Owen Mansel-Chan
|
16dcc0969b
|
Standardise comment explaining why extensible predicates must be defined
|
2024-05-01 22:00:01 +01:00 |
|
Owen Mansel-Chan
|
09e59ccf44
|
Name files with empty definitions of MaD extensible predicates to erowdmpty.model.yml
|
2024-05-01 21:39:38 +01:00 |
|
Mathias Vorreiter Pedersen
|
a8f2cbc2b1
|
Merge pull request #16331 from mario-campos/mario-campos/guarded-free
Cpp: new experimental query cpp/guarded-free
|
2024-05-01 17:32:44 +01:00 |
|
Harry Maclean
|
c00d0d302d
|
Ruby: fix wording in rb/request-without-cert-validation
|
2024-05-01 17:25:58 +01:00 |
|
Mario Campos
|
5a7a1dc92e
|
C++: forgot to import semmle.code.cpp.controlflow.Guards
|
2024-05-01 11:00:19 -05:00 |
|
Mario Campos
|
c480431ec0
|
C++: simplify cpp/guarded-free
This new form is more declarative by use of the `GuardCondition`. Thanks to the tireless effort of @MathiasVP!
|
2024-05-01 10:59:16 -05:00 |
|
Harry Maclean
|
f7fc2e0b00
|
Ruby: Fix StringSubstitutionCall charpred
Some missing parens meant this class targeted way more things than
intended.
|
2024-05-01 16:14:58 +01:00 |
|
Michael B. Gale
|
397e641f2f
|
Merge pull request #16375 from github/mbg/go/allow-version-suffixes
Go: Allow version suffixes
|
2024-05-01 15:41:54 +01:00 |
|
Michael B. Gale
|
00cbfaf40e
|
Go: Allow version suffixes
|
2024-05-01 15:00:45 +01:00 |
|
Michael Nebel
|
42653b5fec
|
Java: Add change note about local query removal.
|
2024-05-01 13:07:22 +02:00 |
|
Michael Nebel
|
58bbfe694f
|
Java: Deprecate the content of ExecTaintedLocalQuery as this is unused.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
d9c7401ea2
|
Java: Deprecate the local content of UrlRedirectLocalQuery and remove the local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
ed7538d0b9
|
Java: Deprecate the local content of TaintedPathQuery and remove the local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
5b89bd23c7
|
Java: Deprecate the content of SqlTaintedLocalQuery and remove the local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
b68abab12a
|
Java: Deprecate the content of ResponseSplittingLocalQuery and remove local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
d05c5e3d94
|
Java: Deprecate the content of NumericCastTaintedLocalQuery, remove the local query variant and update the non-local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
301a6cc191
|
Java: Deprecate the content of ImproperValidationOrArray and remove local query variants.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
acd0fa4b7b
|
Java: Deprecate the content of ExternallyControlledFormatStringLocalQuery and remove the externally controlled format string local query variant.
|
2024-05-01 13:07:21 +02:00 |
|
Michael Nebel
|
85a4dd0325
|
Java: Deprecate the local content of CommandLineQuery and remove the exec tainted local query variant.
|
2024-05-01 13:07:20 +02:00 |
|
Mathias Vorreiter Pedersen
|
dc4604f5a5
|
Merge pull request #16367 from MathiasVP/better-documentation-for-iterator-to-expired-container
C++: Improve documentation for `cpp/iterator-to-expired-container`
|
2024-05-01 11:56:27 +01:00 |
|
Mathias Vorreiter Pedersen
|
40b6e1624f
|
Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2024-05-01 11:41:23 +01:00 |
|
Mathias Vorreiter Pedersen
|
22e843abc6
|
Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2024-05-01 11:41:16 +01:00 |
|
Jeroen Ketema
|
3c70a2d7df
|
C++: Update test results after extractor changes
|
2024-05-01 12:30:38 +02:00 |
|
Jeroen Ketema
|
541effb8cb
|
Merge pull request #16369 from jketema/destructors-init-stmt
C++: Update IR tests after better handling of init statements in the extractor
|
2024-05-01 10:47:03 +02:00 |
|
Anders Schack-Mulligen
|
248ffa15a2
|
Merge pull request #16318 from aschackmull/dataflow/doublyboundedfasttc
Dataflow: Use doublyBoundedFastTC.
|
2024-05-01 09:48:23 +02:00 |
|
Michael Nebel
|
072f19008a
|
Java: Deprecate the content of ArithmeticTaintedLocalQuery and remove the arithmetic tainted local query variant.
|
2024-05-01 08:59:51 +02:00 |
|
Michael Nebel
|
93988e5834
|
Java: Deprecate the content of XxeLocalQuery and remove the Xxe local query variant.
|
2024-05-01 08:59:50 +02:00 |
|
Michael Nebel
|
e0c2a43780
|
Java: Deprecate the content of XssLocalQuery and remove the Xss local query variant.
|
2024-05-01 08:59:50 +02:00 |
|
Jeroen Ketema
|
5843326b5c
|
C++: Update IR tests after better handling of init statements in the extractor
|
2024-04-30 21:12:30 +02:00 |
|
Mathias Vorreiter Pedersen
|
3a2b0a2feb
|
Merge pull request #16366 from MathiasVP/fix-ir-for-destructors-in-switch
C++: Fix IR destructor calls on `JumpStmt`s
|
2024-04-30 18:26:54 +01:00 |
|
Joe Farebrother
|
fd55713006
|
add changenote
|
2024-04-30 18:17:18 +01:00 |
|
Joe Farebrother
|
c6372d5822
|
Fix qldoc and remove PotentialViewCallable class
|
2024-04-30 18:13:06 +01:00 |
|
Mathias Vorreiter Pedersen
|
07dd6d5c8d
|
C++: Align 'break' statements.
|
2024-04-30 16:40:23 +01:00 |
|
Mathias Vorreiter Pedersen
|
708d12624f
|
C++: Update documentation on 'cpp/iterator-to-expired-container'.
|
2024-04-30 16:32:32 +01:00 |
|
Mathias Vorreiter Pedersen
|
3eddd3114f
|
C++: Accept test changes.
|
2024-04-30 16:14:30 +01:00 |
|
Mathias Vorreiter Pedersen
|
61ce7252e6
|
C++: Update the alert message in 'cpp/iterator-to-expired-container'.
|
2024-04-30 16:12:54 +01:00 |
|
Mathias Vorreiter Pedersen
|
b86aeb68ae
|
Merge pull request #16364 from MathiasVP/ir-guards-with-boolean
C++: Support `IRGuard`s with no implicit boolean conversion
|
2024-04-30 16:07:32 +01:00 |
|
Mathias Vorreiter Pedersen
|
cf025e1924
|
C++: Accept test changes.
|
2024-04-30 15:47:53 +01:00 |
|
Mathias Vorreiter Pedersen
|
a200ced2d6
|
C++: Fix IR generation for jump statements.
|
2024-04-30 15:46:46 +01:00 |
|
Mathias Vorreiter Pedersen
|
c04e59611b
|
Merge pull request #16355 from MathiasVP/promote-iterator-to-expired-container-out-of-experimental
C++: Promote `cpp/iterator-to-expired-container` out of experimental
|
2024-04-30 15:45:56 +01:00 |
|
Mathias Vorreiter Pedersen
|
c5a87c95d8
|
C++: Add tests that incorrectly call destructors twice.
|
2024-04-30 15:39:00 +01:00 |
|
Joe Farebrother
|
4f22b91e73
|
Add tests for cases not yet supported
|
2024-04-30 15:20:09 +01:00 |
|
Henry Mercer
|
797f675285
|
Merge pull request #16365 from github/post-release-prep/codeql-cli-2.17.2
Post-release preparation for codeql-cli-2.17.2
|
2024-04-30 14:51:01 +01:00 |
|
Mathias Vorreiter Pedersen
|
c32c810ae7
|
C++: Add a test with a 'short' type.
|
2024-04-30 14:48:21 +01:00 |
|
Mathias Vorreiter Pedersen
|
32fe084630
|
Update cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
|
2024-04-30 14:42:30 +01:00 |
|
Joe Farebrother
|
ba054bd428
|
Manually specify subclasses for redirect models
|
2024-04-30 14:33:46 +01:00 |
|
Ian Lynagh
|
0715c4ac5a
|
Merge pull request #16341 from igfoo/igfoo/ODASA_BUILD_ERROR_DIR
Java: Remove support for deprecated ODASA_BUILD_ERROR_DIR env var
|
2024-04-30 13:18:51 +01:00 |
|
github-actions[bot]
|
99928b82ed
|
Post-release preparation for codeql-cli-2.17.2
|
2024-04-30 12:15:35 +00:00 |
|
Rasmus Wriedt Larsen
|
377c6b4cc8
|
Merge pull request #12557 from felickz/patch-1
add security-severity score to code scanning query list
|
2024-04-30 13:48:22 +02:00 |
|
Mathias Vorreiter Pedersen
|
2939c89f7a
|
C++: Accept test changes.
|
2024-04-30 12:04:42 +01:00 |
|