Esben Sparre Andreasen
|
6b8fd49fba
|
JS: add change notes for two new queries
|
2018-10-10 12:17:46 +02:00 |
|
Esben Sparre Andreasen
|
0da1ac4d75
|
JS: naming and documentation cleanup for NodeJS file system accesses
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
64b0d39390
|
JS: polish HttpToFileAccess.qll
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
df72492f16
|
JS: polish FileAccessToHttp.qll
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
43f98a7ef8
|
JS: refactor NodeJSFileSystemRead* to FileStreamRead
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
30f7f41dff
|
JS: refactor NodeJSFileSystemWrite to FileStreamWrite
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
e99b9d34c5
|
JS: polish characters of NodeJSFileSystemAccess*Call
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
4e4597a24d
|
JS: replace HTTP::RequestBody with ClientRequest.getADataNode
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
0fc56e443e
|
JS: introduce ClientRequest.getADataNode
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
3b2440e850
|
JS: remove useless externs definitions for tests
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
a3ec739210
|
JS: restructure FileSystemWriteAccess/FileSystemReadAccess API
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
b00aa36cdc
|
JS: polish HttpToFileAccess.ql
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
d261915598
|
JS: polish FileAccessToHttp.ql
|
2018-10-10 12:12:54 +02:00 |
|
Asger F
|
74f115fa40
|
JS: add test case
|
2018-10-10 10:46:40 +01:00 |
|
Asger F
|
2a87d53db4
|
JS: Add additional Mongoose/MongoDB sinks
|
2018-10-10 10:11:18 +01:00 |
|
Tom Hvitved
|
c064b1f41d
|
Merge pull request #103 from lukecartey/csharp/zipslip-update
C#: ZipSlip - Refine sanitizers
|
2018-10-10 10:47:23 +02:00 |
|
Asger F
|
4e7f171f54
|
JavaScript: do not cache AdditionalPartialInvokeNode
|
2018-10-10 09:40:49 +01:00 |
|
Max Schaefer
|
8d8148d58e
|
Merge pull request #294 from asger-semmle/canonical-this-source
JS: Canonicalize 'this' in the data-flow graph
|
2018-10-10 08:10:53 +01:00 |
|
Max Schaefer
|
355786c2d8
|
Merge pull request #296 from esben-semmle/js/more-array-creation
JS: use DataFlow::ArrayCreationNode in additional places
|
2018-10-10 08:10:17 +01:00 |
|
yh-semmle
|
fa3b9a6997
|
Java: add change note for java/unreachable-catch-clause
|
2018-10-09 21:31:19 -04:00 |
|
yh-semmle
|
26b630f700
|
Java: clarify help for java/unreachable-catch-clause
|
2018-10-09 21:15:51 -04:00 |
|
yh-semmle
|
001b9f8b56
|
Java: account for generic exceptions in java/unreachable-catch-clause
|
2018-10-09 21:15:45 -04:00 |
|
semmle-qlci
|
b1ece81e13
|
Merge pull request #297 from xiemaisi/csharp/line-endings
Approved by hvitved
|
2018-10-09 21:30:05 +01:00 |
|
Jonas Jensen
|
4b59c0cb80
|
Merge branch 'master' into hresult-boolean-qhelp
|
2018-10-09 14:56:58 +02:00 |
|
Max Schaefer
|
2d8f424ce8
|
C#: Convert tests/query-tests/Stubs/Test.cs to Unix line endings.
|
2018-10-09 13:01:00 +01:00 |
|
semmle-qlci
|
2a9abcbb8c
|
Merge pull request #279 from hvitved/csharp/type-conversion-performance
Approved by calumgrant
|
2018-10-09 10:15:53 +01:00 |
|
Jonas Jensen
|
95abf557ac
|
Merge pull request #292 from hvitved/mergeback-2018-10-08
Merge master into next
|
2018-10-09 11:10:44 +02:00 |
|
Tom Hvitved
|
8df657c9f0
|
Merge pull request #217 from calumgrant/cs/make_stubs
C#: Tool to generate stubs for qltests
|
2018-10-09 09:59:53 +02:00 |
|
Asger F
|
9fb73f41c9
|
JS: rename ReactComponent::getAThisAccess -> getAThisNode
|
2018-10-09 08:54:44 +01:00 |
|
Asger F
|
fd58039753
|
JS: update additional QL test output
|
2018-10-09 08:54:14 +01:00 |
|
Asger F
|
e551ff3818
|
JS: add change note
|
2018-10-09 08:54:14 +01:00 |
|
Jonas Jensen
|
0e25649a5b
|
Merge pull request #289 from geoffw0/change-notes
CPP: Additional change notes.
|
2018-10-09 09:53:44 +02:00 |
|
Asger F
|
030bae9454
|
JS: Canonicalize ThisNode
|
2018-10-09 08:53:41 +01:00 |
|
Asger F
|
3bc5e3bfdf
|
JS: Replace some uses AnalyzedValueNode with AnalyzedNode
|
2018-10-09 08:53:41 +01:00 |
|
yh-semmle
|
7962530789
|
Java: add .project file in test directory
|
2018-10-08 20:25:43 -04:00 |
|
calum
|
2fdf766750
|
C#: Address review comments.
|
2018-10-08 17:26:30 +01:00 |
|
Geoffrey White
|
8163def3ae
|
CPP: Alter the dataflow case.
|
2018-10-08 15:45:17 +01:00 |
|
Geoffrey White
|
8ab830f21c
|
CPP: Allow multiple dataflow sources.
|
2018-10-08 15:45:17 +01:00 |
|
Geoffrey White
|
fe6c9f9ea2
|
CPP: Stricter dataflow in getBufferSize.
|
2018-10-08 15:45:17 +01:00 |
|
Geoffrey White
|
beb21f92d3
|
CPP: Separate the dataflow case from dynamic allocation.
|
2018-10-08 15:45:17 +01:00 |
|
Geoffrey White
|
ef8ca5de58
|
CPP: Replace def-use with dataflow in getBufferSize.
|
2018-10-08 15:45:17 +01:00 |
|
Geoffrey White
|
c747f24b39
|
CPP: Fix the initialized array case in getBufferSize.
|
2018-10-08 15:45:17 +01:00 |
|
Geoffrey White
|
03fd1ce83d
|
CPP: Remove external/microsoft tag.
|
2018-10-08 15:30:43 +01:00 |
|
Tom Hvitved
|
ccebd5eb11
|
Merge remote-tracking branch 'upstream/master' into mergeback-2018-10-08
|
2018-10-08 16:23:29 +02:00 |
|
Tom Hvitved
|
546a91e192
|
Revert "JavaScript: Patch CFG to improve support for non-top level import declarations."
This reverts commit f05e777e64.
|
2018-10-08 16:20:40 +02:00 |
|
Max Schaefer
|
e354694173
|
Merge pull request #273 from asger-semmle/csrf-sources
JS: add RemoteFlowSource.isThirdPartyControllable()
|
2018-10-08 15:09:38 +01:00 |
|
Asger F
|
d2af4ab94a
|
Merge pull request #227 from xiemaisi/js/taint-kinds
JavaScript: Add support for state-based taint tracking.
|
2018-10-08 15:09:12 +01:00 |
|
Esben Sparre Andreasen
|
70cd03d3bc
|
JS: use DataFlow::ArrayCreationNode in additional places
|
2018-10-08 15:47:11 +02:00 |
|
Pavel Avgustinov
|
2904ebb8a3
|
Merge pull request #291 from jbj/mergeback-20181008
Mergeback rc/1.18 to master
|
2018-10-08 13:56:50 +01:00 |
|
Jonas Jensen
|
4e25929f82
|
Merge pull request #288 from geoffw0/widechartype
CPP: Address Widechartype / WChar_t
|
2018-10-08 13:46:28 +02:00 |
|