hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-10 17:44:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
25,515 Commits 1,739 Branches 164 Tags
51243454c890c3c58c0d9ba767dfec8a030ba2ed
Commit Graph

25515 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sauyon Lee
fd02dcdf2e Java: Add models for collection constructors 2021-07-22 07:23:26 -07:00
Rasmus Wriedt Larsen
42a997cbcb Python: Fix deprecation warning 2021-07-22 15:59:13 +02:00
Ethan P
1606d96859 fix typo 2021-07-22 09:58:43 -04:00
Rasmus Wriedt Larsen
71e6db8a01 Merge branch 'main' into jorgectf/python/ldapimproperauth 2021-07-22 15:57:43 +02:00
haby0
d8f5f6987b Fix 2021-07-22 21:53:41 +08:00
Taus
6ea8ef5d16 Merge branch 'rc/3.2' into mergeback-rc/3.2-to-main 2021-07-22 13:52:56 +00:00
haby0
e160352b38 Fix 2021-07-22 21:48:46 +08:00
Taus
08f480a556 Merge pull request #6351 from tausbn/python-hotfix-localsourcenode-typetrackingnode 
Python: Hotfix `LocalSourceNode`
codeql-cli/v2.5.9 		2021-07-22 15:47:59 +02:00
haby0
735ab28040 Update java/ql/src/experimental/Security/CWE/CWE-470/UnsafeReflection.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-07-22 21:45:30 +08:00
haby0
7cf2e9ed79 Update java/ql/src/experimental/Security/CWE/CWE-470/UnsafeReflection.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-07-22 21:45:29 +08:00
haby0
46a212b712 Update java/ql/src/experimental/Security/CWE/CWE-470/UnsafeReflection.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-07-22 21:45:29 +08:00
haby0
676f0ad817 Update java/ql/src/experimental/Security/CWE/CWE-470/UnsafeReflection.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-07-22 21:45:29 +08:00
haby0
4ebf0ed7c5 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') 2021-07-22 21:45:29 +08:00
Chris Smowton
40173f7abb Remove stubbing script outputs 2021-07-22 14:33:34 +01:00
Rasmus Wriedt Larsen
802d9bda83 Merge pull request #5680 from mrthankyou/python-use-sqlalchemy 
Python: Add SqlAlchemy model
 2021-07-22 15:31:39 +02:00
Mathias Vorreiter Pedersen
f6f9c8af65 Merge pull request #6350 from MathiasVP/mergeback-2021-07-22 
Mergeback `rc/3.2`
 2021-07-22 15:13:44 +02:00
Taus
020c6e3b3b Python: Update change note 2021-07-22 13:11:29 +00:00
Taus
badf6311c9 Python: Remove flow between globals... 
... in a local scope. Or rather, remove these from the `hasLocalSource`
relation.

This prevents a quadratic blowup when the same global is mentioned
_a lot_ of times within a single function scope.
 2021-07-22 13:10:40 +00:00
Taus
ed794f42b5 Python: Soft revert TypeTrackingNode 
Temporarily instates `TypeTrackingNode` as an alias of `LocalSourceNode`
as having it as a separate class lead to performance regressions.

In the hopes that this will be resolved in the near future, I have left
the current `TypeTrackingNode` implementation in situ, but hidden inside
a `FutureWork` private module.
 2021-07-22 13:10:07 +00:00
Mathias Vorreiter Pedersen
e34261accf Merge branch 'rc/3.2' into mergeback-2021-07-22 2021-07-22 14:40:22 +02:00
Geoffrey White
7fdac2a792 Merge pull request #6347 from MathiasVP/import-gvn-to-prevent-ir-reevaluation 
C++: Import 'GVN' in 'Overflow.qll' to prevent IR reevaluation.
codeql-cli/v2.5.8 		2021-07-22 13:37:03 +01:00
Ethan P
09c2ccafd8 Formatting fixes 2021-07-22 08:31:28 -04:00
Taus
b8a40bb7f1 Merge pull request #6348 from tausbn/python-hotfix-disable-redos-queries 
Python: Hotfix: Disable ReDoS queries
 2021-07-22 13:32:14 +02:00
Dominik Bamberger
6d869f2572 Remove section on 'Creating a custom QL pack'. 2021-07-22 13:25:01 +02:00
Taus
bfe42ae146 Python: Update change note 2021-07-22 11:10:08 +00:00
Taus
e9a4114c04 Python: Hotfix: Disable ReDoS queries 2021-07-22 10:58:49 +00:00
Geoffrey White
a4c137fae5 C++: Add '_fsopen' as well. 2021-07-22 11:31:41 +01:00
Mathias Vorreiter Pedersen
39144ee02b C++: Import 'GVN' in 'Overflow.qll' to prevent IR reevaluation. 2021-07-22 11:35:16 +02:00
Chris Smowton
e2a533c7de Merge pull request #6346 from aschackmull/java/perf-fix 
Java: Fix bad magic.
 2021-07-22 10:15:16 +01:00
Chris Smowton
605f037af8 Merge pull request #6247 from p0wn4j/spring-responseentity-redirect-sink 
[Java] CWE-601: Add Spring URL Redirect ResponseEntity sink
 2021-07-22 09:45:30 +01:00
Anders Schack-Mulligen
dcfc027b5f Java: Fix bad magic. 2021-07-22 10:12:49 +02:00
Chris Smowton
c568a9463a Remove <> qualifier from ResponseEntity name 
This was an extractor bug that was fixed recently
 2021-07-21 17:58:06 +01:00
Geoffrey White
fa0f5d08a2 Merge branch 'main' into toctou2 2021-07-21 16:21:29 +01:00
Ethan P
3a048a1cdd Add `qlpack.yml` information 2021-07-21 09:27:41 -04:00
Mathias Vorreiter Pedersen
73ee7409f6 Merge pull request #6342 from MathiasVP/fix-fp-in-uninitialized-local 
C++: Fix FP in `cpp/uninitialized-local`
 2021-07-21 14:46:57 +02:00
Ethan P
2cdf404e05 Create "About CodeQL packs" and add to ToC 2021-07-21 08:10:46 -04:00
Anders Schack-Mulligen
22f6b021ba Merge pull request #6338 from aschackmull/java/cleanup-deprecated 
Java: Remove deprecated ParExpr.
 2021-07-21 11:36:40 +02:00
Geoffrey White
daed988108 Merge pull request #6341 from MathiasVP/mergeback-2021-07-21 
Mergeback `rc/3.2`
 2021-07-21 10:35:07 +01:00
Mathias Vorreiter Pedersen
e536cecefe C++: Fix FP caused by a variable missing type information. 2021-07-21 11:04:23 +02:00
Mathias Vorreiter Pedersen
6d0290809d Merge branch 'rc/3.2' into mergeback-2021-07-21 2021-07-21 10:23:58 +02:00
Pavel Avgustinov
2d9600de4a Merge pull request #6340 from MathiasVP/revert-path-sensitive-stackvariablereachability 
C++: Revert #6004
 2021-07-21 09:17:56 +01:00
Tony Torralba
76905c47b4 Formatting 2021-07-21 09:47:45 +02:00
ihsinme
8aac5b339e Update FindIncorrectlyUsedExceptions.expected 2021-07-21 09:49:19 +03:00
ihsinme
4202759bcc Update test.cpp 2021-07-21 09:48:36 +03:00
ihsinme
2d1924ac0e Update test.cpp 2021-07-21 08:32:18 +03:00
ihsinme
cf689b83a9 Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-07-21 08:29:42 +03:00
Ethan P
0eb2f903a3 add procedural information for publishing and using CodeQL packs 2021-07-20 23:21:36 -04:00
Ethan P
e586765cbe add new articles to ToC 2021-07-20 22:33:06 -04:00
p0wn4j
f0d5520976 Add Spring URL Redirect ResponseEntity sink 
Copyedit qhelp
 2021-07-21 03:16:16 +04:00
Ethan P
96de32bd2a Add conceptual information "Creating and working with CodeQL packs" 2021-07-20 14:01:30 -04:00