hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-01 07:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,784 Commits 1,684 Branches 159 Tags
17005dde2dfb9fe749f4eaf0b3be59c1e60baf82
Commit Graph

342 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
ff73dbc35c delete redundant imports 2022-04-22 12:55:28 +02:00
Geoffrey White
cb211f8844 Merge pull request #8599 from 4B5F5F4B/main 
C++: refactor some code, and add access_ok cases
 2022-04-11 15:57:27 +01:00
4B5F5F4B
04538d0599 Autoformated to make CodeQL happy 2022-04-06 11:59:26 +08:00
4B5F5F4B
9ab773422a refactor some code, and add access_ok cases 2022-03-30 12:25:32 +08:00
Robert Marsh
8d21c8b7c5 Merge pull request #8423 from 4B5F5F4B/main 
[CPP][Linux Kernel]Add ql to detect CVE-2017-5123
 2022-03-29 15:10:15 -04:00
4B5F5F4B
9358b824c0 modify select clause to make codeql happy:) 2022-03-29 10:41:12 +08:00
4B5F5F4B
2d7b9c0c4f modify a little cute typo 2022-03-26 22:55:27 +08:00
4B5F5F4B
7a091f808b Create NoCheckBeforeUnsafePutUser.ql 2022-03-26 22:45:03 +08:00
4B5F5F4B
64863d493b Delete cve-2017-5123.ql 2022-03-26 22:42:59 +08:00
Paul1nh0
5a1dc61d9d modify arguments check logic 
As far as I can tell, root cause of double-fetech issue is read from the same user mode memory twice, so it makes sense that only check whether user mode pointer is same or not
 2022-03-23 11:20:08 +08:00
Paul1nh0
6a6cd61d83 automated using CodeQL for VSCode extension 2022-03-23 09:37:45 +08:00
Paul1nh0
f2728f5284 delete some unused code 2022-03-22 23:20:30 +08:00
Paul1nh0
afe4a8435f Using globalValueNumber to match same arguments 2022-03-22 21:14:07 +08:00
Paul1nh0
d476493c3e Add double-fetch.ql under CWE-362 directory 2022-03-22 19:08:44 +08:00
Paul1nh0
dd4e82126c remove to another directory 2022-03-22 19:06:53 +08:00
Paul1nh0
2dad2c477b query description added 2022-03-22 19:06:03 +08:00
4B5F5F4B
d4c7314484 Delete cve-2016-6480.ql 
commit by mistake
 2022-03-17 09:49:28 +08:00
Paul1nh0
85b22647ac Add query for double-fetch vulnerability 2022-03-16 18:16:49 +08:00
4B5F5F4B
2a29c201ff Merge branch 'github:main' into main 2022-03-16 18:06:16 +08:00
4B5F5F4B
baf1c8d76b Create cve-2016-6480.ql 2022-03-16 17:49:05 +08:00
Mathias Vorreiter Pedersen
57922f56ee Merge pull request #8424 from ihsinme/ihsinme-patch-fix077 
Detection reduction on request
 2022-03-15 16:17:47 +00:00
ihsinme
1db759cc4d Update InsecureTemporaryFile.ql 2022-03-14 09:33:08 +03:00
4B5F5F4B
597603a3a6 Create cve-2017-5123.ql 
Add query to detect CVE-2017-5123
 2022-03-14 09:44:30 +08:00
4B5F5F4B
4030561eb7 Delete CVE 2022-03-14 09:43:04 +08:00
4B5F5F4B
880c12bd34 Create CVE 2022-03-14 09:42:40 +08:00
Jeroen Ketema
a8b2805aeb Merge pull request #8246 from ihsinme/ihsinme-patch-82 
CPP: Add query for CWE-754: Improper Check for Unusual or Exceptional Conditions when using functions scanf
 2022-03-11 12:54:49 +01:00
ihsinme
8335778e20 Update ImproperCheckReturnValueScanf.qhelp 2022-03-08 07:45:07 +03:00
ihsinme
c0c7748c5e Apply suggestions from code review 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-03-08 07:42:35 +03:00
Mathias Vorreiter Pedersen
c7d624d314 Merge pull request #8247 from ihsinme/ihsinme-patch-80 
CPP: Add query for CWE-190: Integer Overflow or Wraparound when using transform after operation
 2022-03-07 11:00:29 +00:00
Geoffrey White
e7dca435a9 Merge pull request #6950 from ihsinme/ihsinme-patch-078 
CPP: Add query for CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
 2022-03-07 10:55:29 +00:00
ihsinme
9e76260f1d Update DangerousUseOfTransformationAfterOperation.ql 2022-03-02 10:38:57 +03:00
ihsinme
f5267ba8c6 Update DangerousUseOfTransformationAfterOperation.qhelp 2022-03-02 10:24:40 +03:00
ihsinme
a6654fce4a Update ImproperCheckReturnValueScanf.ql 2022-03-01 16:37:29 +03:00
ihsinme
be11e4fc2d Apply suggestions from code review 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-03-01 12:25:57 +03:00
ihsinme
d772ea0efe Apply suggestions from code review 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-03-01 10:49:36 +03:00
ihsinme
c6083a6f95 Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-01 09:37:57 +03:00
ihsinme
74f8145970 Add files via upload 2022-02-25 11:18:38 +03:00
ihsinme
bddb5fd9f9 Add files via upload 2022-02-25 11:14:20 +03:00
BACK Yonah
61dc9ef12e C/C++: AutoFormat fix 2022-02-07 11:41:17 +01:00
BACK Yonah
21fdc53d62 C/C++: Using UnspecifiedType instead of Type 2022-02-04 19:12:15 +01:00
BACK Yonah
34320cb57b C/C++: Useless Test Fully converted verification 2022-02-04 18:03:29 +01:00
BACK Yonah
46c1744204 C/C++: getFullyConverted replaced by getConversion* 2022-01-31 18:51:18 +01:00
BACK Yonah
56941dba6b C/C++ : Fixed select issue in Useless Test 2022-01-31 16:56:12 +01:00
BACK Yonah
ca2ff6f9fb C/C++: Fixing minor issues in Useless Test query 2022-01-31 16:04:56 +01:00
BACK Yonah
d7313f3a82 C/C++ : Useless test 2022-01-30 14:33:32 +01:00
Erik Krogh Kristensen
a235f8f023 remove redundant inline type casts 2022-01-21 11:46:33 +01:00
Erik Krogh Kristensen
4e8e3a7420 simplify expressions that could be type-casts 2022-01-20 10:41:35 +01:00
Jaroslav Lobačevski
a1b0315d90 Update cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql 2022-01-19 00:52:10 +01:00
Jaroslav Lobačevski
3fa2516898 Update cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql 2022-01-18 21:47:55 +01:00
Jaroslav Lobačevski
d1c89562b8 Apply suggestions from code review 2022-01-18 21:45:13 +01:00