hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-24 10:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,830 Commits 1,693 Branches 161 Tags
74ce7cd188d45ff8eac3ea0fc6b21968dbe80b88
Commit Graph

81830 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
REDMOND\brodes
74ce7cd188 Crypto: Moving all data flow analyses to taint tracking. 2025-08-28 20:40:05 -04:00
REDMOND\brodes
7c8177de97 Crypto: Added missing ArtifactPassthrough.qll (forgot to add to merged in branch). Acronym casing fix. 2025-08-26 17:12:21 -04:00
Ben Rodes
73b3398b46 Merge pull request #2 from bdrodes/signature_model_refactor_experimental 
Signature model refactor experimental
 2025-08-26 17:05:01 -04:00
REDMOND\brodes
938b47c2ad Crypto: Debug missing hashes associated with HMAC. EVP_PKEY_get1_RSA is now just a passthrough, it is not a known implicit operation call. Some final operations generating null outputs are now removed from possible final operartions (typically used to determine buffer lenghth and not actually performing the operation). Misc. false positive/error fixes and code clean up, and added missing models. 2025-08-26 16:07:04 -04:00
REDMOND\brodes
422352c632 Crypto: Continued refactoring of operation steps and bug fixes. 2025-08-26 11:49:26 -04:00
REDMOND\brodes
48dc280e6c Crypto: Fix issue with OAEP padding edges regressing. 2025-08-26 08:51:52 -04:00
REDMOND\brodes
5d29240f27 Crypto: OperationStep overhaul to account for errors and missing interproc flow. 2025-08-25 16:59:09 -04:00
REDMOND\brodes
b7ceeb399f Crypto: nodes.expected update and removed dead code from Language.qll 2025-08-22 14:50:31 -04:00
REDMOND\brodes
ec7e41cb30 Crypto: Fixed issues in CBOM representations (gaps in the underlying model) and simplified unit tests in terms of the graph complexity to aid visual assessments of model correctness. 2025-08-21 15:05:45 -04:00
Ben Rodes
65ff72719e Merge branch 'main' into signature_model_refactor 2025-08-20 12:34:06 -04:00
Paolo Tranquilli
fd7668d94a Merge pull request #20251 from github/redsun82/rust-remove-warning 
Rust: update README to remove experimental warning
 2025-08-20 10:12:19 +02:00
Michael Nebel
3e03728ffe Merge pull request #20244 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2025-08-20 08:55:48 +02:00
github-actions[bot]
e74116b347 Add changed framework coverage reports 2025-08-20 00:23:14 +00:00
Paolo Tranquilli
65e5ded80d Rust: update README to remove experimental warning 2025-08-19 16:02:45 +02:00
Geoffrey White
963e028645 Merge pull request #20238 from geoffw0/scinit 
Rust: Update StreamCipherInit to use getCanonicalPath.
 2025-08-19 13:18:10 +01:00
Mathias Vorreiter Pedersen
ea8d766ae8 Merge pull request #20242 from MathiasVP/fprintf-partial-flow 
C++: Mark the write to `fprintf`'s 0'th argument as partial
 2025-08-19 13:43:22 +02:00
Geoffrey White
401315c4f5 Update rust/ql/lib/codeql/rust/frameworks/rustcrypto/RustCrypto.qll 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2025-08-19 09:22:53 +01:00
Tom Hvitved
4684ac1ed9 Merge pull request #20191 from hvitved/rust/path-resolution-successor-kind 
Rust: Distinguish internal/external items in path resolution
 2025-08-19 10:20:05 +02:00
Anders Schack-Mulligen
a8f394fedb Merge pull request #20237 from aschackmull/guards/nullguard-caching 
Guards: Cache nullGuard predicate.
 2025-08-19 09:51:31 +02:00
Geoffrey White
9f04de859f Rust: Update test results following merge. 2025-08-19 08:50:23 +01:00
Geoffrey White
ab49c33915 Merge branch 'main' into scinit 2025-08-19 08:50:12 +01:00
Tom Hvitved
e6150e2079 Merge pull request #20243 from hvitved/rust/canonical-path-transitive-deps 
Rust: Take transitive dependencies into account when computing canonical paths
 2025-08-19 09:46:53 +02:00
Tom Hvitved
60b2cf6638 Rust: Take transitive dependencies into account when computing canonical paths 2025-08-18 22:02:44 +02:00
Tom Hvitved
5a69845485 Rust: Elaborate QL doc 2025-08-18 21:31:37 +02:00
Geoffrey White
bf33d1b870 Rust: Make a couple of new imports private. 2025-08-18 18:51:33 +01:00
Geoffrey White
fdec780921 Rust: Accept consistency .expected changes. 2025-08-18 18:42:06 +01:00
Geoffrey White
402e901811 Merge branch 'main' into scinit 2025-08-18 18:35:03 +01:00
Mathias Vorreiter Pedersen
af00e46fc8 C++: Mark fprintf and friends as a partial write of the stream argument. 2025-08-18 18:15:14 +02:00
Mathias Vorreiter Pedersen
6a57da79de C++: Add a test with missing flow. 2025-08-18 18:12:52 +02:00
Mathias Vorreiter Pedersen
4551875e2e C++: Drive-by improvement: Use 'partialFlowFunc' since it is in scope anyway. 2025-08-18 18:10:35 +02:00
Tom Hvitved
f1ca0ecc3c Merge pull request #20233 from hvitved/rust/remove-tc 
Rust: Remove TC from `ImplTraitTypeRepr.isInReturnPos`
 2025-08-18 14:46:26 +02:00
Ian Lynagh
fd020b52e4 Merge pull request #20232 from igfoo/igfoo/SloppyGlobal 
C++: SloppyGlobal: Don't alert on template instantiations, only the template
 2025-08-18 11:39:30 +01:00
Tom Hvitved
299ccb68f5 Merge pull request #20230 from hvitved/cfg/standard-tree-skip-non-tree-children 
Shared: Skip non-CFG children in `StandardTree`
 2025-08-18 12:13:31 +02:00
Geoffrey White
4eea4431b5 Merge pull request #20222 from geoffw0/pathbuf 
Rust: Add a type inference test case resembling PathBuf.canonicalize.
 2025-08-18 11:06:41 +01:00
Anders Schack-Mulligen
877d397eb9 Merge pull request #20228 from 5idg5/java/data-extensions-change 
Add data extensions for remote tainted sources
 2025-08-18 11:26:38 +02:00
Geoffrey White
a9650e02ca Rust: Add a slightly simpler / more explicit test case. 2025-08-18 10:20:30 +01:00
Anders Schack-Mulligen
e17382d179 Guards: Cache nullGuard predicate. 2025-08-18 11:09:11 +02:00
Nora Dimitrijević
f1b55641e1 Merge pull request #20073 from d10c/d10c/diff-informed-phase-3-cpp 
C++: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-18 09:41:38 +02:00
Nora Dimitrijević
4199859eaa Merge pull request #20079 from d10c/d10c/diff-informed-phase-3-python 
Python: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-18 09:33:57 +02:00
Napalys Klicius
b19d1e0f57 Merge pull request #20151 from Napalys/js/command-line-libs 
JS: Enhance command injection detection for CLI argument parsing libraries
 2025-08-18 09:32:29 +02:00
Napalys Klicius
b2346183d6 Merge pull request #20148 from Napalys/js/reg-exp-env-variable-threat-model 
JS: Exclude environment variables from `js/regex-injection` query by default
 2025-08-18 09:32:15 +02:00
Sid Gawri
d84e5319c3 changenote 2025-08-15 15:59:05 -04:00
Sid Gawri
e697e89171 Merge branch 'main' of https://github.com/5idg5/codeql into java/data-extensions-change 2025-08-15 15:50:12 -04:00
Nora Dimitrijević
bb9daa00c3 Merge pull request #20072 from d10c/d10c/diff-informed-phase-3-actions 
Actions: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-15 14:05:44 +02:00
Jeroen Ketema
84119baa50 Merge pull request #20223 from jketema/go-1.25-doc 
Go: Mention Go 1.25 as supported
 2025-08-15 13:47:40 +02:00
Ian Lynagh
0870cc370b C++: Add a changenote for the change to cpp/short-global-name 2025-08-15 12:09:37 +01:00
Ian Lynagh
3157fcdf79 C++: Add some BAD annotations to SloppyGlobal test 2025-08-15 12:07:09 +01:00
Tom Hvitved
1af6ddd8e3 Rust: Remove TC from ImplTraitTypeRepr.isInReturnPos 2025-08-15 12:45:13 +02:00
Ian Lynagh
bfd4c41ed9 C++: SloppyGlobal: Accept test changes 
We no longer alert on template instantiations, just the template.
 2025-08-15 11:24:19 +01:00
Nora Dimitrijević
0512940c0c Merge pull request #20075 from d10c/d10c/diff-informed-phase-3-go 
Go: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-15 12:23:53 +02:00