Skip to content

Commit 0f24247

Browse files
RasmusWLRasmusWL
authored
Merge branch 'main' into experimental-cleanup
2 parents 0dca8a5 + 9957e26 commit 0f24247

File tree

905 files changed

+54530
-37333
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

905 files changed

+54530
-37333
lines changed

.github/workflows/go-tests-other-os.yml

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,15 +7,17 @@ on:
77
- .github/workflows/go-tests-other-os.yml
88
- .github/actions/**
99
- codeql-workspace.yml
10+
env:
11+
GO_VERSION: '~1.21.0'
1012
jobs:
1113
test-mac:
1214
name: Test MacOS
1315
runs-on: macos-latest
1416
steps:
15-
- name: Set up Go 1.20
17+
- name: Set up Go ${{ env.GO_VERSION }}
1618
uses: actions/setup-go@v4
1719
with:
18-
go-version: '1.20'
20+
go-version: ${{ env.GO_VERSION }}
1921
id: go
2022

2123
- name: Check out code
@@ -47,10 +49,10 @@ jobs:
4749
name: Test Windows
4850
runs-on: windows-latest-xl
4951
steps:
50-
- name: Set up Go 1.20
52+
- name: Set up Go ${{ env.GO_VERSION }}
5153
uses: actions/setup-go@v4
5254
with:
53-
go-version: '1.20'
55+
go-version: ${{ env.GO_VERSION }}
5456
id: go
5557

5658
- name: Check out code

.github/workflows/go-tests.yml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,15 +15,17 @@ on:
1515
- .github/workflows/go-tests.yml
1616
- .github/actions/**
1717
- codeql-workspace.yml
18+
env:
19+
GO_VERSION: '~1.21.0'
1820
jobs:
1921
test-linux:
2022
name: Test Linux (Ubuntu)
2123
runs-on: ubuntu-latest-xl
2224
steps:
23-
- name: Set up Go 1.20
25+
- name: Set up Go ${{ env.GO_VERSION }}
2426
uses: actions/setup-go@v4
2527
with:
26-
go-version: '1.20'
28+
go-version: ${{ env.GO_VERSION }}
2729
id: go
2830

2931
- name: Check out code

config/identical-files.json

Lines changed: 0 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -32,16 +32,6 @@
3232
"ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForPathname.qll",
3333
"swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl1.qll"
3434
],
35-
"TaintTracking Java/C++/C#/Go/Python/Ruby/Swift": [
36-
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTracking.qll",
37-
"cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTracking.qll",
38-
"csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTracking.qll",
39-
"go/ql/lib/semmle/go/dataflow/internal/tainttracking1/TaintTracking.qll",
40-
"java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTracking.qll",
41-
"python/ql/lib/semmle/python/dataflow/new/internal/tainttracking1/TaintTracking.qll",
42-
"ruby/ql/lib/codeql/ruby/dataflow/internal/tainttracking1/TaintTracking.qll",
43-
"swift/ql/lib/codeql/swift/dataflow/internal/tainttracking1/TaintTracking.qll"
44-
],
4535
"TaintTracking Legacy Configuration Java/C++/C#/Go/Python/Ruby/Swift": [
4636
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll",
4737
"cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll",
@@ -483,10 +473,6 @@
483473
"ruby/ql/lib/codeql/ruby/security/internal/SensitiveDataHeuristics.qll",
484474
"swift/ql/lib/codeql/swift/security/internal/SensitiveDataHeuristics.qll"
485475
],
486-
"CFG": [
487-
"csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImplShared.qll",
488-
"swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImplShared.qll"
489-
],
490476
"TypeTracker": [
491477
"python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll",
492478
"ruby/ql/lib/codeql/ruby/typetracking/TypeTracker.qll"

cpp/ql/lib/change-notes/2023-08-24-no-taint-argv-indirections.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
---
2+
category: minorAnalysis
3+
---
4+
* Only the 2 level indirection of `argv` (corresponding to `**argv`) is consided for `FlowSource`.

cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking.qll

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,10 @@ import semmle.code.cpp.dataflow.DataFlow2
2525
* global (inter-procedural) taint-tracking analyses.
2626
*/
2727
deprecated module TaintTracking {
28-
import semmle.code.cpp.dataflow.internal.tainttracking1.TaintTracking
28+
import semmle.code.cpp.dataflow.internal.tainttracking1.TaintTrackingParameter::Public
29+
private import semmle.code.cpp.dataflow.internal.DataFlowImplSpecific
30+
private import semmle.code.cpp.dataflow.internal.TaintTrackingImplSpecific
31+
private import codeql.dataflow.TaintTracking
32+
import TaintFlowMake<CppOldDataFlow, CppOldTaintTracking>
2933
import semmle.code.cpp.dataflow.internal.tainttracking1.TaintTrackingImpl
3034
}

cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingImplSpecific.qll

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
/**
2+
* Provides C++-specific definitions for use in the taint tracking library.
3+
*/
4+
5+
private import codeql.dataflow.TaintTracking
6+
private import DataFlowImplSpecific
7+
8+
module CppOldTaintTracking implements InputSig<CppOldDataFlow> {
9+
import TaintTrackingUtil
10+
}

cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingUtil.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ predicate defaultAdditionalTaintStep(DataFlow::Node src, DataFlow::Node sink) {
3939
* of `c` at sinks and inputs to additional taint steps.
4040
*/
4141
bindingset[node]
42-
predicate defaultImplicitTaintRead(DataFlow::Node node, DataFlow::Content c) { none() }
42+
predicate defaultImplicitTaintRead(DataFlow::Node node, DataFlow::ContentSet c) { none() }
4343

4444
/**
4545
* Holds if `node` should be a sanitizer in all global taint flow configurations

cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTracking.qll

Lines changed: 0 additions & 75 deletions
This file was deleted.

cpp/ql/lib/semmle/code/cpp/dataflow/new/TaintTracking.qll

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,10 @@ import semmle.code.cpp.dataflow.new.DataFlow2
2323
* global (inter-procedural) taint-tracking analyses.
2424
*/
2525
module TaintTracking {
26-
import semmle.code.cpp.ir.dataflow.internal.tainttracking1.TaintTracking
26+
import semmle.code.cpp.ir.dataflow.internal.tainttracking1.TaintTrackingParameter::Public
27+
private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific
28+
private import semmle.code.cpp.ir.dataflow.internal.TaintTrackingImplSpecific
29+
private import codeql.dataflow.TaintTracking
30+
import TaintFlowMake<CppDataFlow, CppTaintTracking>
2731
import semmle.code.cpp.ir.dataflow.internal.tainttracking1.TaintTrackingImpl
2832
}

cpp/ql/lib/semmle/code/cpp/ir/dataflow/TaintTracking.qll

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,10 @@ import semmle.code.cpp.ir.dataflow.DataFlow
1919
import semmle.code.cpp.ir.dataflow.DataFlow2
2020

2121
module TaintTracking {
22-
import semmle.code.cpp.ir.dataflow.internal.tainttracking1.TaintTracking
22+
import semmle.code.cpp.ir.dataflow.internal.tainttracking1.TaintTrackingParameter::Public
23+
private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific
24+
private import semmle.code.cpp.ir.dataflow.internal.TaintTrackingImplSpecific
25+
private import codeql.dataflow.TaintTracking
26+
import TaintFlowMake<CppDataFlow, CppTaintTracking>
2327
import semmle.code.cpp.ir.dataflow.internal.tainttracking1.TaintTrackingImpl
2428
}

0 commit comments

Comments
 (0)