codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00

Author	SHA1	Message	Date
Jonas Jensen	3470ebc583	Merge pull request #223 from pavgust/imp/no-instantiation-mentions C++ definitions: Ignore type mentions of class inatantiations.	2018-09-25 09:31:10 +02:00
Jonas Jensen	8f19efe2e8	Merge pull request #211 from raulgarciamsft/users/raulga/HESULT Cast between semantically different integer types: HRESULT to/from bool	2018-09-25 09:01:35 +02:00
Sauyon Lee	614a8ef091	Allow void* pointer arithmetic with sizeof Technically this isn't allowed by the C spec, but it's been seen in the wild: see `3763c7b338/files/src/csp_buffer.c`\#x1d04047d2bb68c21:1	2018-09-24 11:05:40 -07:00
Denis Levin	1438cae362	Correction to the test's expected file as the test was modified.	2018-09-24 10:45:54 -07:00
Geoffrey White	473252632c	Merge pull request #221 from jbj/IntMultToLong-char C++: Suppress IntMultToLong alert on char-typed numbers	2018-09-24 18:42:41 +01:00
Raul Garcia	a566ffae4a	Fixed the test .expected file	2018-09-24 10:18:39 -07:00
Pavel Avgustinov	fa698380e2	C++ definitions: Ignore type mentions of class inatantiations. We currently erroneously keep mentions of class instantiations, which can lead to bad performance on template-heavy code bases. We never want to link those anyway, so we can simply suppress them.	2018-09-24 18:18:30 +01:00
Raul Garcia	c75019726c	Removing tabs & reformatting	2018-09-24 10:10:58 -07:00
Raul Garcia	c3b523cdc4	Fixing a missed reference to renamed file.	2018-09-24 10:02:52 -07:00
Geoffrey White	d975c09012	CPP: Change note.	2018-09-24 17:25:34 +01:00
Geoffrey White	4edc54df0c	CPP: Use unspecified types everywhere (for simplicity and robustness).	2018-09-24 17:17:41 +01:00
Geoffrey White	b15db5d1e5	CPP: Add a test case that we handle poorly.	2018-09-24 17:17:41 +01:00
Jonas Jensen	a56376a2df	C++: rename effectivelyConstant to likelySmall This reflects the existing QLDoc better and makes it more clear why it includes char-typed expressions.	2018-09-24 14:37:11 +02:00
Jonas Jensen	4d2e4c53f1	C++: Suppress IntMultToLong alert on char	2018-09-24 14:37:09 +02:00
Jonas Jensen	2b5d150829	C++: Test for IntMultToLong on char-typed numbers	2018-09-24 14:36:36 +02:00
semmle-qlci	7f56be6fe2	Merge pull request #216 from asger-semmle/lusca-csrf Approved by esben-semmle	2018-09-24 11:34:24 +01:00
semmle-qlci	46178271d1	Merge pull request #213 from asger-semmle/sendfile Approved by xiemaisi	2018-09-24 11:32:46 +01:00
Esben Sparre Andreasen	42fc28bc55	JS: add ad hoc whitelist checks as sanitizers	2018-09-24 11:17:35 +02:00
Jonas Jensen	d2f11dc18c	Merge pull request #209 from dave-bartolomeo/dave/CNewLines LF all the things	2018-09-24 09:02:54 +02:00
Dave Bartolomeo	396d7ea928	Mark several known binary extensions as `-text`	2018-09-23 16:24:32 -07:00
Dave Bartolomeo	1f36f5552f	Normalize all text files to LF Use `* text=auto eol=lf`	2018-09-23 16:24:31 -07:00
Dave Bartolomeo	26abf5d4a2	Force LF for basically everything.	2018-09-23 16:24:31 -07:00
Dave Bartolomeo	aa267c8302	C++: Force LF for .c,.cpp,.h,.hpp	2018-09-23 16:23:52 -07:00
Jonas Jensen	caf4a767ad	Merge pull request #219 from geoffw0/resource-not-released C++: Exclude placement new from AV Rule 79.ql	2018-09-22 17:41:36 +02:00
Raul Garcia	242ee10806	Major change in order to support the rule for C as well as cpp	2018-09-21 16:47:31 -07:00
Denis Levin	8152cefa60	Squished changes for HttpToFileAccess commint	2018-09-21 16:44:01 -07:00
Raul Garcia	925c3b51f9	Adding semmle-extractor-options: --microsoft to test	2018-09-21 15:21:07 -07:00
Geoffrey White	492d79ea53	CPP: Change note.	2018-09-21 21:13:37 +01:00
Raul Garcia	1fd7b4ad22	Merge branch 'master' of https://github.com/raulgarciamsft/ql	2018-09-21 13:07:45 -07:00
Raul Garcia	8519f1a9e1	Fixing tabs replaced to spaces	2018-09-21 13:07:39 -07:00
Raul Garcia	c22787293e	Update .gitignore	2018-09-21 11:35:43 -07:00
Geoffrey White	3922082e7d	CPP: Tidy and simplify AV Rule 79.ql.	2018-09-21 19:35:23 +01:00
Raul Garcia	75ef377ac1	Replace Unicode apostrophe with ANSI single quote	2018-09-21 11:34:22 -07:00
Raul Garcia	94f752c59c	Merge branch 'users/raulga/HESULT' of https://github.com/raulgarciamsft/ql into users/raulga/HESULT	2018-09-21 11:14:49 -07:00
Raul Garcia	783be15a45	Fixing typos & ID. NOTE: There is an ongoing discussion on the proper CWE we should use	2018-09-21 11:14:14 -07:00
Nick Rolfe	e21a5e4b4c	Merge pull request #214 from jbj/mergeback-20180921_104253 Mergeback rc/1.18 -> master	2018-09-21 17:54:28 +01:00
semmle-qlci	d281558fb1	Merge pull request #218 from yh-semmle/java/query-severities Approved by aschackmull	2018-09-21 16:59:03 +01:00
Geoffrey White	d5a48ad63e	CPP: Additional test cases.	2018-09-21 15:55:29 +01:00
Asger F	4797924bea	JS: review comments	2018-09-21 14:46:21 +01:00
Asger F	d2a04d32be	JS: add change note	2018-09-21 13:20:02 +01:00
Asger F	5f467d2fc5	JS: recognize CSRF middleware from lusca package	2018-09-21 13:15:40 +01:00
calum	abe5d0dd72	C#: Fixes to stub generation.	2018-09-21 13:06:33 +01:00
Asger F	6f109a742f	JS: add a test case for res.sendfile	2018-09-21 11:04:33 +01:00
Geoffrey White	84f9900c8c	CPP: Exclude placement new.	2018-09-21 10:53:42 +01:00
Geoffrey White	c7aa5c169b	CPP: Add a test of placement new for AV Rule 79.ql.	2018-09-21 10:47:00 +01:00
Jonas Jensen	e2a17e9740	Merge remote-tracking branch 'upstream/rc/1.18' into mergeback-20180921_104253	2018-09-21 10:45:54 +02:00
Esben Sparre Andreasen	8a950a587d	Merge pull request #208 from aeyerstaylor/fix-qltest-change JavaScript: Fix expected output due to qltest change.	2018-09-21 08:08:50 +02:00
Raul Garcia	5ccc1a32aa	Merge branch 'master' into master	2018-09-20 16:30:48 -07:00
Raul Garcia	48c99fb1d1	Setting a SECURITY_DESCRIPTOR’s DACL to NULL Closing the gap between Semmle & PreFAST This rule is equivalent to C6248	2018-09-20 16:28:37 -07:00
Raul Garcia	64b8a5ba01	Merge branch 'master' into users/raulga/HESULT	2018-09-20 16:20:26 -07:00

... 583 584 585 586 587 ...

29908 Commits