[krishnprakash/codeql] 076b02: Fix two `QualifiedName` join orders
0 views
Skip to first unread message
Phileco
Apr 24, 2026, 5:25:20 AM (4 days ago) Apr 24
to philecodi...@googlegroups.com
Branch: refs/heads/main
Home: https://github.com/krishnprakash/codeql
Commit: 076b020dc42b0e7da2d4777be83c5580202b4926
https://github.com/krishnprakash/codeql/commit/076b020dc42b0e7da2d4777be83c5580202b4926
Author: Jeroen Ketema <jke...@github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/internal/QualifiedName.qll
Log Message:
-----------
Fix two `QualifiedName` join orders
Before on `StanfordLegion__legion` with `cpp/throwing-pointer`:
```
Pipeline standard for QualifiedName::Namespace.getQualifiedName/0#cbc0648a@7ff329j5 was evaluated in 2 iterations totaling 0ms (delta sizes total: 70).
162061 ~0% {2} r1 = JOIN `QualifiedName::Namespace.getQualifiedName/0#cbc0648a#prev_delta` WITH namespacembrs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
70 ~2% {4} | JOIN WITH namespaces ON FIRST 1 OUTPUT Lhs.0, _, Lhs.1, Rhs.1
70 ~0% {2} | REWRITE WITH Tmp.1 := "::", Out.1 := (In.2 ++ Tmp.1 ++ In.3) KEEPING 2
70 ~0% {2} | AND NOT `QualifiedName::Namespace.getQualifiedName/0#cbc0648a#prev`(FIRST 2)
return r1
Pipeline standard for QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1@cfd47189 was evaluated in 2 iterations totaling 3ms (delta sizes total: 85).
12 ~0% {2} r1 = JOIN `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev_delta` WITH _#namespace_inlineMerge_#namespacembrsMerge#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
162417 ~0% {2} r2 = JOIN `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev_delta` WITH namespacembrs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
73 ~1% {4} | JOIN WITH namespaces ON FIRST 1 OUTPUT Lhs.0, _, Lhs.1, Rhs.1
73 ~0% {2} | REWRITE WITH Tmp.1 := "::", Out.1 := (In.2 ++ Tmp.1 ++ In.3) KEEPING 2
85 ~0% {2} r3 = r1 UNION r2
85 ~0% {2} | AND NOT `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev`(FIRST 2)
return r3
```
After:
```
Pipeline standard for QualifiedName::Namespace.getQualifiedName/0#cbc0648a@91677d3f was evaluated in 2 iterations totaling 0ms (delta sizes total: 70).
70 ~0% {4} r1 = JOIN `QualifiedName::Namespace.getQualifiedName/0#cbc0648a#prev_delta` WITH _#namespacembrsMerge_1#antijoin_rhs_#namespacembrsMerge_10#join_rhs_#namespacesMerge#join_rhs ON FIRST 1 OUTPUT Rhs.1, _, Lhs.1, Rhs.2
70 ~0% {2} | REWRITE WITH Tmp.1 := "::", Out.1 := (In.2 ++ Tmp.1 ++ In.3) KEEPING 2
70 ~0% {2} | AND NOT `QualifiedName::Namespace.getQualifiedName/0#cbc0648a#prev`(FIRST 2)
return r1
Pipeline standard for QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1@3bbc99mb was evaluated in 2 iterations totaling 0ms (delta sizes total: 85).
12 ~0% {2} r1 = JOIN `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev_delta` WITH _#namespace_inlineMerge_#namespacembrsMerge_1#antijoin_rhs__#namespacembrsMerge_#namespacembrsMerge___#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
73 ~0% {4} r2 = JOIN `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev_delta` WITH _#namespacembrsMerge_1#antijoin_rhs_#namespacesMerge__#namespacembrsMerge_#namespacembrsMerge_10#joi__#join_rhs ON FIRST 1 OUTPUT Rhs.1, _, Lhs.1, Rhs.2
73 ~1% {2} | REWRITE WITH Tmp.1 := "::", Out.1 := (In.2 ++ Tmp.1 ++ In.3) KEEPING 2
85 ~0% {2} r3 = r1 UNION r2
85 ~0% {2} | AND NOT `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev`(FIRST 2)
return r3
```
Commit: 7b897add220733ae86c7abc0770fee5ee25b7afc
https://github.com/krishnprakash/codeql/commit/7b897add220733ae86c7abc0770fee5ee25b7afc
Author: copilot-swe-agent[bot] <19898274...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)
Changed paths:
Log Message:
-----------
Initial plan
Commit: 081ad03b4bb72685b2897c333d85bf08c0d762fc
https://github.com/krishnprakash/codeql/commit/081ad03b4bb72685b2897c333d85bf08c0d762fc
Author: copilot-swe-agent[bot] <19898274...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)
Changed paths:
A java/ql/test/query-tests/security/CWE-089/semmle/examples/Hibernate.java
M java/ql/test/query-tests/security/CWE-089/semmle/examples/options
A java/ql/test/stubs/hibernate-5.x/org/hibernate/Session.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/SharedSessionContract.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/Query.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/QueryProducer.java
Log Message:
-----------
Add Hibernate SQL injection sink tests
Agent-Logs-Url: https://github.com/github/codeql/sessions/2e7aecca-63ea-489f-8b87-4cc557655919
Co-authored-by: owen-mc <62447351...@users.noreply.github.com>
Commit: 25d232b81523036f25089a7a4c9923590e5180c8
https://github.com/krishnprakash/codeql/commit/25d232b81523036f25089a7a4c9923590e5180c8
Author: copilot-swe-agent[bot] <19898274...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)
Changed paths:
M java/ql/lib/ext/org.hibernate.query.model.yml
M java/ql/test/query-tests/security/CWE-089/semmle/examples/Hibernate.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/MutationQuery.java
M java/ql/test/stubs/hibernate-5.x/org/hibernate/query/QueryProducer.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/SelectionQuery.java
Log Message:
-----------
Model additional Hibernate query sinks
Agent-Logs-Url: https://github.com/github/codeql/sessions/fc2c7f71-3493-4bf7-9136-34571a1d4b47
Co-authored-by: owen-mc <62447351...@users.noreply.github.com>
Commit: 083909ee3bba9063db1120f63f6cf0acfc63ec7f
https://github.com/krishnprakash/codeql/commit/083909ee3bba9063db1120f63f6cf0acfc63ec7f
Author: copilot-swe-agent[bot] <19898274...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)
Changed paths:
A java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md
Log Message:
-----------
Add Java change note for Hibernate sinks
Agent-Logs-Url: https://github.com/github/codeql/sessions/41769e74-a435-4aaf-b5f7-92060f6cd84e
Co-authored-by: owen-mc <62447351...@users.noreply.github.com>
Commit: ae89b2ee79e36f0274897691bc852e8980643245
https://github.com/krishnprakash/codeql/commit/ae89b2ee79e36f0274897691bc852e8980643245
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2026-04-24 (Fri, 24 Apr 2026)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/internal/QualifiedName.qll
Log Message:
-----------
Merge pull request #21747 from jketema/join-order
Fix two `QualifiedName` join orders
Commit: 9fbe44742846951d21e3b98aac3d78679f8e884f
https://github.com/krishnprakash/codeql/commit/9fbe44742846951d21e3b98aac3d78679f8e884f
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-04-24 (Fri, 24 Apr 2026)
Changed paths:
A java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md
M java/ql/lib/ext/org.hibernate.query.model.yml
A java/ql/test/query-tests/security/CWE-089/semmle/examples/Hibernate.java
M java/ql/test/query-tests/security/CWE-089/semmle/examples/options
A java/ql/test/stubs/hibernate-5.x/org/hibernate/Session.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/SharedSessionContract.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/MutationQuery.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/Query.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/QueryProducer.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/SelectionQuery.java
Log Message:
-----------
Merge pull request #21749 from github/copilot/add-hibernate-sql-injection-tests
Add Hibernate SQL injection sink models and coverage
Commit: 81af40f406c78ac426f9cba554fcf8d00a4f72eb
https://github.com/krishnprakash/codeql/commit/81af40f406c78ac426f9cba554fcf8d00a4f72eb
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-04-24 (Fri, 24 Apr 2026)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/internal/QualifiedName.qll
A java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md
M java/ql/lib/ext/org.hibernate.query.model.yml
A java/ql/test/query-tests/security/CWE-089/semmle/examples/Hibernate.java
M java/ql/test/query-tests/security/CWE-089/semmle/examples/options
A java/ql/test/stubs/hibernate-5.x/org/hibernate/Session.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/SharedSessionContract.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/MutationQuery.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/Query.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/QueryProducer.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/SelectionQuery.java
Log Message:
-----------
Merge branch 'github:main' into main
Compare: https://github.com/krishnprakash/codeql/compare/90391349610a...81af40f406c7
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Home: https://github.com/krishnprakash/codeql
Commit: 076b020dc42b0e7da2d4777be83c5580202b4926
https://github.com/krishnprakash/codeql/commit/076b020dc42b0e7da2d4777be83c5580202b4926
Author: Jeroen Ketema <jke...@github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/internal/QualifiedName.qll
Log Message:
-----------
Fix two `QualifiedName` join orders
Before on `StanfordLegion__legion` with `cpp/throwing-pointer`:
```
Pipeline standard for QualifiedName::Namespace.getQualifiedName/0#cbc0648a@7ff329j5 was evaluated in 2 iterations totaling 0ms (delta sizes total: 70).
162061 ~0% {2} r1 = JOIN `QualifiedName::Namespace.getQualifiedName/0#cbc0648a#prev_delta` WITH namespacembrs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
70 ~2% {4} | JOIN WITH namespaces ON FIRST 1 OUTPUT Lhs.0, _, Lhs.1, Rhs.1
70 ~0% {2} | REWRITE WITH Tmp.1 := "::", Out.1 := (In.2 ++ Tmp.1 ++ In.3) KEEPING 2
70 ~0% {2} | AND NOT `QualifiedName::Namespace.getQualifiedName/0#cbc0648a#prev`(FIRST 2)
return r1
Pipeline standard for QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1@cfd47189 was evaluated in 2 iterations totaling 3ms (delta sizes total: 85).
12 ~0% {2} r1 = JOIN `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev_delta` WITH _#namespace_inlineMerge_#namespacembrsMerge#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
162417 ~0% {2} r2 = JOIN `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev_delta` WITH namespacembrs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
73 ~1% {4} | JOIN WITH namespaces ON FIRST 1 OUTPUT Lhs.0, _, Lhs.1, Rhs.1
73 ~0% {2} | REWRITE WITH Tmp.1 := "::", Out.1 := (In.2 ++ Tmp.1 ++ In.3) KEEPING 2
85 ~0% {2} r3 = r1 UNION r2
85 ~0% {2} | AND NOT `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev`(FIRST 2)
return r3
```
After:
```
Pipeline standard for QualifiedName::Namespace.getQualifiedName/0#cbc0648a@91677d3f was evaluated in 2 iterations totaling 0ms (delta sizes total: 70).
70 ~0% {4} r1 = JOIN `QualifiedName::Namespace.getQualifiedName/0#cbc0648a#prev_delta` WITH _#namespacembrsMerge_1#antijoin_rhs_#namespacembrsMerge_10#join_rhs_#namespacesMerge#join_rhs ON FIRST 1 OUTPUT Rhs.1, _, Lhs.1, Rhs.2
70 ~0% {2} | REWRITE WITH Tmp.1 := "::", Out.1 := (In.2 ++ Tmp.1 ++ In.3) KEEPING 2
70 ~0% {2} | AND NOT `QualifiedName::Namespace.getQualifiedName/0#cbc0648a#prev`(FIRST 2)
return r1
Pipeline standard for QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1@3bbc99mb was evaluated in 2 iterations totaling 0ms (delta sizes total: 85).
12 ~0% {2} r1 = JOIN `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev_delta` WITH _#namespace_inlineMerge_#namespacembrsMerge_1#antijoin_rhs__#namespacembrsMerge_#namespacembrsMerge___#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
73 ~0% {4} r2 = JOIN `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev_delta` WITH _#namespacembrsMerge_1#antijoin_rhs_#namespacesMerge__#namespacembrsMerge_#namespacembrsMerge_10#joi__#join_rhs ON FIRST 1 OUTPUT Rhs.1, _, Lhs.1, Rhs.2
73 ~1% {2} | REWRITE WITH Tmp.1 := "::", Out.1 := (In.2 ++ Tmp.1 ++ In.3) KEEPING 2
85 ~0% {2} r3 = r1 UNION r2
85 ~0% {2} | AND NOT `QualifiedName::Namespace.getAQualifierForMembers/0#132b16e1#prev`(FIRST 2)
return r3
```
Commit: 7b897add220733ae86c7abc0770fee5ee25b7afc
https://github.com/krishnprakash/codeql/commit/7b897add220733ae86c7abc0770fee5ee25b7afc
Author: copilot-swe-agent[bot] <19898274...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)
Changed paths:
Log Message:
-----------
Initial plan
Commit: 081ad03b4bb72685b2897c333d85bf08c0d762fc
https://github.com/krishnprakash/codeql/commit/081ad03b4bb72685b2897c333d85bf08c0d762fc
Author: copilot-swe-agent[bot] <19898274...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)
Changed paths:
A java/ql/test/query-tests/security/CWE-089/semmle/examples/Hibernate.java
M java/ql/test/query-tests/security/CWE-089/semmle/examples/options
A java/ql/test/stubs/hibernate-5.x/org/hibernate/Session.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/SharedSessionContract.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/Query.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/QueryProducer.java
Log Message:
-----------
Add Hibernate SQL injection sink tests
Agent-Logs-Url: https://github.com/github/codeql/sessions/2e7aecca-63ea-489f-8b87-4cc557655919
Co-authored-by: owen-mc <62447351...@users.noreply.github.com>
Commit: 25d232b81523036f25089a7a4c9923590e5180c8
https://github.com/krishnprakash/codeql/commit/25d232b81523036f25089a7a4c9923590e5180c8
Author: copilot-swe-agent[bot] <19898274...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)
Changed paths:
M java/ql/lib/ext/org.hibernate.query.model.yml
M java/ql/test/query-tests/security/CWE-089/semmle/examples/Hibernate.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/MutationQuery.java
M java/ql/test/stubs/hibernate-5.x/org/hibernate/query/QueryProducer.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/SelectionQuery.java
Log Message:
-----------
Model additional Hibernate query sinks
Agent-Logs-Url: https://github.com/github/codeql/sessions/fc2c7f71-3493-4bf7-9136-34571a1d4b47
Co-authored-by: owen-mc <62447351...@users.noreply.github.com>
Commit: 083909ee3bba9063db1120f63f6cf0acfc63ec7f
https://github.com/krishnprakash/codeql/commit/083909ee3bba9063db1120f63f6cf0acfc63ec7f
Author: copilot-swe-agent[bot] <19898274...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)
Changed paths:
A java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md
Log Message:
-----------
Add Java change note for Hibernate sinks
Agent-Logs-Url: https://github.com/github/codeql/sessions/41769e74-a435-4aaf-b5f7-92060f6cd84e
Co-authored-by: owen-mc <62447351...@users.noreply.github.com>
Commit: ae89b2ee79e36f0274897691bc852e8980643245
https://github.com/krishnprakash/codeql/commit/ae89b2ee79e36f0274897691bc852e8980643245
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2026-04-24 (Fri, 24 Apr 2026)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/internal/QualifiedName.qll
Log Message:
-----------
Merge pull request #21747 from jketema/join-order
Fix two `QualifiedName` join orders
Commit: 9fbe44742846951d21e3b98aac3d78679f8e884f
https://github.com/krishnprakash/codeql/commit/9fbe44742846951d21e3b98aac3d78679f8e884f
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-04-24 (Fri, 24 Apr 2026)
Changed paths:
A java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md
M java/ql/lib/ext/org.hibernate.query.model.yml
A java/ql/test/query-tests/security/CWE-089/semmle/examples/Hibernate.java
M java/ql/test/query-tests/security/CWE-089/semmle/examples/options
A java/ql/test/stubs/hibernate-5.x/org/hibernate/Session.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/SharedSessionContract.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/MutationQuery.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/Query.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/QueryProducer.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/SelectionQuery.java
Log Message:
-----------
Merge pull request #21749 from github/copilot/add-hibernate-sql-injection-tests
Add Hibernate SQL injection sink models and coverage
Commit: 81af40f406c78ac426f9cba554fcf8d00a4f72eb
https://github.com/krishnprakash/codeql/commit/81af40f406c78ac426f9cba554fcf8d00a4f72eb
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-04-24 (Fri, 24 Apr 2026)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/internal/QualifiedName.qll
A java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md
M java/ql/lib/ext/org.hibernate.query.model.yml
A java/ql/test/query-tests/security/CWE-089/semmle/examples/Hibernate.java
M java/ql/test/query-tests/security/CWE-089/semmle/examples/options
A java/ql/test/stubs/hibernate-5.x/org/hibernate/Session.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/SharedSessionContract.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/MutationQuery.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/Query.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/QueryProducer.java
A java/ql/test/stubs/hibernate-5.x/org/hibernate/query/SelectionQuery.java
Log Message:
-----------
Merge branch 'github:main' into main
Compare: https://github.com/krishnprakash/codeql/compare/90391349610a...81af40f406c7
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Reply all
Reply to author
Forward
0 new messages