Skip to content
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: github/codeql
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 50f80f22583eb7c204fe3699c60bfe1d35b8e8b5
Choose a base ref
..
head repository: github/codeql
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 1bbb3fde963929c577e53f99338144fc8d23617c
Choose a head ref
Showing with 12,460 additions and 10,536 deletions.
  1. +72 −72 Cargo.lock
  2. +18 −18 MODULE.bazel
  3. +4 −0 cpp/ql/lib/change-notes/2025-01-13-indirect-instruction-barrier-guard.md
  4. +22 −0 cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll
  5. +30 −0 cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
  6. +21 −3 cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll
  7. +2 −2 cpp/ql/lib/semmle/code/cpp/rangeanalysis/RangeAnalysisUtils.qll
  8. +43 −34 cpp/ql/lib/semmle/code/cpp/rangeanalysis/SimpleRangeAnalysis.qll
  9. +9,769 −9,404 cpp/ql/lib/semmlecode.cpp.dbscheme.stats
  10. +31 −0 cpp/ql/src/Security/CWE/CWE-120/UnboundedWrite.ql
  11. +9 −0 cpp/ql/test/library-tests/dataflow/ir-barrier-guards/test.cpp
  12. 0 cpp/ql/test/library-tests/dataflow/ir-barrier-guards/test.expected
  13. +42 −0 cpp/ql/test/library-tests/dataflow/ir-barrier-guards/test.ql
  14. +264 −191 cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/lowerBound.expected
  15. +63 −3 cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/ternaryLower.expected
  16. +63 −3 cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/ternaryUpper.expected
  17. +24 −0 cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/test.c
  18. +264 −191 cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/upperBound.expected
  19. +6 −0 csharp/extractor/Semmle.Extraction.CSharp/Entities/Types/TypeParameterConstraints.cs
  20. +4 −0 csharp/ql/lib/change-notes/2025-01-03-allow-ref-struct.md
  21. +8 −5 csharp/ql/lib/semmle/code/csharp/Conversion.qll
  22. +6 −0 csharp/ql/lib/semmle/code/csharp/Generics.qll
  23. +30 −2 csharp/ql/lib/semmle/code/csharp/Type.qll
  24. +29 −9 csharp/ql/lib/semmle/code/csharp/Unification.qll
  25. +1 −1 csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
  26. +3 −0 csharp/ql/test/library-tests/conversion/boxing/Boxing.cs
  27. +2 −2 csharp/ql/test/library-tests/csharp11/PrintAst.expected
  28. +2 −2 csharp/ql/test/library-tests/csharp7.2/PrintAst.expected
  29. +2 −4 csharp/ql/test/library-tests/csharp7.2/RefStructs.ql
  30. +1 −0 csharp/ql/test/library-tests/dispatch/CallContext.expected
  31. +3 −0 csharp/ql/test/library-tests/dispatch/CallGraph.expected
  32. +3 −0 csharp/ql/test/library-tests/dispatch/GetADynamicTarget.expected
  33. +30 −0 csharp/ql/test/library-tests/dispatch/ViableCallable.cs
  34. +19 −0 csharp/ql/test/library-tests/typeparameterconstraints/TypeParameterConstraints.cs
  35. +24 −0 csharp/ql/test/library-tests/typeparameterconstraints/typeParameterConstraints.expected
  36. +39 −0 csharp/ql/test/library-tests/typeparameterconstraints/typeParameterConstraints.ql
  37. +8 −0 csharp/ql/test/library-tests/unification/Unification.cs
  38. +36 −0 csharp/ql/test/library-tests/unification/Unification.expected
  39. +1 −0 java/kotlin-extractor/src/main/java/com/semmle/util/process/Env.java
  40. +4 −1 java/kotlin-extractor/src/main/java/com/semmle/util/trap/pathtransformers/PathTransformer.java
  41. +93 −0 java/ql/integration-tests/java/javac-tool-custom-file/Compiler.java
  42. +1 −0 java/ql/integration-tests/java/javac-tool-custom-file/test.expected
  43. +5 −0 java/ql/integration-tests/java/javac-tool-custom-file/test.py
  44. +5 −0 java/ql/integration-tests/java/javac-tool-custom-file/test.ql
  45. +6 −0 java/ql/lib/change-notes/2024-12-18-javac-tool-interception.md
  46. +5 −0 java/ql/lib/change-notes/2025-01-03-path-transformer.md
  47. +2 −2 java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll
  48. +32 −23 java/ql/lib/semmle/code/java/security/Encryption.qll
  49. +3 −1 java/ql/src/Likely Bugs/Serialization/MissingVoidConstructorsOnSerializable.qhelp
  50. +3 −2 java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql
  51. +4 −0 java/ql/src/change-notes/2024-11-29-java-weak-crypto-algorithm-explanation.md
  52. +4 −0 java/ql/test/library-tests/Encryption/Test.java
  53. +2 −2 java/ql/test/library-tests/Encryption/cryptoalgospec.expected
  54. +11 −7 java/ql/test/library-tests/Encryption/insecure.expected
  55. +7 −3 java/ql/test/library-tests/Encryption/insecure.ql
  56. +2 −2 java/ql/test/library-tests/Encryption/secure.expected
  57. +2 −2 java/ql/test/query-tests/security/CWE-327/semmle/tests/BrokenCryptoAlgorithm.expected
  58. +18 −18 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bazel
  59. +1 −1 ...el/3rdparty/tree_sitter_extractors_deps/{BUILD.bitflags-2.6.0.bazel → BUILD.bitflags-2.7.0.bazel}
  60. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.chalk-derive-0.98.0.bazel
  61. +1 −1 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.chalk-ir-0.98.0.bazel
  62. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/{BUILD.clap-4.5.24.bazel → BUILD.clap-4.5.26.bazel}
  63. +1 −1 ...y/tree_sitter_extractors_deps/{BUILD.clap_builder-4.5.24.bazel → BUILD.clap_builder-4.5.26.bazel}
  64. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.clap_derive-4.5.24.bazel
  65. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.darling_core-0.20.10.bazel
  66. +1 −1 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.darling_macro-0.20.10.bazel
  67. +1 −1 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.libredox-0.1.3.bazel
  68. +3 −3 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.notify-6.1.1.bazel
  69. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.pear_codegen-0.2.9.bazel
  70. +3 −3 ...rty/tree_sitter_extractors_deps/{BUILD.proc-macro2-1.0.92.bazel → BUILD.proc-macro2-1.0.93.bazel}
  71. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.proc-macro2-diagnostics-0.10.1.bazel
  72. +1 −1 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.quote-1.0.38.bazel
  73. +1 −1 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra-ap-rustc_abi-0.87.0.bazel
  74. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra-ap-rustc_index_macros-0.87.0.bazel
  75. +14 −14 ...ee_sitter_extractors_deps/{BUILD.ra_ap_base_db-0.0.257.bazel → BUILD.ra_ap_base_db-0.0.258.bazel}
  76. +5 −5 ...party/tree_sitter_extractors_deps/{BUILD.ra_ap_cfg-0.0.257.bazel → BUILD.ra_ap_cfg-0.0.258.bazel}
  77. +1 −1 ...ee_sitter_extractors_deps/{BUILD.ra_ap_edition-0.0.257.bazel → BUILD.ra_ap_edition-0.0.258.bazel}
  78. +21 −21 ...party/tree_sitter_extractors_deps/{BUILD.ra_ap_hir-0.0.257.bazel → BUILD.ra_ap_hir-0.0.258.bazel}
  79. +22 −22 ...ee_sitter_extractors_deps/{BUILD.ra_ap_hir_def-0.0.257.bazel → BUILD.ra_ap_hir_def-0.0.258.bazel}
  80. +23 −23 ...ter_extractors_deps/{BUILD.ra_ap_hir_expand-0.0.257.bazel → BUILD.ra_ap_hir_expand-0.0.258.bazel}
  81. +18 −18 ...tree_sitter_extractors_deps/{BUILD.ra_ap_hir_ty-0.0.257.bazel → BUILD.ra_ap_hir_ty-0.0.258.bazel}
  82. +18 −18 ...tree_sitter_extractors_deps/{BUILD.ra_ap_ide_db-0.0.257.bazel → BUILD.ra_ap_ide_db-0.0.258.bazel}
  83. +1 −1 ...tree_sitter_extractors_deps/{BUILD.ra_ap_intern-0.0.257.bazel → BUILD.ra_ap_intern-0.0.258.bazel}
  84. +1 −1 ...y/tree_sitter_extractors_deps/{BUILD.ra_ap_limit-0.0.257.bazel → BUILD.ra_ap_limit-0.0.258.bazel}
  85. +21 −21 ...ter_extractors_deps/{BUILD.ra_ap_load-cargo-0.0.257.bazel → BUILD.ra_ap_load-cargo-0.0.258.bazel}
  86. +15 −15 ...party/tree_sitter_extractors_deps/{BUILD.ra_ap_mbe-0.0.257.bazel → BUILD.ra_ap_mbe-0.0.258.bazel}
  87. +5 −5 ...tree_sitter_extractors_deps/{BUILD.ra_ap_parser-0.0.257.bazel → BUILD.ra_ap_parser-0.0.258.bazel}
  88. +1 −1 ...y/tree_sitter_extractors_deps/{BUILD.ra_ap_paths-0.0.257.bazel → BUILD.ra_ap_paths-0.0.258.bazel}
  89. +11 −11 ...actors_deps/{BUILD.ra_ap_proc_macro_api-0.0.257.bazel → BUILD.ra_ap_proc_macro_api-0.0.258.bazel}
  90. +1 −1 ...ee_sitter_extractors_deps/{BUILD.ra_ap_profile-0.0.257.bazel → BUILD.ra_ap_profile-0.0.258.bazel}
  91. +15 −15 ...tractors_deps/{BUILD.ra_ap_project_model-0.0.257.bazel → BUILD.ra_ap_project_model-0.0.258.bazel}
  92. +2 −2 ...y/tree_sitter_extractors_deps/{BUILD.ra_ap_salsa-0.0.257.bazel → BUILD.ra_ap_salsa-0.0.258.bazel}
  93. +3 −3 ...extractors_deps/{BUILD.ra_ap_salsa-macros-0.0.257.bazel → BUILD.ra_ap_salsa-macros-0.0.258.bazel}
  94. +8 −8 ...rty/tree_sitter_extractors_deps/{BUILD.ra_ap_span-0.0.257.bazel → BUILD.ra_ap_span-0.0.258.bazel}
  95. +1 −1 ...rty/tree_sitter_extractors_deps/{BUILD.ra_ap_stdx-0.0.257.bazel → BUILD.ra_ap_stdx-0.0.258.bazel}
  96. +5 −5 ...tree_sitter_extractors_deps/{BUILD.ra_ap_syntax-0.0.257.bazel → BUILD.ra_ap_syntax-0.0.258.bazel}
  97. +13 −13 ...tractors_deps/{BUILD.ra_ap_syntax-bridge-0.0.257.bazel → BUILD.ra_ap_syntax-bridge-0.0.258.bazel}
  98. +1 −1 ...itter_extractors_deps/{BUILD.ra_ap_toolchain-0.0.257.bazel → BUILD.ra_ap_toolchain-0.0.258.bazel}
  99. +5 −5 ...rdparty/tree_sitter_extractors_deps/{BUILD.ra_ap_tt-0.0.257.bazel → BUILD.ra_ap_tt-0.0.258.bazel}
  100. +5 −5 ...party/tree_sitter_extractors_deps/{BUILD.ra_ap_vfs-0.0.257.bazel → BUILD.ra_ap_vfs-0.0.258.bazel}
  101. +7 −7 ...ter_extractors_deps/{BUILD.ra_ap_vfs-notify-0.0.257.bazel → BUILD.ra_ap_vfs-notify-0.0.258.bazel}
  102. +1 −1 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.redox_syscall-0.5.8.bazel
  103. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_derive-1.0.217.bazel
  104. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_with_macros-3.12.0.bazel
  105. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/{BUILD.syn-2.0.95.bazel → BUILD.syn-2.0.96.bazel}
  106. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.synstructure-0.13.1.bazel
  107. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-1.0.69.bazel
  108. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tracing-attributes-0.1.28.bazel
  109. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.wasm-bindgen-backend-0.2.99.bazel
  110. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.wasm-bindgen-macro-support-0.2.99.bazel
  111. +2 −2 misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.zerocopy-derive-0.7.35.bazel
  112. +198 −198 misc/bazel/3rdparty/tree_sitter_extractors_deps/defs.bzl
  113. +2 −1 python/ql/lib/semmle/python/dataflow/new/TypeTracking.qll
  114. +2 −2 python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
  115. +2 −1 ruby/ql/lib/codeql/ruby/typetracking/TypeTracking.qll
  116. +2 −2 ruby/ql/lib/codeql/ruby/typetracking/internal/TypeTrackingImpl.qll
  117. +2 −2 rust/ast-generator/Cargo.toml
  118. +15 −15 rust/extractor/Cargo.toml
  119. +1 −1 rust/extractor/macros/Cargo.toml
  120. +11 −4 rust/extractor/src/config.rs
  121. +11 −1 rust/extractor/src/main.rs
  122. +1 −1 rust/ql/lib/codeql/rust/Frameworks.qll
  123. +1 −1 rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll
  124. 0 rust/ql/lib/codeql/rust/frameworks/{ → rustcrypto}/RustCrypto.qll
  125. +10 −0 rust/ql/lib/codeql/rust/frameworks/rustcrypto/rustcrypto.model.yml
  126. +1 −1 rust/ql/lib/codeql/rust/security/SensitiveData.qll
  127. +200 −0 rust/ql/lib/codeql/rust/security/WeakSensitiveDataHashingExtensions.qll
  128. +118 −0 rust/ql/src/queries/security/CWE-328/WeakSensitiveDataHashing.qhelp
  129. +116 −0 rust/ql/src/queries/security/CWE-328/WeakSensitiveDataHashing.ql
  130. +10 −0 rust/ql/src/queries/security/CWE-328/WeakSensitiveDataHashingBad.rs
  131. +11 −0 rust/ql/src/queries/security/CWE-328/WeakSensitiveDataHashingGood.rs
  132. +2 −2 rust/ql/test/library-tests/dataflow/taint/TaintFlowStep.expected
  133. +60 −0 rust/ql/test/query-tests/security/CWE-328/WeakSensitiveDataHashing.expected
  134. +4 −0 rust/ql/test/query-tests/security/CWE-328/WeakSensitiveDataHashing.qlref
  135. +12 −0 rust/ql/test/query-tests/security/CWE-328/options.yml
  136. +160 −0 rust/ql/test/query-tests/security/CWE-328/test.rs
  137. +2 −2 shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
  138. +8 −3 shared/typetracking/codeql/typetracking/TypeTracking.qll
  139. +2 −1 shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll
Loading