hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-17 19:01:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
26,521 Commits 1,779 Branches 169 Tags
2c64fa50d2ec903864039ec9be59892983eda89d
Commit Graph

26521 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
2c64fa50d2 Merge branch 'main' into impropnullfp 2021-10-04 16:51:21 +01:00
Mathias Vorreiter Pedersen
7f7f90681f Merge pull request #6808 from MathiasVP/add-cwes-to-incorrect-allocation-handling 
C++: Add more CWEs to 'cpp/incorrect-allocation-error-handling'.
 2021-10-04 17:02:08 +02:00
Anders Schack-Mulligen
745ece6e6d Merge pull request #6613 from Marcono1234/marcono1234/literals-test-split 
Java: Split literals tests
 2021-10-04 16:20:08 +02:00
Mathias Vorreiter Pedersen
eac0222f2c C++: Add more CWEs to 'cpp/incorrect-allocation-error-handling'. 2021-10-04 15:15:40 +01:00
Tom Hvitved
70e41b180e Merge pull request #6800 from hvitved/csharp/constant-cond-tuple-discard 
C#: Filter discards in tuples in `ConstantCondition.ql`
 2021-10-04 14:38:45 +02:00
Tom Hvitved
9762ce706b Merge pull request #6799 from hvitved/csharp/dead-store-using-discard 
C#: Filter using `var _ = ... results` from `DeadStoreOfLocal.ql`
 2021-10-04 14:38:15 +02:00
Chris Smowton
041aff6bfd Merge pull request #6802 from atorralba/atorralba/fix-flowtestcasegenerator-folder 
Java: Fix flow test case generator's folder name
 2021-10-04 13:36:01 +01:00
Nick Rolfe
2a44cd8c98 Merge pull request #6803 from nickrolfe/cpp_upgrade_script 
C++: add upgrade script for dbscheme comment changes
 2021-10-04 13:31:13 +01:00
Tony Torralba
064aba810b Remove hyphens from the flow testcase generator folder name 
So that it can be imported from the autogenerated query `gen.ql`
 2021-10-04 13:31:07 +02:00
Nick Rolfe
5aec84b672 C++: add upgrade script for dbscheme comment changes 2021-10-04 12:30:42 +01:00
Tom Hvitved
a315640082 C#: Address review comments 2021-10-04 13:15:26 +02:00
Tom Hvitved
f06632a8e7 C#: Filter discards in tuples in ConstantCondition.ql 2021-10-04 13:04:18 +02:00
Anders Schack-Mulligen
65a4f36cf8 Merge pull request #6767 from aschackmull/dataflow/callback-postupdate 
Dataflow: Support side-effects for callbacks in summaries.
 2021-10-04 11:13:18 +02:00
Tom Hvitved
70b9b002cb C#: Add change note 2021-10-04 10:48:07 +02:00
Tom Hvitved
682a2aae3a C#: Filter using var _ = ... results from DeadStoreOfLocal.ql 2021-10-04 10:45:44 +02:00
Jonas Jensen
ce27acd099 Merge pull request #6793 from MathiasVP/add-return-value-deref-to-model-util 
C++: Handle return value dereferences in `ModelUtil.qll`
 2021-10-04 09:22:52 +02:00
Mathias Vorreiter Pedersen
cc8b581c06 C++: Accept test changes. 2021-10-01 22:23:17 +02:00
Mathias Vorreiter Pedersen
cca77ed65c Merge branch 'main' into add-return-value-deref-to-model-util 2021-10-01 22:02:06 +02:00
Geoffrey White
b9a1a451a9 C++: Autoformat. 2021-10-01 19:21:30 +01:00
Tamás Vajk
62aa7b75bd Merge pull request #6792 from tamasvajk/fix/csv-workflow 
Let 'ql/lib' folders trigger the CSV workflow
 2021-10-01 19:44:48 +02:00
Mathias Vorreiter Pedersen
0679142607 C++: Accept test changes. 2021-10-01 18:27:55 +02:00
Mathias Vorreiter Pedersen
3463c28e24 C++: Add return value dereference to 'callOutput'. This will need to be modified once we get return value side effects in the IR. 2021-10-01 18:27:46 +02:00
Marcono1234
e3fed55945 Java: Add tests for text blocks 2021-10-01 18:16:11 +02:00
Geoffrey White
51188aa93f C++: Give the two queries medium precision (for now). 2021-10-01 17:04:22 +01:00
Geoffrey White
a62772c274 C++: Add change note. 2021-10-01 16:35:12 +01:00
Marcono1234
924b7320bc Java: Add test for NullLiteral 2021-10-01 17:27:54 +02:00
Marcono1234
bb6e6f4808 Java: Split literals tests 
This allows changing individual tests in the future without having to adjust
the expected output of all other tests.
 2021-10-01 17:27:50 +02:00
Geoffrey White
ada30800c9 C++: Exclude results where identity-like functions obscure operations on a variable. 2021-10-01 16:16:06 +01:00
Anders Schack-Mulligen
99ba80d492 C#: Adjust test output. 2021-10-01 16:57:30 +02:00
Tamas Vajk
ebe0988d9a Let 'ql/lib' folders trigger the CSV workflow 2021-10-01 16:30:56 +02:00
Geoffrey White
11d7a0b712 C++: Exclude results where the address of the variable is taken. 2021-10-01 14:39:02 +01:00
Geoffrey White
d41e517757 C++: Simplify mayAddNullTerminator. 2021-10-01 14:15:05 +01:00
Geoffrey White
ec2e4f432a C++: Add more test cases, inspired by FPs on LGTM with the query. 2021-10-01 14:03:41 +01:00
Geoffrey White
74957dcb2e C++: Test spacing. 2021-10-01 13:59:34 +01:00
yoff
1ce9426adf Merge pull request #6761 from RasmusWL/cryptodome-sha3 
Python/JS: Recognize SHA-3 hash functions
 2021-10-01 13:33:36 +02:00
Anders Schack-Mulligen
eb26b4a04b Merge pull request #6755 from alexet/alexet/cache-params-string 
Java: Fix more performance issues with future versions of codeql.
 2021-10-01 12:54:53 +02:00
Mathias Vorreiter Pedersen
a3cf721b9e Merge pull request #6713 from geoffw0/cwe139 
C++: New query for 'Cleartext transmission of sensitive information'
 2021-10-01 11:10:36 +02:00
Geoffrey White
679b0f9b73 C++: Autoformat. 2021-10-01 09:40:16 +01:00
Anders Schack-Mulligen
799e099d1d Merge pull request #6784 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-10-01 10:05:34 +02:00
github-actions[bot]
3d61c81456 Add changed framework coverage reports 2021-10-01 00:09:22 +00:00
Chris Smowton
f48c418d6d Merge pull request #5907 from x-f1v3/java/hardcoded-shiro-key 
Java: CWE-798: Query to detect hard-coded SHIRO key
 2021-09-30 17:58:12 +01:00
Chris Smowton
ec4cb7c90f Fix typo 2021-09-30 16:22:12 +01:00
Chris Smowton
cb4ce36d3c Update change note; drop unnecessary import 2021-09-30 15:00:13 +01:00
Chris Smowton
b0983cb726 Specifically include Base64 encode/decode as a likely intermediate step for hardcoded credentials 2021-09-30 14:57:49 +01:00
Chris Smowton
b57a58c253 Amend change note 2021-09-30 14:27:05 +01:00
f1v3
24c9bb2fb7 autoformat 2021-09-30 14:26:19 +01:00
f1v3
168fc4170d Apply suggestions from code review 2021-09-30 14:26:14 +01:00
f1v3
f3bde56de9 detects a hard-coded cipher key for shiro 2021-09-30 14:22:48 +01:00
Chris Smowton
60a023d064 Merge pull request #5852 from luchua-bc/java/hardcoded-azure-credential 
Java: CWE-798 Query to detect hard-coded Azure credentials
 2021-09-30 14:11:29 +01:00
yoff
c1c63d0c28 Merge pull request #6738 from RasmusWL/qldoc-getArgByName 
Python: Add QLDoc to `Function.getArgByName`
 2021-09-30 14:11:18 +02:00