hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
51,343 Commits 1,747 Branches 166 Tags
2eb2e11ef7c2fb3fead923f5ea8725a1cfe987fc
Commit Graph

51343 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeroen Ketema
2eb2e11ef7 C++: Fix query compilation 2023-03-07 18:53:07 +01:00
Jeroen Ketema
fb57914751 C++: Convert a number of data flow based queries to use ConfigSig 2023-03-07 18:21:52 +01:00
Mathias Vorreiter Pedersen
cc0b8bbebb Merge pull request #12430 from MathiasVP/no-to-string-on-state-in-cast-array-pointer-arith 
C++: Convert `cpp/upcast-array-pointer-arithmetic` to the new API
 2023-03-07 16:48:15 +00:00
Mathias Vorreiter Pedersen
ce02de48a0 C++: Fix Code Scanning error. 2023-03-07 14:40:36 +00:00
Mathias Vorreiter Pedersen
f2b311a008 C++: We don't need to check type equivalence at the end anymore: the dataflow state now precisely tracks the types. 2023-03-07 14:31:11 +00:00
Mathias Vorreiter Pedersen
ce6366f023 C++: Use the parameterized module dataflow API in 'cpp/upcast-array-pointer-arithmetic'. 
This allows us to swap out the old string state with the Type-based state.
 2023-03-07 14:17:12 +00:00
Mathias Vorreiter Pedersen
63690066c5 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-03-07 13:06:43 +00:00
Mathias Vorreiter Pedersen
b054b9c5cd Merge pull request #12408 from jketema/merge-main 
C++: use-use dataflow merge main
 2023-03-07 13:05:30 +00:00
Paolo Tranquilli
bdad847584 Merge pull request #12422 from github/redsun82/cpp-scanf-fp 
C++: add false positives to `MissingCheckScanf` test
 2023-03-07 13:29:22 +01:00
Michael B. Gale
7627a53c49 Merge pull request #12371 from github/mbg/csharp/increase-diagnostic-visibility 
C#: Make diagnostics visible everywhere
 2023-03-07 12:13:09 +00:00
Michael B. Gale
974fdd305e Merge pull request #12372 from github/mbg/csharp/check-integration-test-diagnostics 
C#: Add diagnostic checks to all remaining integration tests
 2023-03-07 12:11:47 +00:00
Michael B. Gale
b75f138507 Merge pull request #12385 from github/mbg/csharp/readd-tsp-support 
C#: Add support for the tool status page
 2023-03-07 12:10:52 +00:00
Paolo Tranquilli
429518bcea C++: add further FP to test 2023-03-07 12:03:34 +01:00
Paolo Tranquilli
311cf4e7fd C++: add false positives to MissingCheckScanf test 
See https://github.com/github/codeql/issues/12412 for the initial
report.
 2023-03-07 11:56:05 +01:00
Michael Nebel
40d31120d9 Merge pull request #12264 from michaelnebel/csharp/nugetnet7 
C#: Stub generator improvements.
 2023-03-07 11:30:57 +01:00
Jeroen Ketema
3a4c0a2aae Merge pull request #12389 from jketema/more-deprecated 
C++: Add `deprecated` to predicates that are deprecated according to the QLDoc
 2023-03-07 11:21:43 +01:00
Michael Nebel
676c352819 C#: Update expected test output. 2023-03-07 10:19:26 +01:00
Michael Nebel
e85b2ebd20 C#: Replace stub member comment with file level comment. 2023-03-07 10:19:26 +01:00
Michael Nebel
c8f7304d9b C#: Address review comments. 2023-03-07 10:19:25 +01:00
Michael Nebel
e797b5c226 C#: Narrow the set of declarations where we make explicit interface implementations. 2023-03-07 10:19:25 +01:00
Michael Nebel
d8acc7cd17 C#: Stub generator support for explicit interface implementations of explicit conversion operators including test cases. 2023-03-07 10:19:25 +01:00
Michael Nebel
59349ed7c7 C#: Add test cases for static and virtual operators in interfaces and overlapping interface declarations. 2023-03-07 10:19:25 +01:00
Michael Nebel
50570dc3ee C#: Only add explicit interface implementation to the generated stub if it is unique. 2023-03-07 10:19:25 +01:00
Michael Nebel
5ba59fc9a8 C#: Stub generator support for operators in interfaces and interface implementations. 2023-03-07 10:19:25 +01:00
Michael Nebel
b68e78d908 C#: Stub generator support for static virtual and static abstract interface members. 2023-03-07 10:19:25 +01:00
Michael Nebel
aa4b98bbd5 C#: The stub generator should just format whitespaces. 2023-03-07 10:19:25 +01:00
Jeroen Ketema
9ec479a2a0 C++: Update queries to use DataFlow::ConfigSig 2023-03-07 10:15:11 +01:00
Tom Hvitved
9b02eb729f Merge pull request #12419 from hvitved/ruby/stored-xss-config-rewrite 
Ruby: Rewrite Stored XSS query to use new data flow interface
 2023-03-07 09:46:08 +01:00
Jeroen Ketema
c9bccd9b43 C++: Fix more tests that used deprecated function 2023-03-07 09:01:13 +01:00
Tom Hvitved
b6a709df50 Ruby: Rewrite Stored XSS query to use new data flow interface 2023-03-07 07:23:27 +01:00
Mathias Vorreiter Pedersen
ff53e53e8c Merge pull request #12236 from MathiasVP/language-specific-field-flow-branch-limit-term 
Dataflow: Add a language specific term to `join` and `branch`
 2023-03-06 16:59:09 +00:00
Mathias Vorreiter Pedersen
aa09361a42 Merge pull request #12407 from MathiasVP/fix-internal-system-data-tests 2023-03-06 15:45:25 +00:00
Jeroen Ketema
47930f94e2 Merge remote-tracking branch 'upstream/main' into merge-main 2023-03-06 15:20:39 +01:00
Mathias Vorreiter Pedersen
92ad099c1b DataFlow: Remove bindingsets, remove the call column, and swap parameter and argument columns. 2023-03-06 13:47:59 +00:00
Mathias Vorreiter Pedersen
3bf28cc752 DataFlow: Sync identical files. 2023-03-06 13:46:21 +00:00
Mathias Vorreiter Pedersen
9647b6a3f5 Swift: Add stub. 2023-03-06 13:45:04 +00:00
Mathias Vorreiter Pedersen
e6b6369a21 Ruby: Add stub. 2023-03-06 13:44:59 +00:00
Mathias Vorreiter Pedersen
5ebd50044f Python: Add stub. 2023-03-06 13:44:24 +00:00
Mathias Vorreiter Pedersen
4720e2a30a Java: Add stub. 2023-03-06 13:44:24 +00:00
Mathias Vorreiter Pedersen
067abacbb8 Go: Add stub. 2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen
b667e0136f C#: Add stub. 2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen
05314b48e8 C++: Add stub. 2023-03-06 13:44:23 +00:00
Mathias Vorreiter Pedersen
6e8a2a6375 DataFlow: Add a language-specific predicate for modifying 'branch' and 'join'. 2023-03-06 13:44:19 +00:00
Geoffrey White
56b6441ef5 Merge pull request #12391 from geoffw0/ptrout 
Swift: Permit data flow out through pointer arguments
 2023-03-06 13:37:22 +00:00
Anders Schack-Mulligen
5c7f2ac7f7 Merge pull request #12186 from aschackmull/dataflow/refactor-configuration 
Data flow: Refactor configuration
 2023-03-06 13:38:59 +01:00
Mathias Vorreiter Pedersen
d2d91cfb29 C++: Accept test changes. 2023-03-06 11:30:40 +00:00
Mathias Vorreiter Pedersen
8836cbae5b C++: Make sure we use an indirect sink only for the sinks that receive a 
pointer to the data. Also fix a bug where we used 'asExpr' instead
of 'asIndirectExpr'.
 2023-03-06 11:22:58 +00:00
dependabot[bot]
3538cf89b9 Merge pull request #12404 from github/dependabot/cargo/ql/serde_json-1.0.94 2023-03-06 09:55:33 +00:00
Arthur Baars
d2ab40c184 Merge pull request #12208 from gregxsunday/main 
Add ZipSlip and TarSlip query to ruby
 2023-03-06 10:40:06 +01:00
dependabot[bot]
ce5e76a3a0 Bump serde_json from 1.0.93 to 1.0.94 in /ql 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.93 to 1.0.94.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.93...v1.0.94)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 09:32:26 +00:00