hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-16 07:54:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,090 Commits 1,680 Branches 158 Tags
3622fb8716b2dcbe901a994aa710deb1f421bc4e
Commit Graph

13090 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
3622fb8716 support more variants of the Headers API 2020-06-03 11:50:10 +02:00
Erik Krogh Kristensen
3c802007a3 add support for string concatenations and base64-encoding of hardcoded credentials 2020-06-02 23:15:13 +02:00
Erik Krogh Kristensen
b6dc94fccb add fetch.Headers.Authorization as a CredentialsExpr 2020-06-02 23:02:16 +02:00
Erik Krogh Kristensen
14f0d1687a factor fetch import into NodeJSLib 2020-06-02 22:45:47 +02:00
Jonas Jensen
9c50acc0f9 Merge pull request #3602 from MathiasVP/path-problem-for-dataflow-tests 
C++: Make path-problem versions of ir-flow.ql and flow.ql
 2020-06-02 17:59:26 +02:00
Philip Ginsbach
8b3dd6dec4 Merge pull request #3572 from ginsbach/typeunions 
introduce type unions in the handbook
 2020-06-02 16:31:36 +01:00
Mathias Vorreiter Pedersen
2a1ba6d592 C++: Share configurations in testcases 2020-06-02 16:50:57 +02:00
Mathias Vorreiter Pedersen
b9af1123d9 C++: Make path-problem versions of ir-flow.ql and flow.ql 2020-06-02 16:28:01 +02:00
semmle-qlci
e7800d4695 Merge pull request #3415 from esbena/js/membershiptest 
Approved by asgerf
 2020-06-02 11:36:51 +01:00
Calum Grant
b099f13f55 Merge pull request #3514 from hvitved/csharp/remove-more-deprecated 
C#: Remove more deprecated classes and predicates
 2020-06-02 10:35:14 +01:00
Mathias Vorreiter Pedersen
e17b486195 Merge pull request #3593 from rdmarsh2/rdmarsh/cpp/add-qldoc-2 
C++: Add QLDoc for AST classes up to Include.qll
 2020-06-02 10:23:23 +02:00
Esben Sparre Andreasen
f9ed64fc45 Merge branch 'master' into js/membershiptest 2020-06-02 08:54:44 +02:00
Robert Marsh
3460b9d550 C++: autoformat 2020-06-01 15:38:06 -07:00
Philip Ginsbach
c97055faa9 whitespace in example for type unions fixed 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2020-06-01 14:27:34 +01:00
semmle-qlci
7265e94028 Merge pull request #3578 from erik-krogh/HtmlGuard 
Approved by asgerf
 2020-06-01 13:25:02 +01:00
Asger F
712c53afe9 Merge pull request #3579 from erik-krogh/fix-change-note-merge 
JS: remove duplicates from change-note
 2020-06-01 13:22:23 +01:00
Philip Ginsbach
faf4c16865 Mark the QL code as invalid more explicitly 2020-06-01 12:24:06 +01:00
semmle-qlci
14be4fedf7 Merge pull request #3594 from erik-krogh/CachedExprStringValue 
Approved by asgerf
 2020-05-30 16:56:40 +01:00
Erik Krogh Kristensen
dfd35aee61 autoformat 2020-05-30 14:50:13 +02:00
Mathias Vorreiter Pedersen
cd574e8569 Merge pull request #3589 from rdmarsh2/ir-placement-new-consistency 
C++: fix IR control flow for cast in placement new
 2020-05-30 13:27:34 +02:00
Erik Krogh Kristensen
3b4e57ab8d autoformat 2020-05-30 12:45:51 +02:00
Robert Marsh
e17adf14dc C++: autoformat 2020-05-29 16:13:40 -07:00
Robert Marsh
f8b6e07391 C++: Added QLDoc for Element.qll-Include.qll 2020-05-29 16:09:19 -07:00
Robert Marsh
1c20714c62 C++: file QLDoc for AutogeneratedFile-Diagnostics 2020-05-29 14:58:01 -07:00
Jonas Jensen
91da0d5567 Merge pull request #3592 from geoffw0/strlen 
CPP: Don't taint the return value of strlen
 2020-05-29 19:23:47 +02:00
Robert Marsh
6c9051ae6f C++: accept consistency fixes 2020-05-29 09:49:28 -07:00
Geoffrey White
9ee75aaca1 C++: Change note. 2020-05-29 16:22:42 +01:00
Geoffrey White
f534f09784 C++: Autoformat. 2020-05-29 14:05:08 +01:00
Geoffrey White
19c33ab41c C++: Refine StrLenFunction, including removal of taint flow. 2020-05-29 14:04:27 +01:00
Geoffrey White
705529cdf7 C++: Split StrLenFunction from PureStrFunction (without changes). 2020-05-29 14:04:27 +01:00
Geoffrey White
59cb5f9b1e C++: Remove a special case for strlen in DefaultTaintTracking. 2020-05-29 14:04:26 +01:00
Geoffrey White
408e38a4d4 C++: Clarify which taint tracking libraries should be used somewhat. 2020-05-29 14:04:26 +01:00
Geoffrey White
d77092c931 C++: Add taint tests for strlen. 2020-05-29 13:39:40 +01:00
semmle-qlci
f291749243 Merge pull request #3585 from asger-semmle/js/use-newer-yarn 
Approved by erik-krogh
 2020-05-29 13:02:20 +01:00
Philip Ginsbach
2d47537f11 Slightly modified version of Henning's suggestion 2020-05-29 12:41:58 +01:00
Erik Krogh Kristensen
f7ad210331 use SSA instead of internal AccessPath API 2020-05-29 13:08:19 +02:00
Erik Krogh Kristensen
05bfba4f99 use getImmediatePredecessor instead of getALocalSource() 2020-05-29 13:01:09 +02:00
Jonas Jensen
453de6bf4e Merge pull request #3583 from MathiasVP/qldoc-for-unix-constants 
C++: QLDoc for Constants
 2020-05-29 12:27:59 +02:00
Mathias Vorreiter Pedersen
ae4f6edc6a Merge pull request #3204 from jbj/Expr-location-workaround 
C++: Move Expr location workaround to Expr.qll
 2020-05-29 11:58:50 +02:00
Philip Ginsbach
bb9e800241 remove "experimental syntax" box for type unions 2020-05-29 10:24:42 +01:00
Philip Ginsbach
299d87aa8e better explanation of the purpose of type unions 
Co-authored-by: Pavel Avgustinov <54942558+p0@users.noreply.github.com>
 2020-05-29 10:22:57 +01:00
Philip Ginsbach
0562b4a2dd restricted _subsets_ of algebraic datatypes 
Co-authored-by: Pavel Avgustinov <54942558+p0@users.noreply.github.com>
 2020-05-29 10:21:58 +01:00
Asger Feldthaus
f3a08375b4 JS: Use newer yarn.lock format 2020-05-29 09:45:50 +01:00
Jonas Jensen
7d4d435f25 Merge remote-tracking branch 'upstream/master' into Expr-location-workaround 
Conflicts:
	cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected
 2020-05-29 10:04:12 +02:00
Mathias Vorreiter Pedersen
a305d39111 Merge pull request #3577 from dbartol/github/codeql-c-analysis-team/69 
C++: Fix `MemoryLocation` with multiple `VirtualVariables`
 2020-05-29 09:40:58 +02:00
Mathias Vorreiter Pedersen
0467995f4f C++: Make explicit that O_CREAT and O_EXCL are Linux-specific 2020-05-29 09:36:08 +02:00
Jonas Jensen
9813258a3e Merge remote-tracking branch 'upstream/master' into Expr-location-workaround 
Conflicts and semantic conflicts in `library-tests/dataflow/fields` and
`library-tests/ir/ir`.
 2020-05-29 08:44:37 +02:00
Jonas Jensen
87ad519541 Merge pull request #3569 from geoffw0/strftime 
C++: Taint flow consistency change for strftime
 2020-05-29 08:05:25 +02:00
yo-h
1fea545160 Merge pull request #3573 from aschackmull/java/private-interface-methods 
Java: Fix for private interface methods.
 2020-05-28 20:31:55 -04:00
yo-h
c2de08ca51 Merge pull request #3499 from aschackmull/java/instanceof-pattern-cfg 
Java: Add CFG edges for Java 14 pattern-matching instanceof.
 2020-05-28 20:24:39 -04:00