hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-09 15:41:36 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,725 Commits 1,754 Branches 167 Tags
3d567eb8899d025c809dd7b05d4876cf885a7713
Commit Graph

9725 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
3d567eb889 JS: Close an unterminated code block 2020-01-27 12:03:58 +00:00
Mathias Vorreiter Pedersen
d26cf12c3a Merge pull request #2688 from geoffw0/move-taint-test 
C++: Add the security taint test (previously internal).
 2020-01-24 15:58:20 +01:00
semmle-qlci
b3eada829a Merge pull request #2690 from erik-krogh/MoreEvents2 
Approved by asgerf
 2020-01-24 14:47:04 +00:00
Taus
5a2dfd40af Merge pull request #2639 from RasmusWL/python-improve-dict-taint 
Python: Improve tests for tainted collections
 2020-01-24 15:06:01 +01:00
Erik Krogh Kristensen
8492f6031f reuse existing type-tracking for classes 2020-01-24 13:36:32 +01:00
Anders Schack-Mulligen
98d527c44c Merge pull request #2685 from esbena/java/sharpen-maven-non-ssl 
java: sharpen java/maven/non-https-url to allow localhost URLs
 2020-01-24 13:19:26 +01:00
Geoffrey White
af903fc30c C++: Add the security taint test (previously internal). 2020-01-24 11:28:51 +00:00
Jonas Jensen
ee0648bb57 Merge pull request #2684 from geoffw0/rearrange-tests 
CPP: Test cleanup
 2020-01-24 11:57:58 +01:00
Esben Sparre Andreasen
8deefd60a7 java: fixup whitespace/tabs in test 2020-01-24 11:01:38 +01:00
Geoffrey White
912260b3aa C++: Autoformat tests. 2020-01-24 09:43:58 +00:00
Rasmus Wriedt Larsen
5778764a48 Python: Stop using deprecated getName in collections taint test 2020-01-24 10:32:17 +01:00
Rasmus Wriedt Larsen
3db551d6bc Python: Use variables in collection-taint test 
They are not tainted in assignment, only in use.

I also adopted an attempt at a better test-setup, where it's easy to see if
everything is the way you hoped for, instead of browsing through 100 of lines of
taint-step output :P
 2020-01-24 10:32:17 +01:00
Tom Hvitved
cfbdf21d1b Merge pull request #2682 from calumgrant/cs/format-trap-floats 
C#: Fix outputting floats to the trap file
 2020-01-24 09:13:18 +01:00
Esben Sparre Andreasen
57b3a55b48 java: sharpen java/maven/non-https-url to allow localhost URLs 2020-01-24 08:51:54 +01:00
Esben Sparre Andreasen
a5558809f4 java: add more tests for java/maven/non-https-url 2020-01-24 08:49:59 +01:00
yo-h
eb6f8da080 Merge pull request #2679 from aschackmull/java/remove-depr-flow-fwd-back 
Java/C++/C#: Remove the deprecated hasFlowForward/hasFlowBackward.
 2020-01-23 14:10:28 -05:00
yo-h
50320c7828 Merge pull request #2628 from aschackmull/java/no-adhoc-testclass 
Java: Replace ad-hoc TestClass detection.
 2020-01-23 14:09:11 -05:00
Geoffrey White
795afa8160 CPP: Better location for the StackVariableReachability test. 2020-01-23 17:32:07 +00:00
Geoffrey White
b693ef51e2 C++: Put a little bit of content in the StackVariableReachability test. 2020-01-23 17:25:26 +00:00
Calum Grant
35bc78d666 C#: Fix outputting floats to the trap file. In some locales, the extractor output invalid floating point values to the trap file. 2020-01-23 15:43:25 +00:00
Jonas Jensen
33070cc16d Merge pull request #2678 from MathiasVP/union-access-global-virtual-dispatch 
C++: IR virtual dispatch through union field access
 2020-01-23 15:32:31 +01:00
Anders Schack-Mulligen
e7f7c7370a Java/C++/C#: Remove the deprecated hasFlowForward/hasFlowBackward. 2020-01-23 14:05:18 +01:00
Taus
0627fadbff Merge pull request #2669 from RasmusWL/python-modernise-resources 
Python: modernise Resources/ queries
 2020-01-23 13:43:33 +01:00
Taus
618a35bb7c Merge pull request #2664 from RasmusWL/python-fix-redirect-example 
Python: Remove unused variable in example for py/url-redirection
 2020-01-23 13:42:00 +01:00
Taus
d06e86f54d Merge pull request #2662 from RasmusWL/python-taint-on-eq-test 
Python: Only clear taint on constant comparison in if
 2020-01-23 13:41:40 +01:00
Taus
ef7eafa849 Merge pull request #2644 from RasmusWL/python-add-deprecated-keyword 
Python: Add deprecated keyword to deprecated functions
 2020-01-23 13:41:15 +01:00
Mathias Vorreiter Pedersen
5fd1c6fedb C++: Remove parameter from predicate for some tiny performance benefits 2020-01-23 13:29:48 +01:00
Jonas Jensen
8a0089a875 Merge pull request #2672 from geoffw0/qualifierflow 
CPP: Support taint flow in and out of qualifiers
 2020-01-23 13:17:17 +01:00
Anders Schack-Mulligen
0bbe571064 Update change-notes/1.24/analysis-java.md 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-01-23 13:13:51 +01:00
Geoffrey White
166be063a9 C++: Rename test of the now un-deprecated StackVariableReachability. 2020-01-23 11:06:24 +00:00
Geoffrey White
0c4eabca98 C++: Merge two tests of UnusedStaticFunctions from the library-tests into the existing test in query-test. 2020-01-23 11:05:47 +00:00
Geoffrey White
f40a37cae2 C++: Move a test from library-tests to query-tests. 2020-01-23 11:05:47 +00:00
Geoffrey White
fcdb20d1fc C++: Move the SuspiciousCallToStrncat test to the expected location. 2020-01-23 11:05:46 +00:00
Geoffrey White
f4f0f6d93e C++: Merge the StrncpyFlippedArgs tests. 2020-01-23 11:05:46 +00:00
Geoffrey White
3aa66f5aca C++: Merge the OverflowStatic tests. 2020-01-23 11:05:46 +00:00
Rasmus Wriedt Larsen
95f78e74d0 Merge pull request #2674 from tausbn/python-modernise-web-libraries 
Python: Modernise remaining web libraries.
 2020-01-23 12:01:02 +01:00
Anders Schack-Mulligen
fd141917c7 Java: Add change note. 2020-01-23 11:08:35 +01:00
Geoffrey White
ccf268d048 CPP: Autoformat. 2020-01-23 10:07:21 +00:00
Tom Hvitved
7e042da4f5 Merge pull request #2665 from calumgrant/cs/zipslip-alert 
C#: ZipSlip query reports alert at source
 2020-01-23 11:05:57 +01:00
Mathias Vorreiter Pedersen
77531294bf C++: Accepted output on tests 2020-01-23 10:20:10 +01:00
Mathias Vorreiter Pedersen
9412ec7f4f C++: Added union field flow for globals 2020-01-23 10:17:36 +01:00
Mathias Vorreiter Pedersen
256ae2fda6 C++: Add test demonstrating a flow not detected 2020-01-23 10:16:24 +01:00
Jonas Jensen
ceeb9ab718 Merge pull request #2622 from MathiasVP/implicit-function-declaration 
C++: Add 'implicit function declaration' query
 2020-01-23 09:23:44 +01:00
yo-h
9d70358ec4 Merge pull request #2640 from aschackmull/java/nullness-fp-tests 
Java: Document two FPs with unit tests.
 2020-01-22 16:28:30 -05:00
yo-h
9a939534c7 Merge pull request #2670 from aschackmull/java/remove-parityanalysis 
Java: Remove the deprecated ParityAnalysis.
 2020-01-22 16:22:34 -05:00
James Fletcher
f1749b3990 Merge pull request #2654 from calumgrant/cs/null-dereference 
C#: Improvements to cs/dereferenced-value-may-be-null
 2020-01-22 20:15:20 +00:00
Geoffrey White
1867d58034 CPP: Allow flow to return value. 2020-01-22 16:25:40 +00:00
Geoffrey White
704bfe7184 CPP: Support taint flow from qualifiers. 2020-01-22 16:22:29 +00:00
Geoffrey White
e6daf3b7ee CPP: Support taint flow to qualifiers. 2020-01-22 16:16:31 +00:00
Geoffrey White
974994ed49 CPP: Slight rearrange. 2020-01-22 16:11:51 +00:00