hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,658 Commits 1,671 Branches 157 Tags
rust-ti-implementing-type-method
Commit Graph

1667 Commits

Author SHA1 Message Date
Tom Hvitved
37c55750f7 Merge pull request #873 from calumgrant/cs/format-getresource-strings 
C#: Fix FP in cs/format-argument-unused
 2019-02-05 17:12:04 +01:00
Taus Brock-Nannestad
b550da2b45 Improve change note. 2019-02-05 16:01:45 +01:00
yh-semmle
3e8f7a740c Merge pull request #838 from aschackmull/java/taint-collections 
Java: Add additional taint steps through collections.
 2019-02-05 09:59:24 -05:00
Taus Brock-Nannestad
895b237e3c Python: Make "Modification of parameter with default" flow-sensitive. 2019-02-04 19:05:04 +01:00
Asger F
9fd4e81f20 JS: add change note 2019-02-04 14:21:34 +00:00
Tom Hvitved
b4b6fdd12b C#: Revert recent change to AccessorCall 
The recent change to `AccessorCall` on dd99525566 resulted
in some bad join-orders, so I have (partly) reverted them. This means that the issues
orignally addressed by that change are now reintroduced, and I plan to instead apply a
fix to the CFG, which--unlike the original fix--should be able to handle multi-property-tuple
assignments.
 2019-02-04 15:14:18 +01:00
calum
d79201ec47 C#: Change notes. 2019-02-04 12:53:18 +00:00
semmle-qlci
222738072d Merge pull request #840 from esben-semmle/js/propagate-sound-avalue 
Approved by xiemaisi
 2019-02-01 09:23:43 +00:00
Robert Marsh
e1d289ffb4 Merge pull request #759 from calumgrant/cs/interface-tostring 
C#: Remove FPs from cs/call-to-object-tostring
 2019-01-31 12:03:49 -08:00
Dave Bartolomeo
ab1f96fb2c Merge pull request #770 from jbj/cfg-static-init-pr 
C++: Add addresses to `Expr.isConstant`
 2019-01-31 10:24:48 -08:00
Max Schaefer
aeb8cc62b2 JavaScript: Reclassify PostMessageStar as CWE-201. 2019-01-31 08:08:52 +00:00
Geoffrey White
642faa6cf0 CPP: Change note. 2019-01-30 18:38:19 +00:00
semmle-qlci
fc5b9dd55e Merge pull request #837 from asger-semmle/hardcoded-empty-string 
Approved by esben-semmle
 2019-01-30 13:40:39 +00:00
Max Schaefer
769e407c24 JavaScript: Add new query PostMessageStar. 2019-01-30 10:26:43 +00:00
calum
26365c82f7 C#: Update change notes. 2019-01-29 18:04:52 +00:00
Taus
6f7c96db54 Merge branch 'master' into python-unsafe-use-of-mktemp 2019-01-29 16:12:53 +01:00
Taus Brock-Nannestad
de63f01f67 Update change note. 2019-01-29 16:10:46 +01:00
Mark Shannon
7fe3c3d516 Merge branch 'master' into python-mutating-descriptor 2019-01-29 14:46:33 +00:00
Taus
9adb19f3a9 Merge branch 'master' into python-incomplete-url-sanitize 2019-01-29 14:17:37 +01:00
Jonas Jensen
d776d9f903 Merge pull request #821 from geoffw0/query-tags-case 
CPP: Improve ArrayArgSizeMismatch.ql
 2019-01-29 03:52:52 -08:00
Esben Sparre Andreasen
5d5900a534 JS: change notes for improved interprocedural type inference 2019-01-29 10:21:36 +01:00
semmle-qlci
a5aee9ed0f Merge pull request #833 from esben-semmle/js/sharpen-cond 
Approved by xiemaisi
 2019-01-29 08:03:06 +00:00
Taus
0f5b21e392 Merge pull request #807 from markshannon/python-insecure-file-permission 
Python: Weak file permissions query.
 2019-01-28 23:21:10 +01:00
Anders Schack-Mulligen
a29f615da0 Java: Add additional taint steps through collections. 2019-01-28 14:34:09 +01:00
Asger F
5d4192ce0a JS: change note 2019-01-28 13:04:28 +00:00
Mark Shannon
4e5d4e265c Add change note. 2019-01-28 13:01:04 +00:00
Mark Shannon
3992346add Python: Fix up mutating-descriptor query to only flag mutation when they occur during descriptor protocol. 2019-01-28 12:57:18 +00:00
Geoffrey White
bf7cdad736 CPP: Change note. 2019-01-28 09:31:06 +00:00
Esben Sparre Andreasen
239fe6e419 fixup! JS: sharpen the js/trivial-conditional whitelist 2019-01-28 10:18:03 +01:00
Jonas Jensen
4d441a3bdb Merge pull request #824 from geoffw0/fread 
CPP: Add 'fread' to BufferAccess.qll
 2019-01-28 09:07:22 +01:00
Esben Sparre Andreasen
ef3b107cc1 JS: sharpen the js/trivial-conditional whitelist 2019-01-25 18:19:45 +01:00
Taus
fc00e0a64a Merge pull request #796 from markshannon/python-import-used-in-doctest 
Python: Fix 'unused import' for doctests and typehints.
 2019-01-25 16:14:08 +01:00
Geoffrey White
704a220a29 CPP: Add query ID to change note. 2019-01-25 14:42:44 +00:00
Geoffrey White
f98abd6bf8 CPP: Add query ID to change note. 2019-01-25 14:41:12 +00:00
Geoffrey White
95eea5cc00 CPP: Change note. 2019-01-25 13:08:28 +00:00
Mark Shannon
6ddbed7d95 Python: Minor tweaks to qldoc and release note. 2019-01-25 11:34:41 +00:00
Max Schaefer
e6672aaf70 Merge pull request #804 from esben-semmle/js/sharpen-unneeded-defensive 
JS: better handling of nested expressions in js/unneeded-defensive-code
 2019-01-25 11:23:51 +08:00
Geoffrey White
45476f3047 Merge pull request #739 from jbj/strcpy-fixups 
C++: Clean up "Use of string copy function in a condition" query
 2019-01-24 17:50:40 +00:00
Geoffrey White
9bf0843776 CPP: Change note. 2019-01-24 15:15:03 +00:00
Mark Shannon
88d8cb514c Python: Two new queries for URL and hostname sanitization (CWE-020). 2019-01-24 12:57:14 +00:00
Calum Grant
c6d0600e76 Merge pull request #798 from hvitved/csharp/accessor-calls 
C#: Redefine `AccessorCall`
 2019-01-24 10:21:32 +00:00
Jonas Jensen
61e23bed88 Merge branch 'master' into strcpy-fixups 2019-01-24 10:51:51 +01:00
calum
c213cd451e C#: Update change notes. 2019-01-23 16:20:09 +00:00
Taus
0217451529 Merge pull request #789 from markshannon/python-points-to-extension-enhancement 
Python: Internal points-to extension enhancement.
 2019-01-23 11:31:36 +01:00
Tom Hvitved
338754ffda Merge pull request #800 from calumgrant/cs/winforms 
C#: Add sources from System.Windows.Forms controls
 2019-01-23 09:07:02 +01:00
yh-semmle
23e94c23e3 Merge pull request #786 from aschackmull/java/double-checked-locking 
Java: Fix FP in DoubleCheckedLocking.ql
 2019-01-22 17:39:54 -05:00
Mark Shannon
547b3eb973 Python: Fix 'unused import' to no longer give alerts for imported modules used in typehints. 2019-01-22 17:38:09 +00:00
Mark Shannon
a3b5769c2c Python: Weak file permissions query. 2019-01-22 11:33:19 +00:00
Mark Shannon
01a2add73b Python: Internal points-to extension enhancement. Use it handle re module constants. 2019-01-21 14:38:07 +00:00
Jonas Jensen
b30c9bc571 Merge remote-tracking branch 'upstream/source/pr/777/head' into mergeback-20190121 2019-01-21 09:59:04 +01:00