hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,895 Commits 1,671 Branches 157 Tags
4f54bb66b807ee4b22f6be28cfbb71d21b901b10
Commit Graph

7811 Commits

Author SHA1 Message Date
ihsinme
8335778e20 Update ImproperCheckReturnValueScanf.qhelp 2022-03-08 07:45:07 +03:00
ihsinme
c0c7748c5e Apply suggestions from code review 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-03-08 07:42:35 +03:00
Taus
af7f532212 Python: Fix up a bunch of function QLDoc 2022-03-07 18:59:49 +00:00
Geoffrey White
c793699562 C++: Change note. 2022-03-07 17:41:00 +00:00
Geoffrey White
fc6f42296a C++: Upgrade cpp/system-data-exposure. 2022-03-07 17:39:04 +00:00
Geoffrey White
cb33ed4fc2 C++: Only look for sensitive strings in appropriate parameters. 2022-03-07 11:29:09 +00:00
Mathias Vorreiter Pedersen
c7d624d314 Merge pull request #8247 from ihsinme/ihsinme-patch-80 
CPP: Add query for CWE-190: Integer Overflow or Wraparound when using transform after operation
 2022-03-07 11:00:29 +00:00
Geoffrey White
e7dca435a9 Merge pull request #6950 from ihsinme/ihsinme-patch-078 
CPP: Add query for CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
 2022-03-07 10:55:29 +00:00
Geoffrey White
f1d6234483 C++: Add more information about registry query parameters. 2022-03-07 09:45:31 +00:00
Mathias Vorreiter Pedersen
027c8247ae Merge pull request #8310 from jketema/update-stats 
C++: Update the DB scheme stats file
 2022-03-07 09:11:53 +00:00
Geoffrey White
4316026720 C++: VariableAccess -> Expr. 2022-03-04 18:00:54 +00:00
Mathias Vorreiter Pedersen
624795cbbf Merge pull request #8059 from rdmarsh2/rdmarsh2/cpp/insufficient-key-strength 
C++: new query for insufficient key strength
 2022-03-04 17:11:44 +00:00
Robert Marsh
280fdbfc1b C++: accept test output from perf improvement 
The last commit removed some source nodes from the dataflow graph, which
changed the test expectations slightly. No result changes occurred.
 2022-03-04 11:39:10 -05:00
Geoffrey White
17cd4d86f1 Fix tests. 2022-03-04 12:27:48 +00:00
Mathias Vorreiter Pedersen
9a91e66714 Merge pull request #8321 from MathiasVP/improve-using-expired-address-query 
C++: More TPs from `cpp/using-expired-stack-address`
 2022-03-04 12:07:55 +00:00
ihsinme
467136c173 Create ExposureSensitiveInformationUnauthorizedActor.expected 2022-03-04 00:02:44 +03:00
ihsinme
77bc26681d Create ExposureSensitiveInformationUnauthorizedActor.expected 2022-03-04 00:02:26 +03:00
Robert Marsh
60532e631e C++: fix missing paren 2022-03-03 14:45:43 -05:00
ihsinme
5d1dee24d4 Create ExposureSensitiveInformationUnauthorizedActor.qlref 2022-03-03 20:04:54 +03:00
ihsinme
7b3546ea30 Create ExposureSensitiveInformationUnauthorizedActor.qlref 2022-03-03 20:04:17 +03:00
ihsinme
625f74e9be Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/test2.cpp to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/test3/test.cpp 2022-03-03 20:01:24 +03:00
ihsinme
8eec20644f Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/test1.cpp to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/test2/test.cpp 2022-03-03 20:00:54 +03:00
ihsinme
6e951f74ed Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/test.cpp to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/test1/test.cpp 2022-03-03 20:00:18 +03:00
ihsinme
9c04bd12f5 Update and rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/ExposureSensitiveInformationUnauthorizedActor.expected to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/test1/ExposureSensitiveInformationUnauthorizedActor.expected 2022-03-03 19:59:36 +03:00
ihsinme
e1c1f80f28 Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/ExposureSensitiveInformationUnauthorizedActor.qlref to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/test1/ExposureSensitiveInformationUnauthorizedActor.qlref 2022-03-03 19:58:16 +03:00
ihsinme
b32be69e0a Update DangerousUseOfTransformationAfterOperation.expected 2022-03-03 19:55:30 +03:00
Mathias Vorreiter Pedersen
bf10456bf5 C++: Add a path explanation to the 'cpp/using-expired-stack-address' query. 2022-03-03 13:55:00 +00:00
Mathias Vorreiter Pedersen
9df923a7c8 C++: Catch more true positives by stepping into calls in the 'cpp/using-expired-stack-address' query. 2022-03-03 13:53:09 +00:00
Geoffrey White
6848b6095b C++: Autoformat. 2022-03-03 12:51:54 +00:00
Geoffrey White
5c6923c099 C++: Improve and differentiate the qhelp. 2022-03-03 11:04:55 +00:00
Geoffrey White
88b7a085b0 C++: Make the bulk of test cases in tests.cpp more relevant. 2022-03-03 10:40:17 +00:00
Geoffrey White
07b4bf7023 C++: Use the same trick as in ExposedSystemData to catch a few more results. 2022-03-03 10:33:39 +00:00
Geoffrey White
6e5729c924 C++: Fix typo and adjust violation message wording. 2022-03-03 10:28:53 +00:00
Geoffrey White
9e193f624c C++: Change note. 2022-03-03 09:55:02 +00:00
Jeroen Ketema
f80372b837 C++: Update the DB scheme stats file 2022-03-03 09:02:37 +01:00
ihsinme
01f9114a80 Update test.cpp 2022-03-03 10:57:11 +03:00
ihsinme
bec4170bdf Update ImproperCheckReturnValueScanf.expected 2022-03-03 10:39:19 +03:00
ihsinme
8e0c0ad200 Update test.cpp 2022-03-03 10:37:31 +03:00
ihsinme
25b3aba823 Update test.cpp 2022-03-03 10:21:38 +03:00
ihsinme
2dc85e183c Update test.cpp 2022-03-03 10:20:41 +03:00
ihsinme
547342cd61 Update test.cpp 2022-03-03 10:16:00 +03:00
ihsinme
1a30b8d467 Apply suggestions from code review 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-03-03 10:14:22 +03:00
Jeroen Ketema
2fd950caad C++: Fix join order in the IR dataflow library 
Not having this fixed caused problems when updating the database
scheme stats file.
 2022-03-03 07:42:52 +01:00
Robert Marsh
9fb94d85b4 C++: performance tweaks for InsufficientKeySize 2022-03-02 15:59:42 -05:00
Geoffrey White
2a14a4f14e C++: Fill in metadata. 2022-03-02 18:52:52 +00:00
Geoffrey White
66b9356eb9 C++: There is no overlap between OutputWrite and RemoteFlowSinkFunction. 2022-03-02 18:16:39 +00:00
Geoffrey White
a1ace7122d C++: Move SystemData class into a library. 2022-03-02 18:01:06 +00:00
Geoffrey White
70e4a409fd C++: Add the new query to tests. 2022-03-02 17:56:53 +00:00
Geoffrey White
d95b56fca0 C++: Create prototype query. 2022-03-02 17:56:49 +00:00
Geoffrey White
67aa1449ce C++: Add some more test cases (moved from the private repo). 2022-03-02 17:23:07 +00:00