codeql

mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00

Author	SHA1	Message	Date
Tony Torralba	6bf1e87bbe	Remove CSV sinks; make imports private	2021-09-27 11:40:47 +02:00
Tony Torralba	91f46624b6	Refactor SpelInjection.qll	2021-09-27 11:40:26 +02:00
Tony Torralba	94f32d2985	Decouple SpelInjection.qll to reuse the taint tracking configuration	2021-09-27 11:39:30 +02:00
Tony Torralba	569426b04e	Consider subtypes of Expression and ExpressionParser Add parseRaw as additional taint step	2021-09-27 11:38:12 +02:00
Tony Torralba	b0852f6c16	Add change note	2021-09-27 11:37:46 +02:00
Tony Torralba	b985ddb868	Use InlineExpectationsTest	2021-09-27 11:37:41 +02:00
Tony Torralba	079769ed2e	Refactored SpelInjection.qll to use CSV sink models	2021-09-27 11:36:56 +02:00
Tony Torralba	fc6af0476f	Moved from experimental	2021-09-27 11:36:48 +02:00
Anders Fugmann	03bd7d7f96	C++: Update test results from OverflowStatic	2021-09-27 11:23:08 +02:00
Anders Schack-Mulligen	92ffd8c465	Merge pull request #6749 from aschackmull/java/istextblock Java: Add StringLiteral.isTextBlock().	2021-09-27 10:54:31 +02:00
Jonas Jensen	b0836a620c	Merge pull request #6757 from geoffw0/impropnulltest2 C++: Small improvement to cpp/improper-null-termination	2021-09-27 10:52:49 +02:00
Jonas Jensen	06b36f742e	Merge pull request #6745 from andersfugmann/handle_overflow_for_upperbound C++: Handle overflow for upperbound codeql-cli/v2.6.3	2021-09-27 10:32:49 +02:00
James Fletcher	c977cfe40a	Merge pull request #6754 from github/update-link Update one more link in the QL training content	2021-09-27 08:33:42 +01:00
Anders Fugmann	e0921ac983	C++: Increase precision of cpp/static-buffer-overflow to high	2021-09-27 09:06:36 +02:00
Geoffrey White	7e7dfe2cc4	C++: Understand format arguments.	2021-09-24 19:25:43 +01:00
Geoffrey White	91a8b9fdd9	C++: Add suggested test (and a good variant).	2021-09-24 18:34:28 +01:00
Alexander Eyers-Taylor	8debae1a3b	Merge pull request #6753 from github/aibaars/fix-typo Fix typo in language spec	2021-09-24 17:21:14 +01:00
Rasmus Wriedt Larsen	547cbb6322	Merge pull request #6331 from porcupineyhairs/pythonXpath Python : Improve Xpath Injection Query	2021-09-24 18:11:08 +02:00
james	1adc5c2a5b	update links correctly	2021-09-24 17:00:59 +01:00
Geoffrey White	6901d9d9c2	C++: Add and use getRemoteSocket predicates.	2021-09-24 15:16:48 +01:00
Geoffrey White	9f59bc8f7b	C++: Naive translation to use RemoteFlow*Function.	2021-09-24 15:12:14 +01:00
Rasmus Wriedt Larsen	d39df18544	Python: Minor test cleanup	2021-09-24 16:11:27 +02:00
james	e664711f47	make links to slide decks relative	2021-09-24 14:56:48 +01:00
Arthur Baars	7d3a219f63	Fix typo in language spec Thanks to https://github.com/github/codeql/issues/6750	2021-09-24 15:47:09 +02:00
james	23e4ad1abb	update one more link	2021-09-24 14:46:14 +01:00
Geoffrey White	3e1bc66984	Merge pull request #6733 from MathiasVP/fix-qldoc-in-initialize-dynamic-allocation-instruction C++/C#: Fix QLDoc on `InitializeDynamicAllocationInstruction`.{`getAllocationAddressOperand` and `getAllocationAddress`}	2021-09-24 14:30:03 +01:00
alexet	49f8f46354	Java: Cache params string computation.	2021-09-24 14:12:26 +01:00
Rasmus Wriedt Larsen	26d2fbd217	Python: Fix new XPath injection query Fixes the typo `ETXpath` => `ETXPath`	2021-09-24 15:11:34 +02:00
Rasmus Wriedt Larsen	913a679ef5	Python: Replace old XPath injection query	2021-09-24 15:10:41 +02:00
Anders Peter Fugmann	aebde189f8	C++: Apply peer review suggestion Co-authored-by: Jonas Jensen <jbj@github.com>	2021-09-24 15:09:23 +02:00
Anders Schack-Mulligen	66c206cc61	Merge pull request #6747 from bmuskalla/organizeUtils Java: Organize `utils` into separate directories	2021-09-24 15:05:51 +02:00
Rasmus Wriedt Larsen	c9640ffdbc	Python: Minor adjustments to XPath Injection	2021-09-24 15:02:39 +02:00
Mathias Vorreiter Pedersen	24214002a1	C#/C++: Sync identical files.	2021-09-24 13:13:09 +01:00
Mathias Vorreiter Pedersen	eba1b0bc15	Respond to review comments.	2021-09-24 13:12:58 +01:00
Rasmus Wriedt Larsen	289660067c	Merge branch 'main' into pythonXpath	2021-09-24 13:53:38 +02:00
Anders Schack-Mulligen	854f2a046a	Java: Add StringLiteral.isTextBlock().	2021-09-24 13:11:18 +02:00
Mathias Vorreiter Pedersen	69541d3628	Merge pull request #6744 from rdmarsh2/rdmarsh2/dtt-subpath C++: add subpaths to DefaultTaintTracking	2021-09-24 11:58:31 +01:00
Benjamin Muskalla	70e1724463	Exclude methods with non-public parameter types	2021-09-24 12:41:12 +02:00
Anders Fugmann	cbdabe35de	C++: Update test results to reflect changes	2021-09-24 12:29:28 +02:00
Anders Fugmann	c9c41252e3	C++: Update test results in SimpleRangeAnalysis	2021-09-24 12:23:48 +02:00
Anders Fugmann	3437cf2909	C++: only use upperbound if there are no overflows in the guard	2021-09-24 11:46:58 +02:00
Anders Fugmann	d7afd86a27	C++: Add test case exposing problem with overflows for upperBound predicate	2021-09-24 11:44:05 +02:00
Benjamin Muskalla	38ca5aba98	Move test generator into subdirectory	2021-09-24 11:13:04 +02:00
Benjamin Muskalla	4e6a8d991e	Move stub generator into subdirectory	2021-09-24 11:12:41 +02:00
Benjamin Muskalla	cb0a567c03	Merge pull request #6743 from github/workflow/coverage/update Update CSV framework coverage reports	2021-09-24 09:23:35 +02:00
Anders Fugmann	032ac50034	C++: Do not warn on static buffer overflow using loop counters, if the loop counter has been widened	2021-09-24 08:31:36 +02:00
Anders Fugmann	3e5f7d0db5	C++: using buildin offsetof for an array member indexed after end is legal	2021-09-24 08:31:35 +02:00
Anders Fugmann	b08eabec68	C++: Relax predicate memberMayBeVarSize to mark all members of size 0 or 1 as variable sized	2021-09-24 08:31:35 +02:00
Anders Fugmann	a4a9e2aa96	C++: Weaken wording on overflow static alert text	2021-09-24 08:31:35 +02:00
Robert Marsh	3189c578a4	C++: Add QLDoc to subpaths in DefaultTaintTracking	2021-09-23 22:42:38 -07:00

... 3 4 5 6 7 ...

26594 Commits