hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-15 01:41:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,274 Commits 1,784 Branches 169 Tags
codeql-cli-2.25.4
Commit Graph

87274 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
56e44f9b3c Merge pull request #15458 from MathiasVP/dataflow-node-deduplication 
C++: Fix more `asExpr` duplication
 2024-01-30 09:34:57 +00:00
Mathias Vorreiter Pedersen
436a9ce604 Merge pull request #15460 from MathiasVP/fix-scanf-fp-2 
C++: Fix another FP in `cpp/incorrectly-checked-scanf`
 2024-01-30 09:32:32 +00:00
Tom Hvitved
503d2f7b95 Ruby: Rework mayBenefitFromCallContext 2024-01-30 09:57:29 +01:00
Harry Maclean
75b13da4e4 Ruby: Block flow from LHS of && expressions 
The only values that can flow from the LHS of an && expression are
`false` and `nil`, neither of which seem relevant for any of our
queries.
 2024-01-30 08:53:32 +00:00
Joe Farebrother
460ffc89b2 Add additional test cases 2024-01-29 22:43:28 +00:00
Sid Shankar
b1d7a635f5 Renames diagnostic query files and tests 
This commit renames the files relating to the diagnostic query that produces information on the number of files extracted. The files have been renamed from "SuccessfullExtractedFiles.*" to "ExtractedFiles.*". All related tests and test files have been renamed too.

The `@tags` and `@id` attributes of the queries have been left untouched, consistent with the `@tags` and `@id` for similar queries in other languages.
 2024-01-29 20:19:20 +00:00
Benjamin Rodes
13cf555cee False positive fix for cpp/uninitialized-local 2024-01-29 13:21:05 -05:00
Joe Farebrother
3abd67064d Add change note 2024-01-29 16:33:07 +00:00
Mathias Vorreiter Pedersen
5024df9c4e C++: Add change note. 2024-01-29 16:30:55 +00:00
Joe Farebrother
94075ef148 Fix FPs - consider flow through fields when determining whether a view is masked, and find more instances of findViewById. 2024-01-29 16:25:38 +00:00
Joe Farebrother
8d201626e1 Add documentation 2024-01-29 16:25:38 +00:00
Joe Farebrother
aa78050933 Implement checks for elements hidden by their xml attributes 2024-01-29 16:25:38 +00:00
Joe Farebrother
6081f18089 Add unit tests + make some fixes 2024-01-29 16:25:37 +00:00
Joe Farebrother
8582093e65 Implement checks for parent views being hidden 2024-01-29 16:25:37 +00:00
Joe Farebrother
1b13597d72 Implement checks for calls that may safely mask information 2024-01-29 16:25:37 +00:00
Joe Farebrother
5dd0addfc2 Add sensitive text flow query 2024-01-29 16:25:36 +00:00
Mathias Vorreiter Pedersen
ea79a84c2e C++: Accept test changes. 2024-01-29 16:24:44 +00:00
Mathias Vorreiter Pedersen
ebd1595fbe C++: Fix FP by concluding that a less-than-zero check also implies a not-equal-to-EOF check. 2024-01-29 16:24:36 +00:00
Mathias Vorreiter Pedersen
7e29141196 C++: Add FP test. 2024-01-29 16:23:37 +00:00
Ben Rodes
308a3b533f Update cpp/ql/src/change-notes/2024-01-29-false_positive_incorrect_string_type_conversion.md 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2024-01-29 09:35:59 -05:00
Mathias Vorreiter Pedersen
aeae208dc3 Merge pull request #15456 from MathiasVP/fix-scanf-fp 
C++: Fix FP in `cpp/incorrectly-checked-scanf`
 2024-01-29 14:30:20 +00:00
Benjamin Rodes
6f17c432d9 Change log 2024-01-29 09:19:39 -05:00
Mathias Vorreiter Pedersen
320092092d C++: Accept test changes. 2024-01-29 14:11:07 +00:00
Mathias Vorreiter Pedersen
a4727b5597 C++: Fix 'asExpr' duplication. 2024-01-29 14:11:01 +00:00
Mathias Vorreiter Pedersen
044d94c580 C++: Add change note 2024-01-29 13:47:17 +00:00
Michael Nebel
cda09478c5 C# Update expected test output and remove false positive. 2024-01-29 14:37:25 +01:00
Michael Nebel
63c06b72b1 C#: Chop dataflow of spread into smaller steps and make sure to only propagate element flow for the spread operator. 2024-01-29 14:34:57 +01:00
Michael Nebel
b6f94ea44a C#: Add example test of field flow via the spread operator, which leads to a false positive. 2024-01-29 14:30:52 +01:00
Rasmus Wriedt Larsen
5867fb3d29 Python: Add change-note 2024-01-29 14:30:20 +01:00
Rasmus Wriedt Larsen
3f0dc2b022 Python: Model the psycopg package 2024-01-29 14:30:20 +01:00
Michael Nebel
cd5f678e1c C#: Add IntegerCollection class to the CollectionFlow tests and update line numbers in expected test output. 2024-01-29 14:28:05 +01:00
yoff
391ca5d8a6 Merge pull request #15390 from Marcono1234/marcono1234/python-ascii-regex-flag 2024-01-29 14:27:50 +01:00
Tamás Vajk
39b32a9068 Merge pull request #15454 from tamasvajk/standalone/cshtml-default 
C#: Change asp.net core view generation to be opt out
 2024-01-29 13:22:44 +01:00
Tamas Vajk
4dffb3bfdd Change integration test to specify .net 6.0 as target framework 2024-01-29 12:40:51 +01:00
Mathias Vorreiter Pedersen
a5794509ec C++: Accept test changes. 2024-01-29 11:33:14 +00:00
Mathias Vorreiter Pedersen
41f44f598a C++: Explicitly check that a check for EOF isn't present. 2024-01-29 11:33:14 +00:00
Tamas Vajk
f16aa034a2 Code quality improvement 2024-01-29 12:29:01 +01:00
Ian Lynagh
79d9109850 Merge pull request #15428 from igfoo/igfoo/catch_illegal_arg 
Kotlin: Catch/ignore a IllegalArgumentException exception
 2024-01-29 11:27:38 +00:00
Ian Lynagh
76e417c23e Merge pull request #14940 from igfoo/igfoo/comments 
Kotlin 2: Comment improvements
 2024-01-29 11:27:19 +00:00
Mathias Vorreiter Pedersen
3a66fd7175 C++: Add FP test. 2024-01-29 10:59:38 +00:00
Tamas Vajk
7a8d83e859 C#: Add integration test with asp.net core view generation on dotnet 6 
Source generators are needed for asp.net core view generation. Dotnet 6 is the first version where we support view generation. This commit adds an integration test for this.
 2024-01-29 11:52:55 +01:00
Tamas Vajk
92fec66370 C#: Add integration test for disabled asp.net core view generation 2024-01-29 11:52:55 +01:00
Tamas Vajk
d7de5fcfcb C#: Change asp.net core view generation to be opt out 2024-01-29 10:52:26 +01:00
Tony Torralba
49d6d3fa0c Merge pull request #15449 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-01-29 10:27:32 +01:00
github-actions[bot]
6d06c9cb7d Add changed framework coverage reports 2024-01-29 00:16:27 +00:00
Marcono1234
d8fe0f5bb8 Java: Document which assignment type is covered by which class 2024-01-28 19:03:36 +01:00
Maiky
c2c4d9e4d1 ` change to <code> 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2024-01-27 14:08:55 +01:00
Mathias Vorreiter Pedersen
a391f7802d C++: Add a test. 2024-01-27 13:08:52 +00:00
maikypedia
d7314a1689 File format 2024-01-27 14:07:36 +01:00
Marcono1234
1ad08efe08 Python: Support a (ASCII) inline regex flag 2024-01-26 22:18:49 +01:00