Esben Sparre Andreasen
|
80b81b07c5
|
JS: refactor DefaultUrlRequest: extract names
|
2018-09-04 09:26:45 +02:00 |
|
Esben Sparre Andreasen
|
68b7a8b57e
|
JS: change notes for UrlRequest libraries and js/request-forgery
|
2018-09-04 09:26:45 +02:00 |
|
Esben Sparre Andreasen
|
f5a6af54e6
|
JS: add security query: js/request-forgery
|
2018-09-04 09:25:42 +02:00 |
|
Esben Sparre Andreasen
|
2104cf55e3
|
JS: add models of URL requests
|
2018-09-04 09:25:42 +02:00 |
|
Jonas Jensen
|
6e9cc46e80
|
Merge pull request #131 from ian-semmle/namespace_vars
C++: Give namespace variables a qualified name
|
2018-09-04 08:56:01 +02:00 |
|
Jonas Jensen
|
a2946f71bd
|
Merge pull request #96 from ian-semmle/typo
C++: Fix typo
|
2018-09-04 08:51:15 +02:00 |
|
Jonas Jensen
|
adc5ee86ad
|
Merge pull request #128 from geoffw0/cwe-190-precision
CPP: Adjust precisions for the CWE-190 queries.
|
2018-09-04 08:44:38 +02:00 |
|
Ian Lynagh
|
4230adbca2
|
C++: Remove reundant override
|
2018-09-03 18:12:30 +01:00 |
|
calumgrant
|
af3f855491
|
Merge pull request #94 from hvitved/csharp/cfg/minor-fixes
C#: Minor CFG improvements
|
2018-09-03 17:41:18 +01:00 |
|
Nick Rolfe
|
78f5be0d49
|
Merge pull request #143 from adityasharad/version/1.19.0
Version: Bump to 1.19.0 dev.
|
2018-09-03 17:40:23 +01:00 |
|
Nick Rolfe
|
04e919df9d
|
C++: clearer alert wording in integer-multiplication-cast-to-long
|
2018-09-03 16:56:56 +01:00 |
|
Aditya Sharad
|
2363f49e3a
|
Version: Bump to 1.19.0 dev.
This keeps the QL for Eclipse language plugins in sync with internal `master`.
|
2018-09-03 16:41:28 +01:00 |
|
semmle-qlci
|
4dec7c5036
|
Merge pull request #127 from xiemaisi/js/incomplete-sanitisation-doc-improvement
Approved by esben-semmle
|
2018-09-03 16:25:44 +01:00 |
|
Jonas Jensen
|
88f80e4d4b
|
C++: Silence two more QL compiler warnings
One was for an unused parameter (a deliberate CP of `Type` x
`VoidType`), and one was for use of a deprecated predicate.
|
2018-09-03 13:45:04 +02:00 |
|
Jonas Jensen
|
ab6dc1d70c
|
C++: Add missing override annotations
|
2018-09-03 13:22:22 +02:00 |
|
Geoffrey White
|
d5b7ab5aa1
|
CPP: Make FunctionWithWrappers toCause work on builtin functions.
|
2018-09-03 11:26:02 +01:00 |
|
Nick Rolfe
|
5d5febf4d4
|
Merge pull request #137 from jbj/getEnclosingElement-changenote
C++: Change note for getEnclosingElement macro changes
|
2018-09-03 10:44:30 +01:00 |
|
Jonas Jensen
|
2fd73f2171
|
C++: getEnclosingElement-without-macros changenote
|
2018-09-03 11:29:03 +02:00 |
|
Jonas Jensen
|
b34dbfa68b
|
C++: Correct change note formatting
In Markdown, nested bullet lists are formatted with indented asterisks
rather than double asterisks.
|
2018-09-03 11:29:02 +02:00 |
|
Jonas Jensen
|
18dc1d0af0
|
Merge pull request #129 from Semmle/changenote-desig-init
cherry-pick onto rc/1.18: C++: change note for designated intializer fixes
|
2018-09-03 11:28:20 +02:00 |
|
Max Schaefer
|
759d98661c
|
Merge pull request #117 from esben-semmle/js/push-sort-taint-steps
JS: support `push` and `sort` taint steps for arrays
|
2018-09-03 09:20:35 +01:00 |
|
Geoffrey White
|
8e5c170af6
|
CPP: Change note.
|
2018-09-03 08:30:05 +01:00 |
|
Geoffrey White
|
3e18a9b885
|
CPP: Improve the special case for realloc in MemoryMayNotBeFreed.ql.
|
2018-09-03 08:30:05 +01:00 |
|
Max Schaefer
|
58e384558c
|
JavaScript: Improve query name and help for js/incomplete-sanitization.
The query applies more generally to all kinds of string escaping and encoding, not just sanitization.
|
2018-09-03 08:20:01 +01:00 |
|
Max Schaefer
|
20bff709b1
|
Merge pull request #136 from esben-semmle/js/composed-function-taint
JS: model composed functions (RC)
|
2018-09-03 08:18:20 +01:00 |
|
Max Schaefer
|
7e3adec789
|
Merge pull request #135 from esben-semmle/js/pick-get-taint-steps
JS: model property projection calls (RC)
|
2018-09-03 08:17:42 +01:00 |
|
Ian Lynagh
|
c8fcab8cfe
|
C++: Use Declaration.isTopLevel() in GlobalNamespace.getADeclaration()
|
2018-09-03 01:01:10 +01:00 |
|
Ian Lynagh
|
f6582ef285
|
C++: Fix typo
|
2018-09-01 15:45:41 +01:00 |
|
Jonas Jensen
|
98612b9f9a
|
C++: Tidy primitive_basic_block_member calculation
This change gave a slight speed-up by eliminating an unnecessary
intermediate predicate.
|
2018-09-01 07:46:00 +02:00 |
|
Nick Rolfe
|
f6e5be0af8
|
cherry-pick 35d31aee onto 1.18 branch
This changenote was committed after the `rc/1.18 branch` was taken.
|
2018-08-31 18:09:39 +01:00 |
|
ian-semmle
|
eac82f2a8a
|
Merge pull request #18 from nickrolfe/builtin_types_on_demand3
C++: built-in type tweaks
|
2018-08-31 16:41:02 +01:00 |
|
Ian Lynagh
|
3a00e24e89
|
C++: Give NamespaceVariables a qualified name
|
2018-08-31 16:39:21 +01:00 |
|
Ian Lynagh
|
d7d8186bbe
|
C++: Improve namespaces/namespaces test
|
2018-08-31 16:37:59 +01:00 |
|
Geoffrey White
|
074894298c
|
CPP: Adjust precisions for the CWE-190 queries.
|
2018-08-31 16:15:53 +01:00 |
|
ian-semmle
|
1ed82d63f3
|
Merge pull request #124 from nickrolfe/desig_init_changenote
C++: change note for designated intializer fixes
|
2018-08-31 13:19:52 +01:00 |
|
Nick Rolfe
|
35d31aeefe
|
C++: change note for designated intializer fixes
|
2018-08-31 13:15:53 +01:00 |
|
Nick Rolfe
|
d4f9b5eb52
|
C++: update expected sizes of error and unknown types to be 1 byte
|
2018-08-31 12:08:15 +01:00 |
|
ian-semmle
|
6c7396424e
|
Merge pull request #116 from nickrolfe/desig_init
C++: support for designated initializers
|
2018-08-31 11:56:34 +01:00 |
|
Max Schaefer
|
69ca103e06
|
Merge pull request #115 from esben-semmle/js/composed-function-taint
JS: model composed functions
|
2018-08-31 08:14:18 +01:00 |
|
Max Schaefer
|
7e18426fde
|
Merge pull request #113 from esben-semmle/js/pick-get-taint-steps
JS: model property projection calls
|
2018-08-31 08:13:40 +01:00 |
|
Nick Rolfe
|
0589be1b8a
|
C++: add qldoc comments for aggregate_{field,array}_init
|
2018-08-30 22:42:31 +01:00 |
|
Nick Rolfe
|
2130622028
|
C++: use underlyingElement & unresolveElement for get{Element,Field}Expr
|
2018-08-30 22:42:31 +01:00 |
|
Nick Rolfe
|
d8d3bfd857
|
C++: expand aggregate literals test to cover ordering of child exprs
|
2018-08-30 22:42:30 +01:00 |
|
Nick Rolfe
|
7556f22ff1
|
C++: stats for aggregate_{field,array}_init
|
2018-08-30 22:42:30 +01:00 |
|
Nick Rolfe
|
23c648904f
|
C++: properly formatted comments for builtin type kinds
|
2018-08-30 22:42:30 +01:00 |
|
Nick Rolfe
|
afa7505cae
|
C++: expand test for aggregate literals to include more nesting
|
2018-08-30 22:42:30 +01:00 |
|
Nick Rolfe
|
4abdeda857
|
C++: update test output to match corrected extractor behaviour
|
2018-08-30 22:42:30 +01:00 |
|
Nick Rolfe
|
d068d71ccb
|
C++: dbscheme/library changes to support C99 designated initializers
|
2018-08-30 22:42:30 +01:00 |
|
Tom Hvitved
|
809da42f00
|
C#: Synchronize a few test files
Synchronized test files with the examples used in query help.
|
2018-08-30 21:46:37 +02:00 |
|
Pavel Avgustinov
|
d9bc07cb91
|
Merge branch 'java-migration'.
|
2018-08-30 18:49:04 +01:00 |
|