Skip to content

Mergeback rc/1.24 -> master #3512

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hvitved merged 13 commits into from
May 19, 2020
Merged

Mergeback rc/1.24 -> master #3512

hvitved merged 13 commits into from
May 19, 2020

Conversation

@jbj
Copy link
Contributor

@jbj jbj commented May 19, 2020

No description provided.

james and others added 12 commits May 12, 2020 11:33
docs remove info about metrics from codeql docs
cf03e61
@jf205 @shati-patel
Update docs/language/learn-ql/writing-queries/query-metadata.rst
85ebe04 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
@jf205
Merge pull request github#3449 from jf205/sd-38
a6c03a4 
CodeQL docs: remove information about metric queries
@shati-patel
CodeQL docs migration: Delete ql-spec Sphinx project
cb2f7c4
@shati-patel
Merge pull request github#3469 from shati-patel/delete-spec
3af98aa 
CodeQL docs migration: Delete `ql-spec` Sphinx project
@jbj
C++: Move identical declarations to shared.h file
cc00f0f 
This cleans up the test results, which were confusing because functions
like `sink` had multiple locations.

There are some additional results now involving casts to `const char *`
because previously it varied whether `sink` used `const`, and now it
always does.
docs: remove gh variable
06f465b
@jf205
Merge pull request github#3495 from jf205/java-article-fix
bd6d2d8 
CodeQL docs: remove stray GH variable
@jbj
C++: Test virtual dispatch field conflation
f2402c5 
This test demonstrates that IR data flow conflates unrelated fields of a
global struct-typed variable and that this bug is not present in the old
AST-based implementation of `semmle.code.cpp.security.TaintTracking`.
@jbj
C++: Fix struct field conflation in IR data flow
76e194c 
The virtual-dispatch code for globals was missing any relationship
between the union field access and the global variable, which meant it
propagated function-pointer flow between any two fields of a global
struct. This resulted in false positives from
`cpp/tainted-format-string` on projects using SDL, such as
WohlSoft/PGE-Project.

In addition to fixing that bug, this commit also brings the code up to
date with the new style of modeling flow through global variables:
`DataFlow::Node.asVariable()`.
@alexet
Merge pull request github#3501 from jbj/dispatch-global-union
57dbe57 
C++: Fix struct field conflation in IR data flow
@jbj
Merge remote-tracking branch 'upstream/rc/1.24' into mergeback-2020-0…
5318d42 
…5-19
@jbj jbj added the Mergeback label May 19, 2020
@jbj jbj requested review from a team, jf205 and shati-patel as code owners May 19, 2020 12:49
shati-patel
shati-patel previously approved these changes May 19, 2020
View reviewed changes
Copy link
Contributor

@shati-patel shati-patel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Documentation changes look good ✔️

@jbj
Merge remote-tracking branch 'upstream/master' into mergeback-2020-05-19
d38700a 
Conflicts:
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
@jbj
Copy link
Contributor Author

jbj commented May 19, 2020

A conflict appeared because #3511 was merged, so I merged from master into this PR to resolve it.

@hvitved hvitved merged commit f0f833b into github:master May 19, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shati-patel shati-patel shati-patel approved these changes

@jf205 jf205 Awaiting requested review from jf205

Assignees

No one assigned

Labels

Mergeback

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@jbj @shati-patel @hvitved @jf205 @alexet