Merge upstream codeql-cli-2.22.3.
#266
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Many of the unsafe deserialization sinks have to stay defined in QL because they have custom logic that cannot be expressed in MaD models.
…n-pointer-calls C++: Don't wrap calls through function pointers in `FunctionWithWrappers`
C++: Add test that shows that IR generation for `<=>` is broken
C++: Support the spaceship operator in the IR
C#: Improve some existing manual models.
Go: Fix compilation of DataFlowImplConsistency.qll
Make a proper shared library out of the concept related libraries
Overlay: Enable overlay compilation for Java
…ion-mad-sinks Java: allow the definition of `java/unsafe-deserialization` sinks using data extensions
…pstream fix qhelp files
Ql4ql: Quality query tagging.
Java: Add AnnotatedExitNodes to the CFG.
…al-variable.md Co-authored-by: Geoffrey White <[email protected]>
…s and the internal ones. Let's only import the internal ones.
…-dataflow-ssa C++: Expose SSA definitions from dataflow
Rust: Add metric for DCA and debug predicates for type that reach the length limit
```
Evaluated relational algebra for predicate TypeInference::closureParameterPath/2#9d0bf423#bbf@ba08cc1s with tuple counts:
565067 ~172652% {2} r1 = JOIN `Callable::Callable.getParam/1#dispred#ce0254b3_01#count_range` WITH `Callable::Generated::Callable.getNumberOfParams/0#dispred#abb45996` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
24684 ~11784% {3} | JOIN WITH Type::TTupleTypeParameter#5ca17706 ON FIRST 2 OUTPUT Rhs.2, Lhs.1, Lhs.0
2970 ~1391% {3} | JOIN WITH `TypeInference::TypePath::singleton/1#ee45de3b` ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Rhs.1
664 ~242% {4} | JOIN WITH `Stdlib::FnOnceTrait.getTypeParam/0#dispred#93f20bbc` CARTESIAN PRODUCT OUTPUT Rhs.1, Lhs.0, Lhs.1, Lhs.2
303 ~49% {4} | JOIN WITH Type::TDynTraitTypeParameter#e16268df ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3
198 ~0% {8} | JOIN WITH `TypeInference::TypePath::singleton/1#ee45de3b` ON FIRST 1 OUTPUT Lhs.1, Lhs.2, _, _, Rhs.1, Lhs.3, _, _
{4} | REWRITE WITH Out.2 := (In.4 ++ In.5), Tmp.3 := (In.4 ++ In.5), Tmp.6 := "[0-9]+", Tmp.7 := "", Out.3 := regexpReplaceAll(Tmp.3,Tmp.6,Tmp.7) KEEPING 4
198 ~0% {6} | SCAN OUTPUT In.0, In.1, In.2, _, In.3, _
{4} | REWRITE WITH Out.3 := length(In.4), Tmp.5 := 10, TEST Out.3 <= Tmp.5 KEEPING 4
198 ~0% {3} | SCAN OUTPUT In.1, In.0, In.2
877984 ~1444714% {1} r2 = SCAN `CallExprBase::CallExprBase.getArg/1#dispred#d775f13d` OUTPUT In.1
299888 ~83707% {3} | JOIN WITH Type::TTupleTypeParameter#5ca17706_102#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.0, Rhs.2
515462762 ~59140% {4} | JOIN WITH `CallExprBase::Generated::CallExprBase.getNumberOfArgs/0#dispred#0975fe12_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0, Lhs.2
9429188 ~25728933% {3} | JOIN WITH TypeInference::InvokedClosureExpr#24e5dacb_1#join_rhs ON FIRST 1 OUTPUT Lhs.3, Lhs.1, Lhs.2
53669 ~142315% {3} | JOIN WITH `TypeInference::TypePath::singleton/1#ee45de3b` ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Rhs.1
4003 ~10522% {4} | JOIN WITH `Stdlib::FnOnceTrait.getTypeParam/0#dispred#93f20bbc` CARTESIAN PRODUCT OUTPUT Rhs.1, Lhs.0, Lhs.1, Lhs.2
370 ~910% {4} | JOIN WITH Type::TDynTraitTypeParameter#e16268df ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3
148 ~293% {8} | JOIN WITH `TypeInference::TypePath::singleton/1#ee45de3b` ON FIRST 1 OUTPUT Lhs.1, Lhs.2, _, _, Rhs.1, Lhs.3, _, _
{4} | REWRITE WITH Out.2 := (In.4 ++ In.5), Tmp.3 := (In.4 ++ In.5), Tmp.6 := "[0-9]+", Tmp.7 := "", Out.3 := regexpReplaceAll(Tmp.3,Tmp.6,Tmp.7) KEEPING 4
148 ~316% {6} | SCAN OUTPUT In.0, In.1, In.2, _, In.3, _
{4} | REWRITE WITH Out.3 := length(In.4), Tmp.5 := 10, TEST Out.3 <= Tmp.5 KEEPING 4
148 ~293% {3} | SCAN OUTPUT In.1, In.0, In.2
346 ~75% {3} r3 = r1 UNION r2
return r3
```
and
```
Evaluated relational algebra for predicate TypeInference::fnParameterPath/2#4dea2880#bbf@d56000vi with tuple counts:
1 ~0% {1} r1 = SCAN `Stdlib::FnOnceTrait.getTypeParam/0#dispred#93f20bbc` OUTPUT In.1
1 ~0% {1} | JOIN WITH Type::TTypeParamTypeParameter#868c69a5 ON FIRST 1 OUTPUT Rhs.1
1 ~0% {1} | JOIN WITH `TypeInference::TypePath::singleton/1#ee45de3b` ON FIRST 1 OUTPUT Rhs.1
877984 ~1350201% {2} | JOIN WITH `ArgList::Generated::ArgList.getArg/1#dispred#b07adc80` CARTESIAN PRODUCT OUTPUT Rhs.1, Lhs.0
321252 ~90755% {4} | JOIN WITH Type::TTupleTypeParameter#5ca17706_102#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0, Rhs.2
553043191 ~65412% {5} | JOIN WITH `CallExprBase::Generated::CallExprBase.getNumberOfArgs/0#dispred#0975fe12_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.0, Lhs.3
10089088 ~26772053% {4} | JOIN WITH TypeInference::InvokedClosureExpr#24e5dacb_1#join_rhs ON FIRST 1 OUTPUT Lhs.4, Lhs.1, Lhs.2, Lhs.3
57729 ~157423% {8} | JOIN WITH `TypeInference::TypePath::singleton/1#ee45de3b` ON FIRST 1 OUTPUT Lhs.2, Lhs.3, _, _, Lhs.1, Rhs.1, _, _
{4} | REWRITE WITH Out.2 := (In.4 ++ In.5), Tmp.3 := (In.4 ++ In.5), Tmp.6 := "[0-9]+", Tmp.7 := "", Out.3 := regexpReplaceAll(Tmp.3,Tmp.6,Tmp.7) KEEPING 4
57729 ~157423% {6} | SCAN OUTPUT In.0, In.1, In.2, _, In.3, _
{4} | REWRITE WITH Out.3 := length(In.4), Tmp.5 := 10, TEST Out.3 <= Tmp.5 KEEPING 4
57729 ~157423% {3} | SCAN OUTPUT In.1, In.0, In.2
return r1
```
C++: Static variables are initialized to zero or null by compiler
Rust: Add type inference test cases resembling missing call targets in SQLx.
Rust: Fix two bad joins introduced by magic
Release preparation for version 2.22.3
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merges upstream
codeql-cli-2.22.3into main.