hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

3186 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
6b0df9bdfb refactor the concretize algorithm 2022-06-23 14:36:25 +02:00
Erik Krogh Kristensen
7fb3d81d2f add further normalization of char classses 2022-06-23 14:36:25 +02:00
Erik Krogh Kristensen
3be4a86acd make ReDoSPruning into a parameterized module 2022-06-23 14:36:25 +02:00
Erik Krogh Kristensen
dc06e9df02 move predicates that depend on isReDoSCandidate into a ReDoSPruning module 2022-06-23 14:36:24 +02:00
Anders Schack-Mulligen
4a317a25d3 Dataflow: Sync. 2022-06-23 14:34:52 +02:00
Anders Schack-Mulligen
c27290563a Dataflow: Perf fix, avoid node scans. 2022-06-23 14:34:05 +02:00
Tamas Vajk
579bfc22f3 Fix performance change in SecurityFlag 2022-06-23 08:46:33 +02:00
Tamas Vajk
dabc956dbf Unify loop break/continue statement handling between java and kotlin 2022-06-23 08:45:11 +02:00
Tony Torralba
cc354caa1f Merge pull request #9319 from atorralba/atorralba/add-editable-valueof-step 
Kotlin: Add taint step for String.valueOf(Editable)
 2022-06-22 13:50:30 +02:00
Tamás Vajk
c0e115700d Merge pull request #9647 from tamasvajk/kotlin-when-branch-encl-stmt 
Kotlin: Fix enclosing statement of `when` branches
 2022-06-22 13:18:56 +02:00
Anders Schack-Mulligen
df6d68b215 Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class 
Dataflow: Deprecate BarrierGuard class
 2022-06-22 10:44:08 +02:00
Tamas Vajk
a50e062b3c Kotlin: Fix enclosing statement of when branches 2022-06-22 09:10:27 +02:00
Michael Nebel
b4457de58c C#/Java: Fix typo in the QL doc comment. 2022-06-20 16:26:07 +02:00
Michael Nebel
0d4321666a Java: Update fragment injection sinkmodels. 2022-06-20 16:20:02 +02:00
Michael Nebel
e851b03c6f Java: Add source and sink kind model validation. 2022-06-20 16:20:02 +02:00
Michael Nebel
2e46e93f36 Java: Update java models with provenance column information. 2022-06-20 16:20:02 +02:00
Michael Nebel
4622b69c5d Java: Update flow summary impl and external flow to support provenance and include testing in Csv model validation. 2022-06-20 16:20:02 +02:00
Michael Nebel
649757c27f Java/Ruby: Sync files. 2022-06-20 16:20:01 +02:00
Tony Torralba
2b2fa6e15b Add taint step for String.valueOf(Editable) 
Kotlin inlines expr.toString() as String.valueOf(expr) when expr is nullable
 2022-06-20 12:07:31 +02:00
Anders Schack-Mulligen
6518a01ded Dataflow: Sync. 2022-06-16 11:25:28 +02:00
Anders Schack-Mulligen
33deff9bae Java: Deprecate BarrierGuard class. 2022-06-16 11:25:28 +02:00
Anders Schack-Mulligen
c4782871d4 Merge pull request #9294 from aschackmull/java/barrierguard-parammod 
Java: Add support for BarrierGuards as parameterised modules.
 2022-06-15 10:56:48 +02:00
Joe Farebrother
c71586e1f8 Remove checks for dynamically registered recievers 2022-06-14 14:56:24 +01:00
Joe Farebrother
320c671b73 Adress reveiw comments - make use of existing ql libraries 2022-06-14 14:56:24 +01:00
Joe Farebrother
9d048e78af Apply suggestions from code review - fix typos/style, make things private 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-06-14 14:56:23 +01:00
Joe Farebrother
4aed1a1e23 Add test cases; fix handling of recievers declared through xml 2022-06-14 14:56:22 +01:00
Joe Farebrother
87f26bf033 Fix typos 2022-06-14 14:56:22 +01:00
Joe Farebrother
1959f49165 Add Improper Intent Verification query 2022-06-14 14:56:21 +01:00
Ian Lynagh
304e2926c9 Java: Fix RefType.getAStrictAncestor() in the presence of type hierarchy cycles 2022-06-14 14:08:19 +01:00
Anders Schack-Mulligen
4e6e595b3a Java: Add qldoc. 2022-06-02 13:30:27 +02:00
Anders Schack-Mulligen
9f42ca8d14 Update java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-06-02 12:00:37 +02:00
Anders Schack-Mulligen
002c456989 Update java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-06-02 12:00:09 +02:00
Anders Schack-Mulligen
9abd2259d3 Merge pull request #9381 from aschackmull/redos/perf 
ReDoS: Improve performance in ExponentialBackTracking.qll.
 2022-06-01 10:39:28 +02:00
Anders Schack-Mulligen
4f3751dfea Merge pull request #9316 from hvitved/dataflow/edges-get-a-successor-consistency 
Data flow: Make `PathGraph::edges/2` and `PathNode::getASuccessor/1` consistent
 2022-06-01 10:38:25 +02:00
Michael Nebel
9cc10e4511 Merge pull request #9257 from michaelnebel/java/mad-commons-io-sha 
Java: Update commons-io SHA for model regeneration and update models.
 2022-06-01 09:46:30 +02:00
Nick Rolfe
f417c12c5e Merge pull request #9332 from github/post-release-prep/codeql-cli-2.9.3 
Post-release preparation for codeql-cli-2.9.3
 2022-05-31 16:17:50 +01:00
Anders Schack-Mulligen
9212886767 Merge pull request #9286 from aschackmull/java/perf-customnullguard 
Java: Improve customNullGuard performance.
 2022-05-31 11:36:01 +02:00
Anders Schack-Mulligen
e016feeb5c ReDoS: Improve performance in ExponentialBackTracking.qll. 2022-05-31 11:04:03 +02:00
Michael Nebel
72dd1a6ec9 Java: Generate models without sources. 2022-05-30 13:40:14 +02:00
Michael Nebel
6a4a4cbbe4 Java: Re-generate commons-io models. 2022-05-30 08:16:58 +02:00
Michael Nebel
ad4d8304ed Java: Update hand written summary for writeLines as the generated one will be ignored. 2022-05-30 08:16:58 +02:00
Michael Nebel
7e5dd7a065 Java: Manually prefix kind column with generated. 2022-05-30 08:16:58 +02:00
Michael Nebel
0f33c3188c Java: Re-arrange import pattern for generated models. 2022-05-30 08:16:58 +02:00
Tom Hvitved
bcdef98392 Data flow: Sync files 2022-05-25 14:39:37 +02:00
Tom Hvitved
42f05dadc4 Data flow: Sync files 2022-05-25 14:21:22 +02:00
Tony Torralba
85fab20086 Add Expr::getUnderlyingExpr predicate 2022-05-25 10:56:18 +02:00
Michael Nebel
daace0fe68 Merge pull request #9270 from michaelnebel/csharp/summarized-callable-fix 
C#: Summarized callable
 2022-05-24 16:36:44 +02:00
Anders Schack-Mulligen
a3177368f0 Java: Add support for BarrierGuards as parameterised modules. 2022-05-24 16:36:03 +02:00
Tom Hvitved
728ccafe2b Merge pull request #9024 from hvitved/dataflow/content-flow-lib 
Data flow: Introduce `ContentDataFlow.qll`
 2022-05-24 15:09:16 +02:00
Anders Schack-Mulligen
b688aabd19 Java: Improve customNullGuard performance. 2022-05-24 13:05:41 +02:00