hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

7071 Commits

Author SHA1 Message Date
github-actions[bot]
90d29994c8 Release preparation for version 2.22.4 2025-08-18 14:06:09 +00:00
Ian Lynagh
fd020b52e4 Merge pull request #20232 from igfoo/igfoo/SloppyGlobal 
C++: SloppyGlobal: Don't alert on template instantiations, only the template
 2025-08-18 11:39:30 +01:00
Ian Lynagh
0870cc370b C++: Add a changenote for the change to cpp/short-global-name 2025-08-15 12:09:37 +01:00
Ian Lynagh
4b786061d6 C++: SloppyGlobal: Don't alert on template instantiations, only the template 2025-08-15 11:23:48 +01:00
Nora Dimitrijević
89788206d1 [DIFF-INFORMED] C++: TypeConfusion 2025-08-15 12:01:30 +02:00
Nora Dimitrijević
5b9e37cd8f [DIFF-INFORMED] C++: TaintedCondition 2025-08-15 12:01:28 +02:00
Nora Dimitrijević
0c636dd400 [DIFF-INFORMED] C++: UnsafeDaclSecurityDescriptor 2025-08-15 12:01:25 +02:00
Nora Dimitrijević
194d9a9f44 [DIFF-INFORMED] C++: UnsafeCreateProcessCall 2025-08-15 12:01:23 +02:00
Nora Dimitrijević
39b430aa7e [DIFF-INFORMED] C++: IteratorToExpiredContainer 2025-08-15 12:01:21 +02:00
Nora Dimitrijević
ec85e55069 [DIFF-INFORMED] C++: InsufficientKeySize 2025-08-15 12:01:19 +02:00
Nora Dimitrijević
c0c96eaf5b [DIFF-INFORMED] C++: UseOfHttp 2025-08-15 12:01:17 +02:00
Nora Dimitrijević
8560868e95 [DIFF-INFORMED] C++: CleartextSqliteDatabase 2025-08-15 12:01:15 +02:00
Nora Dimitrijević
05df2f2216 [DIFF-INFORMED] C++: CWE-311/Cleartext… 2025-08-15 12:01:13 +02:00
Nora Dimitrijević
21914030e8 [DIFF-INFORMED] C++: SSLResultConflation (has secondary config but passes test) 2025-08-15 12:01:11 +02:00
Nora Dimitrijević
87016f399c [DIFF-INFORMED] C++: AuthenticationBypass 2025-08-15 12:01:09 +02:00
Nora Dimitrijević
861a768b2c [DIFF-INFORMED] C++: CWE-190/ArithmeticTainted,etc. 2025-08-15 12:01:07 +02:00
Nora Dimitrijević
62fa7301c3 [DIFF-INFORMED] C++: ImproperNullTerminationTainted 2025-08-15 12:01:05 +02:00
Nora Dimitrijević
f3098e7695 [DIFF-INFORMED] C++: UnboundedWrite 2025-08-15 12:01:03 +02:00
Nora Dimitrijević
7df09f369f [DIFF-INFORMED] C++: SqlTainted 2025-08-15 12:01:01 +02:00
Nora Dimitrijević
36d43a4830 [DIFF-INFORMED] C++: CgiXss 2025-08-15 12:00:59 +02:00
Nora Dimitrijević
80da00b599 [DIFF-INFORMED] C++: ExecTainted 2025-08-15 12:00:57 +02:00
Nora Dimitrijević
a77cab6981 [DIFF-INFORMED] C++: TaintedPath 2025-08-15 12:00:54 +02:00
Nora Dimitrijević
91b9c3e647 [DIFF-INFORMED] C++: LeapYear 
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/cpp/ql/src/Likely%20Bugs/Leap%20Year/UncheckedLeapYearAfterYearModification.ql#L57
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/cpp/ql/src/Likely%20Bugs/Leap%20Year/Adding365DaysPerYear.ql#L21
 2025-08-15 12:00:52 +02:00
Nora Dimitrijević
2f56baace2 [DIFF-INFORMED] C++: NonConstantFormat 2025-08-15 12:00:50 +02:00
Nora Dimitrijević
e382cb5696 [DIFF-INFORMED] C++: DecompressionBombs 2025-08-15 12:00:48 +02:00
Nora Dimitrijević
fabdf9923c [DIFF-INFORMED] C++: ConstantSizeArrayOffByOne 2025-08-15 12:00:46 +02:00
Nora Dimitrijević
448a1ea87a [DIFF-INFORMED] C++: OverflowDestination 2025-08-15 12:00:39 +02:00
Mathias Vorreiter Pedersen
b00107f927 C++: Add change note. 2025-08-08 15:23:40 +01:00
github-actions[bot]
fb4b0aac53 Post-release preparation for codeql-cli-2.22.3 2025-08-04 17:18:08 +00:00
Chuan-kai Lin
4df1c12876 Minor CHANGELOG updates 2025-08-04 09:09:25 -07:00
github-actions[bot]
fd82aeb1f8 Release preparation for version 2.22.3 2025-08-04 15:47:57 +00:00
codeqlhelper
4323e6853f Update cpp/ql/src/change-notes/2025-07-27-avoid-reporting-static-global-variable.md 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-07-31 21:17:29 +08:00
codeqlhelper
75e545a67f Create 2025-07-27-avoid-reporting-static-global-variable.md 2025-07-28 00:00:41 +08:00
codeqlhelper
cf21997c0f Reduce false alarms raised by static variables 
Static variables are initialized to zero or null by compiler, no need to get an initializer of them.
See https://stackoverflow.com/questions/13251083/the-initialization-of-static-variables-in-c
See 6.7.8/10 in the C99 Standard.

A relevant PR: https://github.com/github/codeql/pull/16527
 2025-07-27 23:46:53 +08:00
Mathias Vorreiter Pedersen
1189665970 C++: Add barriers to 'cpp/overrun-write'. 2025-07-22 18:35:56 +01:00
Mathias Vorreiter Pedersen
a502bb1ac2 C++: Add a copy of 'isSinkPairImpl' (named 'isSinkPairImpl0') with a few more columns that we'll need. 2025-07-22 18:35:50 +01:00
Mathias Vorreiter Pedersen
e0eadc75dd C++: Remove the ad-hoc code for keeping track of increments/decrements on pointers in the 'cpp/overrun-write' query. 2025-07-22 18:35:31 +01:00
github-actions[bot]
deb035cf4e Post-release preparation for codeql-cli-2.22.2 2025-07-22 09:36:07 +00:00
github-actions[bot]
c8632b70b7 Release preparation for version 2.22.2 2025-07-21 16:45:45 +00:00
Nick Rolfe
ad9b637bec Revert "Merge pull request #19994 from github/post-release-prep/codeql-cli-2.22.2" 
This reverts commit e5b4a15e35, reversing
changes made to 33e63109bb.
 2025-07-21 15:18:59 +01:00
Idriss Riouak
36ebe99f2f Merge pull request #19707 from microsoft/lwsimpkins/fix-qhelp-upstream 
fix qhelp files
 2025-07-17 14:51:01 +02:00
Mathias Vorreiter Pedersen
df4b338c5d C++: Add change notes. 2025-07-16 14:11:09 +01:00
Mathias Vorreiter Pedersen
29cceeba1a C++: Don't use asExpr to mark the sink in 'cpp/uncontrolled-process-operation'. 2025-07-14 18:08:58 +01:00
Mathias Vorreiter Pedersen
1da42cb590 Merge pull request #20023 from MathiasVP/dataflow-for-functors 
C++: Better dataflow for function objects
 2025-07-11 15:14:27 +01:00
Mathias Vorreiter Pedersen
053a749e14 C++: Add change note. 2025-07-11 13:43:01 +01:00
Mathias Vorreiter Pedersen
649c8831ec Merge pull request #20014 from jketema/wchar 
C++: Do not alert on unreachable code in `cpp/incorrect-string-type-conversion`
 2025-07-11 13:39:37 +01:00
Mathias Vorreiter Pedersen
fefb35bede Merge pull request #20016 from MathiasVP/add-more-thread-create-models 
C++: Add more thread creation models
 2025-07-10 16:44:04 +01:00
Jeroen Ketema
990b7f0b70 C++: Add change note 2025-07-10 15:13:15 +02:00
Mathias Vorreiter Pedersen
b547dc4621 C++: Add change note. 2025-07-10 12:52:55 +01:00
Jeroen Ketema
399967b507 C++: Do not alert on unreachable code in cpp/incorrect-string-type-conversion 2025-07-10 11:49:12 +02:00