hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,671 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

29908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Behrang Fouladi Azarnaminy
7071c75567 revert "Chaning EOL in two files" 
This reverts commit ecd08d4560.
 2018-09-14 09:03:48 -07:00
Esben Sparre Andreasen
444a09a17c JS: add models of five file system libraries 2018-09-14 15:30:44 +02:00
Esben Sparre Andreasen
5781b518bc JS: change notes for js/stored-xss 2018-09-14 15:30:44 +02:00
Esben Sparre Andreasen
33f98dd1a7 JS: add query: js/stored-xss 2018-09-14 15:30:44 +02:00
Pavel Avgustinov
2b4da8d6a7 Parameter.qll: Tweak how effective declaration entries are computed 
With the new formulation, we can join on function and index at the
same time, leading to significant performance gains on large code
bases that use templates extensively.
 2018-09-14 12:22:01 +01:00
Asger F
a3562aa4a7 Merge pull request #193 from esben-semmle/js/reduce-precision-of-remote-property-injection 
JS: lower @precision of js/remote-property-injection
 2018-09-14 11:14:13 +01:00
Nick Rolfe
440d64d0b8 Merge pull request #191 from jbj/merge-master-next-20180913 
Merge master to next
 2018-09-14 10:24:32 +01:00
Esben Sparre Andreasen
e2fac8a03c JS: introduce concept: FileNameSource 2018-09-14 11:09:29 +02:00
Esben Sparre Andreasen
6d3c1a1d22 JS: introduce fsModuleMember 2018-09-14 11:09:29 +02:00
Esben Sparre Andreasen
8de269e1fb JS: add support for fs-extra in NodeJSFileSystemAccess 2018-09-14 11:09:29 +02:00
semmle-qlci
abbadf24f0 Merge pull request #192 from esben-semmle/js/additional-array-taint-steps 
Approved by asger-semmle
 2018-09-14 10:02:36 +01:00
Dave Bartolomeo
c9cb2a0d14 Merge pull request #177 from jbj/ir-array-init-perf 
C++: IR: Fix performance of value-init ranges
 2018-09-14 00:14:45 -07:00
Esben Sparre Andreasen
81aeda69e1 JS: lower @precision of js/remote-property-injection 2018-09-14 07:37:47 +02:00
semmle-qlci
961ecfb43f Merge pull request #187 from esben-semmle/js/additional-whitelisting-form-unbound-event-handlers 
Approved by asger-semmle
 2018-09-14 06:35:39 +01:00
Raul Garcia
28050e1415 Change to cpp/overflow-buffer to detect access to an array using a negative index (static, out of range access, lower bound). 2018-09-13 15:44:32 -07:00
Esben Sparre Andreasen
cb2bd9e0ae JS: change notes for additional array taint steps 2018-09-13 21:36:53 +02:00
Esben Sparre Andreasen
4c13e6b46b JS: add additional array-specific taint steps 2018-09-13 21:36:53 +02:00
Jonas Jensen
9886e4a056 Merge remote-tracking branch 'upstream/master' into merge-master-next-20180913 2018-09-13 20:28:17 +02:00
Robert Marsh
1a14b13703 C++: migrate change note 2018-09-13 09:53:41 -07:00
semmle-qlci
6266d8bf01 Merge pull request #184 from aschackmull/java/intmulttolong-message 
Approved by yh-semmle
 2018-09-13 15:00:14 +01:00
ian-semmle
bc0d4f1855 Merge pull request #188 from nickrolfe/convvec 
C++: support clang's __builtin_convertvector
 2018-09-13 14:55:19 +01:00
Esben Sparre Andreasen
763da72ce5 JS: modernize old array taint steps 2018-09-13 15:52:25 +02:00
Esben Sparre Andreasen
ea37665ec6 JS: move array-specific taint steps to separate class 2018-09-13 15:52:25 +02:00
semmle-qlci
3d022298dc Merge pull request #186 from Semmle/rc/1.18 
Approved by esben-semmle
 2018-09-13 12:34:54 +01:00
Nick Rolfe
3d2637a249 C++: stats for builtinconvertvector 2018-09-13 10:28:42 +01:00
Nick Rolfe
0957ee7c1b C++: support clang's __builtin_convertvector 2018-09-13 10:28:41 +01:00
Anders Schack-Mulligen
b9acdf573a Java: Update qltest. 2018-09-13 10:18:09 +02:00
Esben Sparre Andreasen
52013f3071 JS: change notes for improved js/unbound-event-handler-receiver 2018-09-13 08:43:01 +02:00
Esben Sparre Andreasen
fcc33ce93d JS: whitelist auto-bind methods in js/unbound-event-handler-receiver 2018-09-13 08:41:41 +02:00
Esben Sparre Andreasen
eb10f603ab JS: whitelist decorator-bound methods in js/unbound-event-handler-receiver 2018-09-13 08:41:41 +02:00
Esben Sparre Andreasen
1220b50737 JS: whitelist _.bindAll-methods in js/unbound-event-handler-receiver 2018-09-13 08:41:41 +02:00
Behrang Fouladi Azarnaminy
ecd08d4560 Chaning EOL in two files 2018-09-12 12:05:57 -07:00
Tom Hvitved
7db2589aae Merge pull request #185 from adityasharad/merge/1.18-next-120918 
Merge rc/1.18 into next.
 2018-09-12 16:51:34 +02:00
Geoffrey White
1459b981f3 Merge pull request #183 from jbj/unsafe-strcat-perf 
C++: Restructure UnsafeUseOfStrcat for performance
 2018-09-12 15:16:58 +01:00
Aditya Sharad
767045b55d Merge rc/1.18 into next. 2018-09-12 14:59:54 +01:00
Asger F
cc6edd4e23 Merge pull request #182 from felicity-semmle/1.18/js-change-notes 
LGTM 1.18: finalize the JavaScript change notes
 2018-09-12 14:00:42 +01:00
Anders Schack-Mulligen
1bbc67b57c Java: Autoformat query. 2018-09-12 10:14:41 +02:00
Anders Schack-Mulligen
ccbd8aaebc Java: Improve alert message of IntMultToLong. 2018-09-12 10:13:57 +02:00
Jonas Jensen
9fb5fbd995 C++: Restructure UnsafeUseOfStrcat for performance 
This query gets optimized badly, and it has started timing out when we
run it on our own code base. Most of the evaluation time is spent in an
RA predicate named `#select#cpe#1#f#antijoin_rhs#1`, which takes 1m36s a
Wireshark snapshot.

This restructuring of the code makes the problematic RA predicate go
away.
 2018-09-12 09:37:17 +02:00
Felicity Chapman
4d512a5b01 Remove non-LGTM query (see following PR) 2018-09-11 22:54:37 +01:00
Felicity Chapman
7dd891d908 Further updates and addition of query @ids 2018-09-11 22:51:14 +01:00
Felicity Chapman
223bf6cf56 Updates for consistency 2018-09-11 22:31:32 +01:00
semmle-qlci
9e0ba51280 Merge pull request #179 from esben-semmle/js/classify-multi-license-fix 
Approved by asger-semmle
 2018-09-11 21:30:10 +01:00
Behrang Fouladi Azarnaminy
fc087ffb71 Replaceing query and test files with suggested ones 2018-09-11 12:32:56 -07:00
Behrang Fouladi Azarnaminy
befca6cafa Remove webview example and its reference in qlhelp file 2018-09-11 12:31:00 -07:00
Jonas Jensen
df948ecbbc C++: IR: designated initializer test 2018-09-11 19:43:02 +02:00
Dave Bartolomeo
49b8db9631 Merge pull request #180 from jbj/ArrayType-size-docs 
C++: Document the three predicates for array size
 2018-09-11 10:11:45 -07:00
semmle-qlci
b17aeb689c Merge pull request #118 from esben-semmle/js/request-forgery 
Approved by asger-semmle
 2018-09-11 16:28:59 +01:00
Asger F
5fef916683 Merge pull request #171 from asger-semmle/js-for-loop-cfg 
JavaScript: fix CFG for EnhancedForStmt
 2018-09-11 16:27:47 +01:00
Esben Sparre Andreasen
43c65e02ec JS: classify bundle files based on multiple license comments 2018-09-11 15:40:24 +02:00