hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,505 Commits 1,671 Branches 157 Tags
050e2395072a38c9ab8834d6c360d6aa3331a780
Commit Graph

217 Commits

Author SHA1 Message Date
Geoffrey White
050e239507 C++: Change note. 2020-04-06 14:39:07 +01:00
Jonas Jensen
16c7a35b1c Merge pull request #3195 from geoffw0/taintstring 
C++: Model taint flow through std::string constructor and c_str()
 2020-04-03 12:05:07 +02:00
Geoffrey White
ab716ebe75 C++: Change note. 2020-04-02 19:49:42 +01:00
Geoffrey White
6b5f4d9e12 Merge branch 'master' into av114 2020-04-01 18:23:21 +01:00
semmle-qlci
1975a83cdd Merge pull request #3116 from max-schaefer/js/postgres-type-tracking 
Approved by asgerf
 2020-03-27 09:23:52 +00:00
semmle-qlci
e7fd97e72b Merge pull request #3119 from erik-krogh/SockJS 
Approved by esbena
 2020-03-25 21:36:29 +00:00
Erik Krogh Kristensen
f7faaa634f change-note 2020-03-25 11:37:39 +01:00
semmle-qlci
ac7c74dcee Merge pull request #3111 from RasmusWL/python-fabric-command-injection 
Approved by BekaValentine
 2020-03-25 10:07:33 +00:00
Max Schaefer
efbcec09ef JavaScript: Add type tracking to Postgres model. 2020-03-24 17:30:07 +00:00
Rasmus Wriedt Larsen
49fa7c8589 Python: update 1.24 changelog 2020-03-24 10:15:36 +01:00
semmle-qlci
4c9a6b73ee Merge pull request #3107 from erik-krogh/FArgs 
Approved by esbena
 2020-03-24 08:32:56 +00:00
Erik Krogh Kristensen
833183c706 change note 2020-03-23 14:13:30 +01:00
Asger F
6c2842bd49 Merge pull request #2919 from asger-semmle/js/property-barriers 
JS: Make sanitizers no longer block taint inside an object
 2020-03-23 11:43:18 +00:00
Luke Cartey
9eee16b2d6 Merge pull request #3091 from hvitved/csharp/xpath-injection-more-sinks 
C#: Teach XPath injection query about `XPathNavigator`
 2020-03-23 09:39:26 +00:00
semmle-qlci
2c7af72f14 Merge pull request #2858 from RasmusWL/python-support-django2 
Approved by tausbn
 2020-03-23 09:35:46 +00:00
Tom Hvitved
fc74a482a4 C#: More XPath injection sinks 2020-03-19 14:13:35 +01:00
Tom Hvitved
0d45700088 C#: Add change note 2020-03-19 13:41:22 +01:00
Asger Feldthaus
de7fbce27b JS: Adjust whitespace in change notes 2020-03-18 11:55:13 +00:00
Asger Feldthaus
08ad4f785a JS: Tweak other parts of change note for consistency 2020-03-18 11:55:12 +00:00
Asger Feldthaus
ad2b150d05 JS: Add change note 2020-03-18 11:55:12 +00:00
Jonas Jensen
f1ad0dafdc Merge pull request #2849 from geoffw0/model-gets 
C++: Model for gets
 2020-03-18 11:06:23 +01:00
semmle-qlci
ea46873bfe Merge pull request #3065 from erik-krogh/PathSinks 
Approved by esbena
 2020-03-17 13:00:00 +00:00
Erik Krogh Kristensen
9403026fff add change note 2020-03-17 11:48:02 +01:00
Geoffrey White
034f7cc948 Merge branch 'master' into model-gets 2020-03-16 15:12:36 +00:00
Geoffrey White
40db92bfd1 C++: Change note. 2020-03-16 13:22:00 +00:00
semmle-qlci
7e093a8e5c Merge pull request #3041 from erik-krogh/JQueryAjax 
Approved by esbena
 2020-03-14 22:31:59 +00:00
Esben Sparre Andreasen
4d6aa20990 Merge pull request #3004 from esbena/js/additional-mongodb-and-mongoose-injection-sinks 
JS: Mongoose and MongoDB improvements
 2020-03-14 12:31:43 +01:00
Jonas Jensen
917b984909 Merge pull request #3050 from geoffw0/mismatching_placement_new 
C++: Fix mismatching new/free FP in template code.
 2020-03-12 12:42:29 +01:00
Geoffrey White
f84c94b5fb C++: Change note. 2020-03-11 18:11:51 +00:00
Erik Krogh Kristensen
2c18144560 change note 2020-03-11 17:01:41 +01:00
Erik Krogh Kristensen
dd261c51f7 add change note 2020-03-11 14:42:57 +01:00
Rasmus Wriedt Larsen
2da1503942 Merge branch 'master' into python-support-django2 2020-03-11 11:21:47 +01:00
Esben Sparre Andreasen
5b1b945c35 JS: distinguishes escapes in strings and regular expression literals 2020-03-10 12:26:20 +01:00
Esben Sparre Andreasen
e61f522f30 JS: bump change notes for mongodb 2020-03-10 09:57:45 +01:00
Max Schaefer
3c785ecaa7 JavaScript: Move flow summaries to experimental. 
Also update description and change note to call out their experimental character more clearly.
 2020-03-09 12:57:20 +00:00
Asger Feldthaus
a9a9c14eea JS: Change note 2020-03-07 15:15:13 +00:00
semmle-qlci
7891f8621e Merge pull request #2982 from esbena/js/request-model-with-chaining 
Approved by asgerf
 2020-03-06 08:57:42 +00:00
Esben Sparre Andreasen
db335ae89b JS: add default/chaining for request 2020-03-04 12:36:49 +01:00
Asger Feldthaus
6f2b05932e JS: Change note 2020-03-04 11:18:12 +00:00
Esben Sparre Andreasen
4625217a68 Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules 2020-03-03 15:07:51 +01:00
semmle-qlci
7f3f629d39 Merge pull request #2913 from asger-semmle/js/prototype-pollution-path 
Approved by erik-krogh
 2020-03-03 10:29:47 +00:00
Esben Sparre Andreasen
adddebf039 Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules 2020-03-03 10:55:16 +01:00
semmle-qlci
e1c5449885 Merge pull request #2867 from erik-krogh/UselessCat 
Approved by esbena
 2020-03-03 09:10:25 +00:00
Erik Krogh Kristensen
019266e537 change name of Useless cat 2020-03-02 13:06:08 +01:00
Anders Schack-Mulligen
b210009eec Merge pull request #2923 from yo-h/java-customizations 
Java: add `Customizations.qll`
 2020-03-02 09:58:34 +01:00
Esben Sparre Andreasen
a589061bee JS: add type-tracking to the fs-module and model the original-fs 2020-02-28 12:54:59 +01:00
Erik Krogh Kristensen
ce9cd53bf1 Merge remote-tracking branch 'upstream/master' into UselessCat 2020-02-28 09:56:23 +01:00
Erik Krogh Kristensen
17f1974e05 Apply suggestions from code review 
Co-Authored-By: mc <42146119+mchammer01@users.noreply.github.com>
 2020-02-28 09:43:32 +01:00
Asger Feldthaus
52ebe49a0b JS: Flag deep assignments in prototype pollution query 2020-02-27 12:17:55 +00:00
Erik Krogh Kristensen
9c06c48dc7 Merge pull request #2884 from esbena/js/practically-exploitable-redos 
JS: add query js/exploitable-polynomial-redos
 2020-02-27 10:19:17 +01:00