hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,255 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.2
Commit Graph

12782 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
496f190d70 C++: Accept test changes. 2023-10-10 16:45:31 +01:00
Mathias Vorreiter Pedersen
512c10ec59 C++: Use the fully converted expression when converting models to dataflow nodes. 2023-10-10 16:45:25 +01:00
Jeroen Ketema
3b777c2764 C++: Rewrite cpp/cgi-xss to not use default taint tracking 
Also add a test that demonstrates that we need to look at inidrect expressions
and not direct ones.
 2023-10-10 11:56:39 +02:00
Erik Krogh Kristensen
4489e2bf28 Merge pull request #14403 from erik-krogh/dDEps 
All: delete outdated deprecations
 2023-10-09 21:04:55 +02:00
Jeroen Ketema
6ff8e06ace Revert "C++: Rewrite cpp/cgi-xss to not use default taint tracking" 
This reverts commit b6132d2a0f.
 2023-10-09 16:30:21 +02:00
Jeroen Ketema
f7bd801e00 Merge pull request #11716 from jketema/rewrite-cgi-xss 
C++: Rewrite `cpp/cgi-xss` to not use default taint tracking
 2023-10-09 11:26:14 +02:00
Mathias Vorreiter Pedersen
a1d417d8b6 Merge pull request #14385 from alexet/ir-debug-perf 
CPP: Improve performance of IR debugging
 2023-10-09 11:21:03 +02:00
erik-krogh
a7ab9fd93b add change-notes 2023-10-09 09:43:06 +02:00
erik-krogh
689eda4dae CPP: delete the deprecated AnalysedString class 2023-10-09 09:14:54 +02:00
erik-krogh
4bc4e0845d delete the deprecated isBarrierGuard predicate from the shared dataflow library, and its uses 2023-10-07 21:48:49 +02:00
Jeroen Ketema
b6132d2a0f C++: Rewrite cpp/cgi-xss to not use default taint tracking 2023-10-06 16:11:13 +02:00
Mathias Vorreiter Pedersen
eb3f1967a5 Merge pull request #14365 from MathiasVP/disable-flow-through-pointer-arith-for-size 
C++: Disable size-flow through pointer arithmetics in `cpp/invalid-pointer-deref`
 2023-10-06 10:14:31 +02:00
Mathias Vorreiter Pedersen
b231b1ccaf Merge pull request #14384 from MathiasVP/handle-instructions-in-reverse-flow 2023-10-05 20:26:38 +02:00
Alex Eyers-Taylor
c79ec8c37a CPP: Improve performance of IR debugging 2023-10-05 17:35:52 +01:00
Cornelius Riemenschneider
d3a1dbc0c7 Merge pull request #14381 from github/criemen/add-bazel-dbschemes 
Add skeleton bazel files for accessing the dbschemes.
 2023-10-05 16:53:45 +02:00
Mathias Vorreiter Pedersen
20900dafc0 C++: Handle reverse flow when 'nodeTo' is an instruction. 2023-10-05 16:28:57 +02:00
Mathias Vorreiter Pedersen
2f39ab1977 C++: Project away 'why' to prevent tuple duplication in 'Buffer.qll'. 2023-10-05 13:32:52 +02:00
Cornelius Riemenschneider
96edc1d349 Add skeleton bazel files for accessing the dbschemes. 2023-10-05 09:00:38 +02:00
Mathias Vorreiter Pedersen
e38f65981e C++: Accept test changes. 2023-10-04 20:12:42 +02:00
Mathias Vorreiter Pedersen
75c74d50f9 C++: Use 'unique' in 'hasIRRepresentationOfIndirectInstruction' similar to how it's done in 'hasIRRepresentationOfIndirectOperand'. 2023-10-04 19:00:33 +02:00
github-actions[bot]
9fe993bec3 Release preparation for version 2.15.0 2023-10-04 14:15:27 +00:00
Mathias Vorreiter Pedersen
843e9ad254 C++: Add more QLDoc. 2023-10-04 14:37:05 +02:00
Rasmus Wriedt Larsen
9c02b4f21c Merge pull request #14289 from microsoft/jb1/16-cryptography-models-libraries-and-queries-migration 
16 cryptography models libraries and queries migration
 2023-10-04 12:27:59 +02:00
Josh Brown
de2e8b0b12 explicit "this" qualifiers 2023-10-03 16:13:54 -07:00
Josh Brown
ad86e576a4 autoformat 2023-10-03 13:40:17 -07:00
Josh Brown
b683a3caf8 Merge branch 'main' into jb1/16-cryptography-models-libraries-and-queries-migration 2023-10-04 07:24:29 +11:00
Henry Mercer
da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Mathias Vorreiter Pedersen
9a139ea903 C++: Accept test changes. 2023-10-03 15:58:35 +02:00
Mathias Vorreiter Pedersen
57d3f3f482 C++: Actually propagate the 'isBarrier1' or 'isBarrier2' predicates to the dataflow configurations. 2023-10-03 15:58:24 +02:00
Mathias Vorreiter Pedersen
9df5e43fae C++: Block flow through indirect flow through pointer-arithmetic instructions when following flow for the allocation size. 2023-10-03 15:31:50 +02:00
Mathias Vorreiter Pedersen
b6ed9ccfda C++: Add change notes. 2023-10-03 09:33:40 +02:00
Mathias Vorreiter Pedersen
7084dc1a88 C++: Promote 'cpp/use-after-free' and 'cpp/double-free' to Code Scanning. 2023-10-03 09:22:47 +02:00
Mathias Vorreiter Pedersen
5632dd5e46 Merge pull request #14275 from alexet/fix-use-after-free-fp 
CPP: Fix some use after free FPs.
 2023-10-03 09:16:42 +02:00
Alex Eyers-Taylor
6b0ae0f312 CPP: Remove unned argument from use-after-free 2023-09-28 17:53:32 +01:00
Asger F
0d96ed8aee Merge pull request #14305 from asgerf/shared/flow-state-inout-barriers 
Shared: add in/out barriers with flow state
 2023-09-28 11:07:23 +02:00
Anders Schack-Mulligen
2548939849 C++: Use shared FileSystem library. 2023-09-28 08:58:55 +02:00
Alex Eyers-Taylor
2860c0c0d4 CPP: Move test into correct file. 2023-09-27 18:42:26 +01:00
Benjamin Rodes
25203db4e7 Removing 'security' tags from all queries. 2023-09-27 12:43:51 -04:00
Asger F
d501856519 Update DataFlowImpl.qll copies 2023-09-25 10:05:29 +02:00
Anders Schack-Mulligen
ae278fcad7 C++: Fix import conflict. 2023-09-22 15:06:21 +02:00
Anders Schack-Mulligen
66da997b7b Dataflow: Make use of defaults for language-specific hooks. 2023-09-22 14:54:22 +02:00
Benjamin Rodes
c0c2ae544b Updating weak elliptic curve sample queries. 2023-09-21 12:12:16 -07:00
Benjamin Rodes
50db4fd63e Moved Cpp into sub directory 'cryptography' instead of crypto. Added python models, inventory, and example alerts. 2023-09-21 12:12:15 -07:00
Benjamin Rodes
7560db66fa incorrect import path 2023-09-21 12:12:15 -07:00
Benjamin Rodes
fe22dc45b1 Moving inventory queries into a new subdirectory structure for new_models and old_models. 2023-09-21 12:12:15 -07:00
Benjamin Rodes
6d7ac8de28 Adding example alerts 2023-09-21 12:12:15 -07:00
Benjamin Rodes
4c9cc5a21f Adding inventory queries. 2023-09-21 12:12:15 -07:00
Benjamin Rodes
7256faa7eb Added modeling infrastructure 2023-09-21 12:12:15 -07:00
Anders Schack-Mulligen
13f7daf71e Merge pull request #13982 from aschackmull/dataflow/typeflow-calledge-pruning 
Dataflow: Add type-based call-edge pruning.
 2023-09-21 13:33:08 +02:00