hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-28 18:28:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,142 Commits 1,723 Branches 164 Tags
47f59b4fd8a05b771af59480bfd6044fdb91efad
Commit Graph

1142 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
47f59b4fd8 JS: fix typo 2018-10-26 14:08:44 +01:00
Asger F
3bd91bdf08 JS: introduce common class for Babel plugins 2018-10-26 12:55:37 +01:00
Asger F
7285562c72 JS: add change note 2018-10-26 12:09:10 +01:00
Asger F
91943ae2cb JS: support transform-react-jsx plugin 2018-10-26 12:06:56 +01:00
Asger F
d7eb4ef40e JS: test case for transform-react-jsx plugin 2018-10-26 12:06:18 +01:00
Geoffrey White
fa55e31f7a Merge pull request #362 from jbj/return-this-noreturn 
C++: Fix "Overloaded assignment does not return 'this'" for non-returning functions
 2018-10-26 09:30:36 +01:00
semmle-qlci
cbc2d9e257 Merge pull request #361 from aschackmull/java/springweb-servlet-sources 
Approved by yh-semmle
 2018-10-26 02:06:11 +01:00
semmle-qlci
905911014d Merge pull request #358 from aschackmull/java/sql-sinks 
Approved by yh-semmle
 2018-10-26 01:42:37 +01:00
Max Schaefer
b880a60095 Merge pull request #363 from xiemaisi/js/destructuring-assignment-cfg 
JavaScript: Improve handling of destructuring assignments.
 2018-10-25 20:28:53 +01:00
Max Schaefer
38534a6e2f JavaScript: Address review comment. 2018-10-25 15:31:46 +01:00
Max Schaefer
34b33ca04c JavaScript: Recognise rest patterns as lvalues. 2018-10-25 15:31:46 +01:00
Max Schaefer
394d7b7a9b JavaScript: Update expected output of CFG test. 2018-10-25 15:31:46 +01:00
Max Schaefer
8402ee8374 JavaScript: Refactor getDefReachingEndOf to improve performance. 2018-10-25 15:31:46 +01:00
Max Schaefer
09ef1a719a JavaScript: Pull out auxiliary predicates to improve join order in liveAfterDef. 2018-10-25 15:31:46 +01:00
Max Schaefer
59bbd025a5 JavaScript: Pull out auxiliary predicate to improve join order in TPhi. 2018-10-25 15:31:46 +01:00
Max Schaefer
d2993b9e04 JavaScript: Model data flow of destructuring assignments more precisely. 2018-10-25 15:31:46 +01:00
Pavel Avgustinov
c577f6d9f8 Merge pull request #365 from aschackmull/java/response-splitting-whitelist-cookiename 
Java: Whitelist Cookie::getName for HTTP response splitting.
 2018-10-25 13:18:03 +01:00
Anders Schack-Mulligen
8fe1634fcc Java: Add test. 2018-10-25 13:00:15 +02:00
Anders Schack-Mulligen
1188e18837 Java: Whitelist Cookie::getName for HTTP response splitting. 2018-10-25 12:02:33 +02:00
Jonas Jensen
5cbfdd1029 C++: Cover more cases of returning *this 2018-10-25 10:41:56 +02:00
Jonas Jensen
d144f0d154 C++: Test for unreachable return statement 
This test shows that the previous fix did not solve the problem where a
bad return statement exists but is unreachable.
 2018-10-25 09:42:15 +02:00
semmle-qlci
cfe0b8803a Merge pull request #332 from raulgarciamsft/users/raulga/c6293a 
Approved by dave-bartolomeo
 2018-10-25 00:59:35 +01:00
Raul Garcia
e1efcb0b26 Update .gitignore 2018-10-24 15:23:40 -07:00
Raul Garcia
a04eb53189 Documentation bug fix. 
Encoding the "<" character
 2018-10-24 15:22:53 -07:00
Aditya Sharad
292189c1e0 Merge pull request #347 from xiemaisi/rc/1.18-master-merge 
Mergeback rc/1.18 to master
 2018-10-24 16:03:30 +01:00
Jonas Jensen
3c6bed4de6 C++: FP fix for "operator= doesn't return *this" 2018-10-24 15:44:00 +02:00
Jonas Jensen
47a548f564 C++: FP test for "operator= doesn't return *this" 
This rule should not apply to functions that never return.
 2018-10-24 15:42:39 +02:00
Anders Schack-Mulligen
1d716ae461 Java: Add remote user input sources for Spring servlets. 2018-10-24 15:00:15 +02:00
Anders Schack-Mulligen
263de5219a Java: Add additional SQL injection sinks. 2018-10-24 13:58:21 +02:00
semmle-qlci
21ff87d6a3 Merge pull request #353 from xiemaisi/js/port-tests 
Approved by asger-semmle, esben-semmle
 2018-10-24 12:47:48 +01:00
Tom Hvitved
97904eb202 Revert "JavaScript: Patch CFG to improve support for non-top level import declarations." 
This reverts commit f05e777e64.
 2018-10-24 10:45:57 +01:00
Max Schaefer
9a856935db Merge remote-tracking branch 'upstream/rc/1.18' into rc/1.18-master-merge 2018-10-24 10:43:37 +01:00
Max Schaefer
f103b1a371 JavaScript: Copy over a test left in internal repo. 
This test seems to have been accidentally committed into the old location in the internal repo.
 2018-10-24 08:40:54 +01:00
Jonas Jensen
7affbe4a7d Merge pull request #341 from geoffw0/av_114 
CPP: Improve AV Rule 114.ql's understanding of return types.
 2018-10-24 09:39:51 +02:00
Jonas Jensen
640de0c947 Merge pull request #304 from geoffw0/resource-released 
CPP: Fix false positive in AV Rule 79.ql
 2018-10-23 20:24:23 +02:00
semmledocs-ac
1f390f2f77 Merge pull request #326 from rdmarsh2/rdmarsh/cpp/dead-code-goto 
C++: new query for dead code after goto or break
 2018-10-23 16:55:14 +01:00
Geoffrey White
dda7069890 CPP: Look for destructors in the template. 2018-10-23 13:05:43 +01:00
Geoffrey White
76a5072c8b CPP: Change in results presumed to result from discover_walk extractor changes. 2018-10-23 13:05:43 +01:00
Geoffrey White
982fd522f1 CPP: Change note. 2018-10-23 13:05:43 +01:00
Geoffrey White
905336a625 CPP: Refine fix. 2018-10-23 13:05:42 +01:00
Geoffrey White
b861df0887 CPP: Fix issue when destructor body is missing. 2018-10-23 13:05:42 +01:00
Geoffrey White
5931a978dc CPP: Add a test of a template instantiation where the destructor is never called. 2018-10-23 13:05:42 +01:00
Geoffrey White
f20af4906b CPP: Add a test of a Shutdown / Clear method. 2018-10-23 13:05:42 +01:00
semmle-qlci
b1a463bf93 Merge pull request #349 from hvitved/csharp/extractor/no-global-json 
Approved by calumgrant
 2018-10-23 12:00:28 +01:00
Tom Hvitved
a3fafd9ad1 C#: Remove global.json 2018-10-23 11:51:27 +02:00
Aditya Sharad
c88db424fa Merge pull request #343 from geoffw0/av-35-1.18 
CPP: Fix hasXMacro performance.
 2018-10-23 10:24:16 +01:00
Max Schaefer
3522200e90 Merge pull request #342 from xiemaisi/rc/1.18-cherry-picks 
JavaScript: 1.18.1 cherry-picks
 2018-10-22 20:03:22 +01:00
Geoffrey White
de1556042a CPP: Fix hasXMacro performance. 2018-10-22 19:43:04 +01:00
Robert Marsh
f674d43ab1 Merge pull request #329 from geoffw0/overflowdest 
CPP: Improve Overflowdest.ql
 2018-10-22 10:51:41 -07:00
Robert Marsh
7bcc4379fc C++: accept loops with arbitrary labels or cases 2018-10-22 09:59:49 -07:00