depth to ensure sre_constants module is imported.
2019-01-14 11:18:36 +00:00
Mark Shannon
33a2315ba0
Python tests: Increase import depth to ensure sre_constants module is imported.
2019-01-11 12:15:56 +00:00
Geoffrey White
28261d6787
Merge pull request #737 from jbj/cfg-perf
...
C++: QL CFG performance and tweaks
2019-01-10 14:45:53 +00:00
semmle-qlci
f474fdd0f9
Merge pull request #731 from xiemaisi/js/performance-fiddling
...
Approved by asger-semmle, esben-semmle
2019-01-10 10:01:02 +00:00
Jonas Jensen
9219214d64
Merge pull request #695 from raulgarciamsft/users/raulga/c6324
...
cpp - Using the return value of a strcpy or related string copy function in an if statement
2019-01-10 08:34:17 +01:00
semmle-qlci
79734603ce
Merge pull request #734 from xiemaisi/js/remove-deprecated
...
Approved by esben-semmle
2019-01-09 15:20:04 +00:00
Calum Grant
89becbce9a
Merge pull request #726 from hvitved/csharp/cfg/foreach-multi-variables
...
C#: Fix CFG for `foreach` statements with tuple declarations
2019-01-09 14:47:01 +00:00
Jonas Jensen
9146b8e32e
C++: Add example of conditional destruction
...
The QL CFG and extractor CFG are the same, so the test passes. Neither
of them model that `ref` may or may not be destructed.
2019-01-09 15:02:25 +01:00
Jonas Jensen
8ac826a62a
C++: Factor out base case of normalGroupMember
...
This recursive predicate is made faster by working around a known
optimizer problem (QL-796) that causes the optimizer to insert extra
type checks in recursive case even when they are only needed in the
base case.
2019-01-09 15:02:25 +01:00
Jonas Jensen
c74b89119e
C++: Reorder parameters to subEdge relations
...
This improves performance slightly by putting the parameters in the
order in which they'll be needed in `qlCFGSuccessor`.
2019-01-09 14:58:43 +01:00
ian-semmle
b3bcabf7c6
Merge pull request #724 from jbj/cfg-pr
...
C++: Construct a CFG with QL
2019-01-09 13:12:39 +00:00
Calum Grant
bd9a2d71ba
Merge pull request #719 from hvitved/csharp/autoformat/queries
...
C#: Autoformat QL queries
2019-01-09 10:48:22 +00:00
Max Schaefer
89447846f1
JavaScript: Add change note.
2019-01-09 09:24:22 +00:00
Max Schaefer
97e6c75b94
JavaScript: Remove a few other deprecated predicates and classes.
2019-01-09 09:23:59 +00:00
Max Schaefer
db8e436046
JavaScript: Remove deprecated flow tracking predicates.
2019-01-09 09:23:59 +00:00
Max Schaefer
8a93c6aa65
JavaScript: Remove a few deprecated classes.
2019-01-09 09:23:59 +00:00
Max Schaefer
5d1d94ebf1
JavaScript: Remove deprecated old call graph library.
2019-01-09 09:23:59 +00:00
Max Schaefer
db713fb359
JavaScript: Remove deprecated backward-compatibility layer in security libraries.
2019-01-09 09:23:59 +00:00
Max Schaefer
feb9693fea
JavaScript: Remove old data flow library.
2019-01-09 09:23:59 +00:00
semmle-qlci
688647491e
Merge pull request #727 from xiemaisi/js/restructure-sourcenode
...
Approved by esben-semmle
2019-01-09 08:01:26 +00:00
yh-semmle
b8f53b5c6a
Merge pull request #733 from aschackmull/java/remove-old-dataflow
...
Java: Remove old dataflow library.
2019-01-08 14:59:27 -05:00
yh-semmle
d4f2a07a77
Merge pull request #732 from aschackmull/java/conditional-bypass-precision
...
Java: Reduce precision of java/user-controlled-bypass.
2019-01-08 14:58:58 -05:00
yh-semmle
b0364e3592
Merge pull request #729 from aschackmull/java/intmulttolong
...
Java: Restrict attention to integral types in IntMultToLong.
2019-01-08 14:40:22 -05:00
yh-semmle
a09394da1b
Merge pull request #730 from aschackmull/java/gcd
...
Java: Switch to built-in gcd.
2019-01-08 14:38:05 -05:00
Jonas Jensen
1be91b5df5
C++: Use IPA for Pos and Spec
...
This is cleaner than extending `int` and working with magic numbers.
Performance appears to be unaffected.
2019-01-08 16:23:11 +01:00
Anders Schack-Mulligen
0a9222b772
Java: Add change note.
2019-01-08 15:50:14 +01:00
Anders Schack-Mulligen
51f5198404
Java: Remove old dataflow library.
2019-01-08 13:52:24 +01:00
Jonas Jensen
dba3351d2c
C++: Update comments based on PR feedback
2019-01-08 13:29:03 +01:00
Anders Schack-Mulligen
ab44e5603c
Java: Reduce precision of java/user-controlled-bypass.
2019-01-08 13:07:34 +01:00
Anders Schack-Mulligen
06e48ca19f
Java: Update test.
2019-01-08 11:57:54 +01:00
Max Schaefer
8951eaead3
JavaScript: Improve caching of `getACallee` and related predicates.
2019-01-08 09:42:44 +00:00
Max Schaefer
627583fffa
JavaScript: Refactor `UselessConditional` for performance.
2019-01-08 09:40:49 +00:00
Anders Schack-Mulligen
9530eb6cdb
Java: Switch to built-in gcd.
2019-01-08 10:07:51 +01:00
Max Schaefer
de429752d1
JavaScript: Restructure implementation of `DataFlow::SourceNode`.
...
It now uses a facade pattern similar to `InvokeNode`: the range of the class is defined by an abstract class `DataFlow::SourceNode::Range`, while the actual behaviour is defined by the (no longer abstract) `SourceNode` class itself.
Clients that want to add new source nodes need to extend `DataFlow::SourceNode::Range`, those that want to refine the behaviour of existing source nodes should extend `DataFlow::SourceNode` itself.
While this is technically a breaking API change, I think separating the two aspects in this way is cleaner and makes it easier to use, and improves performance as well.
2019-01-08 08:01:20 +00:00
semmle-qlci
8b8b352439
Merge pull request #715 from xiemaisi/js/autoformat
...
Approved by asger-semmle
2019-01-07 22:09:05 +00:00
Raul Garcia
18bb6696e0
Fixing conditional only issue.
...
I changed to detect any logical operation usage (i.e. !, ==), but I kept usage in a conditional directly as a separate detection condition. I found no false positives on the projects you shared with me previously.
2019-01-07 10:44:11 -08:00
yh-semmle
0b19f41093
Merge pull request #728 from aschackmull/java/qltest-qlpath
...
Java: Add .qlpath to the test dir.
2019-01-07 11:34:45 -05:00
Anders Schack-Mulligen
203c9fb9d8
Java: Restrict attention to integral types in IntMultToLong.
2019-01-07 14:27:52 +01:00
Anders Schack-Mulligen
e0d3be7dbc
Java: Add .qlpath to the test dir.
2019-01-07 13:25:20 +01:00
Calum Grant
6f827140d7
Merge pull request #710 from hvitved/csharp/extractor/standalone-runtimes
...
C#: Improve logic for looking up .NET runtime in standalone mode
2019-01-07 10:22:17 +00:00
Max Schaefer
31bb39a810
JavaScript: Autoformat all QL files.
2019-01-07 10:15:45 +00:00
Max Schaefer
aa6b89dc34
Merge pull request #723 from Semmle/qlucie/master
...
Master-to-next merge
2019-01-07 07:59:54 +00:00
Raul Garcia
880306c621
Removing duplicated results
2019-01-04 10:45:43 -08:00