hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 14:46:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,540 Commits 1,673 Branches 157 Tags
4fdbda35435142fec8e7b2cb7bc07ff500ada978
Commit Graph

19540 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CodeQL CI
4fdbda3543 Merge pull request #5056 from erik-krogh/react 
Approved by asgerf
 2021-02-02 01:40:08 -08:00
Tom Hvitved
8abc37fba3 Merge pull request #5051 from hvitved/csharp/ssa/caching 
C#: Reduce caching in `SsaImplCommon.qll`
 2021-02-02 08:35:03 +01:00
CodeQL CI
749dfe4358 Merge pull request #5068 from Marcono1234/patch-1 
Approved by shati-patel
 2021-02-01 08:47:55 -08:00
yoff
b92af8bcec Merge pull request #5042 from RasmusWL/django-more-view-classes 
Python: Add full-path modeling of Django more view classes
 2021-02-01 17:33:29 +01:00
Marcono1234
fa469587c1 Remove duplicate word in language specification 2021-02-01 17:32:53 +01:00
yoff
c0511ca9f9 Merge pull request #5053 from github/python-add-essavariable-locations 
Python: Add locations for ESSA variables
 2021-02-01 17:31:25 +01:00
Tamás Vajk
700a2dbb93 Merge pull request #5063 from tamasvajk/feature/remove-indexerproperty-ast 
C#: Report IndexerProperty as Property in the PrintAST query
 2021-02-01 17:25:25 +01:00
Mathias Vorreiter Pedersen
71e1218ad5 Merge pull request #5061 from MathiasVP/more-memcpy-memset-strcpy-strcat-models 
C++: Add more memcpy, memset, strcat and strcpy models
 2021-02-01 16:25:01 +01:00
Taus Brock-Nannestad
fc01e5607f Python: Use getLocation directly on EssaNode 2021-02-01 14:55:18 +01:00
CodeQL CI
2de230ea75 Merge pull request #5062 from esbena/js/test-for-html-concat-obfuscation 
Approved by erik-krogh
 2021-02-01 05:29:50 -08:00
Taus
b8b42eaea3 Merge pull request #5064 from RasmusWL/fix-missing-override 
Python: Add missing override annotation
 2021-02-01 12:37:38 +01:00
Mathias Vorreiter Pedersen
61125b4bf2 C++: Address review comments. 2021-02-01 12:15:57 +01:00
Taus
3179546b8c Merge pull request #5058 from yoff/python-add-consistency-checks-to-all-dataflow-test-folders 
Python: Add consistency checks to all data-flow test folders
 2021-02-01 11:41:31 +01:00
Rasmus Wriedt Larsen
4ef9a6cf2a Python: Add missing override annotation 2021-02-01 11:28:41 +01:00
Rasmus Wriedt Larsen
4b6a59a126 Python: Apply code-review suggestion 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-02-01 11:12:32 +01:00
Esben Sparre Andreasen
9678534f25 JS: add tests for some syntactic XSS vector obfuscations 2021-02-01 10:20:23 +01:00
Tamas Vajk
1b6cb340d3 C#: Report IndexerProperty as Property in the PrintAST query 2021-02-01 10:08:51 +01:00
Erik Krogh Kristensen
aae69c6537 update expected output 2021-02-01 09:33:52 +01:00
Tamás Vajk
aa35fcafeb Merge pull request #5018 from tamasvajk/feature/csharp9-binary-pattern-cfg 
C#: Extract 'and' and 'or' patterns
 2021-02-01 09:17:52 +01:00
Rasmus Lerchedahl Petersen
6730396ad6 Python: Remove tests from non-test directory 2021-02-01 08:52:00 +01:00
Mathias Vorreiter Pedersen
6c3f44bba8 C++: Add more memcpy, memset, strcat and strcpy models. Also refine which strcpy functions can live in the std namespace. 2021-02-01 08:44:10 +01:00
Geoffrey White
064d89735b Merge pull request #5046 from MathiasVP/model-more-pure-functions 
C++: Model more pure functions
 2021-01-29 22:05:48 +00:00
Rasmus Lerchedahl Petersen
f6fa1276a6 Python: Add consistency checks 
to all data-flow test floders
 2021-01-29 21:28:43 +01:00
Tamas Vajk
7e9913a8a7 Fix failing pattern tests 2021-01-29 17:25:44 +01:00
Tamas Vajk
a9c51e7300 Fix missing pattern matching completions 2021-01-29 15:16:30 +01:00
CodeQL CI
c9537f2639 Merge pull request #5029 from asgerf/js/silence-angular-template-fps 
Approved by erik-krogh
 2021-01-29 06:06:37 -08:00
Taus Brock-Nannestad
817a142abc Python: Add getLocation to EssaVariable. 
This may be a slightly "bogus" location to provide for ESSA variables,
but it can be useful for debugging. For instance, where previously you
might just see

```
SSA variable x | ...
SSA variable x | ...
SSA variable x | ...
SSA variable x | ...
SSA variable x | ...
SSA variable x | ...
```

where each instance of `SSA variable x` was just a bare string, now
each occurrence will tell you (via its location) _where_ this variable
is being (re)defined.
 2021-01-29 14:45:12 +01:00
Taus
cb195a0dc4 Merge pull request #4752 from yoff/python-dataflow-unpacking-assignment 
Python: Dataflow, unpacking assignment
 2021-01-29 14:15:28 +01:00
Taus
be5b7bb4c4 Merge pull request #5022 from yoff/python-split-lambdas 
Python: Callable for lambdas
 2021-01-29 14:12:26 +01:00
Erik Krogh Kristensen
c9ec983cd8 add js/client-side-unvalidated-url-redirection test for script tags inside react code 2021-01-29 12:50:43 +01:00
Erik Krogh Kristensen
39591687ba add js/code-injection sink for script tags in React 2021-01-29 12:50:17 +01:00
Tom Hvitved
bf5851f1c2 C#: Reduce caching in SsaImplCommon.qll 2021-01-29 11:42:52 +01:00
Tom Hvitved
1a507ff497 C#: Remove Cached module from SsaImplCommon.qll 2021-01-29 10:52:42 +01:00
Geoffrey White
50f2557dd2 Merge pull request #5043 from MathiasVP/uniform-treatment-of-params-and-qualifiers-in-model-dataflow 
C++: Uniform treatment of parameters and qualifiers in model dataflow
 2021-01-29 09:48:07 +00:00
Mathias Vorreiter Pedersen
339c4c6ce0 C++: Model more pure functions. 2021-01-28 19:37:53 +01:00
Geoffrey White
7d9ebaf9d8 Merge pull request #5040 from MathiasVP/strset-and-strtok-models 
C++: Strset and strtok model implementations
 2021-01-28 18:34:06 +00:00
Geoffrey White
768be9ec2c Merge pull request #5041 from ihsinme/ihsinme-patch-198 
CPP: Improve cpp/memory-leak-on-failed-call-to-realloc
 2021-01-28 18:29:24 +00:00
Mathias Vorreiter Pedersen
23eb4d2009 C++: Fix isParameterDeref typo. 2021-01-28 18:29:30 +01:00
Mathias Vorreiter Pedersen
75aa1e8a3b C++: Respond to review comments. 2021-01-28 16:39:11 +01:00
Geoffrey White
02d60a26eb Merge pull request #5037 from github/igfoo/decltype 
C++: decltypes may have multiple expressions
 2021-01-28 14:44:53 +00:00
Shati Patel
1c56c30eba Merge pull request #5028 from shati-patel/docs/update-footer 
Docs: Update copyright date in footer
 2021-01-28 13:11:43 +00:00
Tom Hvitved
59d87e2570 Merge pull request #4557 from hvitved/csharp/dataflow/parameters 
C#: Simpler data-flow modelling of parameters
 2021-01-28 14:02:42 +01:00
ihsinme
f94a7fc2f0 Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-28 15:47:38 +03:00
Mathias Vorreiter Pedersen
5a420f2bae C++: Use the new predicates for uniform treatment of parameters and qualifiers in model dataflow. 2021-01-28 13:33:08 +01:00
Rasmus Wriedt Larsen
b6007cf324 Merge pull request #5023 from yoff/python-unify-synthetic-post-update-nodes 
Python: Only generate one post-update node, even if there are multiple reasons for doing so.
 2021-01-28 13:11:50 +01:00
Rasmus Wriedt Larsen
173012578e Python: Add missing type-tracking step for django.views 
Easy to overlook, and will onyl be caught by tests if they use `import
parent.thing` and not `from parent import thing`
 2021-01-28 12:10:42 +01:00
Rasmus Wriedt Larsen
54725ccbb9 Python: Support full-path import of Django View class 
requestHandler still MISSING :(
 2021-01-28 12:10:40 +01:00
Rasmus Wriedt Larsen
61d69f2cc8 Python: Add test for full-path import of Django View class 2021-01-28 12:10:39 +01:00
ihsinme
2b4296feb1 Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-28 13:38:26 +03:00
ihsinme
cf565970e3 Merge pull request #1 from github/main 
update fork
 2021-01-28 13:26:11 +03:00