hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-14 17:31:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,785 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ian Lynagh
a53d5d832d Kotlin 2: Accept more loc changes 2024-03-15 18:08:53 +00:00
Ian Lynagh
c4c843968e Kotlin 2: Accept more loc changes 2024-03-15 18:07:39 +00:00
Ian Lynagh
57d17d85f2 Kotlin 2: Accept more loc changes 2024-03-15 18:07:12 +00:00
Ian Lynagh
6c0885c24d Kotlin 2: Accept more loc changes 2024-03-15 18:06:45 +00:00
Jami Cogswell
55f7369df0 Java: performance fix 2024-03-15 14:06:36 -04:00
Ian Lynagh
5580daf60e Kotlin 2: Accept more loc changes 2024-03-15 18:06:13 +00:00
Ian Lynagh
1d2b31f0be Kotlin 2: Accept more loc changes 2024-03-15 18:05:46 +00:00
Ian Lynagh
5552fe3c34 Kotlin 2: Accept more loc changes 2024-03-15 18:05:09 +00:00
Ian Lynagh
28f98d0344 Kotlin 2: Accept more location changes 2024-03-15 18:04:28 +00:00
Ian Lynagh
354cdf44aa Kotlin 2: Accept more location changes 2024-03-15 18:03:55 +00:00
Ian Lynagh
f4542f6160 Kotlin2 : Accept some more location changes 2024-03-15 18:02:54 +00:00
Mathias Vorreiter Pedersen
e23e3d7fb4 C++: Run tests without the extractor and analysis changes. 2024-03-15 17:35:47 +00:00
Mathias Vorreiter Pedersen
a8718f99a1 C++: Add qhelp for 'cpp/iterator-to-expired-container'. 2024-03-15 17:35:47 +00:00
Mathias Vorreiter Pedersen
3a8db49573 C++: Add tests for 'cpp/iterator-to-expired-container'. 
NOTE: This is with the yet-to-be-merged changes to the extractor and IR generation.
 2024-03-15 17:35:17 +00:00
Mathias Vorreiter Pedersen
f4f417c3f9 C++: Fix QLoc. 2024-03-15 17:19:36 +00:00
Mathias Vorreiter Pedersen
b5e59492bf C++: Add change note. 2024-03-15 17:17:05 +00:00
Mathias Vorreiter Pedersen
fb218150e1 C++: Change the testcase so that it outputs the controlling values for switch statements as well. 2024-03-15 17:05:42 +00:00
Mathias Vorreiter Pedersen
07ebbb0591 C++: Accept test changes. 2024-03-15 17:04:27 +00:00
Mathias Vorreiter Pedersen
34decd3cf1 C++: Add more general public predicates to work with abstract values. 2024-03-15 17:03:45 +00:00
Mathias Vorreiter Pedersen
f4eb5f5a2d C++: Convert 'getBranchSuccessor' to use abstract values. 2024-03-15 17:03:45 +00:00
Mathias Vorreiter Pedersen
b7292fbc67 C++: Introduce 'AbstractValue' similar to what C# has. 2024-03-15 17:03:45 +00:00
Mathias Vorreiter Pedersen
2af68d37d0 C++: Include 'SwitchInstruction's as 'IRGuardCondition's. 2024-03-15 17:03:45 +00:00
Mathias Vorreiter Pedersen
704f1fad46 C++: Add switches as testcases for guard conditions. 2024-03-15 17:02:32 +00:00
Jorge
09c2ba4280 Make action download actions-all 2024-03-15 16:39:18 +01:00
Max Schaefer
daee22d38c Merge pull request #15933 from github/max-schaefer/go-incomplete-hostname-regex 
Go: Mention raw string iterals in QHelp for `go/incomplete-hostname-regexp`.
 2024-03-15 15:07:10 +00:00
Edward Minnix III
8ae64e992c Merge pull request #15929 from egregius313/egregius313/csharp/mad/source-node-clases-for-models 
C#: Add classes extending `SourceNode` for local and stored source models
 2024-03-15 11:06:14 -04:00
Joe Farebrother
8c5fff2d11 Update names and qldoc for params taint predicates 2024-03-15 14:43:29 +00:00
Mathias Vorreiter Pedersen
23cf99734a C++: Add a new experimental query ' cpp/iterator-to-expired-container'. 2024-03-15 14:29:29 +00:00
Mathias Vorreiter Pedersen
f7c29e6bfb C++: Expose some previously private classes from our models so they can be used in queries. 2024-03-15 14:21:39 +00:00
Rasmus Lerchedahl Petersen
cfbc3f73ec Pyhton: add test for conflicting summaries 
We noticed that when
- a function has more than one summary (with different charpred)
- one summary is subsumed by a subpath (or something happens around the function being extracted)
- the function is called multiple times(we needed at least three)
one of the summaries would no longer lead to flow.
 2024-03-15 15:13:39 +01:00
Jorge
e0bbb66be4 Try to fix actions-all suite 2024-03-15 15:11:21 +01:00
Sim4n6
3acdd3382c Update the expected file 2024-03-15 14:17:23 +01:00
Sim4n6
26a16b7857 use of a single var "op" of type Cmpop 2024-03-15 14:17:23 +01:00
Sim4n6
a717bf1b9d Fix p tag in UnicodeDoS.qhelp 2024-03-15 14:17:23 +01:00
Sim4n6
af19a0342e Fix UnicodeDoS vulnerability in CWE-770 code 2024-03-15 14:17:23 +01:00
Sim4n6
085d803b14 Fix UnicodeDoS vulnerability in CWE-770 2024-03-15 14:17:23 +01:00
Sim4n6
31dc542111 Update request parameter name in good_1() function 2024-03-15 14:17:23 +01:00
Sim4n6
70ebc58b4c Refactor Unicode normalization code 2024-03-15 14:17:23 +01:00
Sim4n6
3d8868a6c3 Add routes for bad_5 and bad_6, and fix routes for good_3 and good_4 2024-03-15 14:17:23 +01:00
Sim4n6${{7*'7'}}
658b88e62f Update python/ql/src/experimental/Security/CWE-770/UnicodeDoS.ql 
update the Config API

Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-03-15 14:17:23 +01:00
Sim4n6
1f767b887e Add some comments and docs 2024-03-15 14:17:23 +01:00
Sim4n6
5cc9170249 Add UnicodeDoS sink for werkzeug secure_filename 2024-03-15 14:17:23 +01:00
Sim4n6
342465057c Add Unicode DoS (CWE-770) 2024-03-15 14:17:23 +01:00
Alvaro Muñoz
0da8f8d299 Merge pull request #36 from GitHubSecurityLab/fix_source_regexps 
fix(fn): Apply json wrappers to source regexps
 2024-03-15 14:05:29 +01:00
Alvaro Muñoz
d9e589c6e7 Remove unnecessary boundary anchors 2024-03-15 13:58:46 +01:00
Alvaro Muñoz
6cb15f06bc fix(fn): Apply json wrappers to source regexps 2024-03-15 13:54:21 +01:00
Alvaro Muñoz
27a9bc8564 Merge branch 'master' of https://github.com/GitHubSecurityLab/codeql-actions 2024-03-15 13:34:21 +01:00
Alvaro Muñoz
01d8d79e6d Bump versions 2024-03-15 13:34:12 +01:00
Mathias Vorreiter Pedersen
19c9ea7e20 C++: Implement alias and side effect models for iterators. 2024-03-15 12:13:43 +00:00
Mathias Vorreiter Pedersen
a51fe4a00e C++: Make the vector and iterator classes in 'ir.cpp' more realistic. This matches the one we use for dataflow tests. 2024-03-15 12:10:48 +00:00