hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-24 00:16:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,457 Commits 1,714 Branches 163 Tags
43d8e83258bc8cf477160acedb56dc5fcbf666e0
Commit Graph

15457 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
43d8e83258 Merge branch 'main' into taintbits 2020-09-04 14:26:42 +01:00
Geoffrey White
5d1c2a3689 Merge pull request #4204 from jbj/SimpleRangeAnalysis-NEExpr 
C++: Support `!= constant` in range analysis
 2020-09-04 13:47:59 +01:00
Taus
59c7907ee4 Merge pull request #4207 from RasmusWL/python-typetracker-small-fixes 
Python: Small fixes for TypeTracker
 2020-09-04 14:30:10 +02:00
Rasmus Wriedt Larsen
6aae75799e Python: Fix import in type tracking test 
Fixes 7855576a6
 2020-09-04 13:36:25 +02:00
CodeQL CI
fd715a5b66 Merge pull request #4179 from RasmusWL/python-tainttracking-ala-go 
Approved by tausbn, yoff
 2020-09-04 12:20:12 +01:00
Jonas Jensen
958f89905d Merge pull request #4197 from github/aeisenberg/devcontainer-settings 
Update devcontainer memory settings
 2020-09-04 12:42:34 +02:00
yoff
7a00fbc654 Merge pull request #4154 from RasmusWL/python-more-complete-dataflow-tests 
Python more complete dataflow tests
 2020-09-04 11:35:24 +02:00
Rasmus Wriedt Larsen
2f480597ef Merge pull request #4157 from RasmusWL/add-labeler-action 
Enable labeler action again
 2020-09-04 11:15:15 +02:00
Rasmus Wriedt Larsen
f12fa52e22 Python: Update inline example for TypeTracker usage 2020-09-04 11:11:30 +02:00
Rasmus Wriedt Larsen
189c94f9e3 Python: Add TypeTracker::end() 
Copied from JS
 2020-09-04 11:10:10 +02:00
Rasmus Wriedt Larsen
7855576a69 Python: TypeTracker only exposes its own interface 
This is especially important if the TypeTracker needs to be publicly imported by
DataFlowPublic.
 2020-09-04 10:58:20 +02:00
Geoffrey White
6c40e22f45 C++: Support further reverse taint flows on things that return *this. 2020-09-04 09:45:10 +01:00
Geoffrey White
018b0a5abf C++: Model std::string front, back and push_back. 2020-09-04 09:45:07 +01:00
Geoffrey White
6e734a894f C++: Additional test cases for std::string. 2020-09-04 09:44:58 +01:00
CodeQL CI
58f51899c9 Merge pull request #4173 from erik-krogh/targetBlankFP 
Approved by esbena
 2020-09-04 08:21:22 +01:00
Tom Hvitved
7f18c3377e Merge pull request #4017 from hvitved/csharp/unqualify-trap-ids3 
C#: Remove assembly prefixes from TRAP labels
 2020-09-04 09:20:39 +02:00
Jonas Jensen
fbe42fb64c C++: Support != constant in range analysis 2020-09-04 09:20:23 +02:00
Jonas Jensen
d061b09fe0 C++: Test showing no support for != and ! 2020-09-04 09:02:42 +02:00
Mathias Vorreiter Pedersen
b7774b2a82 Merge pull request #4201 from geoffw0/insert 
C++: Model iterator versions of string and vector methods
 2020-09-03 21:45:36 +02:00
CodeQL CI
f180497554 Merge pull request #4192 from max-schaefer/js/ssa__implicitinit 
Approved by asgerf
 2020-09-03 16:46:56 +01:00
Rasmus Wriedt Larsen
29bf98ad26 Python: Fix CUSTOM_SOURCE dataflow regression test 2020-09-03 15:03:53 +02:00
Rasmus Wriedt Larsen
febbe1229a Merge branch 'main' into python-more-complete-dataflow-tests 2020-09-03 14:58:20 +02:00
CodeQL CI
c8ffde20f4 Merge pull request #4195 from RasmusWL/python-taint-default-sanitizer 
Approved by tausbn
 2020-09-03 13:55:32 +01:00
Erik Krogh Kristensen
ed54fdcb06 Merge pull request #4118 from dellalibera/js/ldap 
[javascript] CodeQL to detect LDAP Injection
 2020-09-03 14:50:03 +02:00
Erik Krogh Kristensen
d56ea22018 Merge pull request #4200 from erik-krogh/typeaheadInconsistencyComment 
JS: adjust comment about inconsistency for XSS in typeahead
 2020-09-03 13:56:40 +02:00
Erik Krogh Kristensen
d946a61d6e update expected output 2020-09-03 13:32:54 +02:00
Nick Rolfe
b8ae87470d Merge pull request #4182 from github/igfoo/cfg 
C++: Remove some remnants of the extractor CFG
 2020-09-03 12:22:04 +01:00
Geoffrey White
50d9a85143 C++: Update change note. 2020-09-03 10:52:27 +01:00
Geoffrey White
d4cbb25e09 C++: Model std::string constructors and container constructors that use iterators. 2020-09-03 10:52:27 +01:00
Geoffrey White
1ac0aa169d C++: Add a few more test cases. 2020-09-03 10:52:26 +01:00
Geoffrey White
1ad404c605 C++: Extend model to include std::forward_list::insert_after. 2020-09-03 10:52:26 +01:00
Geoffrey White
fcacb22cad C++: Use [] in std::string begin model. 2020-09-03 10:52:26 +01:00
Geoffrey White
95ca4b674d C++: Add model for std::vector::insert. 2020-09-03 10:52:25 +01:00
Geoffrey White
f61c7ffc1a C++: Add support for iterator parameters to std::vector::assign. 2020-09-03 10:52:25 +01:00
Geoffrey White
8e9faac363 C++: Add support for std::vector begin and end. 2020-09-03 10:52:24 +01:00
Geoffrey White
4d47eaa08d C++: Add support for iterator parameters to std::string::assign. 2020-09-03 10:52:24 +01:00
Geoffrey White
98f84646d6 C++: Result changes due to iterators PR, which adds support for std::string begin and end, and iterator parameters to std::string::insert and some similar functions. 2020-09-03 10:52:24 +01:00
Geoffrey White
7917dff843 C++: Add test cases for std::string and std::vector using iterator methods. 2020-09-03 10:52:23 +01:00
Geoffrey White
fcdbe0f512 C++: Add a const conversion constructor to std::iterator in the tests. 2020-09-03 10:52:23 +01:00
Rasmus Wriedt Larsen
9a821bf449 Merge pull request #4 from yoff/RasmusWL-python-more-complete-dataflow-tests 
Python: Annotate test file
 2020-09-03 11:28:42 +02:00
Rasmus Lerchedahl Petersen
aad51af4ce Python: use concrete iterable source 2020-09-03 11:25:41 +02:00
yoff
8997799e4d Merge pull request #1 from RasmusWL/RasmusWL-python-more-complete-dataflow-tests 
Small fixups to your PR to my PR
 2020-09-03 11:14:52 +02:00
Rasmus Wriedt Larsen
b958c3b833 Python: Update comment for test8 2020-09-03 11:13:32 +02:00
CodeQL CI
aa4237c27c Merge pull request #4191 from erik-krogh/v8Syntax 
Approved by esbena
 2020-09-03 09:57:00 +01:00
Erik Krogh Kristensen
3952553953 adjust comment about inconsistency for XSS in typeahead 2020-09-03 10:50:40 +02:00
Alessio Della Libera
116e7d006d Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-03 10:32:18 +02:00
Alessio Della Libera
bfae0ef5d5 Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-03 10:32:08 +02:00
CodeQL CI
2ba84be565 Merge pull request #4185 from erik-krogh/unusedArrDestruct 
Approved by esbena
 2020-09-03 09:18:15 +01:00
Erik Krogh Kristensen
4fdd2cd794 add change note 2020-09-03 10:06:52 +02:00
Erik Krogh Kristensen
1f9749fbfe revert mailto: change in TargetBlank.ql 2020-09-03 09:39:01 +02:00