hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-05 10:40:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,940 Commits 1,673 Branches 157 Tags
2eb8ea85fbd2a2fb0505f40e04ffb6fcd38e0e63
Commit Graph

15940 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
2eb8ea85fb Python: update test expectations 2020-09-10 10:59:26 +02:00
Rasmus Lerchedahl Petersen
deb1a4ceb9 Merge branch 'main' of github.com:github/codeql into SharedDataflow_UseUseFlow 2020-09-10 10:55:34 +02:00
Tom Hvitved
c45743588c Merge pull request #4237 from hvitved/csharp/autobuilder/nuget 
C#: Download nuget.exe in auto-builder if it does not exist
 2020-09-10 08:43:39 +02:00
Rasmus Lerchedahl Petersen
7b10a3a546 Python: fix comment and source uses 2020-09-10 08:36:00 +02:00
Taus
f4f47bd5ed Merge pull request #4236 from RasmusWL/python-experimental-taint-sanitizers 
Python: Expand on taint sanitizer tests
 2020-09-09 17:51:24 +02:00
Tom Hvitved
1ce3ac74a1 Address review comments 2020-09-09 16:35:37 +02:00
Taus
17ccc137ae Merge pull request #4238 from RasmusWL/dataflow-small-fix-for-naming 
Dataflow: small fixes for naming in taint tracking
 2020-09-09 16:26:36 +02:00
Tamás Vajk
dfb8761bdc C#: Add flag to Standalone extractor to use the self contained .Net framework (#4233) 2020-09-09 16:12:48 +02:00
Rasmus Wriedt Larsen
b8e057f7ad Python: isSanitizerGuard test is future work 2020-09-09 15:57:53 +02:00
Rasmus Lerchedahl Petersen
b1567827a0 Python: Repair flow out of post-update nodes 2020-09-09 15:52:07 +02:00
Mathias Vorreiter Pedersen
e91d321d28 Merge pull request #4234 from geoffw0/stringstream 
C++: Tests and initial models for taint through std::stringstream / std::ostream.
 2020-09-09 15:31:46 +02:00
Rasmus Wriedt Larsen
2172fb6e65 Dataflow: s/data flow/taint propagation/ in QLDoc for sanitizers 2020-09-09 14:30:33 +02:00
Geoffrey White
d8bb49b9a0 C++: We get a few additional results for DefaultTaintTracking as well. 2020-09-09 13:18:07 +01:00
Rasmus Wriedt Larsen
d90f0be2c4 Dataflow: defaultTaintBarrier => defaultTaintSanitizer 
Just keeping things a bit more consistent :)
 2020-09-09 14:11:56 +02:00
Tom Hvitved
947040aafe C#: Download nuget.exe in auto-builder if it does not exist 2020-09-09 14:09:41 +02:00
Rasmus Wriedt Larsen
ab8cc23ce7 Python: Expand on taint sanitizer tests 
Most interesting to look at the custom sanitizers. Once we have use-use flow, we
should handle this case:

```
s = TAINTED_STRING
emulated_authentication_check(s)
ensure_not_tainted(s)
```
 2020-09-09 13:57:25 +02:00
Rasmus Lerchedahl Petersen
9e59d79a72 Python: Repair flow from pre-update nodes 2020-09-09 13:51:24 +02:00
Rasmus Lerchedahl Petersen
ce7f82ddc6 Python: Add def-use jump-steps 2020-09-09 13:27:14 +02:00
Rasmus Lerchedahl Petersen
c661f43316 Python: Port use-use implementation from Java 2020-09-09 12:19:40 +02:00
Geoffrey White
db3f81a98f C++: Correct QLDoc. 2020-09-09 11:16:14 +01:00
Geoffrey White
3013ef54ef C++: Change note. 2020-09-09 11:09:47 +01:00
CodeQL CI
a1cec12377 Merge pull request #4220 from erik-krogh/colonCmd 
Approved by esbena
 2020-09-09 10:13:14 +01:00
Mathias Vorreiter Pedersen
9de1fb7c18 Merge pull request #4222 from jbj/BlockStmt 
C++/Java/JS: Rename Block -> BlockStmt
 2020-09-09 10:02:37 +02:00
Erik Krogh Kristensen
efe3fd7f1e Update change-notes/1.26/analysis-javascript.md 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-09-09 09:41:15 +02:00
Geoffrey White
90c7a79272 C++: Fix the object/refs up. 2020-09-08 16:49:11 +01:00
Geoffrey White
5a3d41879a C++: Change some of the taint flows to data flows. 2020-09-08 16:49:11 +01:00
Geoffrey White
8a143bec3a C++: Reverse taint through operator<<. 2020-09-08 16:49:10 +01:00
Geoffrey White
b73ff8da63 C++: Flow through operator<<. 2020-09-08 16:49:10 +01:00
Erik Krogh Kristensen
4515d27ad2 Merge branch 'main' of https://github.com/github/codeql into pr/erik-krogh/4220 2020-09-08 14:10:15 +00:00
Erik Krogh Kristensen
38679b6d92 add change note 2020-09-08 14:04:40 +00:00
CodeQL CI
9879c6c204 Merge pull request #4184 from aschackmull/java/cleanup-queryinjection 
Approved by aibaars
 2020-09-08 14:52:17 +01:00
Anders Schack-Mulligen
442de2e2d2 Java: Add qldoc. 2020-09-08 15:09:39 +02:00
Jonas Jensen
f92f84e3d4 Merge remote-tracking branch 'upstream/main' into BlockStmt 2020-09-08 14:09:46 +02:00
Nick Rolfe
075ce6edbf Merge pull request #4178 from github/igfoo/48-coroutine-support-3 
C++: Add initial support for coroutines operators
 2020-09-08 12:44:24 +01:00
Jonas Jensen
0935d1e155 JS: Deprecate the Block class alias 2020-09-08 08:40:20 +02:00
Jonas Jensen
464d3630a2 Java: Rename Block -> BlockStmt 2020-09-08 08:40:20 +02:00
Jonas Jensen
ab90f06ddf C++: Rename Block -> BlockStmt 2020-09-08 08:40:20 +02:00
Ian Lynagh
d49bc4ccda C++: Tweak qldoc for coroutines 2020-09-07 20:39:11 +01:00
Ian Lynagh
4bf545548b C++: Tweak to make qlformat happy 2020-09-07 20:37:01 +01:00
Ian Lynagh
86c58afa48 C++: Update stats for co_await/co_yield/co_return 2020-09-07 20:37:01 +01:00
Ian Lynagh
49f7baf5a9 C++: Add an upgrade script 2020-09-07 20:37:01 +01:00
Ian Lynagh
cca276be84 C++: Remove co_await range-based-for support for now 
Initial impl won't support it
 2020-09-07 20:37:01 +01:00
Ian Lynagh
78b522722c C++: Split CoReturnStmt.getExpr into CoReturnStmt.{getOperand,getExpr} 2020-09-07 20:37:01 +01:00
Matthew Gretton-Dann
8b8b9d6fe3 Actually sort add Statement support 
This commit fixes the previous one.
 2020-09-07 20:37:01 +01:00
Matthew Gretton-Dann
5df5e6dfce Add initial QL support classes for coroutines 
Add classes for expressions co_yield and co_await.
Adds classes for statements co_return and `for co_await`.
 2020-09-07 20:37:01 +01:00
Matthew Gretton-Dann
8199b3a230 C++: Add DB schema support for coroutines 2020-09-07 20:37:01 +01:00
Geoffrey White
6ef67af743 C++: Add models for stringstream methods. 2020-09-07 18:27:42 +01:00
Geoffrey White
fafd2f0a7c C++: Add test cases for stringstream / ostream. 2020-09-07 18:27:42 +01:00
CodeQL CI
22b3b0a5f1 Merge pull request #3953 from RasmusWL/python-more-call-graph-tracing 
Approved by tausbn
 2020-09-07 17:34:14 +01:00
Asger F
d3f19721e6 Merge pull request #4153 from erik-krogh/snake_case_pr 
JS: rename dbscheme predicates to consistently use snake_case in dbscheme
 2020-09-07 16:21:32 +01:00