codeql

mirror of https://github.com/github/codeql.git synced 2026-03-22 15:36:48 +01:00

Author	SHA1	Message	Date
CodeQL CI	23e8092452	Merge pull request #5864 from RasmusWL/some-framework-modeling Approved by tausbn	2021-05-19 02:31:06 -07:00
Geoffrey White	e66b5559a4	Merge pull request #5924 from MathiasVP/cleanup-modelFlow C++: Remove a disjunction from `modelFlow`	2021-05-19 10:12:20 +01:00
Geoffrey White	99833f16e1	Merge pull request #5923 from MathiasVP/range-analysis-in-overflow-static C++: Add range analysis to `cpp/static-buffer-overflow`	2021-05-19 10:12:02 +01:00
Mathias Vorreiter Pedersen	4d00513606	C++: Use the isParameterDerefOrQualifierObject predicate to remove a disjunction.	2021-05-19 10:47:04 +02:00
Mathias Vorreiter Pedersen	741eed93b2	C++: Replace minimum(any(...)) with a min aggregate. Also removed the min aggregate further down since it's no longer needed.	2021-05-19 09:03:05 +02:00
Chris Smowton	0c970b5f1f	Merge pull request #5802 from luchua-bc/java/rhino-injection Java: CWE-094 Rhino code injection	2021-05-18 19:25:53 +01:00
Mathias Vorreiter Pedersen	6103aabdce	C++: Add change-note.	2021-05-18 19:17:11 +02:00
luchua-bc	02aa9c6fc7	Optimize the sink and update qldoc	2021-05-18 16:12:23 +00:00
luchua-bc	d4323a4a54	Update qldoc	2021-05-18 16:12:23 +00:00
luchua-bc	9d392263a5	Refactor inconsistent method names	2021-05-18 16:12:23 +00:00
luchua-bc	2fa249a8eb	Update method name and qldoc	2021-05-18 16:12:23 +00:00
luchua-bc	2c1374bdcf	Use inline implementation for ScriptEngineFactory	2021-05-18 16:12:23 +00:00
luchua-bc	0ac8453398	Allow all arguments of methods in ScriptEngineFactory	2021-05-18 16:12:23 +00:00
luchua-bc	e4699f7fa9	Optimize the query	2021-05-18 16:12:22 +00:00
luchua-bc	d664aa6d6a	Include more scenarios and update qldoc	2021-05-18 16:12:22 +00:00
luchua-bc	852bcfb5c7	Refactor the ScriptEngine query and the Rhino code injection query into one	2021-05-18 16:12:22 +00:00
luchua-bc	b0b5338359	Rhino code injection	2021-05-18 16:12:22 +00:00
Mathias Vorreiter Pedersen	26c4a66dc4	C++: Add range analysis to fix FPs.	2021-05-18 17:54:30 +02:00
Mathias Vorreiter Pedersen	df9981de4f	C++: Add testcases with false positives.	2021-05-18 17:53:20 +02:00
Ethan Palm	9deaace756	Merge pull request #5898 from ethanpalm/go-build-commands Docs: Document Go tracer support	2021-05-18 11:49:31 -04:00
Ethan Palm	610e041e28	Add reviewer feedback Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>	2021-05-18 11:42:08 -04:00
Chris Smowton	4230869ee2	Merge pull request #5819 from luchua-bc/java/jpython-injection Java: CWE-094 Jython code injection	2021-05-18 16:38:40 +01:00
Chris Smowton	71f540a755	Merge pull request #5844 from haby0/SpringRedirects [Java] CWE-601 Spring url redirection detect	2021-05-18 16:37:40 +01:00
luchua-bc	2a0721b2ae	Optimize the sink and update method name	2021-05-18 12:18:14 +00:00
CodeQL CI	1d120824ac	Merge pull request #5920 from erik-krogh/clone Approved by esbena	2021-05-18 05:13:57 -07:00
haby0	e46de44473	Solve errors caused by private ownership	2021-05-18 19:56:32 +08:00
Erik Krogh Kristensen	06514a2bb6	move clone model to Extend.qll	2021-05-18 13:16:41 +02:00
haby0	caf5f4d605	modified comment	2021-05-18 19:10:03 +08:00
Erik Krogh Kristensen	1435ac715a	add support for the clone library	2021-05-18 12:46:34 +02:00
Anders Schack-Mulligen	9b0e3b1950	Merge pull request #5814 from JLLeitschuh/feat/JLL/jackson_as_taint_step [Java] Add taint tracking through Jackson deserialization	2021-05-18 09:31:16 +02:00
haby0	a0cd551bae	Add filtering of String.format	2021-05-18 11:05:10 +08:00
luchua-bc	e652d8771c	Update method name and qldoc	2021-05-17 20:36:15 +00:00
Tom Hvitved	ae6326b1f3	Merge pull request #5882 from hvitved/csharp/autobuilder/shared-compilation	2021-05-17 16:05:08 +02:00
Mathias Vorreiter Pedersen	d46452e8de	Merge pull request #5903 from MathiasVP/tainted-allocation-size-barrier C++: Add barriers to `cpp/uncontrolled-allocation-size`	2021-05-17 15:24:45 +02:00
CodeQL CI	12b1bbe484	Merge pull request #5897 from erik-krogh/uid Approved by RasmusWL, esbena	2021-05-17 06:01:04 -07:00
Anders Schack-Mulligen	77c93dcf26	Make private	2021-05-17 10:35:04 +02:00
Tom Hvitved	b142ecb1db	C#: Address review comment	2021-05-17 10:33:06 +02:00
Mathias Vorreiter Pedersen	31091c66c1	C++: Add a test containing a guarded long.	2021-05-17 08:06:06 +02:00
Robert Marsh	d706d7b7a4	Merge pull request #5887 from MathiasVP/fewer-rand-sources-in-uncontrolled-arithmetic C++: Add more sanitizers to `cpp/uncontrolled-arithmetic`	2021-05-14 15:35:56 -07:00
Ethan P	58c746e42b	fix formatting	2021-05-14 14:09:07 -04:00
Ethan P	0e99d5e379	Add examples of both tracing mechanisms	2021-05-14 14:05:55 -04:00
Ethan Palm	6dd30ee5e2	clarify options for tracing Co-authored-by: Chris Smowton <smowton@github.com>	2021-05-14 14:00:33 -04:00
Robin Neatherway	17b74319fa	Merge pull request #5902 from github/rneatherway/lines-of-code-tags Add lines-of-code tags	2021-05-14 17:16:50 +01:00
Ethan Palm	4cf695b5ab	specify ``--command`` option Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>	2021-05-14 10:00:17 -04:00
Mathias Vorreiter Pedersen	58dde68b10	C++: Add change-note.	2021-05-14 14:16:00 +02:00
Mathias Vorreiter Pedersen	2d0a56128d	C++: Prevent flow out of pointer-difference expressions.	2021-05-14 13:49:48 +02:00
Mathias Vorreiter Pedersen	c1d41b3169	C++: Add false positive result from pointer-difference expressions.	2021-05-14 13:47:23 +02:00
luchua-bc	1497fba6f2	Remove the isAdditionalTaintStep predicate	2021-05-14 11:43:49 +00:00
Mathias Vorreiter Pedersen	5031b73f35	C++: Add barrier to cpp/uncontrolled-allocation-size that blocks flow when overflow isn't possible.	2021-05-14 13:43:20 +02:00
CodeQL CI	af0d31695a	Merge pull request #5862 from asgerf/js/has-underlying-type Approved by erik-krogh, max-schaefer	2021-05-14 04:10:43 -07:00

1 2 3 4 5 ...

22706 Commits