hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,540 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.8
Commit Graph

2062 Commits

Author SHA1 Message Date
Simon Friis Vindum
86eb949673 Merge pull request #20902 from paldepind/rust/xss-query 
Rust: Add new query for XSS vulnerabilities
 2025-11-28 09:09:14 +01:00
Tom Hvitved
a9b58b8db3 Rust: Model async return types as dyn Future 2025-11-26 21:03:03 +01:00
Simon Friis Vindum
1c8cc39a6a Merge pull request #20906 from paldepind/rust/enum-fieldless 
Rust: Add predicates for fieldless and unit-only enums
 2025-11-26 12:52:28 +01:00
Simon Friis Vindum
7278bc75ca Rust: Remove unused function in XSS tests 2025-11-26 08:57:47 +01:00
Simon Friis Vindum
9ae4c14ffb Rust: Address PR feedback 2025-11-25 14:20:17 +01:00
Simon Friis Vindum
393da4567e Rust: Add tests for Enum 2025-11-25 13:35:12 +01:00
Geoffrey White
1c2d8bb70e Merge pull request #20851 from geoffw0/access-invalid-pointer-fp 
Rust: Improve rust/access-invalid-pointer
 2025-11-25 09:49:07 +00:00
Geoffrey White
daead038ab Merge pull request #20829 from geoffw0/cert-checks 
Rust: New Query rust/disabled-certificate-check
 2025-11-24 15:21:58 +00:00
Simon Friis Vindum
9e2bf76a7f Rust: Add XSS sinks for Actix and Warp 2025-11-24 15:46:25 +01:00
Simon Friis Vindum
ae9c753371 Rust: Add XSS query 2025-11-24 15:46:24 +01:00
Simon Friis Vindum
0f4561efc3 Rust: Add XSS examples 2025-11-24 15:46:23 +01:00
Tom Hvitved
43111b8eaa Merge pull request #20716 from hvitved/rust/path-resolution-variable-impl 
Rust: Path resolution before variable resolution
 2025-11-24 13:08:53 +01:00
Tom Hvitved
17e1e1713e Rust: Add placeholder declarations for &mut and *mut 2025-11-23 20:56:07 +01:00
Geoffrey White
993154ed57 Rust: Avoid duplicating sinks. 2025-11-21 19:34:16 +00:00
Geoffrey White
0ea28b4026 Rust: Test .expected changes. 2025-11-21 18:57:06 +00:00
Geoffrey White
80615056c0 Merge remote-tracking branch 'upstream/main' into cert-checks 2025-11-21 18:40:40 +00:00
Geoffrey White
03fc4cb0aa Merge remote-tracking branch 'upstream/main' into access-invalid-pointer-fp 2025-11-21 17:39:56 +00:00
Geoffrey White
9db1722060 Rust: Accept consistency check changes. 2025-11-21 17:35:34 +00:00
Geoffrey White
e01c871b70 Rust: Accept changes to the dataflow/sources/file test. 2025-11-21 17:12:23 +00:00
Geoffrey White
ace7a77fd6 Rust: Switch to MaD models. 2025-11-21 16:27:52 +00:00
Geoffrey White
785754ec65 Rust: Switch the query to taint flow, since some taint summaries are relevant now. 2025-11-21 15:02:29 +00:00
Geoffrey White
aca7877be2 Rust: Add some missing path / file metadata models. 2025-11-21 15:02:25 +00:00
Geoffrey White
2da0814f65 Rust: Add test case involving taint. 2025-11-21 14:39:15 +00:00
Tom Hvitved
489fff9572 Rust: Base DataFlow::Node on AST instead of CFG 2025-11-19 19:37:39 +01:00
Simon Friis Vindum
0e539dbca5 Rust: Handle string literals with line breaks 2025-11-19 13:39:48 +01:00
Simon Friis Vindum
481f627ae0 Rust: Add string literal test 2025-11-19 13:37:23 +01:00
Tom Hvitved
ec3b2c6a8d Rust: Path resolution before variable resolution 2025-11-19 09:06:41 +01:00
Tom Hvitved
880f7b0f18 Rust: More path resolution and variable tests 2025-11-19 08:55:43 +01:00
Tom Hvitved
ec15085c34 Address review comments 2025-11-18 13:44:25 +01:00
Geoffrey White
41a6bf079d Rust: Add barrier for null pointer checks to the query. 2025-11-17 15:00:22 +00:00
Geoffrey White
d804229158 Rust: Add missing model. 2025-11-17 14:41:14 +00:00
Geoffrey White
6c3566ab52 Rust: It turns out we need test cases for immutable pointers as well. 2025-11-17 14:32:57 +00:00
Tom Hvitved
bf0dc3c4d1 Rust: Use useUniversalConditions() { none() } 2025-11-17 13:57:00 +01:00
Tom Hvitved
46f5d89674 Rust: Handle builtin types in path resolution 2025-11-17 13:56:56 +01:00
Tom Hvitved
39720a17ef Rust: More type inference tests 2025-11-17 13:54:39 +01:00
Simon Friis Vindum
a07f015d01 Rust: Accept changes to expected files 2025-11-17 12:39:36 +01:00
Simon Friis Vindum
089bffff94 Rust: Make impl blocks only give rise to direct trait implementation 2025-11-17 10:22:18 +01:00
Tom Hvitved
8455663255 Rust: Speedup AccessAfterLifetime.ql 2025-11-15 15:21:03 +01:00
Tom Hvitved
4c7f9c0144 Rust: Rename ContextType -> UnknownType 2025-11-14 10:16:21 +01:00
Tom Hvitved
79bdf897d7 Rust: Context typing for constructors 2025-11-14 09:45:03 +01:00
Tom Hvitved
c16b42119d Rust: More type inference tests 2025-11-14 09:45:02 +01:00
Tom Hvitved
e69ff0d5e8 Rust: Restrict type propagation into arguments 2025-11-14 09:44:58 +01:00
Tom Hvitved
72b7dd8955 Rust: Add more type inference tests 2025-11-14 09:41:30 +01:00
Geoffrey White
e0f0305ace Rust: Add test cases for rust/access-invalid-pointer based on real world FPs. 2025-11-13 16:07:22 +00:00
Tom Hvitved
bfa35629ac Merge pull request #20744 from hvitved/rust/path-resolution-unqualified-use-tree 
Rust: Handle unqualified `UseTree`s in path resolution
 2025-11-13 11:18:41 +01:00
Tom Hvitved
467bd541d2 Merge pull request #20770 from hvitved/rust/attribute-macro-expansion-filter 
Rust: Remove elements superseded by attribute macro expansions
 2025-11-12 19:52:09 +01:00
Geoffrey White
c77eef39e2 Rust: Convert the query to a path-problem with global data flow. 2025-11-12 16:21:46 +00:00
Geoffrey White
209f394b5e Rust: Fix the alert message. 2025-11-12 15:51:03 +00:00
Geoffrey White
f8ef48b924 Rust: Add query test. 2025-11-12 15:44:15 +00:00
Geoffrey White
8624f9c660 Merge pull request #20749 from github/copilot/add-secure-cookie-test-cases 
Add test coverage for actix-web, poem, and http-types cookie secure attribute
 2025-11-11 09:26:26 +00:00