hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

33 Commits

Author SHA1 Message Date
Simon Friis Vindum
b0c40111e7 Rust: Tweaks to stringification 2025-04-03 12:45:08 +02:00
Tom Hvitved
dcaeeabad8 Rust: Fix capturedCallRead 2025-04-01 15:11:20 +02:00
Tom Hvitved
9dea9f5046 SSA: Make phiWithoutTwoPriorRefs consistency check more informative 2025-04-01 15:07:46 +02:00
Simon Friis Vindum
b3601b1ac2 Merge pull request #18946 from paldepind/rust-regex-injection 
Rust: Add regular expression injection query
 2025-03-12 08:15:54 +01:00
Simon Friis Vindum
0e965f7616 Rust: Accept changes 2025-03-10 14:39:37 +01:00
Anders Schack-Mulligen
b1e53f5816 Rust: Accept consistency failure. 2025-03-07 11:11:49 +01:00
Simon Friis Vindum
476fef49da Rust: Allow SSA and some data flow for mutable borrows 2025-02-26 16:00:52 +01:00
Geoffrey White
79525fa4ed Rust: Variant -> Field. 2025-02-17 17:33:52 +00:00
Geoffrey White
048f7dbd37 Merge branch 'main' into nth 2025-02-17 17:17:59 +00:00
Geoffrey White
c07a57bf6b Rust: Accept spurious test results (we need a barrier for numeric types of this query at some point; it's good that flow reaches it now). 2025-02-13 15:31:10 +00:00
Tom Hvitved
e9c25037d4 Rust: Use Field MaD token instead of Variant, Struct, Tuple 2025-02-13 13:32:08 +01:00
Geoffrey White
9d6a13cec2 Rust: Accept improved results for rust/sql-injection. Note that the lost annotations are only sources, not results, and I suspect will return when we have sufficient flow in these cases. 2025-01-27 22:22:38 +00:00
Simon Friis Vindum
049fab4c72 Rust: Remove taint steps 2024-12-18 11:22:56 +01:00
Simon Friis Vindum
c1e21974c6 Rust: Address review comments 2024-12-17 17:24:42 +01:00
Simon Friis Vindum
ee87d4c948 Merge branch 'main' into rust-data-flow-models 2024-12-17 13:12:32 +01:00
Simon Friis Vindum
402d4e11c4 Rust: Re-add inline expectations query tags 2024-12-16 16:36:30 +01:00
Simon Friis Vindum
cad4f39aee Rust: Database name capitalization 2024-12-16 13:15:42 +01:00
Simon Friis Vindum
defbbb2a24 Rust: Add additional models for stdlib and sqlx 2024-12-16 11:46:57 +01:00
Michael Nebel
864c34fc03 Rust: Update all test util paths to point to the new location. 2024-12-12 15:02:59 +01:00
Tom Hvitved
2f8b04b225 Rust: Models-as-data for flow summaries 2024-12-09 13:41:55 +01:00
Jeroen Ketema
e89f37df1a Rust: Update expected test results 2024-12-03 19:18:52 +01:00
Geoffrey White
2810d64b22 Rust: Fix ql-for-ql warning. 2024-11-28 12:43:24 +00:00
Geoffrey White
c113a0b5a1 Rust: Fix typo. 2024-11-27 10:51:42 +00:00
Geoffrey White
ba560f2fe9 Rust: Model SQLx. 2024-11-27 10:31:05 +00:00
Geoffrey White
e96f15d9b4 Rust: Add a test exposing SQL Injection sinks directly. 2024-11-27 10:31:04 +00:00
Paolo Tranquilli
b32e578580 Rust: accept test changes 2024-11-22 17:18:32 +01:00
Paolo Tranquilli
2e90c80a6f Rust: accept test changes 2024-11-22 13:45:00 +01:00
Geoffrey White
b7c7a9ee7c Rust: Accept consistency check failures. 2024-11-21 14:23:51 +00:00
Geoffrey White
758092b1d6 Rust: Add consistency check failures. 2024-11-19 12:04:15 +00:00
Geoffrey White
c7c6924fda Rust: Implement query, source/sink/barrier classes and concepts. All of this is framework, nothing is concretely modelled yet. 2024-11-19 11:09:43 +00:00
Geoffrey White
2df565c84f Rust: Add options.yml and sqlx 'query cache' (result of 'sqlx prepare') so that the query test can function. 2024-11-19 10:56:37 +00:00
Geoffrey White
28d0ad94d5 Rust: Add placeholder SQL injection query, linked in test. 2024-11-19 10:56:36 +00:00
Geoffrey White
3673c7c813 Rust: Add SQL injection test cases (complete and functioning). 2024-11-19 10:56:35 +00:00