hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-07 19:50:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,256 Commits 1,680 Branches 157 Tags
221aebc833ea18d3ec8b8e710e31407e443a36fd
Commit Graph

19256 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
221aebc833 C#: Fix bug in AssignOperationWithExpandedAssignment::last 2021-01-25 14:01:31 +01:00
alexet
355edcb136 Csharp: Reduce BDD usage. 2021-01-25 13:52:17 +01:00
Tom Hvitved
0543e34812 C#: Address review comment 2021-01-25 13:52:17 +01:00
Tom Hvitved
e0c7f32282 C#: Add relational pattern CFG test 2021-01-25 13:52:17 +01:00
Tom Hvitved
063733ad52 C#: Implement CFG for not patterns 2021-01-25 13:52:17 +01:00
Tom Hvitved
ab85b2c2d2 C#: Add is not null guards test 2021-01-25 13:52:17 +01:00
Tom Hvitved
0080357153 C#: Add unary pattern CFG tests 2021-01-25 13:52:17 +01:00
Tom Hvitved
1c84455a6d Merge pull request #5003 from hvitved/csharp/remove-getaqlclass 
C#: Remove uses of `getAQlClass()`
 2021-01-25 10:57:04 +01:00
Jonas Jensen
1b3d69d617 Merge pull request #4784 from MathiasVP/mathiasvp/reverse-read-take-3 
C++: Support longer access paths in IR field flow
 2021-01-25 10:36:03 +01:00
Tom Hvitved
c235462f7d C++: Sync IRType.qll 2021-01-25 09:43:57 +01:00
CodeQL CI
527c41520e Merge pull request #4951 from esbena/js/reintroduce-server-crash 
Approved by erik-krogh
 2021-01-22 06:37:50 -08:00
Tom Hvitved
6fc14976cf C#: Remove uses of getAQlClass() 2021-01-22 15:00:45 +01:00
Mathias Vorreiter Pedersen
87b738d48c Merge pull request #5002 from MathiasVP/fix-PrivateCleartextWrite-format 
C++: Fix path-problem format in cpp/private-cleartext-write
 2021-01-22 14:28:03 +01:00
Mathias Vorreiter Pedersen
b4f9b1590d C++: Restore lost result on git/git. We lost the result in a00bd7ae02 because the added check for type T to type T* conversion didn't handle const qualifiers. 2021-01-22 14:20:18 +01:00
Esben Sparre Andreasen
3f3962f7a9 Update javascript/ql/src/Security/CWE-730/examples/server-crash.GOOD-B.js 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-01-22 14:03:21 +01:00
Mathias Vorreiter Pedersen
682b246441 C++: Fix path-problem format. 2021-01-22 13:40:44 +01:00
Esben Sparre Andreasen
718f6eb3fd JS: update and prettify examples 2021-01-22 13:17:38 +01:00
Mathias Vorreiter Pedersen
7bc461aeb2 Merge pull request #4990 from geoffw0/cpp401b 
C++: Further improvements to experimental query cpp/memory-leak-on-failed-call-to-realloc
 2021-01-22 09:51:10 +01:00
CodeQL CI
0e059cea56 Merge pull request #5000 from erik-krogh/redosOnlyNonMin 
Approved by esbena
 2021-01-21 15:29:03 -08:00
Erik Krogh Kristensen
11f35a5193 Update javascript/ql/src/semmle/javascript/security/performance/ReDoSUtil.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-01-21 23:11:50 +01:00
Erik Krogh Kristensen
62746bbbac skip analyzing regular expressions in minified files for ReDoS 2021-01-21 22:31:42 +01:00
CodeQL CI
d0b70d15f0 Merge pull request #4996 from esbena/js/nodejs-client-request-event-emitter 
Approved by erik-krogh
 2021-01-21 12:37:00 -08:00
Esben Sparre Andreasen
cb25f2ab20 JS: add docstring with source examples 2021-01-21 20:46:34 +01:00
CodeQL CI
b83c949109 Merge pull request #4986 from erik-krogh/logInf 
Approved by esbena
 2021-01-21 06:02:50 -08:00
Esben Sparre Andreasen
1c100bbbc2 JS: recognize event emitters in nodejs client requests 2021-01-21 14:14:00 +01:00
Rasmus Wriedt Larsen
ee2d18afd8 Merge pull request #4665 from yoff/python-dataflow-modernize-tests 
Python: Add new-style tests
 2021-01-21 13:35:39 +01:00
Rasmus Lerchedahl Petersen
e786be06ae Python: Fix broken references 2021-01-21 12:40:35 +01:00
Erik Krogh Kristensen
a9a901d1e2 add change note 2021-01-21 11:08:39 +01:00
Erik Krogh Kristensen
dafec3ceaa rename to AnalyzedCompoundNumericAssignExpr 2021-01-21 11:06:46 +01:00
Tom Hvitved
bc41c26354 Merge pull request #4959 from hvitved/csharp/ssa/split 
C#: Split up SSA implementation
 2021-01-21 10:52:49 +01:00
CodeQL CI
30015ee995 Merge pull request #4942 from esbena/js/reintroduce-resource-exhaustion 
Approved by erik-krogh
 2021-01-21 01:21:33 -08:00
CodeQL CI
9cfbe6feb7 Merge pull request #4980 from erik-krogh/defaultExport 
Approved by esbena
 2021-01-21 00:55:15 -08:00
Esben Sparre Andreasen
b90dd89746 JS: move js/resource-exhaustion to experimental 2021-01-21 09:09:01 +01:00
Esben Sparre Andreasen
5a6e692807 add js/server-crash to the security suite 2021-01-21 08:43:13 +01:00
Esben Sparre Andreasen
9e3cc3b1b2 JS: add qhelp and changenotes for js/server-crash 2021-01-21 08:43:13 +01:00
Rasmus Lerchedahl Petersen
419449fb8a Python: default value for argN 2021-01-20 20:33:04 +01:00
Rasmus Lerchedahl Petersen
2409a7899b Python: Remove func tag in some situations. 
Also make ArgumentNode public
 2021-01-20 20:18:40 +01:00
Erik Krogh Kristensen
a44aefa6c9 add test for top-level closure modules - and simplify 2021-01-20 19:47:32 +01:00
Geoffrey White
d5d8b48218 C++: More accurate solution using Guards library. 2021-01-20 17:15:42 +00:00
Mathias Vorreiter Pedersen
3877f03a46 Merge pull request #4979 from geoffw0/cpp401 
C++: Improvements to experimental query cpp/memory-leak-on-failed-call-to-realloc
 2021-01-20 18:10:13 +01:00
Geoffrey White
439fe41b0a C++: Add a couple more test cases. 2021-01-20 15:33:32 +00:00
yoff
3fc085ff38 Update python/ql/test/experimental/dataflow/TestUtil/RoutingTest.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-01-20 16:11:40 +01:00
yoff
d0663e5c3a Merge pull request #4971 from RasmusWL/avoid-double-route-setup-django 
Python: Avoid duplicated route-setup in django
 2021-01-20 16:10:33 +01:00
Mathias Vorreiter Pedersen
b0e255eb16 C++: Encapsulate skipSkippableInstructions in a module. 2021-01-20 15:45:37 +01:00
Mathias Vorreiter Pedersen
f12ebe88e6 Revert "C++: Replace SkippableInstruction with local flow steps." 
This reverts commit 258d04178f. This
change caused a ~20% performance regression.
 2021-01-20 15:43:24 +01:00
Tamás Vajk
5fa0dd719c Merge pull request #4619 from tamasvajk/feature/csharp9-function-pointer 
C#: Extract function pointers
 2021-01-20 15:42:58 +01:00
Rasmus Wriedt Larsen
9a397b6faf Python: Apply code-review suggestion 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-01-20 15:28:20 +01:00
Erik Krogh Kristensen
2e024c3c61 fix that type inference assumed every compound-assignment have type number 2021-01-20 15:26:39 +01:00
CodeQL CI
2f459d9a72 Merge pull request #4977 from RasmusWL/missing-flask-class-view-handler-changenote 
Approved by yoff
 2021-01-20 02:38:30 -08:00
Tamas Vajk
70c302ffbe Add DB upgrade folder for function pointer 2021-01-20 11:20:55 +01:00