hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,874 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.5
Commit Graph

1654 Commits

Author SHA1 Message Date
Maiky
6739750d2a Add Unsafe Unpacking Query (CWE-022) 2023-11-23 12:48:33 +01:00
Geoffrey White
5723a75f3c Swift: Add heuristic model for init(contentsOfFile) and similar. 2023-11-22 15:24:19 +00:00
Geoffrey White
94cb09e539 Swift: Add test cases. 2023-11-22 11:39:27 +00:00
Robert Marsh
396b9e38c5 Swift: move keypath dataflow writes to fix types 2023-11-21 17:06:21 +00:00
Alex Denisov
7b74478e47 Swift: update tests 2023-11-21 16:03:06 +01:00
Alex Denisov
dde2ad1290 Swift: do not print MacroRole as part of AST 2023-11-21 14:49:55 +01:00
Geoffrey White
c89be6a1de Swift: Refine the heuristic (mostly narrower). 2023-11-21 13:49:53 +00:00
Geoffrey White
5bbc61e83c Swift: Add a few more test cases. 2023-11-21 11:32:40 +00:00
Geoffrey White
b4b78a1bce Swift: Minor corrections. 2023-11-20 19:29:35 +00:00
Geoffrey White
3cecf69818 Swift: Fix spurious results for 'login' functions. 2023-11-20 18:38:47 +00:00
Geoffrey White
aa93165d24 Swift: Add heuristic sinks. 2023-11-20 18:38:47 +00:00
Geoffrey White
d91c5c0486 Swift: Model NSException sinks. 2023-11-20 18:38:46 +00:00
Geoffrey White
7e02c05164 Swift: Address the sprintf case. 2023-11-20 18:38:46 +00:00
Geoffrey White
835967a33e Swift: Fix for autoclosure sinks. 2023-11-20 18:15:16 +00:00
Geoffrey White
795f16ba56 Swift: Model 'printf' variants as cleartext logging sinks. 2023-11-20 18:15:06 +00:00
Geoffrey White
06c2c423b3 Swift: Clean up the test logic slightly. 2023-11-20 18:12:15 +00:00
Geoffrey White
b348dc2a32 Swift: Extend cleartext logging tests (test cases). 2023-11-20 18:11:52 +00:00
Geoffrey White
2a69b03092 Swift: Extend cleartext logging tests (stubs). 2023-11-20 18:11:41 +00:00
Geoffrey White
c49f05aa2b Swift: Fix false positive / result overlap. 2023-11-16 09:00:35 +00:00
Geoffrey White
96b4a12af7 Swift: Add heuristic sinks. 2023-11-16 09:00:35 +00:00
Geoffrey White
697c3df74a Swift: Model C printf variants. 2023-11-16 09:00:34 +00:00
Geoffrey White
1040561ec1 Swift: Model formatting append methods. 2023-11-16 09:00:34 +00:00
Geoffrey White
a6fe620bcb Swift: Fix Swift warnings in the test. 2023-11-15 18:06:38 +00:00
Geoffrey White
3a38f3b947 Swift: Add test cases. 2023-11-15 18:06:37 +00:00
Geoffrey White
0ae04de7f0 Swift: Test stubs / classes. 2023-11-15 17:23:22 +00:00
Geoffrey White
3a13759f10 Swift: Clean up the test. 2023-11-15 13:35:18 +00:00
Alex Denisov
8b126fe51a Swift: extract MacroDecl 2023-11-15 14:07:45 +01:00
AlexDenisov
57f1f5b829 Merge pull request #14768 from github/alexdenisov/move-semantics 
Swift: extract AST nodes related to move semantics
 2023-11-14 19:13:27 +01:00
Geoffrey White
0342b3eba2 Merge pull request #14772 from geoffw0/webview 
Swift: Use TaintInheritingContent in WebView.qll
 2023-11-14 16:29:32 +00:00
Geoffrey White
6783707e2c Swift: Add heuristic sink. We don't catch everything, but the simple heuristic was better than anything else I tried. 2023-11-14 10:07:12 +00:00
Geoffrey White
80cfb934ce Swift: Add some tests. 2023-11-14 09:52:53 +00:00
Geoffrey White
296dee90dd Merge remote-tracking branch 'upstream/main' into fixmodel 2023-11-14 09:38:14 +00:00
Geoffrey White
c14d4042e0 Merge pull request #14748 from geoffw0/pathinjectionsinks 
Swift: Add more path injection sinks
 2023-11-13 20:15:16 +00:00
Geoffrey White
5a451e964d Swift: Model mainDocumentURL. 2023-11-13 19:51:51 +00:00
Geoffrey White
b157d73c10 Swift: Make the URLRequest test more accurate. 2023-11-13 19:36:03 +00:00
Geoffrey White
463096e4be Swift: Modernize tainted content in WebView.qll. 2023-11-13 18:30:40 +00:00
Geoffrey White
892beeab6d Swift: Add test case. 2023-11-13 18:25:59 +00:00
Geoffrey White
6f56a656e4 Merge pull request #14761 from geoffw0/moderntest 
Swift: Update the inline dataflow tests
 2023-11-13 14:59:08 +00:00
Alex Denisov
002f2a0985 Swift: extract BorrowExpr 2023-11-13 15:55:37 +01:00
Alex Denisov
d21e27c717 Swift: extract ConsumeExpr 2023-11-13 15:55:37 +01:00
Alex Denisov
30e4822fb7 Swift: extract CopyExpr 2023-11-13 15:55:37 +01:00
Geoffrey White
c3577b34d3 Swift: Clean up logic. 2023-11-13 12:37:35 +00:00
Geoffrey White
e4da8da5d9 Swift: Update the example code. 2023-11-13 12:33:20 +00:00
Geoffrey White
098ea50068 Swift: Repair non-inline dataflow test. 2023-11-13 12:09:08 +00:00
Geoffrey White
6e291711ac Swift: Update just enough tests to prove that that source labels are working. 2023-11-13 11:47:24 +00:00
Geoffrey White
fca6ccd2f1 Swift: Remove more unused code. 2023-11-13 11:47:22 +00:00
Geoffrey White
4bf717c3e4 Swift: Use InlineFlowTest.qll in the data flow inline tests, so that we have less code duplication and can use flow labels. 2023-11-13 11:06:05 +00:00
Geoffrey White
d15c46836b Swift: Add features tom InlineFlowTest.qll: extended source/sink names, custom flow tags, use of line-numbers as a fallback value. 2023-11-13 10:55:17 +00:00
Geoffrey White
d56625cb8b Swift: Rename the capture test to look more like the others. 2023-11-10 17:59:44 +00:00
Geoffrey White
c327f0f0a7 Merge branch 'main' into pathinjectionsinks 2023-11-10 16:04:56 +00:00