hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,347 Commits 1,672 Branches 157 Tags
hmac-cli-injection-from-library-inputs
Commit Graph

7202 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
dda85bf234 Update cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-02-23 09:33:52 +00:00
Jeroen Ketema
423d325204 C++: Simplify cpp/declaration-hides-variable 
The check for `(unnamed local variable)` is no longer needed, because these
variables are now identified as being compiler generated.
 2022-02-22 23:04:48 +01:00
Robert Marsh
a37f746dff C++: fix FP and add paths in InsufficientKeySize 2022-02-22 15:38:50 -05:00
Mathias Vorreiter Pedersen
ea35f56212 C++: Add a query for detecting uses of expired stack pointers that escaped through global variables. 2022-02-22 19:12:08 +00:00
Jeroen Ketema
aecc17c49b Merge pull request #7928 from jketema/structured-bindings-db-scheme 
C++: Add table that identifies C++ structured bindings
 2022-02-22 17:34:26 +01:00
Geoffrey White
31d214d5ee Merge pull request #8170 from geoffw0/typos 
C++: Fix Spelling Typos.
 2022-02-22 15:09:50 +00:00
Mathias Vorreiter Pedersen
894992d403 Merge pull request #8169 from MathiasVP/fix-spelling-in-post-dominance-frontier 
C++/C#: Fix spelling of 'postDominanceFrontier'
 2022-02-22 14:54:39 +00:00
Geoffrey White
4908eaf5ec C++: Typos. 2022-02-22 14:33:11 +00:00
Mathias Vorreiter Pedersen
b6740ed4a1 C++/C#: Fix spelling of 'postDominanceFrontier'. 2022-02-22 13:48:13 +00:00
Jeroen Ketema
fc91c82777 Add change note 2022-02-21 10:48:46 +01:00
Jeroen Ketema
e05af1e1d1 Use underlyingElement in isStructuredBinding 
Accodring to the documentation in `Element.qll`, `underlyingElement` is
supposed to be used here and not `unresolveElement`.
 2022-02-21 10:46:29 +01:00
Jeroen Ketema
d4832b48c6 C++: Update DB scheme stats 2022-02-17 11:48:42 +01:00
Jeroen Ketema
e2bc4c88e4 C++: Expose is_structured_binding as a member of Variable 2022-02-17 11:44:08 +01:00
Jeroen Ketema
f875d722b0 C++: Add DB upgrade and downgrade scripts 2022-02-17 11:44:08 +01:00
Jeroen Ketema
f358f8f265 C++: Add DB relation identifying structured bindings 2022-02-17 11:44:08 +01:00
Robert Marsh
103796dfa8 C++: respond to PR comments on InsufficientKeySize 2022-02-16 14:58:29 -05:00
Robert Marsh
cfd9c9d137 C++: Update doc for `getMinimumKeySize 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-02-16 14:53:09 -05:00
Ian Lynagh
a448db11b5 Merge pull request #8052 from igfoo/igfoo/descendent 
Spelling: Use "descendant" rather than "descendent" for consistency
 2022-02-16 18:03:52 +00:00
Robert Marsh
3637078a26 C++: change note for insufficient key size 2022-02-16 12:43:39 -05:00
Robert Marsh
d3665f935e C++: add sample code for InsufficientKeySize.qhelp 2022-02-16 12:30:41 -05:00
Ian Lynagh
b16e4c0247 Spelling: Use "descendant" rather than "descendent" for consistency 
$ git grep -i descendant | wc -l
170
 2022-02-16 14:26:02 +00:00
Arthur Baars
ebb87c4b36 Merge pull request #7975 from github/post-release-prep/codeql-cli-2.8.1 
Post-release preparation for codeql-cli-2.8.1
 2022-02-15 20:17:35 +01:00
Geoffrey White
703f18b82f C++: Better deduplication. 2022-02-15 17:52:27 +00:00
Jeroen Ketema
3b2584a5d1 Add change note 2022-02-15 11:18:44 +01:00
Jeroen Ketema
f791c63780 C++: Add DB upgrade script 2022-02-15 11:18:44 +01:00
Jeroen Ketema
68fd953d9b C++: Mark classes depending on removed relations as deprecated 
Also ensure they no longer depend on the removed relations.
 2022-02-15 11:18:36 +01:00
Jeroen Ketema
bf6ca7a7be C++: Remove some unused legacy relations from the DB scheme 2022-02-15 10:16:35 +01:00
Robert Marsh
0e50c4b186 C++: Add openssl low-level API 2022-02-14 14:47:55 -05:00
Mathias Vorreiter Pedersen
ab7850c581 Revert "Merge pull request #7982 from jketema/remove-legacy-relations" 
This reverts commit 2b6d57d85b, reversing
changes made to 9b4dbb9dd8.
 2022-02-14 09:11:56 +00:00
Mathias Vorreiter Pedersen
2b6d57d85b Merge pull request #7982 from jketema/remove-legacy-relations 2022-02-14 07:59:19 +00:00
Chuan-kai Lin
9b4dbb9dd8 Merge pull request #7895 from github/cklin/upgrades-initial-dbscheme 
Upgrade scripts testing: set initial dbschemes
 2022-02-11 11:06:12 -08:00
Jeroen Ketema
7f4913d61f Add change notes 2022-02-11 18:15:33 +01:00
Jeroen Ketema
9d7aa176f3 C++: Mark classes depending on removed relations as deprecated 
Also ensure they no longer depend on the removed relations.
 2022-02-11 18:04:17 +01:00
Geoffrey White
c4d9c1d9e7 C++: Reduce result duplication. 2022-02-11 16:03:38 +00:00
Jeroen Ketema
3033f3f89c C++: Add DB upgrade script 2022-02-11 16:35:51 +01:00
Jeroen Ketema
94d3d63704 C++: Remove some unused legacy relations from the DB scheme 2022-02-11 16:35:08 +01:00
Geoffrey White
00ba76b7e4 C++: Convert to IR taint tracking. 2022-02-11 13:00:42 +00:00
github-actions[bot]
21bf29353f Post-release preparation for codeql-cli-2.8.1 2022-02-11 11:07:31 +00:00
Arthur Baars
58a2597c3a C++: move change note lines to correct query pack 2022-02-11 09:52:36 +01:00
github-actions[bot]
f25fc70b7c Release preparation for version 2.8.1 2022-02-10 22:08:24 +00:00
Arthur Baars
6cba49abe3 C++: move change note 2022-02-10 22:13:54 +01:00
Robert Marsh
dbe4770c7d C++: add initial insufficient key size query 2022-02-10 14:53:40 -05:00
Geoffrey White
85d03fdbfd C++: Change note. 2022-02-10 18:05:41 +00:00
Geoffrey White
b0c2a144cc C++: Remove no longer relevant tests. 2022-02-10 11:11:31 +00:00
Geoffrey White
20ad92a82e C++: Filter noisiest sources. 2022-02-10 11:11:30 +00:00
Geoffrey White
7b5b2fdcd1 C++: Modernize cpp/system-data-exposure as a path-problem using IR taint, RemoteFlowSinkFunction. 2022-02-10 11:11:26 +00:00
Geoffrey White
5490809bcf C++: Expand tests. 2022-02-10 10:43:21 +00:00
Jeroen Ketema
46821fe136 Update C++ variable hiding test 
Structured bindings are now handled better, so the false negative
related to structured bindings is now a true positive.
 2022-02-10 10:58:32 +01:00
Tamás Vajk
6483a92587 Merge pull request #7865 from github/post-release-prep/codeql-cli-2.8.0 
Post-release preparation for codeql-cli-2.8.0
 2022-02-09 16:42:38 +01:00
Tom Hvitved
9440a45015 Merge branch 'main' into post-release-prep/codeql-cli-2.8.0 2022-02-09 09:40:33 +01:00