semmle-qlci
d9c7549dbe
Merge pull request #2279 from max-schaefer/js/touchstone-files
...
Approved by asger-semmle
2019-11-08 14:33:23 +00:00
shati-patel
fe654a9c99
update to match support page
2019-11-08 14:32:59 +00:00
shati-patel
3f51260fb4
Docs: Update sidebar
2019-11-08 14:04:44 +00:00
Esben Sparre Andreasen
9b346b1d52
Merge pull request #2260 from max-schaefer/js/_min
...
JavaScript: Classify files with names ending in `_min` as minified.
2019-11-08 13:52:33 +01:00
Rasmus Wriedt Larsen
358964b1e2
Python: Accept changes in Python 2 specific six tests
...
We don't use a locked-down version of six, so some internal things probably
changed from the version used last time, and the versoin I have installed.
Long term fix would be to use a specific version of six for tests!
2019-11-08 13:49:52 +01:00
Rasmus Wriedt Larsen
6c259e5608
Python: Temporarily accept changes in Python 2 specific MRO tests
...
Due to internal PR#35123 we now actually run the tests under
`python/ql/test/2/...`
These seems like a regression, since the tests state that N is ok, but A and J
should not be allowed.
For now we can accept them, so we don't block all other Python PRs
2019-11-08 13:48:21 +01:00
Rasmus Wriedt Larsen
89a13213e2
Python: Accept changes in Python 2 specific tests
...
Due to internal PR#35123 we now actually run the tests under
`python/ql/test/2/...`
Since we haven't done this in a while, test output has changed a bit. These
changes look perfectly fine.
2019-11-08 13:48:14 +01:00
Tom Hvitved
af5c60c341
C#: Use type unification library in virtual dispatch library
2019-11-08 12:06:05 +01:00
Tom Hvitved
f4b92137d9
C#: Add more virtual dispatch tests
2019-11-08 12:06:05 +01:00
Tom Hvitved
ae54852fa4
C#: Add type unification library
2019-11-08 12:06:05 +01:00
semmle-qlci
867ed16777
Merge pull request #2276 from asger-semmle/inclusion-test
...
Approved by max-schaefer
2019-11-08 10:57:11 +00:00
Max Schaefer
d7831d2680
JavaScript: Short-circuit bad-header check on empty files.
2019-11-08 10:30:53 +00:00
Felicity Chapman
8ed0d726ee
Merge pull request #2280 from jf205/codeql-homepage-links
...
docs: update banner links
2019-11-08 10:06:27 +00:00
james
0554de06a1
docs: update banner links
2019-11-08 09:32:20 +00:00
Max Schaefer
e8510fe71a
TypeScript: Skip Touchstone files.
2019-11-08 09:17:05 +00:00
Dave Bartolomeo
17f76c2516
C++: Fix merge conflicts
2019-11-07 22:02:15 -07:00
Ziemowit Laski
4ea8569081
[CPP-434] Squelch query alerts if ALL files were compiled
...
with `-fwrapv` or `-fno-strict-overflow`
2019-11-07 16:40:03 -08:00
Robert Marsh
2582b69e17
Merge branch 'master' of github.com:Semmle/ql into rdmarsh/cpp/ir-constructor-side-effects
2019-11-07 15:46:08 -08:00
Robert Marsh
e93dcdb16c
Merge branch 'master' into rdmarsh/cpp/ir-constructor-side-effects
2019-11-07 15:19:46 -08:00
Robert Marsh
f483ec152b
Merge branch 'master' of github.com:Semmle/ql into rdmarsh/cpp/uninit-string-initializers
2019-11-07 14:36:58 -08:00
Robert Marsh
ee185ea92e
Merge pull request #2273 from geoffw0/ntohl
...
CPP: Add tests of NtohlArrayNoBoundOpenSource.ql.
2019-11-07 14:06:32 -08:00
Robert Marsh
ae1377447e
C++: only generate uninits when needed
2019-11-07 13:55:49 -08:00
Dave Bartolomeo
6c1d219c86
Merge from master
2019-11-07 14:50:04 -07:00
Robert Marsh
c5396d9980
Merge pull request #2262 from jbj/ir-virtual-dispatch-local
...
C++: Rudimentary support for IR data flow virtual dispatch
2019-11-07 13:09:24 -08:00
Dave Bartolomeo
df1d64fbeb
Merge pull request #2244 from jbj/IRType-cached
...
C++: Minimal caching of the IR type system
2019-11-07 12:44:16 -07:00
Dave Bartolomeo
f808dcefab
Merge pull request #2277 from ian-semmle/cfg_diffs
...
C++: Remove tests for CFG differences
2019-11-07 12:41:40 -07:00
Dave Bartolomeo
64480c2ace
Merge pull request #1999 from jbj/ir-copy-unloaded-result
...
C++: Make sure there's a Instruction for each Expr
2019-11-07 12:31:54 -07:00
Dave Bartolomeo
2c88848d2f
Merge pull request #2272 from jbj/getIRTypeForPRValue-join-order
...
C++/C#: Fix getIRTypeForPRValue join order
2019-11-07 12:22:39 -07:00
Ian Lynagh
b5af4e5acd
C++: Remove tests for CFG differences
...
Now that we have switched over, they are no longer interesting.
2019-11-07 16:32:18 +00:00
igfoo
c8c37c4976
Merge pull request #2271 from matt-gretton-dann/cpp-172-template-members
...
Template members
2019-11-07 16:30:08 +00:00
shati-patel
ec2008d57a
Merge pull request #2275 from jf205/sd-4017
...
Learn CodeQL docs: add short note about new terminology
2019-11-07 16:12:12 +00:00
Asger F
812ee34bbc
JS: Use Files.exists() instead
2019-11-07 15:53:29 +00:00
semmle-qlci
e65271dfad
Merge pull request #2251 from asger-semmle/barrier-guard-improvements
...
Approved by esbena
2019-11-07 15:50:23 +00:00
semmle-qlci
f79c2a7630
Merge pull request #2224 from asger-semmle/access-paths-with-source-node-root
...
Approved by max-schaefer
2019-11-07 15:46:14 +00:00
James Fletcher
8178e3e671
Update docs/language/learn-ql/terminology-note.rst
...
Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
2019-11-07 14:40:04 +00:00
James Fletcher
d31ec56ea6
Update docs/language/learn-ql/index.rst
...
Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
2019-11-07 14:39:52 +00:00
Rasmus Wriedt Larsen
9ffb67a460
Merge pull request #2266 from tausbn/python-multiple-calls-to-init-join-order-fix
...
Python: Fix bad join order for `py/multiple-calls-to-init`.
2019-11-07 15:38:43 +01:00
Asger F
8544850945
JS: Generalize StringOps::Includes to ::InclusionTest
2019-11-07 14:35:17 +00:00
james
db2039d8a7
docs: learn codeql terminology note
2019-11-07 14:32:05 +00:00
semmle-qlci
2b120def01
Merge pull request #2211 from hvitved/csharp/unsafe-deserialization
...
Approved by jf205
2019-11-07 14:16:13 +00:00
Matthew Gretton-Dann
ddf1ef8a7d
C++: Add new test case for template member change
...
We now output literals for accesses to members of template parameters:
So for `foo` in the following example:
```
template<typename T> void bar(T& t) {
T.foo(1)
}
```
2019-11-07 14:08:25 +00:00
Matthew Gretton-Dann
c0884e9a88
C++: Update expected results.
2019-11-07 14:08:25 +00:00
Erik Krogh Kristensen
0c080a82be
fix expected output
2019-11-07 14:31:09 +01:00
Erik Krogh Kristensen
232e875274
add test for getEnclosingExpr
2019-11-07 14:29:31 +01:00
Erik Krogh Kristensen
e4f6f41634
add DataFlow::getEnclosingExpr to get the an Expr from a potentially reflective call
2019-11-07 14:29:31 +01:00
semmle-qlci
3a7f9a588d
Merge pull request #2267 from max-schaefer/js/qltest-extractor-options
...
Approved by asger-semmle
2019-11-07 11:36:45 +00:00
shati-patel
7394d5c726
Merge pull request #2242 from felicitymay/codeql/SD-4059-markdown
...
Docs: update terminology in markdown files (SD-4059)
2019-11-07 11:30:32 +00:00
Jonas Jensen
6385528d5f
C++/C#: Fix getIRTypeForPRValue join order
...
This predicate was taking 39s on a snapshot of Facebook Fizz because it
had disjuncts like this:
43685 ~0% {1} r34 = JOIN Type::FunctionPointerIshType#f AS L WITH Type::Type::getUnspecifiedType_dispred#ff_10#join_rhs AS R ON FIRST 1 OUTPUT R.<1>
43685 ~1% {2} r35 = JOIN r34 WITH CppType::getTypeSize#ff AS R ON FIRST 1 OUTPUT R.<1>, r34.<0>
170371500 ~2% {2} r36 = JOIN r35 WITH IRType::IRSizedType#ff_10#join_rhs AS R ON FIRST 1 OUTPUT R.<1>, r35.<1>
43685 ~6% {2} r37 = JOIN r36 WITH IRType::IRFunctionAddressType#class#ff AS R ON FIRST 1 OUTPUT r36.<1>, r36.<0>
Instead of fixing the joins in `getIRTypeForPRValue` itself, I've
changed the `IRType::getByteSize` predicate such that the optimiser
knows how to join with it efficiently.
The disjunct shown above now looks like this instead:
43685 ~0% {1} r26 = JOIN Type::FunctionPointerIshType#f AS L WITH Type::Type::getUnspecifiedType_dispred#ff_10#join_rhs AS R ON FIRST 1 OUTPUT R.<1>
43685 ~1% {2} r27 = JOIN r26 WITH CppType::getTypeSize#ff AS R ON FIRST 1 OUTPUT R.<1>, r26.<0>
43685 ~6% {2} r28 = JOIN r27 WITH IRType::IRFunctionAddressType::getByteSize#ff_10#join_rhs AS R ON FIRST 1 OUTPUT r27.<1>, R.<1>
2019-11-07 11:48:16 +01:00
Max Schaefer
e314869e5c
JavaScript: Classify files with names ending in `_min` as minified.
...
We already do the same for `-min` and `.min`. [Here](https://github.com/antoniogarrote/rdfstore-js/blob/master/dist/rdfstore_min.js ) is a real-world example.
2019-11-07 10:33:47 +00:00
Sauyon Lee
0040c9fb4c
Update links to OWASP cheat sheet
2019-11-06 20:21:47 -08:00