hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-13 22:44:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,645 Commits 1,679 Branches 158 Tags
2ea25b9d90502cf08efa7246762f4db7f4e04a0e
Commit Graph

14645 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
2ea25b9d90 C++: Precise printing of integer bounds 
The pretty-printing of a QL `float` didn't include enough digits to tell
whether a large number had accurate bounds. The `toString` value of a
float appears to be more precise.
 2020-08-11 16:48:01 +02:00
Jonas Jensen
1f432dc45f Merge pull request #4023 from geoffw0/loopdir 
C++: Exclude decrementing unsigned counters from inconsistentLoopDirection.ql
 2020-08-10 12:10:29 +02:00
CodeQL CI
7c4e10df17 Merge pull request #4014 from erik-krogh/stringify 
Approved by esbena
 2020-08-10 07:50:21 +01:00
Arthur Baars
5874ecc28b Merge pull request #3976 from luchua-bc/java-unsecure-basic-auth 
Java: Insecure basic authentication
 2020-08-07 21:39:23 +02:00
Geoffrey White
3cf11eca2a C++: And more test cases. 2020-08-07 17:30:07 +01:00
Erik Krogh Kristensen
aab2e6f803 update name of test file 2020-08-07 18:20:22 +02:00
Erik Krogh Kristensen
7670e7da97 retarget change-note for 1.26 2020-08-07 18:17:46 +02:00
Geoffrey White
7d491afaeb C++: More test cases. 2020-08-07 17:05:13 +01:00
Geoffrey White
b7d2e0ca63 C++: Make all the tests meaningful. 2020-08-07 14:18:28 +01:00
CodeQL CI
1b0cfc96b3 Merge pull request #4015 from erik-krogh/nonAbstract 
Approved by asgerf
 2020-08-07 13:44:23 +01:00
Geoffrey White
0ba59210fc Merge pull request #4020 from jbj/taint-range-based-for-ast 
C++: Taint through RangeBasedForStmt (AST only)
 2020-08-07 13:41:49 +01:00
Anders Schack-Mulligen
e3a12c5fea Merge pull request #4004 from Marcono1234/patch-2 
[Java] Clarify Wildcard.hasUpperBound() doc
 2020-08-07 13:06:13 +02:00
Tom Hvitved
c20d763490 Merge pull request #3951 from raulgarciamsft/users/raulgarciamsft/dataset_serialization 
C#: DataSet serialization
 2020-08-07 12:54:10 +02:00
Jonas Jensen
c8911ab973 C++: Test range-based-for with std::vector too 2020-08-07 12:40:00 +02:00
Anders Schack-Mulligen
77db87efb7 Merge pull request #3968 from rvermeulen/java-importable-cwe-090 
Java: Move LDAP injection sinks, sanitizers, and additional taint steps to importable location
 2020-08-07 11:57:51 +02:00
Arthur Baars
c177eff3d8 Merge pull request #4027 from aschackmull/java/weak-crypto-precision 
Java: Update precision of java/weak-cryptographic-algorithm.
 2020-08-07 10:31:38 +02:00
Anders Schack-Mulligen
f9de8eb3b4 Java: Update precision of java/weak-cryptographic-algorithm. 2020-08-07 09:40:21 +02:00
Anders Schack-Mulligen
05e956b374 Merge pull request #4022 from aibaars/int-to-long 
Java: remove security tag from java/integer-multiplication-cast-to-long
 2020-08-07 09:32:43 +02:00
Marcono1234
0e54b498b7 Clarify Wildcard.hasTypeBound() doc 2020-08-06 23:15:25 +02:00
Marcono1234
f477e09190 Clarify Wildcard.hasUpperBound() doc 2020-08-06 23:15:16 +02:00
Remco Vermeulen
3ae3a879d2 Fix qldoc grammar and style mistakes 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-08-06 23:00:03 +02:00
Raul Garcia
3682a902de Update csharp/ql/src/experimental/Security Features/Serialization/DataSetSerialization.qhelp 
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com>
 2020-08-06 12:09:02 -07:00
Geoffrey White
6e18be43f3 C++: Change note. 2020-08-06 19:27:12 +01:00
Geoffrey White
0281456948 C++: Add a 1.26 change note file (what happened to the templates?) 2020-08-06 19:21:06 +01:00
Geoffrey White
0534c69c76 C++: Autoformat. 2020-08-06 19:11:46 +01:00
Geoffrey White
0b5b7fa095 C++: Fix another edge case. 2020-08-06 19:06:42 +01:00
Geoffrey White
b3f3f6d95a C++: Fix edge case. 2020-08-06 19:03:43 +01:00
Geoffrey White
cbf30e37ed C++: Fix the issue. 2020-08-06 18:50:18 +01:00
Geoffrey White
a7564c9e0e C++: Add a test of unsigned count-down loops. 2020-08-06 18:44:22 +01:00
Arthur Baars
f16c263393 Java: remove security tag from java/integer-multiplication-cast-to-long 2020-08-06 17:42:01 +02:00
Jonas Jensen
7cc877cbbb C++: Taint through RangeBasedForStmt (AST only) 2020-08-06 15:37:41 +02:00
Remco Vermeulen
408db412dc Add missing predicate qldoc 2020-08-06 13:29:02 +02:00
Remco Vermeulen
5a819422c1 Reuse Unit class from TaintTracking 2020-08-06 12:02:34 +02:00
Remco Vermeulen
7f7ad88dea Limit LdapAdditionalTaintStep to Ldap configuration 2020-08-06 11:35:03 +02:00
Anders Schack-Mulligen
205dd1aead Merge pull request #3881 from intrigus-lgtm/more-pathcreations 
Java: Centralize and model additional path creations.
 2020-08-06 11:21:39 +02:00
luchua-bc
b821f918e5 Address issues with matching empty host and host in a concatenated string 2020-08-06 01:53:29 +00:00
luchua-bc
9a8eed8440 Enhance address match 2020-08-05 19:57:31 +00:00
intrigus
1011325cf7 Accept test changes. 2020-08-05 21:45:41 +02:00
Remco Vermeulen
a1411407c1 Consolidate sanitizers into default sanitizer 2020-08-05 17:07:05 +02:00
Remco Vermeulen
0c09d66d43 Consolidate different sinks into a default sink. 2020-08-05 16:53:50 +02:00
Jonas Jensen
5f635aca36 Merge pull request #3768 from geoffw0/copymove 
C++: Clean up ConversionConstructor.
 2020-08-05 14:35:05 +02:00
Erik Krogh Kristensen
cc5ef4d5e1 rename JsonSerializeCall to JsonStringifyCall 2020-08-05 13:22:41 +02:00
Erik Krogh Kristensen
b43d410ab1 add change log for JSON serializers 2020-08-05 12:14:56 +02:00
Erik Krogh Kristensen
f70cb2e7b3 add test for new JSON serializers 2020-08-05 12:14:56 +02:00
Erik Krogh Kristensen
5a3f67a682 introduce model for JSON.stringify and similar libraries 2020-08-05 12:14:51 +02:00
Anders Schack-Mulligen
9e78341e43 Merge pull request #3928 from rvermeulen/java-importable-cwe-113 
Java: Move `HeaderSplittingSink` and `WhitelistedSource` into importable library
 2020-08-05 10:16:00 +02:00
Erik Krogh Kristensen
67c4320287 make JumpStmt non abstract 2020-08-05 10:03:46 +02:00
Erik Krogh Kristensen
016bdc1614 make ControlStmt non abstract 2020-08-05 09:59:30 +02:00
Anders Schack-Mulligen
32d9d270fc Merge pull request #3948 from aibaars/java-3941 
Java: stack trace exposure: address false positives
 2020-08-05 09:31:01 +02:00
Jonas Jensen
ea0896c78b Merge pull request #3999 from MathiasVP/mathiasvp/range-based-for-loop-taint-tests 
C++: Add tests for taint through range-based for loops
 2020-08-05 09:11:53 +02:00