codeql

mirror of https://github.com/github/codeql.git synced 2026-04-18 05:24:01 +02:00

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	5604fd7d80	C++: Rewrite 'cpp/user-controlled-bypass' away from 'DefaultTaintTracking'.	2023-11-23 17:35:54 +00:00
Mathias Vorreiter Pedersen	257d94be20	Merge pull request #14886 from jketema/rewrite-tainted-condition C++: Rewrite `cpp/tainted-permissions-check` to not use `DefaultTaintTracking`	2023-11-23 16:18:03 +00:00
Mathias Vorreiter Pedersen	149fb7bbc2	Merge pull request #14881 from MathiasVP/no-dtt-in-user-controlled-null-termination-tainted C++: Rewrite `cpp/user-controlled-null-termination-tainted` away from `DefaultTaintTracking`	2023-11-23 14:41:33 +00:00
Owen Mansel-Chan	2c99e70e2b	Merge pull request #14890 from owen-mc/go/fix-change-note-query-reference Go: Change how we refer to a query in a change note	2023-11-23 14:15:05 +00:00
Mathias Vorreiter Pedersen	401a378598	C++: Accept test changes.	2023-11-23 14:12:16 +00:00
Mathias Vorreiter Pedersen	b774ae07c8	Update cpp/ql/src/Security/CWE/CWE-170/ImproperNullTerminationTainted.ql Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>	2023-11-23 14:10:57 +00:00
Jeroen Ketema	7834626e26	C++: Rewrite `cpp/tainted-permissions-check` to not use `DefaultTaintTracking`	2023-11-23 14:52:53 +01:00
Owen Mansel-Chan	436fd9e736	Merge pull request #14775 from aydinnyunus/main Golang: Web Cache Deception Vulnerability	2023-11-23 13:50:10 +00:00
Owen Mansel-Chan	25a2aef623	Update library name in change note	2023-11-23 13:42:21 +00:00
Owen Mansel-Chan	25d5104468	Change how we refer to a query in a change note	2023-11-23 13:22:05 +00:00
Joe Farebrother	561b769a79	Merge pull request #14343 from joefarebrother/csharp-xss-flow-step C#: Add flow steps for View calls refering to Razor pages	2023-11-23 13:05:02 +00:00
Rasmus Wriedt Larsen	4e0cca9a41	Merge pull request #14353 from GeekMasher/py-restframework Python: support `args` and `*kwargs` in request handlers	2023-11-23 14:04:36 +01:00
Paolo Tranquilli	7588813864	Merge pull request #14864 from github/redsun82/swift-qldocs Swift: generate more QLdocs	2023-11-23 13:42:46 +01:00
Joe Farebrother	befb1ccd84	Fix integration tests for windows	2023-11-23 10:56:45 +00:00
Joe Farebrother	e4edb19f43	Update to hasFullyQualifiedName	2023-11-23 10:56:45 +00:00
Joe Farebrother	f24c042d04	Rename Razor Page class to Razor View class	2023-11-23 10:56:45 +00:00
Joe Farebrother	aa3fd6add0	Fix standalone tests	2023-11-23 10:56:45 +00:00
Joe Farebrother	33186ac797	Add integration tests	2023-11-23 10:56:45 +00:00
Joe Farebrother	82fbae3e5a	Handle standalone extraction case in which generated files list absolute paths	2023-11-23 10:56:45 +00:00
Joe Farebrother	26c048a650	Minor refactoring	2023-11-23 10:56:44 +00:00
Joe Farebrother	e2e4642037	Remove redundant import	2023-11-23 10:56:44 +00:00
Joe Farebrother	7a098dde50	Remove AdditionalTaintStep (redundant with NonLocalJumpNode)	2023-11-23 10:56:44 +00:00
Joe Farebrother	9af44ed0a2	Convert flow steps to value steps	2023-11-23 10:56:44 +00:00
Joe Farebrother	052166f17e	Fix issue in genfiles.py + add help text	2023-11-23 10:56:44 +00:00
Joe Farebrother	96bddde7c1	Review suggestions - Remove unneeded import in tests, rename RazorPage to RazorPageClass	2023-11-23 10:56:44 +00:00
Joe Farebrother	ef15980bb6	Remove unnecessary check for the name parameter as parameter 1	2023-11-23 10:56:43 +00:00
Joe Farebrother	2416040854	Review suggestions - make import private and update change note	2023-11-23 10:56:43 +00:00
Joe Farebrother	047f8e485a	Make the additional flow steps generally applicible to all queries	2023-11-23 10:56:43 +00:00
Joe Farebrother	0ed7b3c3ad	Update qldoc	2023-11-23 10:56:43 +00:00
Joe Farebrother	7371751801	Add change note	2023-11-23 10:56:43 +00:00
Joe Farebrother	826111dc08	Separate area view discovery list for increased precision	2023-11-23 10:56:42 +00:00
Joe Farebrother	f2c3d83d9e	Add tests for area cases	2023-11-23 10:56:42 +00:00
Joe Farebrother	7bd7cc5dbe	Fix tests	2023-11-23 10:56:42 +00:00
Joe Farebrother	f1b0f1a35d	Use shared filepath normalization libary	2023-11-23 10:56:42 +00:00
Joe Farebrother	7194113a64	Add areas	2023-11-23 10:56:42 +00:00
Joe Farebrother	7691cbce87	Add additional test cases	2023-11-23 10:56:42 +00:00
Joe Farebrother	f84b2a96af	Add support for view locations defined in code through RazoeViewEngineOptions	2023-11-23 10:56:42 +00:00
Joe Farebrother	4f5ecb899b	Add unit tests + fix issue in stubs	2023-11-23 10:56:41 +00:00
Joe Farebrother	ac3f642b45	Unit tests - Write script to aid generating necessary code from .cshtml files.	2023-11-23 10:56:41 +00:00
Joe Farebrother	12a579e0aa	Add relative filepath lookup	2023-11-23 10:56:41 +00:00
Joe Farebrother	40a7223620	Implement xss flow step for absolute filepath case	2023-11-23 10:56:41 +00:00
Rasmus Wriedt Larsen	d056706af5	Merge pull request #14725 from RasmusWL/re-modeling Python: Add taint-flow modeling for `re` module	2023-11-23 11:35:36 +01:00
Erik Krogh Kristensen	ef8d38e9e0	Merge pull request #14885 from erik-krogh/update-changenotes JS: update the JS change notes to mention security severity instead of just severity	2023-11-23 11:17:53 +01:00
Rasmus Wriedt Larsen	3d46129bbf	Python: Remove intermediary steps from taint-test These were leftovers from old way of propagating taint	2023-11-23 10:40:25 +01:00
erik-krogh	dd1e71ace9	update the JS change notes to mention security severity instead of just severity	2023-11-23 10:28:22 +01:00
Paolo Tranquilli	ff529c34b4	Codegen: use `re.escape`	2023-11-23 09:37:44 +01:00
Yunus AYDIN	ca56b0157d	Merge branch 'github:main' into main	2023-11-22 22:56:23 +03:00
Jeroen Ketema	257fe1ad6b	Merge pull request #14801 from jketema/rewrite-tainted-format-string C++: Rewrite `cpp/tainted-format-string` away from `DefaultTaintTracking`	2023-11-22 17:55:36 +01:00
Owen Mansel-Chan	a130c0f6b3	Merge branch 'main' into main	2023-11-22 16:50:41 +00:00
Pierre	98ddbe0d83	Merge pull request #14880 from github/geoffw0-patch-2	2023-11-22 17:31:44 +01:00

1 2 3 4 5 ...

61231 Commits