hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-11 17:59:29 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,691 Commits 1,754 Branches 167 Tags
33070cc16d35c27cb6f44564f122be492ba159f0
Commit Graph

9691 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
33070cc16d Merge pull request #2678 from MathiasVP/union-access-global-virtual-dispatch 
C++: IR virtual dispatch through union field access
 2020-01-23 15:32:31 +01:00
Taus
0627fadbff Merge pull request #2669 from RasmusWL/python-modernise-resources 
Python: modernise Resources/ queries
 2020-01-23 13:43:33 +01:00
Taus
618a35bb7c Merge pull request #2664 from RasmusWL/python-fix-redirect-example 
Python: Remove unused variable in example for py/url-redirection
 2020-01-23 13:42:00 +01:00
Taus
d06e86f54d Merge pull request #2662 from RasmusWL/python-taint-on-eq-test 
Python: Only clear taint on constant comparison in if
 2020-01-23 13:41:40 +01:00
Taus
ef7eafa849 Merge pull request #2644 from RasmusWL/python-add-deprecated-keyword 
Python: Add deprecated keyword to deprecated functions
 2020-01-23 13:41:15 +01:00
Mathias Vorreiter Pedersen
5fd1c6fedb C++: Remove parameter from predicate for some tiny performance benefits 2020-01-23 13:29:48 +01:00
Jonas Jensen
8a0089a875 Merge pull request #2672 from geoffw0/qualifierflow 
CPP: Support taint flow in and out of qualifiers
 2020-01-23 13:17:17 +01:00
Rasmus Wriedt Larsen
95f78e74d0 Merge pull request #2674 from tausbn/python-modernise-web-libraries 
Python: Modernise remaining web libraries.
 2020-01-23 12:01:02 +01:00
Geoffrey White
ccf268d048 CPP: Autoformat. 2020-01-23 10:07:21 +00:00
Tom Hvitved
7e042da4f5 Merge pull request #2665 from calumgrant/cs/zipslip-alert 
C#: ZipSlip query reports alert at source
 2020-01-23 11:05:57 +01:00
Mathias Vorreiter Pedersen
77531294bf C++: Accepted output on tests 2020-01-23 10:20:10 +01:00
Mathias Vorreiter Pedersen
9412ec7f4f C++: Added union field flow for globals 2020-01-23 10:17:36 +01:00
Mathias Vorreiter Pedersen
256ae2fda6 C++: Add test demonstrating a flow not detected 2020-01-23 10:16:24 +01:00
Jonas Jensen
ceeb9ab718 Merge pull request #2622 from MathiasVP/implicit-function-declaration 
C++: Add 'implicit function declaration' query
 2020-01-23 09:23:44 +01:00
yo-h
9d70358ec4 Merge pull request #2640 from aschackmull/java/nullness-fp-tests 
Java: Document two FPs with unit tests.
 2020-01-22 16:28:30 -05:00
yo-h
9a939534c7 Merge pull request #2670 from aschackmull/java/remove-parityanalysis 
Java: Remove the deprecated ParityAnalysis.
 2020-01-22 16:22:34 -05:00
James Fletcher
f1749b3990 Merge pull request #2654 from calumgrant/cs/null-dereference 
C#: Improvements to cs/dereferenced-value-may-be-null
 2020-01-22 20:15:20 +00:00
Geoffrey White
1867d58034 CPP: Allow flow to return value. 2020-01-22 16:25:40 +00:00
Geoffrey White
704bfe7184 CPP: Support taint flow from qualifiers. 2020-01-22 16:22:29 +00:00
Geoffrey White
e6daf3b7ee CPP: Support taint flow to qualifiers. 2020-01-22 16:16:31 +00:00
Geoffrey White
974994ed49 CPP: Slight rearrange. 2020-01-22 16:11:51 +00:00
Geoffrey White
1a6f7febe7 CPP: Add tests of taint through qualifiers. 2020-01-22 16:11:13 +00:00
Taus Brock-Nannestad
0924a973de Python: Modernise remaining web libraries. 2020-01-22 15:27:29 +01:00
Calum Grant
a868456628 C#: Address review comments 2020-01-22 14:21:12 +00:00
semmle-qlci
007b0795ec Merge pull request #2636 from erik-krogh/NewSocketIO 
Approved by esbena
 2020-01-22 13:46:11 +00:00
Rasmus Wriedt Larsen
7d9f1f08ee Python: Autoformat 2020-01-22 13:45:14 +01:00
Rasmus Wriedt Larsen
12bb05522a Python: Make py/weak-cryptographic-algorithm a path-problem 
and stop using deprecated hasFlow
 2020-01-22 13:45:14 +01:00
Rasmus Wriedt Larsen
c5091f1ce7 Python: Make py/hardcoded-credentials a path-problem 
and stop using deprecated hasFlow
 2020-01-22 13:45:14 +01:00
Rasmus Wriedt Larsen
96d5703f2c Python: Remove use of deprecated methods 2020-01-22 13:45:14 +01:00
Rasmus Wriedt Larsen
e6425bb4cf Python: Add deprecated keyword to deprecated functions 2020-01-22 13:45:14 +01:00
semmle-qlci
bc88c41e0b Merge pull request #2668 from erik-krogh/MoreEvents 
Approved by esbena
 2020-01-22 11:57:11 +00:00
Erik Krogh Kristensen
1228d506b4 update change notes to reflect that library models have improved 2020-01-22 12:52:45 +01:00
Tom Hvitved
d5daee4450 Merge pull request #2661 from aschackmull/java/remove-dataflowlocation 
Java/C++/C#: Remove DataFlowLocation as it's no longer needed.
 2020-01-22 12:11:24 +01:00
Anders Schack-Mulligen
cf004ac9d8 Java: Remove the deprecated ParityAnalysis. 2020-01-22 11:45:18 +01:00
Rasmus Wriedt Larsen
aeaaab6437 Python: Modernise Resources/ queries 2020-01-22 11:20:31 +01:00
Rasmus Wriedt Larsen
47b932d6ce Python: Autoformat Resources/ queries 2020-01-22 11:20:28 +01:00
Erik Krogh Kristensen
750e9786f6 add change note for EventEmitter 2020-01-22 10:31:38 +01:00
Robert Marsh
c79d7acbfc Merge pull request #2656 from jbj/asDefiningArgument 
C++: Add DataFlow::Node.asDefiningArgument in IR
 2020-01-21 15:42:57 -05:00
Erik Krogh Kristensen
86477a2249 changes based on review 2020-01-21 16:45:53 +01:00
Calum Grant
3d460aeb44 C#: ZipSlip query reports alert at source 2020-01-21 15:17:06 +00:00
Rasmus Wriedt Larsen
422658bbdb Python: Remove unused variable in example for py/url-redirection 2020-01-21 15:45:05 +01:00
Rasmus Wriedt Larsen
bbe93f43d3 Python: Only comparison with constant will clear taint 
tainted = SOURCE
    if tainted == tainted:
        SINK(tainted) # unsafe

before, in the body of the if statement, `tainted` was not tainted
 2020-01-21 15:25:57 +01:00
Rasmus Wriedt Larsen
1498145415 Python: Highlight that any comparison will clear taint 2020-01-21 15:24:56 +01:00
Anders Schack-Mulligen
9cc0d3d1f4 Java/C++/C#: Remove DataFlowLocation as it's no longer needed. 2020-01-21 15:08:39 +01:00
Erik Krogh Kristensen
569ee8fc8d add support for subclasses of EventEmitter 2020-01-21 12:08:50 +01:00
Jonas Jensen
5ac56c2e3a C++: Add DataFlow::Node.asDefiningArgument in IR 2020-01-21 11:52:06 +01:00
Geoffrey White
80997a3323 Merge pull request #2655 from Semmle/jbj-patch-1 
C++: Fix typo in MallocSizeExpr
 2020-01-21 09:44:41 +00:00
Jonas Jensen
cdcd3ed748 Merge pull request #2647 from geoffw0/modelpure 
CPP: Improve strlen model
 2020-01-21 09:42:10 +01:00
Jonas Jensen
0568ed6451 C++: Fix typo in MallocSizeExpr 
The first argument is index 0, not 1.
 2020-01-21 09:09:49 +01:00
Mathias Vorreiter Pedersen
c9cc459baf C++: Rename .qlhelp to .qhelp 2020-01-20 21:17:53 +01:00