hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 05:05:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into repeatedWord

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2022-08-09 21:22:47 +02:00
parent 625e37a0da f2fead7ec7
commit 559ec7ba56
761 changed files with 51997 additions and 64658 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
go/ql/lib/CHANGELOG.md
View File

@@ -1,3 +1,7 @@
## 0.2.2
## 0.2.1
## 0.2.0
### Deprecated APIs

1
go/ql/lib/change-notes/released/0.2.1.md Normal file
View File

@@ -0,0 +1 @@
## 0.2.1

1
go/ql/lib/change-notes/released/0.2.2.md Normal file
View File

@@ -0,0 +1 @@
## 0.2.2

2
go/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.2.0
lastReleaseVersion: 0.2.2

2
go/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/go-all
version: 0.2.1-dev
version: 0.2.3-dev
groups: go
dbscheme: go.dbscheme
extractor: go

9
go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll
View File

@@ -70,6 +70,15 @@ module TaintedPath {
PathAsSink() { this = any(FileSystemAccess fsa).getAPathArgument() }
}
/**
* A numeric- or boolean-typed node, considered a sanitizer for path traversal.
*/
class NumericOrBooleanSanitizer extends Sanitizer {
NumericOrBooleanSanitizer() {
this.getType() instanceof NumericType or this.getType() instanceof BoolType
}
}
/**
* A call to `filepath.Rel`, considered as a sanitizer for path traversal.
*/

4
go/ql/src/CHANGELOG.md
View File

@@ -1,3 +1,7 @@
## 0.2.2
## 0.2.1
## 0.2.0
## 0.1.4

4
go/ql/src/change-notes/2022-08-02-path-injection-sanitizer.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* The query `go/path-injection` no longer considers user-controlled numeric or boolean-typed data as potentially dangerous.

1
go/ql/src/change-notes/released/0.2.1.md Normal file
View File

@@ -0,0 +1 @@
## 0.2.1

1
go/ql/src/change-notes/released/0.2.2.md Normal file
View File

@@ -0,0 +1 @@
## 0.2.2

2
go/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.2.0
lastReleaseVersion: 0.2.2

0
go/ql/lib/definitions.ql → go/ql/src/definitions.ql
View File

2
go/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/go-queries
version: 0.2.1-dev
version: 0.2.3-dev
groups:
- go
- queries