hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,671 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

84738 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
63180d484b Merge pull request #60 from pavgust/imp/c-wrapped-functions 
Approved by dave-bartolomeo, jbj
 2018-08-15 16:44:27 +01:00
Ian Lynagh
d2b4265b73 C++: Improve the JSF 3.02 rule 1 message, and add a test 2018-08-15 15:26:18 +01:00
Jonas Jensen
6225fcf2b8 Merge pull request #12 from pavgust/imp/c-locations 
Simplify C locations handling
 2018-08-15 16:14:31 +02:00
semmle-qlci
6132b2c419 Merge pull request #34 from esben-semmle/js/twitter_text-library 
Approved by xiemaisi
 2018-08-15 14:45:52 +01:00
ian-semmle
6e7b3ad90c Merge pull request #61 from Semmle/cpp-CODEOWNERS 
Remove @Semmle/cpp from CODEOWNERS
 2018-08-15 13:36:59 +01:00
semmle-qlci
12577f0280 Merge pull request #47 from jbj/ir-perf-blocks-etc 
Approved by dave-bartolomeo
 2018-08-15 12:53:43 +01:00
Nick Rolfe
6b6749854e Remove @Semmle/cpp from CODEOWNERS 2018-08-15 12:32:54 +01:00
Nick Rolfe
df1f51463f C++: extend test to cover template aliases 2018-08-15 10:44:51 +01:00
Nick Rolfe
5bef9f7118 C++: test for resolving specialisations dependent on template aliases 2018-08-15 10:44:51 +01:00
Geoffrey White
f904aed016 Merge pull request #57 from jbj/suites-in-ql-repo 
C++: Move C/C++ suites to ql repo
 2018-08-15 10:19:08 +01:00
semmle-qlci
8e5059f43a Merge pull request #58 from xiemaisi/js/demote-heterogeneous-comparison 
Approved by asger-semmle
 2018-08-15 09:01:24 +01:00
Max Schaefer
105b6c9d84 Merge pull request #59 from tibbes/js/fix-qhelp-typo 
JS: fix typo in qhelp (parameter type confusion)
 2018-08-15 08:36:25 +01:00
Esben Sparre Andreasen
a025dafcf5 JS: classify twitter-text library instances 2018-08-15 08:51:31 +02:00
Denis Levin
a09e7db08d Removing @precision high tag 2018-08-14 18:41:21 -07:00
Denis Levin
cdc065cc38 Merge pull request #1 from calumgrant/cs/ZipSlip 
C#: Fix the unit tests for ZipSlip
 2018-08-14 18:35:48 -07:00
Pavel Avgustinov
d999ada22c FunctionsWithWrappers: Simplify/tidy library. 2018-08-14 17:16:15 -07:00
Pavel Avgustinov
628edc9577 definitions.qll: Tidy up handling of type mentions 2018-08-14 16:38:57 -07:00
Pavel Avgustinov
3bc06627e1 Simplify definitions.qll for C++. 2018-08-14 16:38:56 -07:00
Pavel Avgustinov
382ae85431 Simplify location handling for C++ locations. 2018-08-14 16:38:56 -07:00
Max Schaefer
303b0a0027 JavaScript: Demote HeterogenousComparison to warning level. 2018-08-14 15:54:07 +01:00
Geoffrey White
031964e853 Merge pull request #30 from jbj/incomplete-parity-check-medium 
C++: Downgrade cpp/incomplete-parity-check from high to medium precision [CPP-236]
 2018-08-14 15:19:02 +01:00
semmle-qlci
8323a77a48 Merge pull request #56 from xiemaisi/js/import-globals 
Approved by asger-semmle
 2018-08-14 14:45:40 +01:00
Jonas Jensen
dc22833259 C++: Factor out IRBlock.qll differences 
All three `IRBlock.qll` files are now identical again, and they are just
a thin object-oriented layer on top of the three
`IRBlockConstruction.qll` files, two of which are identical.
 2018-08-14 14:12:26 +02:00
Julian Tibble
5456ffb64c JS: fix typo in qhelp (parameter type confusion) 2018-08-14 13:07:20 +01:00
calum
fc5963b831 C#: Rename filename in expected test output. 2018-08-14 13:00:25 +01:00
calum
82f0c389c7 C#: Update test references to use .NET Core, and change relative directory of moved test file. 2018-08-14 12:52:26 +01:00
Jonas Jensen
da02c45102 Merge pull request #36 from rdmarsh2/rdmarsh/cpp/add-security-tags 
C++: add security tags to more queries
 2018-08-14 12:07:28 +02:00
Jonas Jensen
3e1247257f C++: Move C/C++ suites to ql repo 
As the queries live here, it makes sense for the suites to be versioned
together with them. The LGTM suite has already been moved. This commit
moves the actively-maintained non-LGTM suites.
 2018-08-14 11:41:31 +02:00
Geoffrey White
58a2639518 Merge pull request #53 from pavgust/imp/no-macro-getenclosingelement 
Element::getEnclosingElement: Skip macro information.
 2018-08-14 09:43:23 +01:00
Max Schaefer
886329689f JavaScript: Teach globalVarRef about top-level this and the global npm package. 2018-08-14 09:15:15 +01:00
Max Schaefer
9de527fbe2 Merge pull request #49 from asger-semmle/array-map-taint 
JavaScript: add taint steps through Array 'join' and 'map' methods
 2018-08-14 08:07:54 +01:00
Max Schaefer
8a98e3cc56 Merge pull request #50 from xiemaisi/js/node-detector-test-output 
JavaScript: Update expected test output due to changes in Node.js detector.
 2018-08-14 08:07:33 +01:00
Denis Levin
7492dabde0 cs: Don't Install Root Certificate (CWE-327) 2018-08-13 16:43:44 -07:00
Denis Levin
cee996c543 Adding .expected file to QLTest 2018-08-13 15:04:15 -07:00
Denis Levin
242fba3fd2 cs: Query for ZipSlip vulnerability (CVE-2018-1002200) 
Initial check in to validate the tests
 2018-08-13 14:56:45 -07:00
Pavel Avgustinov
64338b0581 Element::getEnclosingElement: Skip macro information. 
Previously, we would try to find an element enclosing each macro
access. This is not in general well-defined, especially in the
context of template instantiations -- macros are a lexing-time
concept, and don't map cleanly onto AST elements.
 2018-08-13 22:16:49 +01:00
Robert Marsh
9cf599fb59 C++: remove some tags in response to PR comments 2018-08-13 10:25:10 -07:00
Tom Hvitved
9d2dd97f18 Merge pull request #51 from calumgrant/cs/lgtm-query-suites-submodule 
C#: Move query suite files into submodule
 2018-08-13 17:21:58 +02:00
calum
9d010775b8 C#: Move query suite files into submodule. 2018-08-13 15:03:37 +01:00
Max Schaefer
e67f36732a JavaScript: Update expected test output due to changes in Node.js detector. 2018-08-13 14:08:14 +01:00
Asger F
587e0f9175 JavaScript: add change note 2018-08-13 13:11:01 +01:00
Asger F
d9ba5a1cab JavaScript: add test cases for new array steps 2018-08-13 12:27:12 +01:00
Asger F
66dcd7d4c7 JavaScript: add taint step from return value of 'map' callback 2018-08-13 12:15:24 +01:00
Asger F
0c124d2f8c JavaScript: add taint step through 'join' 2018-08-13 12:12:25 +01:00
semmle-qlci
c0fe0a1d24 Merge pull request #46 from asger-semmle/html-sanitizers 
Approved by xiemaisi
 2018-08-13 10:16:15 +01:00
semmle-qlci
3d0748c542 Merge pull request #48 from xiemaisi/js/webview-sinks 
Approved by asger-semmle
 2018-08-13 09:37:33 +01:00
Max Schaefer
14f14c1f6c JavaScript: Add change note. 2018-08-10 15:59:28 +01:00
Max Schaefer
199990feea JavaScript: Add WebView-related taint sinks for CodeInjection, DomBasedXss and ServerSideUrlRedirect. 2018-08-10 15:59:27 +01:00
Max Schaefer
3ce82aff02 JavaScript: Add basic modelling of React Native WebViews. 2018-08-10 15:59:27 +01:00
Jonas Jensen
d88c9c67f1 C++ IR: Don't repeat a very similar predicate body 2018-08-10 16:05:31 +02:00