hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 12:15:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
47,402 Commits 1,741 Branches 166 Tags
3dfe18b565fc10861b4702297ff2cfc78b959824
Commit Graph

610 Commits

Author SHA1 Message Date
Geoffrey White
7c93eb1eaf C++: Fix large newtype. 2022-03-14 19:06:41 +00:00
Geoffrey White
d1b04b4e07 C++: Use asDefiningArgument() where appropriate. 2022-03-14 17:53:47 +00:00
Mathias Vorreiter Pedersen
7593ebaa62 C++: Use 'getAstVariable' now that 'getASTVariable' is deprecated. 2022-03-14 13:38:27 +00:00
Mathias Vorreiter Pedersen
50b77761f1 C++: Port the 'predictable' barrier from 'DefaultTaintTracking' to 'cpp/unclear-array-index-validation' to prevent an explosion of new results. 2022-03-14 13:14:07 +00:00
Mathias Vorreiter Pedersen
0da5d91955 Merge branch 'main' into use-taint-configuration-in-three-more-queries 2022-03-14 11:12:23 +00:00
Erik Krogh Kristensen
69353bb014 patch upper-case acronyms to be PascalCase 2022-03-11 11:10:33 +01:00
Mathias Vorreiter Pedersen
272e096190 Merge branch 'main' into use-taint-configuration-in-three-more-queries 2022-03-11 09:24:03 +00:00
Mathias Vorreiter Pedersen
0d3e47bcae C++: Pick the offset expression as the sink in 'cpp/unclear-array-index-validation' (and not the array expression). 2022-03-10 10:57:51 +00:00
Mathias Vorreiter Pedersen
693eca2179 C++: Give 'cpp/unclear-array-index-validation' precision low. 2022-03-10 10:17:08 +00:00
Mathias Vorreiter Pedersen
8a8fb692a3 C++: Use a 'TaintTracking::Configuration' for 'cpp/uncontrolled-allocation-size'. 2022-03-09 12:09:32 +00:00
Mathias Vorreiter Pedersen
2328898b19 C++: Use a 'TaintTracking::Configuration' for 'cpp/unclear-array-index-validation'. 2022-03-09 12:09:27 +00:00
Geoffrey White
9ebdb2ac1d C++: QLDoc. 2022-03-08 16:12:58 +00:00
Geoffrey White
fc6f42296a C++: Upgrade cpp/system-data-exposure. 2022-03-07 17:39:04 +00:00
Geoffrey White
cb33ed4fc2 C++: Only look for sensitive strings in appropriate parameters. 2022-03-07 11:29:09 +00:00
Geoffrey White
f1d6234483 C++: Add more information about registry query parameters. 2022-03-07 09:45:31 +00:00
Geoffrey White
4316026720 C++: VariableAccess -> Expr. 2022-03-04 18:00:54 +00:00
Mathias Vorreiter Pedersen
624795cbbf Merge pull request #8059 from rdmarsh2/rdmarsh2/cpp/insufficient-key-strength 
C++: new query for insufficient key strength
 2022-03-04 17:11:44 +00:00
Robert Marsh
60532e631e C++: fix missing paren 2022-03-03 14:45:43 -05:00
Geoffrey White
6848b6095b C++: Autoformat. 2022-03-03 12:51:54 +00:00
Geoffrey White
5c6923c099 C++: Improve and differentiate the qhelp. 2022-03-03 11:04:55 +00:00
Geoffrey White
07b4bf7023 C++: Use the same trick as in ExposedSystemData to catch a few more results. 2022-03-03 10:33:39 +00:00
Geoffrey White
6e5729c924 C++: Fix typo and adjust violation message wording. 2022-03-03 10:28:53 +00:00
Robert Marsh
9fb94d85b4 C++: performance tweaks for InsufficientKeySize 2022-03-02 15:59:42 -05:00
Geoffrey White
2a14a4f14e C++: Fill in metadata. 2022-03-02 18:52:52 +00:00
Geoffrey White
66b9356eb9 C++: There is no overlap between OutputWrite and RemoteFlowSinkFunction. 2022-03-02 18:16:39 +00:00
Geoffrey White
a1ace7122d C++: Move SystemData class into a library. 2022-03-02 18:01:06 +00:00
Geoffrey White
d95b56fca0 C++: Create prototype query. 2022-03-02 17:56:49 +00:00
Geoffrey White
5402b02fd7 Merge branch 'main' into cwe497 2022-03-01 11:58:24 +00:00
Robert Marsh
a60fe9f4b8 C++: exclude 0 earlier in InsufficientKeySize 2022-02-24 14:26:37 -05:00
Geoffrey White
899ae90ba4 C++: Add GVN. 2022-02-24 17:22:37 +00:00
Geoffrey White
6c40cda68d C++: Pragmatic solution to include more sinks (plus autoformat changes). 2022-02-24 12:10:34 +00:00
Geoffrey White
fc8ebdaeb2 C++: Increase the query to precision high. 2022-02-24 10:54:09 +00:00
Geoffrey White
c16302be13 C++: Fix the FP. 2022-02-24 10:54:08 +00:00
Robert Marsh
a37f746dff C++: fix FP and add paths in InsufficientKeySize 2022-02-22 15:38:50 -05:00
Robert Marsh
103796dfa8 C++: respond to PR comments on InsufficientKeySize 2022-02-16 14:58:29 -05:00
Robert Marsh
cfd9c9d137 C++: Update doc for `getMinimumKeySize 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-02-16 14:53:09 -05:00
Robert Marsh
d3665f935e C++: add sample code for InsufficientKeySize.qhelp 2022-02-16 12:30:41 -05:00
Geoffrey White
703f18b82f C++: Better deduplication. 2022-02-15 17:52:27 +00:00
Robert Marsh
0e50c4b186 C++: Add openssl low-level API 2022-02-14 14:47:55 -05:00
Geoffrey White
c4d9c1d9e7 C++: Reduce result duplication. 2022-02-11 16:03:38 +00:00
Geoffrey White
00ba76b7e4 C++: Convert to IR taint tracking. 2022-02-11 13:00:42 +00:00
Robert Marsh
dbe4770c7d C++: add initial insufficient key size query 2022-02-10 14:53:40 -05:00
Geoffrey White
20ad92a82e C++: Filter noisiest sources. 2022-02-10 11:11:30 +00:00
Geoffrey White
7b5b2fdcd1 C++: Modernize cpp/system-data-exposure as a path-problem using IR taint, RemoteFlowSinkFunction. 2022-02-10 11:11:26 +00:00
Geoffrey White
6005f3d2d4 C++: Add pragma[noinline]. 2022-02-08 09:13:51 +00:00
Geoffrey White
6727069893 C++: Autoformat. 2022-02-07 17:33:11 +00:00
Geoffrey White
d1b6871314 C++: Restrict type. 2022-02-07 17:32:52 +00:00
Geoffrey White
005dfdffdb C++: Speed up cpp/cleartext-transmission ('Encrypted' class). 2022-02-07 17:19:25 +00:00
Jeroen Ketema
1f2865c7cc Merge pull request #7798 from jketema/missing-open-arg 
C++: Add query for missing mode argument in `open`/`openat` calls
 2022-02-07 12:01:44 +01:00
Jeroen Ketema
b967eaf25d Add documentation for parseHex 2022-02-04 12:35:13 +01:00