Skip to content

Commit

Permalink
Merge pull request #14443 from github/post-release-prep/codeql-cli-2.…
Browse files Browse the repository at this point in the history
…15.0

Post-release preparation for codeql-cli-2.15.0
  • Loading branch information
henrymercer authored Oct 11, 2023
2 parents a31f946 + ae6af17 commit 1a370bf
Show file tree
Hide file tree
Showing 157 changed files with 447 additions and 238 deletions.
10 changes: 10 additions & 0 deletions cpp/ql/lib/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,13 @@
## 0.10.0

### Minor Analysis Improvements

* Functions that do not return due to calling functions that don't return (e.g. `exit`) are now detected as
non-returning in the IR and dataflow.
* Treat functions that reach the end of the function as returning in the IR.
They used to be treated as unreachable but it is allowed in C.
* The `DataFlow::asDefiningArgument` predicate now takes its argument from the range starting at `1` instead of `2`. Queries that depend on the single-parameter version of `DataFlow::asDefiningArgument` should have their arguments updated accordingly.

## 0.9.3

No user-facing changes.
Expand Down

This file was deleted.

5 changes: 0 additions & 5 deletions cpp/ql/lib/change-notes/2023-09-07-return-from-end.md

This file was deleted.

5 changes: 0 additions & 5 deletions cpp/ql/lib/change-notes/2023-09-08-more-unreachble.md

This file was deleted.

9 changes: 9 additions & 0 deletions cpp/ql/lib/change-notes/released/0.10.0.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
## 0.10.0

### Minor Analysis Improvements

* Functions that do not return due to calling functions that don't return (e.g. `exit`) are now detected as
non-returning in the IR and dataflow.
* Treat functions that reach the end of the function as returning in the IR.
They used to be treated as unreachable but it is allowed in C.
* The `DataFlow::asDefiningArgument` predicate now takes its argument from the range starting at `1` instead of `2`. Queries that depend on the single-parameter version of `DataFlow::asDefiningArgument` should have their arguments updated accordingly.
2 changes: 1 addition & 1 deletion cpp/ql/lib/codeql-pack.release.yml
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.9.3
lastReleaseVersion: 0.10.0
2 changes: 1 addition & 1 deletion cpp/ql/lib/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/cpp-all
version: 0.10.0-dev
version: 0.10.1-dev
groups: cpp
dbscheme: semmlecode.cpp.dbscheme
extractor: cpp
Expand Down
9 changes: 6 additions & 3 deletions cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,10 @@ private int isSource(Expr bufferExpr, Element why) {
)
}

/** Same as `getBufferSize`, but with the `why` column projected away to prevent large duplications. */
pragma[nomagic]
int getBufferSizeProj(Expr bufferExpr) { result = getBufferSize(bufferExpr, _) }

/**
* Get the size in bytes of the buffer pointed to by an expression (if this can be determined).
*/
Expand All @@ -87,15 +91,14 @@ int getBufferSize(Expr bufferExpr, Element why) {
why = bufferVar and
parentPtr = bufferExpr.(VariableAccess).getQualifier() and
parentPtr.getTarget().getUnspecifiedType().(PointerType).getBaseType() = parentClass and
result = getBufferSize(parentPtr, _) + bufferSize - parentClass.getSize()
result = getBufferSizeProj(parentPtr) + bufferSize - parentClass.getSize()
|
if exists(bufferVar.getType().getSize())
then bufferSize = bufferVar.getType().getSize()
else bufferSize = 0
)
or
// dataflow (all sources must be the same size)
result = unique(Expr def | DataFlow::localExprFlowStep(def, bufferExpr) | getBufferSize(def, _)) and
// find reason
result = unique(Expr def | DataFlow::localExprFlowStep(def, bufferExpr) | getBufferSizeProj(def)) and
exists(Expr def | DataFlow::localExprFlowStep(def, bufferExpr) | exists(getBufferSize(def, why)))
}
13 changes: 13 additions & 0 deletions cpp/ql/src/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,16 @@
## 0.8.0

### Query Metadata Changes

* The `cpp/double-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`.
* The `cpp/use-after-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`.

### Minor Analysis Improvements

* The queries `cpp/double-free` and `cpp/use-after-free` find fewer false positives
in cases where a non-returning function is called.
* The number of duplicated dataflow paths reported by queries has been significantly reduced.

## 0.7.5

No user-facing changes.
Expand Down
4 changes: 0 additions & 4 deletions cpp/ql/src/change-notes/2023-09-06-deduplicated-results.md

This file was deleted.

5 changes: 0 additions & 5 deletions cpp/ql/src/change-notes/2023-09-08-unreachble-edges.md

This file was deleted.

4 changes: 0 additions & 4 deletions cpp/ql/src/change-notes/2023-10-03-double-free.md

This file was deleted.

4 changes: 0 additions & 4 deletions cpp/ql/src/change-notes/2023-10-03-use-after-free.md

This file was deleted.

12 changes: 12 additions & 0 deletions cpp/ql/src/change-notes/released/0.8.0.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
## 0.8.0

### Query Metadata Changes

* The `cpp/double-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`.
* The `cpp/use-after-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`.

### Minor Analysis Improvements

* The queries `cpp/double-free` and `cpp/use-after-free` find fewer false positives
in cases where a non-returning function is called.
* The number of duplicated dataflow paths reported by queries has been significantly reduced.
2 changes: 1 addition & 1 deletion cpp/ql/src/codeql-pack.release.yml
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.7.5
lastReleaseVersion: 0.8.0
2 changes: 1 addition & 1 deletion cpp/ql/src/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/cpp-queries
version: 0.8.0-dev
version: 0.8.1-dev
groups:
- cpp
- queries
Expand Down
4 changes: 4 additions & 0 deletions csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
## 1.7.0

No user-facing changes.

## 1.6.5

No user-facing changes.
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 1.7.0

No user-facing changes.
2 changes: 1 addition & 1 deletion csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 1.6.5
lastReleaseVersion: 1.7.0
2 changes: 1 addition & 1 deletion csharp/ql/campaigns/Solorigate/lib/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/csharp-solorigate-all
version: 1.7.0-dev
version: 1.7.1-dev
groups:
- csharp
- solorigate
Expand Down
4 changes: 4 additions & 0 deletions csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
## 1.7.0

No user-facing changes.

## 1.6.5

No user-facing changes.
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 1.7.0

No user-facing changes.
2 changes: 1 addition & 1 deletion csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 1.6.5
lastReleaseVersion: 1.7.0
2 changes: 1 addition & 1 deletion csharp/ql/campaigns/Solorigate/src/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/csharp-solorigate-queries
version: 1.7.0-dev
version: 1.7.1-dev
groups:
- csharp
- solorigate
Expand Down
4 changes: 4 additions & 0 deletions csharp/ql/lib/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
## 0.8.0

No user-facing changes.

## 0.7.5

No user-facing changes.
Expand Down
3 changes: 3 additions & 0 deletions csharp/ql/lib/change-notes/released/0.8.0.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.8.0

No user-facing changes.
2 changes: 1 addition & 1 deletion csharp/ql/lib/codeql-pack.release.yml
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.7.5
lastReleaseVersion: 0.8.0
2 changes: 1 addition & 1 deletion csharp/ql/lib/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/csharp-all
version: 0.8.0-dev
version: 0.8.1-dev
groups: csharp
dbscheme: semmlecode.csharp.dbscheme
extractor: csharp
Expand Down
6 changes: 6 additions & 0 deletions csharp/ql/src/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
## 0.8.0

### New Queries

* Added a new query, `cs/web/insecure-direct-object-reference`, to find instances of missing authorization checks for resources selected by an ID parameter.

## 0.7.5

No user-facing changes.
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
---
category: newQuery
---
* Added a new query, `cs/web/insecure-direct-object-reference`, to find instances of missing authorization checks for resources selected by an ID parameter.
## 0.8.0

### New Queries

* Added a new query, `cs/web/insecure-direct-object-reference`, to find instances of missing authorization checks for resources selected by an ID parameter.
2 changes: 1 addition & 1 deletion csharp/ql/src/codeql-pack.release.yml
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.7.5
lastReleaseVersion: 0.8.0
2 changes: 1 addition & 1 deletion csharp/ql/src/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/csharp-queries
version: 0.8.0-dev
version: 0.8.1-dev
groups:
- csharp
- queries
Expand Down
6 changes: 6 additions & 0 deletions go/ql/lib/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
## 0.7.0

### Minor Analysis Improvements

* Added Numeric and Boolean types to SQL injection sanitzers.

## 0.6.5

No user-facing changes.
Expand Down

This file was deleted.

5 changes: 5 additions & 0 deletions go/ql/lib/change-notes/released/0.7.0.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
## 0.7.0

### Minor Analysis Improvements

* Added Numeric and Boolean types to SQL injection sanitzers.
2 changes: 1 addition & 1 deletion go/ql/lib/codeql-pack.release.yml
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.6.5
lastReleaseVersion: 0.7.0
2 changes: 1 addition & 1 deletion go/ql/lib/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/go-all
version: 0.7.0-dev
version: 0.7.1-dev
groups: go
dbscheme: go.dbscheme
extractor: go
Expand Down
4 changes: 4 additions & 0 deletions go/ql/src/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
## 0.7.0

No user-facing changes.

## 0.6.5

No user-facing changes.
Expand Down
3 changes: 3 additions & 0 deletions go/ql/src/change-notes/released/0.7.0.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.7.0

No user-facing changes.
2 changes: 1 addition & 1 deletion go/ql/src/codeql-pack.release.yml
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.6.5
lastReleaseVersion: 0.7.0
2 changes: 1 addition & 1 deletion go/ql/src/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/go-queries
version: 0.7.0-dev
version: 0.7.1-dev
groups:
- go
- queries
Expand Down
4 changes: 4 additions & 0 deletions java/ql/automodel/src/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
## 0.0.5

No user-facing changes.

## 0.0.4

No user-facing changes.
Expand Down
3 changes: 3 additions & 0 deletions java/ql/automodel/src/change-notes/released/0.0.5.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.0.5

No user-facing changes.
2 changes: 1 addition & 1 deletion java/ql/automodel/src/codeql-pack.release.yml
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.4
lastReleaseVersion: 0.0.5
2 changes: 1 addition & 1 deletion java/ql/automodel/src/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/java-automodel-queries
version: 0.0.5-dev
version: 0.0.6-dev
groups:
- java
- automodel
Expand Down
18 changes: 18 additions & 0 deletions java/ql/lib/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,21 @@
## 0.8.0

### New Features

* Kotlin versions up to 1.9.20 are now supported.

### Minor Analysis Improvements

* Fixed a control-flow bug where case rule statements would incorrectly include a fall-through edge.
* Added support for default cases as proper guards in switch expressions to match switch statements.
* Improved the class `ArithExpr` of the `Overflow.qll` module to also include compound operators. Because of this, new alerts may be raised in queries related to overflows/underflows.
* Added new dataflow models for the Apache CXF framework.
* Regular expressions containing multiple parse mode flags are now interpretted correctly. For example `"(?is)abc.*"` with both the `i` and `s` flags.

### Bug Fixes

* The regular expressions library no longer incorrectly matches mode flag characters against the input.

## 0.7.5

No user-facing changes.
Expand Down
4 changes: 0 additions & 4 deletions java/ql/lib/change-notes/2023-07-20-regex-parse-modes.md

This file was deleted.

4 changes: 0 additions & 4 deletions java/ql/lib/change-notes/2023-08-23-apache-cxf-models.md

This file was deleted.

4 changes: 0 additions & 4 deletions java/ql/lib/change-notes/2023-09-12-kotlin-1.9.20.md

This file was deleted.

4 changes: 0 additions & 4 deletions java/ql/lib/change-notes/2023-09-12-regex-mode-flag-groups.md

This file was deleted.

4 changes: 0 additions & 4 deletions java/ql/lib/change-notes/2023-09-19-arithexpr-assignop.md

This file was deleted.

5 changes: 0 additions & 5 deletions java/ql/lib/change-notes/2023-09-28-case-rule-stmt-cfg-fix.md

This file was deleted.

17 changes: 17 additions & 0 deletions java/ql/lib/change-notes/released/0.8.0.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
## 0.8.0

### New Features

* Kotlin versions up to 1.9.20 are now supported.

### Minor Analysis Improvements

* Fixed a control-flow bug where case rule statements would incorrectly include a fall-through edge.
* Added support for default cases as proper guards in switch expressions to match switch statements.
* Improved the class `ArithExpr` of the `Overflow.qll` module to also include compound operators. Because of this, new alerts may be raised in queries related to overflows/underflows.
* Added new dataflow models for the Apache CXF framework.
* Regular expressions containing multiple parse mode flags are now interpretted correctly. For example `"(?is)abc.*"` with both the `i` and `s` flags.

### Bug Fixes

* The regular expressions library no longer incorrectly matches mode flag characters against the input.
Loading

0 comments on commit 1a370bf

Please sign in to comment.