hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-07 19:50:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,559 Commits 1,680 Branches 157 Tags
047cd2b706610bb06f2b9be4543258ba9a47bec2
Commit Graph

19559 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
047cd2b706 Merge pull request #5074 from MathiasVP/strnextc-model-implementation 
C++: Implement a model for _strnextc and its variants
 2021-02-02 16:45:16 +00:00
Mathias Vorreiter Pedersen
ff58d5a7c0 C++: Address review comments. 2021-02-02 17:06:38 +01:00
Mathias Vorreiter Pedersen
9e75a4be34 C++: Implement a model for _strnextc and its variants. 2021-02-02 16:42:39 +01:00
Mathias Vorreiter Pedersen
98d73bf474 Merge pull request #5072 from MathiasVP/strcrement-model-implementation 
C++: Implement model for _strinc and related functions
 2021-02-02 16:22:13 +01:00
Mathias Vorreiter Pedersen
07a20752bc Fix spelling in qldoc. 
Co-authored-by: Cornelius Riemenschneider <criemen@github.com>
 2021-02-02 15:51:40 +01:00
Jonas Jensen
aa9ab41e30 Merge pull request #5059 from geoffw0/mswprintf 
C++: Exclude custom vprintf implementations from primitiveVariadicFormatter.
 2021-02-02 15:13:25 +01:00
Geoffrey White
708d3870ee C++: Actually it's more appropriate to remove the implementation of vswprintf. 2021-02-02 13:42:27 +00:00
Geoffrey White
4e904dd87d C++: Repair the test. 2021-02-02 13:08:46 +00:00
Mathias Vorreiter Pedersen
b54f74a68a C++: Implement model for _strinc and related functions. 2021-02-02 12:20:02 +01:00
Mathias Vorreiter Pedersen
5db1984315 Merge pull request #5070 from MathiasVP/strsep-model-implementation 
C++: Add strsep model implementation.
 2021-02-02 12:00:26 +01:00
Geoffrey White
eed2aee17d C++: Effect on tests. 2021-02-02 10:59:14 +00:00
Geoffrey White
9f50f67e6d Merge pull request #5065 from MathiasVP/scanf-model 
C++: Add sscanf and fscanf models
 2021-02-02 10:30:19 +00:00
Mathias Vorreiter Pedersen
0db54e08b8 C++: Address review comments. 2021-02-02 10:48:07 +01:00
CodeQL CI
4fdbda3543 Merge pull request #5056 from erik-krogh/react 
Approved by asgerf
 2021-02-02 01:40:08 -08:00
Mathias Vorreiter Pedersen
6e71c68f33 C++: Add strsep model implementation. 2021-02-02 10:29:23 +01:00
Tom Hvitved
8abc37fba3 Merge pull request #5051 from hvitved/csharp/ssa/caching 
C#: Reduce caching in `SsaImplCommon.qll`
 2021-02-02 08:35:03 +01:00
CodeQL CI
749dfe4358 Merge pull request #5068 from Marcono1234/patch-1 
Approved by shati-patel
 2021-02-01 08:47:55 -08:00
yoff
b92af8bcec Merge pull request #5042 from RasmusWL/django-more-view-classes 
Python: Add full-path modeling of Django more view classes
 2021-02-01 17:33:29 +01:00
Marcono1234
fa469587c1 Remove duplicate word in language specification 2021-02-01 17:32:53 +01:00
yoff
c0511ca9f9 Merge pull request #5053 from github/python-add-essavariable-locations 
Python: Add locations for ESSA variables
 2021-02-01 17:31:25 +01:00
Tamás Vajk
700a2dbb93 Merge pull request #5063 from tamasvajk/feature/remove-indexerproperty-ast 
C#: Report IndexerProperty as Property in the PrintAST query
 2021-02-01 17:25:25 +01:00
Mathias Vorreiter Pedersen
be9908df87 C++: Fix copy/paste error. 2021-02-01 16:45:07 +01:00
Mathias Vorreiter Pedersen
71e1218ad5 Merge pull request #5061 from MathiasVP/more-memcpy-memset-strcpy-strcat-models 
C++: Add more memcpy, memset, strcat and strcpy models
 2021-02-01 16:25:01 +01:00
Mathias Vorreiter Pedersen
9db19613d6 C++: Reuse logic from commons/Scanf. 2021-02-01 16:10:28 +01:00
Taus Brock-Nannestad
fc01e5607f Python: Use getLocation directly on EssaNode 2021-02-01 14:55:18 +01:00
CodeQL CI
2de230ea75 Merge pull request #5062 from esbena/js/test-for-html-concat-obfuscation 
Approved by erik-krogh
 2021-02-01 05:29:50 -08:00
Mathias Vorreiter Pedersen
27b41c2016 C++: Address review comments. 2021-02-01 13:32:46 +01:00
Mathias Vorreiter Pedersen
c747914ef2 C++: Add sscanf and fscanf model implementations. 2021-02-01 12:54:59 +01:00
Taus
b8b42eaea3 Merge pull request #5064 from RasmusWL/fix-missing-override 
Python: Add missing override annotation
 2021-02-01 12:37:38 +01:00
Mathias Vorreiter Pedersen
61125b4bf2 C++: Address review comments. 2021-02-01 12:15:57 +01:00
Taus
3179546b8c Merge pull request #5058 from yoff/python-add-consistency-checks-to-all-dataflow-test-folders 
Python: Add consistency checks to all data-flow test folders
 2021-02-01 11:41:31 +01:00
Rasmus Wriedt Larsen
4ef9a6cf2a Python: Add missing override annotation 2021-02-01 11:28:41 +01:00
Rasmus Wriedt Larsen
4b6a59a126 Python: Apply code-review suggestion 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-02-01 11:12:32 +01:00
Esben Sparre Andreasen
9678534f25 JS: add tests for some syntactic XSS vector obfuscations 2021-02-01 10:20:23 +01:00
Tamas Vajk
1b6cb340d3 C#: Report IndexerProperty as Property in the PrintAST query 2021-02-01 10:08:51 +01:00
Erik Krogh Kristensen
aae69c6537 update expected output 2021-02-01 09:33:52 +01:00
Tamás Vajk
aa35fcafeb Merge pull request #5018 from tamasvajk/feature/csharp9-binary-pattern-cfg 
C#: Extract 'and' and 'or' patterns
 2021-02-01 09:17:52 +01:00
Rasmus Lerchedahl Petersen
6730396ad6 Python: Remove tests from non-test directory 2021-02-01 08:52:00 +01:00
Mathias Vorreiter Pedersen
6c3f44bba8 C++: Add more memcpy, memset, strcat and strcpy models. Also refine which strcpy functions can live in the std namespace. 2021-02-01 08:44:10 +01:00
Geoffrey White
064d89735b Merge pull request #5046 from MathiasVP/model-more-pure-functions 
C++: Model more pure functions
 2021-01-29 22:05:48 +00:00
Geoffrey White
03922aa1f5 C++: Exclude custom vprintf implementations. 2021-01-29 21:20:36 +00:00
Rasmus Lerchedahl Petersen
f6fa1276a6 Python: Add consistency checks 
to all data-flow test floders
 2021-01-29 21:28:43 +01:00
Tamas Vajk
7e9913a8a7 Fix failing pattern tests 2021-01-29 17:25:44 +01:00
Tamas Vajk
a9c51e7300 Fix missing pattern matching completions 2021-01-29 15:16:30 +01:00
CodeQL CI
c9537f2639 Merge pull request #5029 from asgerf/js/silence-angular-template-fps 
Approved by erik-krogh
 2021-01-29 06:06:37 -08:00
Taus Brock-Nannestad
817a142abc Python: Add getLocation to EssaVariable. 
This may be a slightly "bogus" location to provide for ESSA variables,
but it can be useful for debugging. For instance, where previously you
might just see

```
SSA variable x | ...
SSA variable x | ...
SSA variable x | ...
SSA variable x | ...
SSA variable x | ...
SSA variable x | ...
```

where each instance of `SSA variable x` was just a bare string, now
each occurrence will tell you (via its location) _where_ this variable
is being (re)defined.
 2021-01-29 14:45:12 +01:00
Taus
cb195a0dc4 Merge pull request #4752 from yoff/python-dataflow-unpacking-assignment 
Python: Dataflow, unpacking assignment
 2021-01-29 14:15:28 +01:00
Taus
be5b7bb4c4 Merge pull request #5022 from yoff/python-split-lambdas 
Python: Callable for lambdas
 2021-01-29 14:12:26 +01:00
Erik Krogh Kristensen
c9ec983cd8 add js/client-side-unvalidated-url-redirection test for script tags inside react code 2021-01-29 12:50:43 +01:00
Erik Krogh Kristensen
39591687ba add js/code-injection sink for script tags in React 2021-01-29 12:50:17 +01:00