hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,671 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
a4bd586907 Merge pull request #456 from geoffw0/query-tags 
CPP: Query tags 1
 2018-11-21 16:13:23 +01:00
Geoffrey White
1b69006c20 CPP: Combine two of the Missing return statement change notes. 2018-11-21 15:09:09 +00:00
Taus
24bf2922e0 Merge pull request #515 from markshannon/python-add-metadata 
Python tests: Add missing metadata files.
 2018-11-21 15:45:32 +01:00
Taus
13d130dad0 Merge pull request #514 from markshannon/python-remove-architect-tests 
Python tests: Remove some obsolete tests.
 2018-11-21 15:45:21 +01:00
Geoffrey White
cab6f1e87c CPP: Backticks. 2018-11-21 14:39:22 +00:00
Mark Shannon
527c95cd0b Python tests: Add missing metadata files. 2018-11-21 14:39:18 +00:00
Asger F
27c9326e70 JS: address doc review 2018-11-21 14:19:14 +00:00
Mark Shannon
976fed76b9 Python tests: Remove some obsolete tests. 2018-11-21 14:18:46 +00:00
ian-semmle
366934f884 Merge pull request #350 from geoffw0/cpp-205-detail 
CPP: Add detail to the CPP-205 test
 2018-11-21 13:30:53 +00:00
Jonas Jensen
4e2d40aad8 Merge pull request #484 from geoffw0/limitedscopefile 
CPP: Fix Limitedscopefile.ql
 2018-11-21 14:30:48 +01:00
Esben Sparre Andreasen
72c4ef4d90 JS: fixup optional chaining on CallWithNonLocalAnalyzedReturnFlow 2018-11-21 14:18:14 +01:00
Geoffrey White
b4846dc995 CPP: Modify NVIHub.ql. 2018-11-21 13:11:08 +00:00
Asger F
8c7e19567b JS: fix string value of taint configuration 2018-11-21 12:35:35 +00:00
calum
69ab1ed5bd C#: Add nodes predicate to all path queries. 2018-11-21 12:35:05 +00:00
Asger F
4ae2493798 JS: rename query to Unsafe Dynamic Method Access 2018-11-21 12:34:18 +00:00
Max Schaefer
19aa12106c JavaScript: Teach AutoBuild to exclude minified files from extraction by default . 
This adds default exclusion filters for `**/*.min.js` and `**/*-min.js` to the JavaScript auto-builder, meaning that files matching these patterns will no longer be extracted,
unless they are re-included in the `.lgtm.yml` file.

Alerts in minified code aren't shown by default anyway, so we can save ourselves some work by not analyzing them in the first place.

While including minified files in the snapshot can in theory improve analysis results in non-minified files, this is likely to be rare in practice.
 2018-11-21 12:27:39 +00:00
calumgrant
1b12e845c5 Merge pull request #491 from hvitved/csharp/cfg/split-negation 
C#: Fix two bugs in Boolean CFG splitting
 2018-11-21 11:48:08 +00:00
calum
8c753d7e94 C#: Fix ReDoS query. 2018-11-21 11:15:55 +00:00
Asger F
cb832b1de9 Merge branch 'unsafe-global-object-access' of github.com:asger-semmle/ql into unsafe-global-object-access 2018-11-21 11:14:21 +00:00
Asger F
84d642612e JS: more comments 2018-11-21 11:14:13 +00:00
Max Schaefer
fa761c07bd Update javascript/ql/src/Security/CWE-094/MethodNameInjection.ql 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2018-11-21 10:55:38 +00:00
Jonas Jensen
f177e348bd Merge pull request #471 from geoffw0/query-tags-2 
CPP: Query tags 2 (JSF queries)
 2018-11-21 11:43:29 +01:00
Pavel Avgustinov
5cd3a9c40d Merge pull request #500 from markshannon/python-python-security-queries-to-high 
Python: Set precision of security queries to 'high'
 2018-11-21 09:41:38 +00:00
Esben Sparre Andreasen
caea6212ed JS: use inheritance in js/mixed-static-instance-this-access 2018-11-21 09:48:37 +01:00
Esben Sparre Andreasen
01ad9ed8bc JS: address review comments 2018-11-21 09:19:20 +01:00
Dave Bartolomeo
3715215b3f C++: Add IR support for ConditionalDeclExpr 
Also fixes several places in the library that weren't handling `ConditionalDeclExpr`  correctly.
 2018-11-21 00:14:44 -08:00
Esben Sparre Andreasen
41b45352aa JS(ql): support optional chaining 2018-11-21 08:57:10 +01:00
Esben Sparre Andreasen
00587ba7b4 JS(extractor): support optional chaining 2018-11-21 08:57:10 +01:00
Dave Bartolomeo
07f9fe6ee4 C++: Add Uninitialized instruction for list-initialized variables 
This commit inserts an `Uninitialized` instruction to "initialize" a local variable when that variable is initialized with an initializer list. This ensures that there is always a definition of the whole variable before any read or write to part of that variable.

This change appears in a different form in @rdmarsh2's Chi node PR, but I needed to refactor the initialization code anyway to handle ConditionDeclExpr.
 2018-11-20 16:12:44 -08:00
Tom Hvitved
8233e34ba2 C#: Fix Boolean splitting for variables defined in a loop 2018-11-20 21:22:00 +01:00
Tom Hvitved
89d5daa137 C#: Fix Boolean splitting negation bug 2018-11-20 21:22:00 +01:00
Tom Hvitved
841218540e C#: Add CFG test 
This test exhibits two issues with Boolean CFG splitting: incorrect handling of
negated variables and incorrect splitting for variables defined inside a loop.
 2018-11-20 21:22:00 +01:00
calumgrant
87072dfb0e Merge pull request #489 from hvitved/csharp/pre-ssa-extensions 
C#: Extensions to pre-SSA library
 2018-11-20 20:20:41 +00:00
Asger F
7d80847832 JS: add qhelp example to test suite 2018-11-20 18:44:18 +00:00
Asger F
4138f814d8 JS: expand example 2018-11-20 18:42:49 +00:00
Asger F
260ae36cf8 JS: document the shared module 2018-11-20 18:27:02 +00:00
Asger F
3902f752d0 JS: share detection of objects with unsafe methods 2018-11-20 18:26:20 +00:00
Asger F
b16072a7be JS: share ConcatSanitizer in common module 2018-11-20 18:24:52 +00:00
Asger F
49cd2876c9 JS: use StringConcatenation library in ConcatSanitizer 2018-11-20 18:12:07 +00:00
Asger F
1c06f45046 JS: address some comments 2018-11-20 18:11:46 +00:00
semmle-qlci
b21b066255 Merge pull request #499 from xiemaisi/js/target-blank-location 
Approved by esben-semmle
 2018-11-20 17:16:05 +00:00
Geoffrey White
3c7ed9b7ab CPP: Fix typo. 2018-11-20 17:13:23 +00:00
Geoffrey White
8aeaf0bc8e CPP: Add an external/jsf tag as well. 2018-11-20 17:13:23 +00:00
Geoffrey White
bb7da78c95 CPP: Tag the JSF queries. 2018-11-20 17:13:22 +00:00
Geoffrey White
9922e36590 CPP: Add missing file. 2018-11-20 16:55:10 +00:00
Geoffrey White
ae91581204 CPP: Change note. 2018-11-20 16:52:36 +00:00
Geoffrey White
0493b68b50 Merge pull request #497 from jbj/disable-no-virtual-destructor 
C++: Remove @precision from AV Rule 78
 2018-11-20 16:44:36 +00:00
Geoffrey White
d8381ef448 CPP: Add change notes for some more changes. 2018-11-20 16:42:17 +00:00
Geoffrey White
7df7d8dd9e CPP: Add change notes for new query contributions. 2018-11-20 16:14:22 +00:00
Geoffrey White
e8f967a477 CPP: Add change notes for my recent changes. 2018-11-20 16:14:22 +00:00