hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayCallerJava
Commit Graph

3040 Commits

Author SHA1 Message Date
Yunus AYDIN
ec5a8b49c8 add httprouter example code and stub.go 2023-12-15 00:54:39 +03:00
amammad
4d9aad92a1 remove a duplicate test 2023-12-14 17:08:18 +01:00
amammad
d84333dad8 added *ReadBody* Methods as UntrustedFlowSource 2023-12-14 15:31:09 +01:00
Anders Schack-Mulligen
a1068ce2f9 Dataflow: deprecate references 2023-12-14 15:05:33 +01:00
Yunus AYDIN
ac3cb7f6c4 update camelcase 2023-12-14 15:29:28 +03:00
Yunus AYDIN
a17c704f46 update expected file 2023-12-14 15:27:27 +03:00
Tom Hvitved
c8b4a215bc Merge pull request #14573 from hvitved/flow-summary-impl-param 
Move `FlowSummaryImpl.qll` to `dataflow` pack
 2023-12-14 12:24:15 +01:00
Tom Hvitved
098afb935b Address more review comments 2023-12-14 09:48:45 +01:00
Yunus AYDIN
d899267acb add httprouter example code 2023-12-14 00:23:09 +03:00
Yunus AYDIN
5f6de79c09 Fix select query, Add httprouter library and update test files 2023-12-14 00:19:11 +03:00
Yunus AYDIN
a09505afc2 Update rules 2023-12-13 20:01:53 +03:00
Yunus AYDIN
5148054612 Update go/ql/src/experimental/CWE-525/WebCacheDeceptionLib.qll 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-12-13 19:36:07 +03:00
Yunus AYDIN
221e281f73 Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-12-13 19:35:59 +03:00
Yunus AYDIN
0ea27c6e9b Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-12-13 19:35:53 +03:00
Yunus AYDIN
da275b374f Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-12-13 19:35:36 +03:00
Jeroen Ketema
99e65df6ce Merge remote-tracking branch 'upstream/rc/3.12' into mb12 2023-12-13 15:43:39 +01:00
dependabot[bot]
dae1a5c70e Bump the extractor-dependencies group in /go/extractor with 1 update 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).

- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.16.0...v0.16.1)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 04:02:50 +00:00
Yunus AYDIN
a47ffc6833 Remove unnecessary rules 2023-12-13 01:52:06 +03:00
Yunus AYDIN
bb2083d10a Remove database directory and add WebCacheDeceptionLib.qll 2023-12-13 01:50:56 +03:00
Owen Mansel-Chan
5675df842e Merge pull request #15054 from owen-mc/go/find-more-callees-for-captured-variables 
Go: Also follow jump steps when looking for a callee source
 2023-12-12 15:49:15 +00:00
Mathew Payne
7a48152ea9 Add Go Stubs for LibXML2 2023-12-12 15:10:08 +00:00
Chad Bentz
2d33f86d41 Initial Push 
- Sample test  (test not compiling)
- Stubs not generating
 2023-12-12 15:00:00 +00:00
Yunus AYDIN
bc81201c2e Update expected file 2023-12-12 00:07:51 +03:00
Owen Mansel-Chan
0fb58caa8c Update go/ql/lib/change-notes/2023-12-08-find-more-callees-for-captured-functions.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2023-12-11 20:42:48 +00:00
Malayke
7121282b27 add new query for detect DOS 2023-12-11 23:05:04 +08:00
amammad
572777f11b fix a bug in stubs 2023-12-10 22:18:49 +01:00
amammad
bfa0fb6d74 remove a duplicate test 2023-12-10 22:08:12 +01:00
amammad
cc5416406f added more sinks related to io.Writer of BodyWriter 2023-12-10 22:06:27 +01:00
Yunus AYDIN
cf8f2a38c3 Update expected file 2023-12-11 00:03:50 +03:00
Yunus AYDIN
a6b092d8c1 Update rules ids 2023-12-10 22:26:05 +03:00
Yunus AYDIN
4d97c42ee5 Remove debugging select on go-chi.ql 2023-12-10 22:18:48 +03:00
Yunus AYDIN
501f617eaa Update qhelp and and go-chi 2023-12-10 22:07:17 +03:00
Yunus AYDIN
34fb1c4a9f Add go-chi middleware stub to vendor 2023-12-10 22:06:23 +03:00
Am
59195cccdd Merge branch 'main' into amammad-go-bombs 2023-12-10 18:12:10 +01:00
amammad
bb5017121f Merge branch 'main' into amammad-go-bombs 2023-12-10 18:11:49 +01:00
amammad
737f3e8899 fix stubs 2023-12-10 18:10:23 +01:00
amammad
b6aaff2e64 use SimpleGlobal with source and sink to find BodyWriter successors globally 2023-12-10 15:45:42 +01:00
Tom Hvitved
35c654aa76 Go: Use FlowSummaryImpl from dataflow pack 2023-12-10 11:25:44 +01:00
Yunus AYDIN
0813199c7f Update vendor directory and go files 2023-12-10 01:24:29 +03:00
Yunus AYDIN
a925c23d14 Add go.mod and modules.txt 2023-12-09 23:36:50 +03:00
Yunus AYDIN
6bd3c8c07b Format Document 2023-12-09 23:36:13 +03:00
Yunus AYDIN
6378c5e22f Update Fiber Rule for checking files 2023-12-09 23:35:42 +03:00
Yunus AYDIN
63123f3984 Add GoChi Rule 2023-12-09 23:34:48 +03:00
Yunus AYDIN
ba4f8612eb Add GoChi Test Cases 2023-12-09 23:33:18 +03:00
Yunus AYDIN
ad1284853b remove unnecessary file 2023-12-09 19:49:21 +03:00
Yunus AYDIN
eb25d0df66 Add test cases 2023-12-09 19:44:58 +03:00
Yunus AYDIN
85636ccab7 Add Web Cache Deception QHelp and Example Code Snippet for Vulnerable Go Fiber usage 2023-12-09 19:12:20 +03:00
Owen Mansel-Chan
2e2a82c237 Add change note 2023-12-08 23:33:58 +00:00
Owen Mansel-Chan
ab68c4e341 Update test 2023-12-08 23:29:44 +00:00
Owen Mansel-Chan
40b3598fd0 Also follow jump steps when looking for a callee source 
This is needed because capturing a variable is a jump step
and we want to find a callee source for captured functions.
 2023-12-08 18:44:14 +00:00