hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-07 11:40:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,762 Commits 1,676 Branches 157 Tags
6979c394fe8f3c494b0e930773b00aebc26d7879
Commit Graph

14762 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alessio Della Libera
6979c394fe Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-08-26 02:08:18 +02:00
Alessio Della Libera
355c7bc3b5 Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-08-26 02:08:08 +02:00
ubuntu
3e97ec85b2 Add CodeQL to detect LDAP Injection in JS 2020-08-23 15:24:29 +02:00
Jonas Jensen
768e5190a1 Merge pull request #4080 from geoffw0/split 
C++: Split test file stl.cpp
 2020-08-14 15:59:46 +02:00
Geoffrey White
89c2b6dc4b Merge remote-tracking branch 'upstream/master' into split 2020-08-14 14:03:34 +01:00
CodeQL CI
e9a36b2524 Merge pull request #4062 from tausbn/python-fix-unknown-import-star 
Approved by yoff
 2020-08-14 13:17:45 +01:00
Taus
8cbd4974ae Merge pull request #3981 from yoff/SharedDataflow_Classes 
Python: Dataflow, test magic methods
 2020-08-14 12:45:55 +02:00
Jonas Jensen
e01e702f46 Merge pull request #4060 from bgianfo/patch-1 
C++: Detect GoogleTest tests cases in FNumberOfTests.ql
 2020-08-14 12:42:12 +02:00
Rasmus Lerchedahl Petersen
9556937840 Python: address review comments 2020-08-14 11:29:58 +02:00
yoff
8d49ad7325 Update python/ql/test/experimental/dataflow/coverage/datamodel.py 
Co-authored-by: Taus <tausbn@github.com>
 2020-08-14 10:53:37 +02:00
yoff
4b336e9b01 Update python/ql/test/experimental/dataflow/coverage/classes.py 
Co-authored-by: Taus <tausbn@github.com>
 2020-08-14 10:53:10 +02:00
CodeQL CI
82f9826966 Merge pull request #4044 from aschackmull/java/xsssink-printwriter-format 
Approved by aibaars
 2020-08-14 08:34:48 +01:00
Robert Marsh
ed06604b46 Merge pull request #4045 from geoffw0/plus 
C++: Model more of std::string in models.
 2020-08-13 16:59:47 -04:00
Brian Gianforcaro
a6bcbe7974 C++: Detect GoogleTest tests cases in FNumberOfTests.ql 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-08-13 12:06:00 -07:00
Geoffrey White
498b350add Merge remote-tracking branch 'upstream/master' into plus 2020-08-13 18:21:28 +01:00
Geoffrey White
a839f1fae5 C++: Split off stringstream.cpp. 2020-08-13 18:17:24 +01:00
Geoffrey White
49d2f66ddb C++: Tidy up sources and sinks. 2020-08-13 18:08:58 +01:00
Geoffrey White
f343eb9143 C++: Split stl.cpp into string.cpp and vector.cpp. 2020-08-13 18:04:46 +01:00
Geoffrey White
5d7f771933 C++: Split off stl.h from stl.cpp. 2020-08-13 18:04:45 +01:00
Robert Marsh
de87f8fc42 Merge pull request #4057 from geoffw0/sal 
C++: SAL.qll QLDoc and cleanup
 2020-08-13 12:33:52 -04:00
Geoffrey White
93f95b1c22 Merge pull request #4053 from jbj/SimpleRangeAnalysis-mul 
C++: SimpleRangeAnalysis: unsigned multiplication
 2020-08-13 16:59:31 +01:00
Anders Schack-Mulligen
ecbbcc2f61 Merge pull request #4066 from Marcono1234/marcono1234/simplify-VarAccess-isLValue 
[Java] Simplify VarAccess.isLValue()
 2020-08-13 16:40:28 +02:00
Geoffrey White
7349333006 C++: Taint through char append. 2020-08-13 15:13:47 +01:00
Geoffrey White
3c0e7a709f C++: Add a test of append with CharT. 2020-08-13 14:52:34 +01:00
Geoffrey White
732a8fa4c9 C++: Add another member function. 2020-08-13 14:52:34 +01:00
CodeQL CI
6c60589dbd Merge pull request #4063 from erik-krogh/noJsMsg 
Approved by esbena
 2020-08-13 14:02:18 +01:00
Anders Schack-Mulligen
3469ad7ca6 Merge pull request #3600 from luchua-bc/java-sensitive-log4j2-logging 
Add Log4J 2 and a new search string secret
 2020-08-13 13:35:52 +02:00
Marcono1234
cca2d9d825 Simplify VarAccess.isLValue() 2020-08-13 13:12:57 +02:00
Erik Krogh Kristensen
2c7bb8c51f adjust error message when files have been found while extracting 2020-08-13 11:18:27 +02:00
Taus Brock-Nannestad
a1a1218f95 Python: Ignore from foo import * when foo is absent. 2020-08-13 10:50:28 +02:00
Taus Brock-Nannestad
dc5c0f8e7a Python: Add test case for missing modules 2020-08-13 10:49:11 +02:00
Geoffrey White
f5abf74e0f Update cpp/ql/src/Microsoft/SAL.qll 
Co-authored-by: Robert Marsh <rdmarsh2@gmail.com>
 2020-08-13 09:05:22 +01:00
Anders Schack-Mulligen
8891ae70b6 Merge pull request #3938 from lcartey/java/untrusted-data-to-external-api 
Java: Untrusted data used in external APIs
 2020-08-13 09:53:57 +02:00
Jonas Jensen
5e5a112c36 C++: Change note 2020-08-13 08:37:13 +02:00
Geoffrey White
2655616a0a C++: Autoformat. 2020-08-12 16:59:15 +01:00
Geoffrey White
9719da8643 C++: Move a class that looks like it's intended to be public (and is used outside of the library) above the 'Implementation details' threshold. 2020-08-12 16:58:50 +01:00
Geoffrey White
d444778535 C++: Make a few things in SAL.qll private where it looks like that was intended (and they're not used outside the file). 2020-08-12 16:57:43 +01:00
Geoffrey White
aa6cb51bba C++: QLDoc SAL.qll. 2020-08-12 16:55:26 +01:00
lcartey@github.com
6f83c55ebd Java: Switch to low as a precision 
Code Scanning doesn't support "very-low"
 2020-08-12 13:48:59 +01:00
CodeQL CI
66541f260b Merge pull request #4012 from erik-krogh/getId 
Approved by asgerf, esbena
 2020-08-12 13:28:18 +01:00
Luke Cartey
56ff8cf084 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-08-12 13:12:06 +01:00
CodeQL CI
aa9dfa0d6f Merge pull request #4039 from intrigus-lgtm/patch-3 
Approved by erik-krogh
 2020-08-12 13:07:22 +01:00
Geoffrey White
b99ca60154 C++: Address review comments. 2020-08-12 12:56:28 +01:00
Jonas Jensen
b4679cb8cf C++: Autoformat fixup 2020-08-12 13:09:23 +02:00
Jonas Jensen
93d8d8eb1d C++: Demonstrate range analysis MulExpr bugs 
Unless these issues can be reproduced in far less contrived code, I
don't think they will cause problems in practice.
 2020-08-12 12:10:23 +02:00
lcartey@github.com
6b6172fa5b Java: ExternalAPIs: Further review comments 
- Extra qldoc
 - Remove unnecessary module
 2020-08-12 09:21:14 +01:00
Jonas Jensen
1ee96a4b4f C++: SimpleRangeAnalysis: unsigned multiplication 2020-08-12 10:03:04 +02:00
Robert Marsh
e80cc63219 Merge pull request #3861 from dilanbhalla/privatedata 
C++: Private Data File/Buffer Writes
 2020-08-11 15:49:31 -04:00
Geoffrey White
a655124213 C++: I think this is more correct. 2020-08-11 17:28:31 +01:00
Geoffrey White
50558257fc C++: Change note. 2020-08-11 17:05:49 +01:00