hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-31 04:38:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
29,397 Commits 1,723 Branches 164 Tags
06000781e945ede29ec545c71cd1729bcd771d0c
Commit Graph

29397 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin Muskalla
6c59333716 Remove workaround that accounted for missing flow 2021-11-10 16:30:21 +01:00
Benjamin Muskalla
7dae6122d9 Support CharSequence#toString 
Given CharSequence is often used as an
alias for String, ensure taint through toString is flowing
 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
ca9d5439f0 Restrict source configuration to return nodes 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
7a7ec06819 Simplify sink configuration 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
1a4fd7bc7d Allow camelcase names 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
2b2ac82fb7 Fix bug in sink detection 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
c616eb1473 Fix finding more sources 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
38579ef25b Add proper metadata to queries 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
a80d50cbc0 Simplify field flow 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
a1d8dfb524 Initial support for source models 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
c844f5382f Add script to generate flow models 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
f9fea15a52 Initial support for capturing sink models 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
364de55b8d Support parameter->parameter flow 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
cd11ef3bf6 Support outgoing taint flow from fields 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
c3462be2c9 Capture argument->return value flows 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
4ca006ba3d Only expose visible innner classes 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
88032afdc3 Add test for final class 2021-11-10 16:30:17 +01:00
Benjamin Muskalla
ec772fb6b2 Add support for qualifier flow 2021-11-10 16:30:17 +01:00
Benjamin Muskalla
32ef40c77b Add scaffolding for summary model generator 2021-11-10 16:30:17 +01:00
Erik Krogh Kristensen
2d907f825e have the aliasPropertyPresenceStep step over extend calls 2021-11-10 16:26:00 +01:00
Geoffrey White
ae622bd482 C++: Use hasGlobalOrStdName. 2021-11-10 14:57:07 +00:00
Tom Hvitved
198b321158 Java: Hide parameters of summarized callables 2021-11-10 15:13:32 +01:00
Tom Hvitved
34fdf11b4b Ruby: Update expected test output 2021-11-10 15:11:13 +01:00
Tom Hvitved
82abab1510 C#: Hide parameters of summarized callables 2021-11-10 15:11:13 +01:00
Anders Schack-Mulligen
6d9fb3ca43 Dataflow: Sync. 2021-11-10 15:11:13 +01:00
Anders Schack-Mulligen
678a21e532 Dataflow: Support hidden return nodes in subpaths. 2021-11-10 15:11:13 +01:00
Mathias Vorreiter Pedersen
e0b876d2f6 Merge pull request #7102 from MathiasVP/fix-map-test 
C++: Fix a testcase
 2021-11-10 13:51:10 +00:00
yoff
d23a920ed4 Merge branch 'main' into python/model-aiomysql 2021-11-10 14:32:36 +01:00
Rasmus Lerchedahl Petersen
57e7bfbdba Python: model aiomysql 2021-11-10 14:29:39 +01:00
Rasmus Lerchedahl Petersen
047cff0749 Python: test aiomysql 2021-11-10 14:24:45 +01:00
Mathias Vorreiter Pedersen
ccdaf49464 C++: Fix the same bug in the test for ordered maps. 2021-11-10 13:24:27 +00:00
Erik Krogh Kristensen
55434653f5 add CWE-532 to the clear-text-logging query 2021-11-10 14:15:49 +01:00
Erik Krogh Kristensen
98da532c46 dont extract regular expressions from strings that are leaves in a string concat 2021-11-10 14:11:48 +01:00
Mathias Vorreiter Pedersen
86d78b34aa C++: Use the correct variable in the 'test'. 2021-11-10 13:04:48 +00:00
Rasmus Wriedt Larsen
de926dc2a1 Merge pull request #7085 from yoff/python/model-aiopg 
Python: model aiopg
 2021-11-10 13:10:30 +01:00
Rasmus Wriedt Larsen
1f90dcadf1 Python: Use backtracker for verify arg 2021-11-10 12:54:23 +01:00
Geoffrey White
2f39c64cc2 C++: Fix character in qhelp. 2021-11-10 11:23:57 +00:00
Benjamin Muskalla
0f086056a1 Merge pull request #7100 from bmuskalla/bmuskalla/ioAsFile 
Java: Extract Commons IO into seperate file
 2021-11-10 12:04:12 +01:00
Max Schaefer
a8c4455b20 Factor out an auxiliary predicate. 2021-11-10 10:17:59 +00:00
Rasmus Lerchedahl Petersen
92a7114b72 Python: Add API references 2021-11-10 11:06:58 +01:00
Rasmus Lerchedahl Petersen
c6d285dd2a Python: Fix test 2021-11-10 11:06:45 +01:00
yoff
a856395d56 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-11-10 10:51:40 +01:00
Benjamin Muskalla
f9fa22c14d Removed unused import 2021-11-10 10:21:54 +01:00
Benjamin Muskalla
1a751608de Extract Commons IO into seperate file 2021-11-10 10:15:27 +01:00
Mathias Vorreiter Pedersen
e2ab1c8c5e Merge branch 'main' into use-range-analysis-in-buffer-write 2021-11-10 08:28:43 +00:00
Tony Torralba
4da1dce811 Merge pull request #7099 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-11-10 08:54:11 +01:00
Erik Krogh Kristensen
ab5d9459c7 Update javascript/ql/src/Security/CWE-384/SessionFixation.qhelp 
Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com>
 2021-11-10 08:24:46 +01:00
ihsinme
a0448240aa Update InsecureTemporaryFile.expected 2021-11-10 09:23:51 +03:00
ihsinme
7514fe2b45 Update test.cpp 2021-11-10 09:22:58 +03:00
ihsinme
289d58745a Update InsecureTemporaryFile.ql 2021-11-10 09:22:03 +03:00