hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,785 Commits 1,741 Branches 165 Tags
15562e48149f245dbdb13c91d60a9eda4853e16a
Commit Graph

14785 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ubuntu
15562e4814 Update LdapjsSearchOptions 2020-09-01 22:28:58 +02:00
ubuntu
e2e55455c1 Update LdapjsSearchOptions and getQueryCall 2020-09-01 22:23:07 +02:00
Alessio Della Libera
8f00acd4e2 Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-01 21:00:49 +02:00
Alessio Della Libera
78ebcee570 Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-01 21:00:38 +02:00
Alessio Della Libera
b86b9ba510 Update javascript/ql/src/experimental/Security/CWE-090/LdapInjectionCustomizations.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-01 21:00:21 +02:00
Alessio Della Libera
28729915d7 Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-01 20:56:25 +02:00
Alessio Della Libera
1b50477fae Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-01 20:55:44 +02:00
Alessio Della Libera
44e728016b Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-01 20:54:58 +02:00
ubuntu
104c9b5dac Move sinks into separate classes 2020-08-29 11:24:58 +02:00
Alessio Della Libera
8f98723822 Update javascript/ql/src/experimental/Security/CWE-090/LdapInjectionCustomizations.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-08-29 11:18:41 +02:00
ubuntu
736f76b685 Simplify getQueryCall 2020-08-27 02:12:17 +02:00
ubuntu
30e7f958a8 Highlight API call 2020-08-27 01:42:16 +02:00
ubuntu
7eeec0d765 Correct typo example 2020-08-27 01:07:13 +02:00
ubuntu
cbe879ae73 Correct typo examples 2020-08-27 01:05:49 +02:00
ubuntu
68ff480892 Update .qhelp 2020-08-27 00:51:08 +02:00
ubuntu
13f443d2c3 Update getLdapjsClientDNMethodName 2020-08-27 00:48:29 +02:00
Alessio Della Libera
616113aeff Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-08-27 00:47:29 +02:00
ubuntu
94bd9c6d3e Rename LdapjsDN to LdapjsDNArgument and add it as Sink 2020-08-27 00:43:38 +02:00
ubuntu
7d36b3b4d2 Correct typo 2020-08-27 00:26:54 +02:00
ubuntu
2305a642eb Correct typo 2020-08-27 00:24:50 +02:00
Alessio Della Libera
23287aacee Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-08-27 00:17:55 +02:00
Alessio Della Libera
f12ac8ca60 Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-08-27 00:17:33 +02:00
Alessio Della Libera
57f3c73d3d Update javascript/ql/src/experimental/Security/CWE-090/LdapInjectionCustomizations.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-08-26 02:08:31 +02:00
Alessio Della Libera
6979c394fe Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-08-26 02:08:18 +02:00
Alessio Della Libera
355c7bc3b5 Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-08-26 02:08:08 +02:00
ubuntu
3e97ec85b2 Add CodeQL to detect LDAP Injection in JS 2020-08-23 15:24:29 +02:00
Jonas Jensen
768e5190a1 Merge pull request #4080 from geoffw0/split 
C++: Split test file stl.cpp
 2020-08-14 15:59:46 +02:00
Geoffrey White
89c2b6dc4b Merge remote-tracking branch 'upstream/master' into split 2020-08-14 14:03:34 +01:00
CodeQL CI
e9a36b2524 Merge pull request #4062 from tausbn/python-fix-unknown-import-star 
Approved by yoff
 2020-08-14 13:17:45 +01:00
Taus
8cbd4974ae Merge pull request #3981 from yoff/SharedDataflow_Classes 
Python: Dataflow, test magic methods
 2020-08-14 12:45:55 +02:00
Jonas Jensen
e01e702f46 Merge pull request #4060 from bgianfo/patch-1 
C++: Detect GoogleTest tests cases in FNumberOfTests.ql
 2020-08-14 12:42:12 +02:00
Rasmus Lerchedahl Petersen
9556937840 Python: address review comments 2020-08-14 11:29:58 +02:00
yoff
8d49ad7325 Update python/ql/test/experimental/dataflow/coverage/datamodel.py 
Co-authored-by: Taus <tausbn@github.com>
 2020-08-14 10:53:37 +02:00
yoff
4b336e9b01 Update python/ql/test/experimental/dataflow/coverage/classes.py 
Co-authored-by: Taus <tausbn@github.com>
 2020-08-14 10:53:10 +02:00
CodeQL CI
82f9826966 Merge pull request #4044 from aschackmull/java/xsssink-printwriter-format 
Approved by aibaars
 2020-08-14 08:34:48 +01:00
Robert Marsh
ed06604b46 Merge pull request #4045 from geoffw0/plus 
C++: Model more of std::string in models.
 2020-08-13 16:59:47 -04:00
Brian Gianforcaro
a6bcbe7974 C++: Detect GoogleTest tests cases in FNumberOfTests.ql 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-08-13 12:06:00 -07:00
Geoffrey White
498b350add Merge remote-tracking branch 'upstream/master' into plus 2020-08-13 18:21:28 +01:00
Geoffrey White
a839f1fae5 C++: Split off stringstream.cpp. 2020-08-13 18:17:24 +01:00
Geoffrey White
49d2f66ddb C++: Tidy up sources and sinks. 2020-08-13 18:08:58 +01:00
Geoffrey White
f343eb9143 C++: Split stl.cpp into string.cpp and vector.cpp. 2020-08-13 18:04:46 +01:00
Geoffrey White
5d7f771933 C++: Split off stl.h from stl.cpp. 2020-08-13 18:04:45 +01:00
Robert Marsh
de87f8fc42 Merge pull request #4057 from geoffw0/sal 
C++: SAL.qll QLDoc and cleanup
 2020-08-13 12:33:52 -04:00
Geoffrey White
93f95b1c22 Merge pull request #4053 from jbj/SimpleRangeAnalysis-mul 
C++: SimpleRangeAnalysis: unsigned multiplication
 2020-08-13 16:59:31 +01:00
Anders Schack-Mulligen
ecbbcc2f61 Merge pull request #4066 from Marcono1234/marcono1234/simplify-VarAccess-isLValue 
[Java] Simplify VarAccess.isLValue()
 2020-08-13 16:40:28 +02:00
Geoffrey White
7349333006 C++: Taint through char append. 2020-08-13 15:13:47 +01:00
Geoffrey White
3c0e7a709f C++: Add a test of append with CharT. 2020-08-13 14:52:34 +01:00
Geoffrey White
732a8fa4c9 C++: Add another member function. 2020-08-13 14:52:34 +01:00
CodeQL CI
6c60589dbd Merge pull request #4063 from erik-krogh/noJsMsg 
Approved by esbena
 2020-08-13 14:02:18 +01:00
Anders Schack-Mulligen
3469ad7ca6 Merge pull request #3600 from luchua-bc/java-sensitive-log4j2-logging 
Add Log4J 2 and a new search string secret
 2020-08-13 13:35:52 +02:00