Max Schaefer
0cfd04dfa2
JavaScript: Eliminate slow antijoin predicate.
2018-10-12 13:01:01 +01:00
Max Schaefer
080f974663
JavaScript: Refactor AnalyzedPropertyWrite::writes to enable correct modelling of variable exports.
2018-10-12 13:00:52 +01:00
Geoffrey White
3b8c72bf1e
Merge pull request #303 from jbj/UnsignedGEZero-templates
...
C++: Suppress UnsignedGEZero.ql in template instantiations
2018-10-12 09:43:48 +01:00
semmle-qlci
16b29b2d08
Merge pull request #299 from asger-semmle/nosql-sinks
...
Approved by xiemaisi
2018-10-12 07:12:05 +01:00
semmle-qlci
44fd18c4a9
Merge pull request #309 from aschackmull/java/fix-some-lib-qldoc
...
Approved by yh-semmle
2018-10-11 21:35:33 +01:00
semmle-qlci
76af2d2e3d
Merge pull request #249 from hvitved/csharp/cfg/boolean-splitting
...
Approved by calumgrant
2018-10-11 20:14:37 +01:00
Tom Hvitved
98db3f89c2
C#: Extend pre-SSA consistency tests
2018-10-11 13:59:06 +02:00
Tom Hvitved
68dae60927
Merge pull request #295 from calumgrant/cs/extractor/open-source
...
C#: Open-source extractor
2018-10-11 13:57:16 +02:00
Tom Hvitved
cc14328be5
C#: Add change note
2018-10-11 13:20:24 +02:00
Felicity Chapman
e2629728ba
Merge pull request #235 from jbj/hresult-boolean-qhelp
...
C++: Finalise docs for cpp/hresult-boolean-conversion and cpp/unsafe-dacl-security-descriptor
2018-10-11 11:02:17 +01:00
calum
a06c8bd2f5
C#: Address review comments.
2018-10-11 10:28:34 +01:00
Anders Schack-Mulligen
85cca69721
Merge pull request #220 from yh-semmle/java/update-tests
...
Java: refine `java/unreachable-catch-clause`
2018-10-11 11:12:15 +02:00
Anders Schack-Mulligen
fc359b75d3
Java: Add qldoc to a few libraries.
2018-10-11 11:05:39 +02:00
semmle-qlci
6a03bd8f5c
Merge pull request #300 from esben-semmle/js/http-file-access-polish
...
Approved by asger-semmle
2018-10-11 09:00:00 +01:00
yh-semmle
c1473f5425
Java: add query ID in change note for java/unreachable-catch-clause
2018-10-10 19:16:57 -04:00
calumgrant
e6e4502cdb
Merge pull request #148 from aschackmull/docs/ql-style-guide
...
QL style guide: Clarify some outstanding issues
2018-10-10 18:22:05 +01:00
Jonas Jensen
a10c3bcffb
C++: Suppress UnsignedGEZero in template inst.
...
It still runs on uninstantiated templates because its underlying
libraries do. It's not clear whether that leads to other false
positives, but that's independent of the change I'm making here.
2018-10-10 17:06:24 +02:00
Jonas Jensen
383dafac5c
C++: Test for UnsignedGEZero with templates
2018-10-10 17:04:35 +02:00
Anders Schack-Mulligen
99846474eb
QL style guide: Adjust style rules for if-then-else.
2018-10-10 16:42:34 +02:00
Anders Schack-Mulligen
31e1706c98
QL style guide: Address some review comments.
2018-10-10 16:42:34 +02:00
Anders Schack-Mulligen
6feb1d0766
QL style guide: Clarify some outstanding issues.
2018-10-10 16:42:34 +02:00
Esben Sparre Andreasen
6687dfd558
JS: improve model of express' req.sendFile
2018-10-10 15:46:43 +02:00
calum
518c901ddc
C#: Merge latest changes.
2018-10-10 14:40:52 +01:00
calum
103d140e71
C#: Migrate extractor to this repository.
2018-10-10 14:40:52 +01:00
Esben Sparre Andreasen
358b6c3413
JS: change "remote request" to "network request"
2018-10-10 15:34:39 +02:00
Esben Sparre Andreasen
e93545d16e
JS: address more review comments
2018-10-10 15:28:42 +02:00
Jonas Jensen
3e022ad36f
Merge pull request #270 from geoffw0/negindex
...
CPP: Improvements to Buffer.qll
2018-10-10 14:59:41 +02:00
Esben Sparre Andreasen
c885490c7e
JS: address review comments
2018-10-10 12:18:30 +02:00
Esben Sparre Andreasen
6b8fd49fba
JS: add change notes for two new queries
2018-10-10 12:17:46 +02:00
Esben Sparre Andreasen
0da1ac4d75
JS: naming and documentation cleanup for NodeJS file system accesses
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
64b0d39390
JS: polish HttpToFileAccess.qll
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
df72492f16
JS: polish FileAccessToHttp.qll
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
43f98a7ef8
JS: refactor NodeJSFileSystemRead* to FileStreamRead
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
30f7f41dff
JS: refactor NodeJSFileSystemWrite to FileStreamWrite
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
e99b9d34c5
JS: polish characters of NodeJSFileSystemAccess*Call
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
4e4597a24d
JS: replace HTTP::RequestBody with ClientRequest.getADataNode
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
0fc56e443e
JS: introduce ClientRequest.getADataNode
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
3b2440e850
JS: remove useless externs definitions for tests
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
a3ec739210
JS: restructure FileSystemWriteAccess/FileSystemReadAccess API
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
b00aa36cdc
JS: polish HttpToFileAccess.ql
2018-10-10 12:12:54 +02:00
Esben Sparre Andreasen
d261915598
JS: polish FileAccessToHttp.ql
2018-10-10 12:12:54 +02:00
Asger F
74f115fa40
JS: add test case
2018-10-10 10:46:40 +01:00
Asger F
2a87d53db4
JS: Add additional Mongoose/MongoDB sinks
2018-10-10 10:11:18 +01:00
Tom Hvitved
c064b1f41d
Merge pull request #103 from lukecartey/csharp/zipslip-update
...
C#: ZipSlip - Refine sanitizers
2018-10-10 10:47:23 +02:00
Max Schaefer
8d8148d58e
Merge pull request #294 from asger-semmle/canonical-this-source
...
JS: Canonicalize 'this' in the data-flow graph
2018-10-10 08:10:53 +01:00
Max Schaefer
355786c2d8
Merge pull request #296 from esben-semmle/js/more-array-creation
...
JS: use DataFlow::ArrayCreationNode in additional places
2018-10-10 08:10:17 +01:00
yh-semmle
fa3b9a6997
Java: add change note for java/unreachable-catch-clause
2018-10-09 21:31:19 -04:00
yh-semmle
26b630f700
Java: clarify help for java/unreachable-catch-clause
2018-10-09 21:15:51 -04:00
yh-semmle
001b9f8b56
Java: account for generic exceptions in java/unreachable-catch-clause
2018-10-09 21:15:45 -04:00
semmle-qlci
b1ece81e13
Merge pull request #297 from xiemaisi/csharp/line-endings
...
Approved by hvitved
2018-10-09 21:30:05 +01:00
