hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

7071 Commits

Author SHA1 Message Date
Arthur Baars
cf7ebe2fa8 Merge pull request #11471 from github/rc/3.8 
Merge rc/3.8 into main
 2022-11-29 12:57:34 +01:00
Jeroen Ketema
d3cccca7f1 C++: Filter duplicate (source, sink)-pairs 2022-11-29 11:17:39 +01:00
Jeroen Ketema
378206ae7d C++: Stop taint from flowing to arithmetic types 
These are not likely to give the user much control over what can be accessed.
 2022-11-29 11:15:28 +01:00
Jeroen Ketema
718663415b C++: Stop flow from going through another source 
Without this we get confusing results:
```
    char *userAndFile = argv[2];
    char *fileName = argv[1];
    fopen(fileName, "wb+"); // Both argv[1] and argv[2] marked as source without
                            // this change.
```

While here add some more test cases.
 2022-11-29 10:52:57 +01:00
Jeroen Ketema
63334764d7 C++: Rewrite cpp/path-injection to not use DefaultTaintTracking 2022-11-29 10:52:57 +01:00
Jeroen Ketema
2ef13d1df7 Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-29 10:43:01 +01:00
Felicity Chapman
59b6d657cc Apply suggestions from code review 
Co-authored-by: hubwriter <hubwriter@github.com>
 2022-11-28 15:45:05 +01:00
Felicity Chapman
c451fa8ad4 Update cpp/ql/src/Likely Bugs/RedundantNullCheckSimple.ql 
Co-authored-by: Taus <tausbn@github.com>
 2022-11-28 15:26:24 +01:00
Felicity Chapman
b5f849463b Update QL library references 2022-11-28 15:26:24 +01:00
Felicity Chapman
5f835da838 Update HTML comment in query 2022-11-28 15:25:38 +01:00
Jeroen Ketema
223eeb6921 C++: Fix upper bound detection in default taint flow 2022-11-24 14:38:36 +01:00
Jeroen Ketema
6fa5fdfeb2 C++: Fix CWE-611 XXE query to work with use-use dataflow - take 2 
This commit ensures stack allocated parsers are also handled.
 2022-11-23 23:59:04 +01:00
Erik Krogh Kristensen
1eec067474 Merge pull request #11294 from erik-krogh/fileDoc 
QL: improve the "this block-comment should have been a QLDoc"-query
 2022-11-23 22:23:36 +01:00
Jeroen Ketema
30bdd25228 C++: Fix CWE-611 XXE query to work with use-use dataflow 2022-11-23 16:14:28 +01:00
Jeroen Ketema
4731f9222c Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-22 10:53:24 +01:00
ihsinme
5ceab40841 Update DivideByZeroUsingReturnValue.ql 2022-11-22 10:11:18 +03:00
Mathias Vorreiter Pedersen
c2ac60fc34 Merge pull request #11311 from MathiasVP/repair-mustflow 
C++: Repair `MustFlow` library for use-use flow
 2022-11-21 19:13:10 +00:00
Mathias Vorreiter Pedersen
7e80a57724 C++: Make ql-for-ql happy. 2022-11-21 15:13:19 +00:00
Mathias Vorreiter Pedersen
b748ed8f43 C++: Repair the 'MustFlow' library. 2022-11-18 16:41:32 +00:00
Mathias Vorreiter Pedersen
bfba95f9f7 C++: Fix performance of 'cpp/upcast-array-pointer-arithmetic'. 2022-11-18 14:50:18 +00:00
github-actions[bot]
5b14ebf22a Post-release preparation for codeql-cli-2.11.4 2022-11-18 11:26:00 +00:00
Mathias Vorreiter Pedersen
1e14af6e64 C++: Fix join in 'cpp/upcast-array-pointer-arithmetic'. 2022-11-18 10:19:55 +00:00
github-actions[bot]
e105c13e77 Release preparation for version 2.11.4 2022-11-17 16:40:45 +00:00
erik-krogh
20c4699478 CPP: convert some block-comments that could be QLDoc to QLDoc 2022-11-16 13:39:22 +01:00
Mathias Vorreiter Pedersen
16565401c7 C++: Reduce path duplication. 2022-11-14 15:29:57 +00:00
ihsinme
0fb1dedbb2 Update DivideByZeroUsingReturnValue.ql 2022-11-11 11:38:48 +03:00
Jeroen Ketema
0d27d63984 Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-09 14:28:47 +01:00
Geoffrey White
55a7adff20 C++: Make the message clearer. 2022-11-07 16:32:45 +00:00
Jeroen Ketema
5732c3bca0 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-07 15:03:26 +01:00
github-actions[bot]
fca754bddd Post-release preparation for codeql-cli-2.11.3 2022-11-05 14:30:48 +00:00
github-actions[bot]
508327235a Release preparation for version 2.11.3 2022-11-04 20:16:23 +00:00
Mathias Vorreiter Pedersen
1ca7c5b97d Merge pull request #11091 from JarLob/assign 
Fix AV Rule 76
 2022-11-03 13:06:10 +00:00
Mathias Vorreiter Pedersen
ad0b36a0c9 C++: Add change note. 2022-11-03 11:41:38 +00:00
JarLob
3317223e19 Fix AV Rule 76 2022-11-02 22:50:25 +01:00
Dave Bartolomeo
9d5e5e3ee7 ${workspace} all the things 2022-11-01 13:29:05 -04:00
Jeroen Ketema
80ef3b39ff Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-10-31 18:26:34 +01:00
Mathias Vorreiter Pedersen
f6ff9c9c66 Update cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-10-28 14:32:08 +02:00
Robert Marsh
a334dc9b2b C++: repair Adding365DaysPerYear.ql 2022-10-27 15:06:48 -04:00
Robert Marsh
b7e42e805b Merge pull request #10994 from rdmarsh2/rdmarsh2/return-cstr-repair 
C++: repair the ReturnCstr query
 2022-10-27 14:25:22 -04:00
Mathias Vorreiter Pedersen
e43422a090 Merge pull request #10975 from rdmarsh2/rdmarsh2/inconsistent-loop-direction-repair 
C++: repair InconsistentLoopDirection
 2022-10-26 18:17:53 +02:00
Robert Marsh
de89b4c69f C++: repair the ReturnCstr query 2022-10-26 11:02:23 -04:00
Robert Marsh
adeb69e396 C++: autoformat 2022-10-26 10:49:06 -04:00
Robert Marsh
8a125d1ae5 C++: repair InconsistentLoopDirection 2022-10-25 13:34:08 -04:00
Geoffrey White
257748d82b C++: Rename predicate. 2022-10-25 14:52:22 +01:00
Mathias Vorreiter Pedersen
1bd48f8d02 Merge branch 'replace-ast-with-ir-use-usedataflow' into repair-cleartext-transmission-2 2022-10-25 14:27:33 +02:00
Mathias Vorreiter Pedersen
b85d3bc829 Merge branch 'main' into replace-ast-with-ir-use-usedataflow 2022-10-25 12:51:30 +02:00
Geoffrey White
6f77e14aef C++: Fix rare performance issue on cpp/comma-before-misleading-indentation. 2022-10-24 18:21:10 +01:00
Mathias Vorreiter Pedersen
75de0f5c65 C++: Respond to review comments. 2022-10-24 15:13:50 +02:00
github-actions[bot]
be7693283b Post-release preparation for codeql-cli-2.11.2 2022-10-21 08:07:17 +00:00
github-actions[bot]
9a0848bbc4 Release preparation for version 2.11.2 2022-10-20 11:05:19 +00:00