hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,671 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
69785fcae6 CPP: Include offsetof type calculations in memberMayBeVarSize. 2018-10-25 09:09:29 +01:00
Jonas Jensen
d144f0d154 C++: Test for unreachable return statement 
This test shows that the previous fix did not solve the problem where a
bad return statement exists but is unreachable.
 2018-10-25 09:42:15 +02:00
semmle-qlci
cfe0b8803a Merge pull request #332 from raulgarciamsft/users/raulga/c6293a 
Approved by dave-bartolomeo
 2018-10-25 00:59:35 +01:00
Raul Garcia
e1efcb0b26 Update .gitignore 2018-10-24 15:23:40 -07:00
Raul Garcia
a04eb53189 Documentation bug fix. 
Encoding the "<" character
 2018-10-24 15:22:53 -07:00
calum
8cdfb8707c C#: Update change notes. 2018-10-24 17:54:10 +01:00
calum
3041756207 C#: Allow constructor parameters to shadow class members. 2018-10-24 17:48:51 +01:00
calum
5c0b9867f8 C#: Fix violations for cs/local-shadows-member 2018-10-24 17:36:51 +01:00
Nate Nystrom
33ba814551 fixed mixed tabs and spaces 2018-10-24 17:37:18 +02:00
Geoffrey White
ec205e995b CPP: Include sizeof(expr) expressions in isDynamicallyAllocatedWithDifferentSize. 2018-10-24 16:17:04 +01:00
Aditya Sharad
292189c1e0 Merge pull request #347 from xiemaisi/rc/1.18-master-merge 
Mergeback rc/1.18 to master
 2018-10-24 16:03:30 +01:00
Nate Nystrom
d228bd0b13 Fixed compilation error 2018-10-24 15:50:00 +02:00
Nate Nystrom
4ebfb019d8 ref to NumberFormatException.ql 2018-10-24 15:49:25 +02:00
Nate Nystrom
8228b46223 test case for NumberFormatException 2018-10-24 15:48:56 +02:00
Jonas Jensen
3c6bed4de6 C++: FP fix for "operator= doesn't return *this" 2018-10-24 15:44:00 +02:00
Jonas Jensen
47a548f564 C++: FP test for "operator= doesn't return *this" 
This rule should not apply to functions that never return.
 2018-10-24 15:42:39 +02:00
Nate Nystrom
d04fde7157 Fixed compilation error. 2018-10-24 15:27:23 +02:00
Anders Schack-Mulligen
1d716ae461 Java: Add remote user input sources for Spring servlets. 2018-10-24 15:00:15 +02:00
Anders Schack-Mulligen
263de5219a Java: Add additional SQL injection sinks. 2018-10-24 13:58:21 +02:00
semmle-qlci
21ff87d6a3 Merge pull request #353 from xiemaisi/js/port-tests 
Approved by asger-semmle, esben-semmle
 2018-10-24 12:47:48 +01:00
Jonas Jensen
fc2b64a8b3 C++: Add C++ analysis team to CODEOWNERS 
We previously removed our entry because the notifications got too noisy,
but we agreed recently in the C++ analysis team to try adding an entry
with just the analysis team and only in the public repository.
 2018-10-24 11:58:37 +02:00
Tom Hvitved
97904eb202 Revert "JavaScript: Patch CFG to improve support for non-top level import declarations." 
This reverts commit f05e777e64.
 2018-10-24 10:45:57 +01:00
Max Schaefer
9a856935db Merge remote-tracking branch 'upstream/rc/1.18' into rc/1.18-master-merge 2018-10-24 10:43:37 +01:00
Max Schaefer
f103b1a371 JavaScript: Copy over a test left in internal repo. 
This test seems to have been accidentally committed into the old location in the internal repo.
 2018-10-24 08:40:54 +01:00
Jonas Jensen
7affbe4a7d Merge pull request #341 from geoffw0/av_114 
CPP: Improve AV Rule 114.ql's understanding of return types.
 2018-10-24 09:39:51 +02:00
Dave Bartolomeo
f278f4fa47 C++: Operands as IPA types 
@rdmarsh2 has been working on various queries and libraries on top of the IR, and has pointed out that having to always refer to an operand of an instruction by the pair of (instruction, operandTag) makes using the IR a bit clunky. This PR adds a new `Operand` IPA type that represents an operand of an instruction. `OperandTag` still exists, but is now an internal type used only in the IR implementation.
 2018-10-23 14:58:44 -07:00
Jonas Jensen
640de0c947 Merge pull request #304 from geoffw0/resource-released 
CPP: Fix false positive in AV Rule 79.ql
 2018-10-23 20:24:23 +02:00
Nate Nystrom
e174ca6ed8 Query for uncaught NumberFormatException 2018-10-23 19:03:15 +02:00
semmledocs-ac
1f390f2f77 Merge pull request #326 from rdmarsh2/rdmarsh/cpp/dead-code-goto 
C++: new query for dead code after goto or break
 2018-10-23 16:55:14 +01:00
Geoffrey White
dda7069890 CPP: Look for destructors in the template. 2018-10-23 13:05:43 +01:00
Geoffrey White
76a5072c8b CPP: Change in results presumed to result from discover_walk extractor changes. 2018-10-23 13:05:43 +01:00
Geoffrey White
982fd522f1 CPP: Change note. 2018-10-23 13:05:43 +01:00
Geoffrey White
905336a625 CPP: Refine fix. 2018-10-23 13:05:42 +01:00
Geoffrey White
b861df0887 CPP: Fix issue when destructor body is missing. 2018-10-23 13:05:42 +01:00
Geoffrey White
5931a978dc CPP: Add a test of a template instantiation where the destructor is never called. 2018-10-23 13:05:42 +01:00
Geoffrey White
f20af4906b CPP: Add a test of a Shutdown / Clear method. 2018-10-23 13:05:42 +01:00
semmle-qlci
b1a463bf93 Merge pull request #349 from hvitved/csharp/extractor/no-global-json 
Approved by calumgrant
 2018-10-23 12:00:28 +01:00
Tom Hvitved
a3fafd9ad1 C#: Remove global.json 2018-10-23 11:51:27 +02:00
Aditya Sharad
c88db424fa Merge pull request #343 from geoffw0/av-35-1.18 
CPP: Fix hasXMacro performance.
 2018-10-23 10:24:16 +01:00
Max Schaefer
3522200e90 Merge pull request #342 from xiemaisi/rc/1.18-cherry-picks 
JavaScript: 1.18.1 cherry-picks
 2018-10-22 20:03:22 +01:00
Geoffrey White
de1556042a CPP: Fix hasXMacro performance. 2018-10-22 19:43:04 +01:00
Robert Marsh
f674d43ab1 Merge pull request #329 from geoffw0/overflowdest 
CPP: Improve Overflowdest.ql
 2018-10-22 10:51:41 -07:00
Robert Marsh
7bcc4379fc C++: accept loops with arbitrary labels or cases 2018-10-22 09:59:49 -07:00
Robert Marsh
4bed86f566 Merge pull request #313 from geoffw0/av-35 
CPP: Fix hasXMacro performance.
 2018-10-22 09:33:19 -07:00
Max Schaefer
212edc2e18 Merge pull request #307 from esben-semmle/js/unused-import 
JS: make js/unused-local-variable flag import statements
 2018-10-22 13:13:02 +01:00
Tom Hvitved
135271e9ad Merge pull request #287 from calumgrant/cs/lock-order 
C#: Improvements to cs/inconsistent-lock-sequence
 2018-10-22 14:11:20 +02:00
Max Schaefer
7702b58794 Merge pull request #305 from asger-semmle/json-taint-kind 
JS: Add flow label for tainted objects and sharpen NosqlInjection
 2018-10-22 11:58:50 +01:00
Dave Bartolomeo
dbae5c2d62 Update change-notes/1.19/analysis-cpp.md 
Co-Authored-By: geoffw0 <geoffrey@semmle.com>
 2018-10-22 11:50:18 +01:00
Max Schaefer
25224cc4a0 Revert "TypeScript: disable queries that rely on token information" 
This reverts commit 003b600e24.
 2018-10-22 11:06:11 +01:00
semmle-qlci
c78f3f8edf Merge pull request #336 from aschackmull/java/dataflow-cleanup 
Approved by yh-semmle
 2018-10-20 03:43:49 +01:00