hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 23:26:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
64,974 Commits 1,703 Branches 162 Tags
40270e1f70fb846bb72e09319bccf89234278743
Commit Graph

64974 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
40270e1f70 C++: Fix mistake in test model. 2024-03-25 11:20:55 +00:00
Geoffrey White
b598b4ac45 C++: Fix for field content indirection (1-based). 2024-03-25 11:20:55 +00:00
Geoffrey White
73e95d67b9 C++: Implement Field indirection. 2024-03-25 11:20:55 +00:00
Geoffrey White
393bd7277c C++: Add some negative test cases for indirection. 2024-03-25 11:20:55 +00:00
Geoffrey White
af4320df50 C++: Modify a summary test case to only test the summary model, not a source model as well. 2024-03-25 11:20:55 +00:00
Geoffrey White
14deb06e80 C++: Implement Argument + Parameter indirection. 2024-03-25 11:20:55 +00:00
Geoffrey White
638bfff09d C++: Implement ReturnValue indirection (this version only worked with a small change to the shared library parsing to permit '*' in the token name; we no longer need this, so I rebased it out). 2024-03-25 11:20:09 +00:00
Geoffrey White
19cc620f18 C++: Effect of 'Fix dataflow node <> expression problem on prvalues' from main. 2024-03-14 09:47:38 +00:00
Geoffrey White
f208594067 Merge branch 'main' into mad 2024-03-14 09:44:45 +00:00
Mathias Vorreiter Pedersen
dacf7d73d9 Merge pull request #15918 from MathiasVP/fix-as-expr-for-temps 
C++: Fix dataflow node <> expression problem on prvalues
 2024-03-14 09:38:46 +00:00
Mathias Vorreiter Pedersen
a24432bacc Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 2024-03-14 09:23:33 +00:00
Mathias Vorreiter Pedersen
c375497fa5 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 2024-03-14 09:16:04 +00:00
Jeroen Ketema
b2e0485c94 Merge pull request #15908 from jketema/destructors12 
C++: suppress destructors with reuse expressions until proper support is added
 2024-03-14 07:41:59 +01:00
Mathias Vorreiter Pedersen
a839c92979 C++: Fix mapping issue between dataflow nodes and expressions when the expression is a prvalue. 2024-03-13 22:59:09 +00:00
Jeroen Ketema
866a3934d4 C++: suppress destructors with reuse expressions until proper support is added 2024-03-13 20:17:00 +01:00
Jeroen Ketema
67b3670d06 Merge pull request #15901 from jketema/destructors11 
C++: Introduce re-use expressions in the database scheme
 2024-03-13 18:27:28 +01:00
Geoffrey White
8d3fc735ea C++: Fix compilation issue in UseAfterFree.qll. 2024-03-13 17:03:00 +00:00
Geoffrey White
f52b6e0449 C++: Add more test cases for taint through qualifier fields. 2024-03-13 16:20:12 +00:00
Geoffrey White
6019a38266 C++: Add more test cases for indirection (4). 2024-03-13 16:20:08 +00:00
Geoffrey White
23da0c16c7 C++: Add more test cases for indirection (3). 2024-03-13 16:20:04 +00:00
Geoffrey White
7c4927c2e3 C++: Add more test cases for indirection (2). 2024-03-13 16:19:58 +00:00
Geoffrey White
fcda0c9819 C++: Add more test cases for indirection (1). 2024-03-13 15:35:28 +00:00
Geoffrey White
c17a36ec07 C++: Add more test cases for taint through qualifiers. 2024-03-13 15:30:13 +00:00
Mathias Vorreiter Pedersen
b638d4d0ba Merge pull request #15900 from MathiasVP/glib-alloc-and-dealloc 
C++: Add models for `GLib` allocation and deallocation
 2024-03-13 15:29:46 +00:00
Geoffrey White
92d57ab504 C++: Correct some existing cases that are in fact indirect. 2024-03-13 15:26:21 +00:00
Erik Krogh Kristensen
bd121b98ae Merge pull request #15893 from erik-krogh/more-filter-taint 
JS: allow more flow through .filter()
 2024-03-13 16:19:28 +01:00
Erik Krogh Kristensen
53502a8662 Merge pull request #15510 from yoff/ts-54 
JS: Add support for TS 5.4
 2024-03-13 14:22:24 +01:00
Jeroen Ketema
8d5eab401d C++: Introduce re-use expressions in the database scheme 2024-03-13 13:28:27 +01:00
Mathias Vorreiter Pedersen
8d504d8b32 Merge pull request #15899 from jketema/destructors10 
C++: Add IR tests for the destruction of temporaries
 2024-03-13 11:56:04 +00:00
Mathias Vorreiter Pedersen
465c3c18e3 C++: Add change note. 2024-03-13 11:49:26 +00:00
Asger F
c5a02dae2b Merge pull request #15768 from asgerf/js/amd-pseudo-deps 
JS: Do not treat AMD pseudo-dependencies as imports
 2024-03-13 12:49:17 +01:00
Mathias Vorreiter Pedersen
3ea39a2553 C++: Add some query tests. 2024-03-13 11:39:34 +00:00
Mathias Vorreiter Pedersen
bcd36b1994 C++: Recognize glib allocations and deallocations. 2024-03-13 11:39:15 +00:00
Geoffrey White
9aad43f649 C++: Add indirect test models. 2024-03-13 11:34:36 +00:00
Ian Lynagh
adefdfd59f Merge pull request #15889 from igfoo/igfoo/k2exprs 
Kotlin 2: Accept more changes in the exprs test
 2024-03-13 11:34:10 +00:00
erik-krogh
129286aa1c allow more flow through .filter() 2024-03-13 12:03:00 +01:00
Jeroen Ketema
3ef1ab49ea C++: Add IR tests for the destruction of temporaries 2024-03-13 12:00:02 +01:00
yoff
b5c0fbb827 Merge pull request #15776 from RasmusWL/tt-consistency 
Python: Add type-tracking consistency query
 2024-03-13 11:11:07 +01:00
Tom Hvitved
4085c8ec8f Merge pull request #15866 from hvitved/ruby/orm-tracking-ap-limit 
Ruby: Lower access path limit to 1 for `OrmTracking`
 2024-03-13 10:57:09 +01:00
Harry Maclean
dd5eb982ec Merge pull request #15524 from hmac/hmac-process-spawn 
Ruby: Add some more command injection sinks
 2024-03-13 09:53:10 +00:00
Tony Torralba
2fd2b4c874 Merge pull request #15891 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-03-13 09:51:22 +01:00
github-actions[bot]
cff2cdb9e4 Add changed framework coverage reports 2024-03-13 00:15:53 +00:00
Edward Minnix III
c190dd21db Merge pull request #15877 from egregius313/egregius313/csharp/mad/sources/windows-registry 
C#: Add source models for values from the Windows registry
 2024-03-12 16:41:42 -04:00
Edward Minnix III
d54489931c Merge pull request #15869 from egregius313/egregius313/java/fix/parcelfiledescriptor-open-sink 
Java: Add path-injection sink for `ParcelFileDescriptor::open`
 2024-03-12 16:39:20 -04:00
Erik Krogh Kristensen
863e3f79e5 Merge pull request #15731 from erik-krogh/java-url 
Java: More sanitizers for request-forgery
 2024-03-12 19:31:52 +01:00
Geoffrey White
cbacd51337 C++: Make Argument[-1] refer to *this rather than this. 2024-03-12 17:51:43 +00:00
Geoffrey White
22d5e9bbfb C++: Add test cases involving pointer qualifiers. 2024-03-12 17:47:11 +00:00
Ian Lynagh
0e94aa0eb5 Kotlin 2: Accept more changes in the exprs test 2024-03-12 16:42:37 +00:00
Ian Lynagh
8d1ee10981 Merge pull request #15876 from igfoo/igfoo/buildless-java-complete 
Java: Accept test changes
 2024-03-12 16:12:58 +00:00
Tamás Vajk
be2ce17376 Merge pull request #15881 from tamasvajk/buildless/fix-fallback 
C#: Deduplicate not yet restored package names
 2024-03-12 16:08:16 +01:00