hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

2773 Commits

Author SHA1 Message Date
Yunus AYDIN
221e281f73 Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-12-13 19:35:59 +03:00
Yunus AYDIN
0ea27c6e9b Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-12-13 19:35:53 +03:00
Yunus AYDIN
da275b374f Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-12-13 19:35:36 +03:00
Jeroen Ketema
99e65df6ce Merge remote-tracking branch 'upstream/rc/3.12' into mb12 2023-12-13 15:43:39 +01:00
dependabot[bot]
dae1a5c70e Bump the extractor-dependencies group in /go/extractor with 1 update 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).

- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.16.0...v0.16.1)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 04:02:50 +00:00
Yunus AYDIN
a47ffc6833 Remove unnecessary rules 2023-12-13 01:52:06 +03:00
Yunus AYDIN
bb2083d10a Remove database directory and add WebCacheDeceptionLib.qll 2023-12-13 01:50:56 +03:00
Owen Mansel-Chan
5675df842e Merge pull request #15054 from owen-mc/go/find-more-callees-for-captured-variables 
Go: Also follow jump steps when looking for a callee source
 2023-12-12 15:49:15 +00:00
Mathew Payne
7a48152ea9 Add Go Stubs for LibXML2 2023-12-12 15:10:08 +00:00
Chad Bentz
2d33f86d41 Initial Push 
- Sample test  (test not compiling)
- Stubs not generating
 2023-12-12 15:00:00 +00:00
Yunus AYDIN
bc81201c2e Update expected file 2023-12-12 00:07:51 +03:00
Owen Mansel-Chan
0fb58caa8c Update go/ql/lib/change-notes/2023-12-08-find-more-callees-for-captured-functions.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2023-12-11 20:42:48 +00:00
Malayke
7121282b27 add new query for detect DOS 2023-12-11 23:05:04 +08:00
amammad
572777f11b fix a bug in stubs 2023-12-10 22:18:49 +01:00
amammad
bfa0fb6d74 remove a duplicate test 2023-12-10 22:08:12 +01:00
amammad
cc5416406f added more sinks related to io.Writer of BodyWriter 2023-12-10 22:06:27 +01:00
Yunus AYDIN
cf8f2a38c3 Update expected file 2023-12-11 00:03:50 +03:00
Yunus AYDIN
a6b092d8c1 Update rules ids 2023-12-10 22:26:05 +03:00
Yunus AYDIN
4d97c42ee5 Remove debugging select on go-chi.ql 2023-12-10 22:18:48 +03:00
Yunus AYDIN
501f617eaa Update qhelp and and go-chi 2023-12-10 22:07:17 +03:00
Yunus AYDIN
34fb1c4a9f Add go-chi middleware stub to vendor 2023-12-10 22:06:23 +03:00
Am
59195cccdd Merge branch 'main' into amammad-go-bombs 2023-12-10 18:12:10 +01:00
amammad
bb5017121f Merge branch 'main' into amammad-go-bombs 2023-12-10 18:11:49 +01:00
amammad
737f3e8899 fix stubs 2023-12-10 18:10:23 +01:00
amammad
b6aaff2e64 use SimpleGlobal with source and sink to find BodyWriter successors globally 2023-12-10 15:45:42 +01:00
Tom Hvitved
35c654aa76 Go: Use FlowSummaryImpl from dataflow pack 2023-12-10 11:25:44 +01:00
Yunus AYDIN
0813199c7f Update vendor directory and go files 2023-12-10 01:24:29 +03:00
Yunus AYDIN
a925c23d14 Add go.mod and modules.txt 2023-12-09 23:36:50 +03:00
Yunus AYDIN
6bd3c8c07b Format Document 2023-12-09 23:36:13 +03:00
Yunus AYDIN
6378c5e22f Update Fiber Rule for checking files 2023-12-09 23:35:42 +03:00
Yunus AYDIN
63123f3984 Add GoChi Rule 2023-12-09 23:34:48 +03:00
Yunus AYDIN
ba4f8612eb Add GoChi Test Cases 2023-12-09 23:33:18 +03:00
Yunus AYDIN
ad1284853b remove unnecessary file 2023-12-09 19:49:21 +03:00
Yunus AYDIN
eb25d0df66 Add test cases 2023-12-09 19:44:58 +03:00
Yunus AYDIN
85636ccab7 Add Web Cache Deception QHelp and Example Code Snippet for Vulnerable Go Fiber usage 2023-12-09 19:12:20 +03:00
Owen Mansel-Chan
2e2a82c237 Add change note 2023-12-08 23:33:58 +00:00
Owen Mansel-Chan
ab68c4e341 Update test 2023-12-08 23:29:44 +00:00
Owen Mansel-Chan
40b3598fd0 Also follow jump steps when looking for a callee source 
This is needed because capturing a variable is a jump step
and we want to find a callee source for captured functions.
 2023-12-08 18:44:14 +00:00
Anders Schack-Mulligen
64eb4ff753 Merge pull request #14983 from aschackmull/dataflow/deprecate-old-api 
Data Flow: Deprecate old data flow api.
 2023-12-08 14:27:25 +01:00
amammad
2cb0afee73 fix some qldocs and some spells 2023-12-08 11:12:57 +01:00
amammad
a3fbc3c20c fix ResponseBody Class issues 2023-12-07 19:36:27 +01:00
amammad
dbf01a9284 fix an issue in ResponseBody, change isHTMLEscape to isHtmlEscape 2023-12-07 08:52:55 +01:00
github-actions[bot]
92af5f5386 Post-release preparation for codeql-cli-2.15.4 2023-12-06 22:59:22 +00:00
github-actions[bot]
c04457e9e7 Release preparation for version 2.15.4 2023-12-06 21:11:50 +00:00
amammad
20a3211d06 move sanitizers from sharedxss::sanitizer to EscapeFunction::Range, added proper inline tests 2023-12-06 16:19:34 +01:00
amammad
3e0ed0090f added BodyWriter Sink, added proper content-type header in tests to comply new changed xss strategy 2023-12-06 16:00:36 +01:00
amammad
d3099ff482 fix tests, move from SharedXss::Sink to Http::* classes 2023-12-06 15:52:50 +01:00
Owen Mansel-Chan
aad847497b Merge pull request #14962 from owen-mc/go/improve-tests-incorrect-integer-conversion 
Go: Improve tests for Incorrect Integer Conversion
 2023-12-06 07:40:00 +00:00
Owen Mansel-Chan
570538b4ec Merge pull request #14938 from owen-mc/go/improve-test-unhandled-close-writable-handle 
Go: improve test unhandled close writable handle
 2023-12-04 16:56:09 +00:00
Anders Schack-Mulligen
67f0529cda Dataflow: Sync. 2023-12-04 12:36:57 +01:00