hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

216 Commits

Author SHA1 Message Date
Raul Garcia
7ab723ae79 Fixing typos & incorporating feedback. 
(MSFT feedback) Adding a new tag in the header @msrc.severity important
 2018-10-16 10:00:51 -07:00
Raul Garcia
22d54801e5 Removed one false-positive scenario (no space on lpCommandLine) 
Improved the query to avoid multiple calls to hasGlobalName
Fixed typos
Simplified the test case file
 2018-10-15 15:53:02 -07:00
Raul Garcia
242d40369b Merge branch 'master' into users/raulga/c6277 2018-10-12 15:59:54 -07:00
Raul Garcia
85283d63ce C++ : NULL application name with an unquoted path in call to CreateProcess 
Calling a function of the CreatePorcess* family of functions, which may result in a security vulnerability if the path contains spaces.
 2018-10-12 15:57:01 -07:00
Raul Garcia
230724c085 Updates based on feedback 2018-10-02 11:17:23 -07:00
Raul Garcia
253b8d1287 C++ : cpp/incorrect-string-type-conversion 
Cast between semantically different string types: char* from/to wchar_t*
NOTE: Please let me know if you want to use a different CWE than CWE-704
 2018-10-01 10:25:49 -07:00
Raul Garcia
54493eb990 Merge branch 'master' into master 2018-09-25 10:58:51 -07:00
Raul Garcia
d6d27df27b Removing all usage of single quotes 2018-09-25 10:50:34 -07:00
Raul Garcia
a566ffae4a Fixed the test .expected file 2018-09-24 10:18:39 -07:00
Raul Garcia
242ee10806 Major change in order to support the rule for C as well as cpp 2018-09-21 16:47:31 -07:00
Raul Garcia
925c3b51f9 Adding semmle-extractor-options: --microsoft to test 2018-09-21 15:21:07 -07:00
Raul Garcia
8519f1a9e1 Fixing tabs replaced to spaces 2018-09-21 13:07:39 -07:00
Raul Garcia
75ef377ac1 Replace Unicode apostrophe with ANSI single quote 2018-09-21 11:34:22 -07:00
Raul Garcia
783be15a45 Fixing typos & ID. 
NOTE: There is an ongoing discussion on the proper CWE we should use
 2018-09-21 11:14:14 -07:00
Raul Garcia
48c99fb1d1 Setting a SECURITY_DESCRIPTOR’s DACL to NULL 
Closing the gap between Semmle & PreFAST
This rule is equivalent to C6248
 2018-09-20 16:28:37 -07:00
Raul Garcia
b0ec929aad Cast between semantically different integer types: HRESULT to/from a Boolean type. 
Closing the gap between Semmle and PreFast.
Covers C6214, C6215, C6216, C6217, C6230
 2018-09-20 16:16:32 -07:00