hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,673 Branches 157 Tags
remove-javascript
Commit Graph

26405 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
e0606d61b6 C++: Fix qldoc. 2021-05-06 16:58:49 +02:00
Mathias Vorreiter Pedersen
c12837cff0 C++: Fix false negative. 2021-05-06 16:57:09 +02:00
Mathias Vorreiter Pedersen
7b8a51f995 C++: Add test with missing result. 2021-05-06 16:56:11 +02:00
Mathias Vorreiter Pedersen
47a419a5f1 C++: Respond to review comments. First: Avoid using locations to detect constructor and destructor calls. Second: Include missing statements in stmtMayThrow. 2021-05-06 16:37:26 +02:00
Mathias Vorreiter Pedersen
4463293dc4 C++: Move common code from NewExpr and NewArrayExpr into the NewOrNewArrayExpr class. 2021-05-06 16:35:41 +02:00
Tony Torralba
f16605b3c1 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2021-05-06 15:17:55 +02:00
Mathias Vorreiter Pedersen
167dc86f7a C++: Accept test changes. 2021-05-06 14:36:35 +02:00
Mathias Vorreiter Pedersen
95e65dec8f C++: Make sure a CatchBlock that catches a const std::bad_alloc& is also a BadAllocCatchBlock. 2021-05-06 14:35:27 +02:00
Mathias Vorreiter Pedersen
42b8f923be C++: Call noexcept constructor instead. 2021-05-06 14:30:43 +02:00
Mathias Vorreiter Pedersen
6cdef782c8 Merge branch 'main' into improve-wrong-in-detecting-and-handling-memory-allocation-errors 2021-05-06 13:37:21 +02:00
Mathias Vorreiter Pedersen
420215931c C++: Rename query. 2021-05-06 13:35:08 +02:00
Mathias Vorreiter Pedersen
d3576b9c92 C++: Accept test changes. 2021-05-06 13:29:28 +02:00
Mathias Vorreiter Pedersen
56d7342398 C++: Improve the cpp/detect-and-handle-memory-allocation-errors query. 2021-05-06 13:29:20 +02:00
Tony Torralba
b69261727d Add a new test for 2021-05-06 13:26:25 +02:00
Mathias Vorreiter Pedersen
58f3048808 C++: Add more testcases. 2021-05-06 13:15:34 +02:00
Tony Torralba
1f1f85aeb5 Add change note and fix some QLDocs 2021-05-06 13:13:23 +02:00
Tony Torralba
f1fab854c4 Fix tests for XXE, introduced a dependency with jaxen 2021-05-06 12:11:55 +02:00
Evgenii Protsenko
b1a6394959 C++: SqlPqxxTainted.ql. Change @id in query metadata 2021-05-06 12:36:48 +03:00
Tony Torralba
e14294a2f7 Remove XSS sink since it's better handled in this query 2021-05-06 11:20:37 +02:00
Erik Krogh Kristensen
3815797dda add sanitizers from DOM and jQuery queries 2021-05-06 11:05:03 +02:00
Erik Krogh Kristensen
8ba5bddae8 add jQuery options objects as sources 2021-05-06 11:05:02 +02:00
Erik Krogh Kristensen
5c37e6a435 add change note 2021-05-06 11:05:02 +02:00
Erik Krogh Kristensen
7ef641e7b2 add qhelp 2021-05-06 11:05:02 +02:00
Erik Krogh Kristensen
ee0140e704 share code between unsafe-shell and unsafe-html queries 2021-05-06 11:05:02 +02:00
Erik Krogh Kristensen
23908f9ec2 remove flowpaths that has a returns without a matching call 2021-05-06 11:05:02 +02:00
Erik Krogh Kristensen
6e754c70aa add test for js/html-constructed-from-input 2021-05-06 11:05:02 +02:00
Erik Krogh Kristensen
e86a3b5e57 add js/html-constructed-from-input query 2021-05-06 11:04:49 +02:00
Tony Torralba
84504a88e4 Fix tests by adding AndroidManifest.xml 2021-05-06 10:55:56 +02:00
Erik Krogh Kristensen
a400a1e9d4 split the markdown steps into a separate class 2021-05-06 10:44:39 +02:00
Tony Torralba
76468559ba Add safe example for dom4j 2021-05-06 10:17:25 +02:00
Tony Torralba
926fedb7fb Update java/ql/test/query-tests/security/CWE-643/XPathInjectionTest.java 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-05-06 09:18:50 +02:00
Tony Torralba
00a7576679 Rename XPath Injection test file 2021-05-06 09:18:50 +02:00
Tony Torralba
8af7f4a484 New sinks and test cases 2021-05-06 09:18:49 +02:00
Tony Torralba
ccb3ea4453 Fix XPath Injection tests classpath 2021-05-06 09:18:49 +02:00
Tony Torralba
509fc8a640 Add missing docs to stubs 2021-05-06 09:18:49 +02:00
Tony Torralba
26c3ff2cee Move from experimental to standard 2021-05-06 09:18:49 +02:00
Tony Torralba
215118c7ea Fixes in QLDocs and imports 2021-05-06 09:18:49 +02:00
Tony Torralba
720b5d6da3 Refactored sto use CSV sink model. Also, added more sinks 2021-05-06 09:18:49 +02:00
Tony Torralba
ab62bb66f4 Consider second parameter of Node.selectNodes 2021-05-06 09:18:49 +02:00
Tony Torralba
d72dd9b861 javax.xml.xpath.XPath is an interface 2021-05-06 09:18:49 +02:00
Tony Torralba
2bb2baf6f7 Support more methods that evaluate XPath expressions 2021-05-06 09:18:49 +02:00
Tony Torralba
3705970bfd Refactored XPath.qll to remove redundant classes and restrict visibility 2021-05-06 09:18:49 +02:00
Tony Torralba
d739a8cac2 Moved configuration from XPath.qll back to XPath Injection query 2021-05-06 09:18:48 +02:00
Tony Torralba
ee269fbc69 Added missing doc comments 2021-05-06 09:18:48 +02:00
Tony Torralba
fb3e56eac8 Fix imports and stubs so that tests pass 2021-05-06 09:18:48 +02:00
Tony Torralba
a62997463f Remove unused imports; use set literals in hasName 2021-05-06 09:18:48 +02:00
Tony Torralba
ed5619498c WIP: XPath Injection promotion 2021-05-06 09:18:48 +02:00
Tony Torralba
a706046a19 Reestructured test 2021-05-06 09:17:53 +02:00
Jonathan Leitschuh
67e9f06304 [Java] Fix Kryo FP & Kryo 5 Support 
Closes #4992
 2021-05-05 17:38:34 -04:00
ihsinme
976ccda135 Update DeclarationOfVariableWithUnnecessarilyWideScope.ql 2021-05-05 23:34:21 +03:00