Merge branch 'main' into treesitter/bump2

.github/workflows/csharp-qltest.yml

@@ -84,7 +84,7 @@ jobs:
           dotnet test -p:RuntimeFrameworkVersion=8.0.1 extractor/Semmle.Util.Tests
           dotnet test -p:RuntimeFrameworkVersion=8.0.1 extractor/Semmle.Extraction.Tests
           dotnet test -p:RuntimeFrameworkVersion=8.0.1 autobuilder/Semmle.Autobuild.CSharp.Tests
-          dotnet test -p:RuntimeFrameworkVersion=8.0.1 "${{ github.workspace }}/cpp/autobuilder/Semmle.Autobuild.Cpp.Tests"
+          dotnet test -p:RuntimeFrameworkVersion=8.0.1 "${{ github.workspace }}/csharp/autobuilder/Semmle.Autobuild.Cpp.Tests"
         shell: bash
   stubgentest:
     runs-on: ubuntu-latest

CODEOWNERS

@@ -1,6 +1,7 @@
 /cpp/ @github/codeql-c-analysis
-/cpp/autobuilder/ @github/codeql-c-extractor
 /csharp/ @github/codeql-csharp
+/csharp/autobuilder/Semmle.Autobuild.Cpp @github/codeql-c-extractor
+/csharp/autobuilder/Semmle.Autobuild.Cpp.Tests @github/codeql-c-extractor
 /go/ @github/codeql-go
 /java/ @github/codeql-java
 /javascript/ @github/codeql-javascript

cpp/autobuilder/README.md

@@ -0,0 +1 @@
+The Windows autobuilder that used to live in this directory moved to `csharp/autobuilder/Semmle.Autobuild.Cpp`.

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.13.1
+
+No user-facing changes.
+
 ## 0.13.0
 
 ### Breaking Changes

cpp/ql/lib/change-notes/released/0.13.1.md

@@ -0,0 +1,3 @@
+## 0.13.1
+
+No user-facing changes.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.13.0
+lastReleaseVersion: 0.13.1

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.13.1-dev
+version: 0.13.2-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll

@@ -1844,9 +1844,6 @@ class TranslatedAssignExpr extends TranslatedNonConstantExpr {
     child = this.getRightOperand() and
     result = this.getLeftOperand().getFirstInstruction(kind)
     or
-    child = this.getRightOperand() and
-    result = this.getLeftOperand().getFirstInstruction(kind)
-    or
     kind instanceof GotoEdge and
     child = this.getLeftOperand() and
     result = this.getInstruction(AssignmentStoreTag())

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.9.12
+
+### New Queries
+
+* Added a new query, `cpp/iterator-to-expired-container`, to detect the creation of iterators owned by a temporary objects that are about to be destroyed.
+
 ## 0.9.11
 
 ### Minor Analysis Improvements

cpp/ql/src/change-notes/2024-04-29-iterator-to-expired-container.md → cpp/ql/src/change-notes/released/0.9.12.md

@@ -1,4 +1,5 @@
----
-category: newQuery
----
+## 0.9.12
+
+### New Queries
+
 * Added a new query, `cpp/iterator-to-expired-container`, to detect the creation of iterators owned by a temporary objects that are about to be destroyed.

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.9.11
+lastReleaseVersion: 0.9.12

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.9.12-dev
+version: 0.9.13-dev
 groups:
   - cpp
   - queries

csharp/CSharp.sln

@@ -30,9 +30,9 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Semmle.Autobuild.CSharp.Tes
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Semmle.Extraction.CSharp.DependencyStubGenerator", "extractor\Semmle.Extraction.CSharp.DependencyStubGenerator\Semmle.Extraction.CSharp.DependencyStubGenerator.csproj", "{0EDA21A3-ADD8-4C10-B494-58B12B526B76}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Semmle.Autobuild.Cpp", "..\cpp\autobuilder\Semmle.Autobuild.Cpp\Semmle.Autobuild.Cpp.csproj", "{125C4FB7-34DA-442A-9095-3EA1514270CD}"
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Semmle.Autobuild.Cpp", "\autobuilder\Semmle.Autobuild.Cpp\Semmle.Autobuild.Cpp.csproj", "{125C4FB7-34DA-442A-9095-3EA1514270CD}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Semmle.Autobuild.Cpp.Tests", "..\cpp\autobuilder\Semmle.Autobuild.Cpp.Tests\Semmle.Autobuild.Cpp.Tests.csproj", "{72F369B7-0707-401A-802F-D526F272F9EE}"
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Semmle.Autobuild.Cpp.Tests", "autobuilder\Semmle.Autobuild.Cpp.Tests\Semmle.Autobuild.Cpp.Tests.csproj", "{72F369B7-0707-401A-802F-D526F272F9EE}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution

cpp/autobuilder/Semmle.Autobuild.Cpp.Tests/Semmle.Autobuild.Cpp.Tests.csproj → csharp/autobuilder/Semmle.Autobuild.Cpp.Tests/Semmle.Autobuild.Cpp.Tests.csproj

@@ -21,6 +21,6 @@
 
   <ItemGroup>
     <ProjectReference Include="..\Semmle.Autobuild.Cpp\Semmle.Autobuild.Cpp.csproj" />
-    <ProjectReference Include="..\..\..\csharp\autobuilder\Semmle.Autobuild.Shared\Semmle.Autobuild.Shared.csproj" />
+    <ProjectReference Include="..\..\autobuilder\Semmle.Autobuild.Shared\Semmle.Autobuild.Shared.csproj" />
   </ItemGroup>
 </Project>

cpp/autobuilder/Semmle.Autobuild.Cpp/Semmle.Autobuild.Cpp.csproj → csharp/autobuilder/Semmle.Autobuild.Cpp/Semmle.Autobuild.Cpp.csproj

@@ -21,8 +21,8 @@
   </ItemGroup>
 
   <ItemGroup>
-    <ProjectReference Include="..\..\..\csharp\extractor\Semmle.Util\Semmle.Util.csproj" />
-    <ProjectReference Include="..\..\..\csharp\autobuilder\Semmle.Autobuild.Shared\Semmle.Autobuild.Shared.csproj" />
+    <ProjectReference Include="..\..\extractor\Semmle.Util\Semmle.Util.csproj" />
+    <ProjectReference Include="..\..\autobuilder\Semmle.Autobuild.Shared\Semmle.Autobuild.Shared.csproj" />
   </ItemGroup>
 
 </Project>

csharp/downgrades/ab09ac8287516082b7a7367f8fda1862b1be47c5/upgrade.properties

@@ -1,3 +1,3 @@
 description: Remove 'kind' from 'attributes'.
 compatability: full
-attributes.rel: reorder attributes.rel (int id, int kind, int type_id, int target) id type_id target
+attributes.rel: reorder attributes.rel (@attribute id, int kind, @type_or_ref type_id, @attributable target) id type_id target

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.16
+
+No user-facing changes.
+
 ## 1.7.15
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.16.md

@@ -0,0 +1,3 @@
+## 1.7.16
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.15
+lastReleaseVersion: 1.7.16

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.16-dev
+version: 1.7.17-dev
 groups:
   - csharp
   - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.16
+
+No user-facing changes.
+
 ## 1.7.15
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.16.md

@@ -0,0 +1,3 @@
+## 1.7.16
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.15
+lastReleaseVersion: 1.7.16

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.16-dev
+version: 1.7.17-dev
 groups:
   - csharp
   - solorigate

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.10.1
+
+No user-facing changes.
+
 ## 0.10.0
 
 ### Breaking Changes

csharp/ql/lib/change-notes/released/0.10.1.md

@@ -0,0 +1,3 @@
+## 0.10.1
+
+No user-facing changes.

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.10.0
+lastReleaseVersion: 0.10.1

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.10.1-dev
+version: 0.10.2-dev
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/lib/upgrades/0f562410898f4d4afab2da91f5aaece660ebfa88/upgrade.properties

@@ -1,4 +1,4 @@
 description: Removed unused column from the `folders` and `files` relations
 compatibility: full
-files.rel: reorder files.rel (int id, string name, string simple, string ext, int fromSource) id name
-folders.rel: reorder folders.rel (int id, string name, string simple) id name
+files.rel: reorder files.rel (@file id, string name, string simple, string ext, int fromSource) id name
+folders.rel: reorder folders.rel (@folder id, string name, string simple) id name

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.8.16
+
+No user-facing changes.
+
 ## 0.8.15
 
 No user-facing changes.

csharp/ql/src/Input Validation/ValueShadowing.ql

@@ -8,6 +8,7 @@
  * @tags security
  *       maintainability
  *       frameworks/asp.net
+ *       external/cwe/cwe-348
  */
 
 import csharp

csharp/ql/src/Input Validation/ValueShadowingServerVariable.ql

@@ -8,6 +8,7 @@
  * @tags security
  *       maintainability
  *       frameworks/asp.net
+ *       external/cwe/cwe-348
  */
 
 import csharp

csharp/ql/src/change-notes/released/0.8.16.md

@@ -0,0 +1,3 @@
+## 0.8.16
+
+No user-facing changes.

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.15
+lastReleaseVersion: 0.8.16

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.8.16-dev
+version: 0.8.17-dev
 groups:
   - csharp
   - queries

csharp/ql/src/utils/modelgenerator/internal/CaptureModels.qll

@@ -7,7 +7,7 @@ private import CaptureModelsSpecific
 private import CaptureModelsPrinting
 
 class DataFlowTargetApi extends TargetApiSpecific {
-  DataFlowTargetApi() { isRelevantForDataFlowModels(this) }
+  DataFlowTargetApi() { not isUninterestingForDataFlowModels(this) }
 }
 
 private module Printing implements PrintingSig {

csharp/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll

@@ -51,16 +51,18 @@ private predicate isRelevantForModels(CS::Callable api) {
 }
 
 /**
- * Holds if it is relevant to generate models for `api` based on data flow analysis.
+ * Holds if it is irrelevant to generate models for `api` based on data flow analysis.
+ *
+ * This serves as an extra filter for the `relevant` predicate.
  */
-predicate isRelevantForDataFlowModels(CS::Callable api) {
-  isRelevantForModels(api) and not isHigherOrder(api)
-}
+predicate isUninterestingForDataFlowModels(CS::Callable api) { isHigherOrder(api) }
 
 /**
- * Holds if it is relevant to generate models for `api` based on its type.
+ * Holds if it is irrelevant to generate models for `api` based on type-based analysis.
+ *
+ * This serves as an extra filter for the `relevant` predicate.
  */
-predicate isRelevantForTypeBasedFlowModels = isRelevantForModels/1;
+predicate isUninterestingForTypeBasedFlowModels(CS::Callable api) { none() }
 
 /**
  * A class of callables that are relevant generating summary, source and sinks models for.
@@ -71,7 +73,8 @@ predicate isRelevantForTypeBasedFlowModels = isRelevantForModels/1;
 class TargetApiSpecific extends CS::Callable {
   TargetApiSpecific() {
     this.fromSource() and
-    this.isUnboundDeclaration()
+    this.isUnboundDeclaration() and
+    isRelevantForModels(this)
   }
 }
 

csharp/ql/src/utils/modelgenerator/internal/CaptureTypeBasedSummaryModels.qll

@@ -190,7 +190,7 @@ private module ModelPrinting = PrintingImpl<Printing>;
  * on the Theorems for Free approach.
  */
 class TypeBasedFlowTargetApi extends Specific::TargetApiSpecific {
-  TypeBasedFlowTargetApi() { Specific::isRelevantForTypeBasedFlowModels(this) }
+  TypeBasedFlowTargetApi() { not Specific::isUninterestingForTypeBasedFlowModels(this) }
 
   /**
    * Gets the string representation of all type based summaries for `this`

docs/codeql/reusables/supported-frameworks.rst

@@ -202,6 +202,7 @@ and the CodeQL library pack ``codeql/python-all`` (`changelog <https://github.co
    Flask-Admin, Web framework
    Tornado, Web framework
    Twisted, Web framework
+   Gradio, Web framework
    starlette, Asynchronous Server Gateway Interface (ASGI)
    ldap3, Lightweight Directory Access Protocol (LDAP)
    python-ldap, Lightweight Directory Access Protocol (LDAP)

go/documentation/library-coverage/coverage.csv

@@ -1,5 +1,5 @@
 package,sink,source,summary,sink:credentials-key,sink:jwt,source:remote,summary:taint,summary:value
-,,,2,,,,,2
+,,,5,,,,,5
 archive/tar,,,5,,,,5,
 archive/zip,,,6,,,,6,
 bufio,,,17,,,,17,

go/documentation/library-coverage/coverage.rst

@@ -18,7 +18,7 @@ Go framework & library support
    `Macaron <https://gopkg.in/macaron.v1>`_,``gopkg.in/macaron*``,12,1,
    `Revel <http://revel.github.io/>`_,"``github.com/revel/revel*``, ``github.com/robfig/revel*``",,20,
    `SendGrid <https://github.com/sendgrid/sendgrid-go>`_,``github.com/sendgrid/sendgrid-go*``,,1,
-   `Standard library <https://pkg.go.dev/std>`_,"````, ``archive/*``, ``bufio``, ``bytes``, ``cmp``, ``compress/*``, ``container/*``, ``context``, ``crypto``, ``crypto/*``, ``database/*``, ``debug/*``, ``embed``, ``encoding``, ``encoding/*``, ``errors``, ``expvar``, ``flag``, ``fmt``, ``go/*``, ``hash``, ``hash/*``, ``html``, ``html/*``, ``image``, ``image/*``, ``index/*``, ``io``, ``io/*``, ``log``, ``log/*``, ``maps``, ``math``, ``math/*``, ``mime``, ``mime/*``, ``net``, ``net/*``, ``os``, ``os/*``, ``path``, ``path/*``, ``plugin``, ``reflect``, ``reflect/*``, ``regexp``, ``regexp/*``, ``slices``, ``sort``, ``strconv``, ``strings``, ``sync``, ``sync/*``, ``syscall``, ``syscall/*``, ``testing``, ``testing/*``, ``text/*``, ``time``, ``time/*``, ``unicode``, ``unicode/*``, ``unsafe``",8,578,
+   `Standard library <https://pkg.go.dev/std>`_,"````, ``archive/*``, ``bufio``, ``bytes``, ``cmp``, ``compress/*``, ``container/*``, ``context``, ``crypto``, ``crypto/*``, ``database/*``, ``debug/*``, ``embed``, ``encoding``, ``encoding/*``, ``errors``, ``expvar``, ``flag``, ``fmt``, ``go/*``, ``hash``, ``hash/*``, ``html``, ``html/*``, ``image``, ``image/*``, ``index/*``, ``io``, ``io/*``, ``log``, ``log/*``, ``maps``, ``math``, ``math/*``, ``mime``, ``mime/*``, ``net``, ``net/*``, ``os``, ``os/*``, ``path``, ``path/*``, ``plugin``, ``reflect``, ``reflect/*``, ``regexp``, ``regexp/*``, ``slices``, ``sort``, ``strconv``, ``strings``, ``sync``, ``sync/*``, ``syscall``, ``syscall/*``, ``testing``, ``testing/*``, ``text/*``, ``time``, ``time/*``, ``unicode``, ``unicode/*``, ``unsafe``",8,581,
    `beego <https://beego.me/>`_,"``github.com/astaxie/beego*``, ``github.com/beego/beego*``",,42,
    `cristalhq/jwt <https://github.com/cristalhq/jwt>`_,``github.com/cristalhq/jwt*``,,,1
    `fasthttp <https://github.com/valyala/fasthttp>`_,``github.com/valyala/fasthttp*``,,5,
@@ -35,5 +35,5 @@ Go framework & library support
    `yaml <https://gopkg.in/yaml.v3>`_,``gopkg.in/yaml*``,,9,
    `zap <https://go.uber.org/zap>`_,``go.uber.org/zap*``,,11,
    Others,"``github.com/go-jose/go-jose/$ANYVERSION/jwt``, ``gopkg.in/square/go-jose.v2/jwt``",,8,2
-   Totals,,20,871,24
+   Totals,,20,874,24
 

go/extractor/autobuilder/autobuilder.go

@@ -54,13 +54,15 @@ func checkExtractorRun() bool {
 }
 
 // tryBuildIfExists tries to run the command `cmd args...` if the file `buildFile` exists and is not
-// a directory. Returns true if the command was successful and false if not.
-func tryBuildIfExists(buildFile, cmd string, args ...string) bool {
-	if util.FileExists(buildFile) {
+// a directory. Returns values indicating whether the script succeeded as well as whether the script was found.
+func tryBuildIfExists(buildFile, cmd string, args ...string) (scriptSuccess bool, scriptFound bool) {
+	scriptSuccess = false
+	scriptFound = util.FileExists(buildFile)
+	if scriptFound {
 		log.Printf("%s found.\n", buildFile)
-		return tryBuild(cmd, args...)
+		scriptSuccess = tryBuild(cmd, args...)
 	}
-	return false
+	return
 }
 
 // tryBuild tries to run `cmd args...`, returning true if successful and false if not.
@@ -92,11 +94,25 @@ var BuildScripts = []BuildScript{
 // Autobuild attempts to detect build systems based on the presence of build scripts from the
 // list in `BuildScripts` and run the corresponding command. This may invoke zero or more
 // build scripts in the order given by `BuildScripts`.
-func Autobuild() bool {
+// Returns `scriptSuccess` which indicates whether a build script was successfully executed.
+// Returns `scriptsExecuted` which contains the names of all build scripts that were executed.
+func Autobuild() (scriptSuccess bool, scriptsExecuted []string) {
+	scriptSuccess = false
+	scriptsExecuted = []string{}
+
 	for _, script := range BuildScripts {
-		if tryBuildIfExists(script.Filename, script.Tool) {
-			return true
+		// Try to run the build script
+		success, scriptFound := tryBuildIfExists(script.Filename, script.Tool)
+
+		// If it was found, we attempted to run it: add it to the array.
+		if scriptFound {
+			scriptsExecuted = append(scriptsExecuted, script.Filename)
+		}
+		// If it was successfully executed, we stop here.
+		if success {
+			scriptSuccess = true
+			return
 		}
 	}
-	return false
+	return
 }