hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 05:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,809 Commits 1,742 Branches 166 Tags
7df45a9bb4582aca606ae6e044ca825c9799802f
Commit Graph

11809 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
3ec1f691c2 C++: First query with flow-paths through globals 2020-04-03 16:45:00 +02:00
Jonas Jensen
aaebe3687e C++: Fix copy-paste error in convertedExprNode 2020-04-03 16:37:23 +02:00
Jonas Jensen
469bdae9b2 C++: More helpful toString for def. by ref. node 2020-04-03 16:37:23 +02:00
Jonas Jensen
36da2d1dae C++: Manipulate the source end of paths too 
Without this, we get duplicate alerts in some cases and
unnatural-looking source nodes in other cases. The source nodes were
often `Conversion`s.
 2020-04-03 16:37:23 +02:00
Jonas Jensen
e916f07a8e C++: Formatting fixups 2020-04-03 15:52:13 +02:00
Jonas Jensen
427815d3d1 C++: taintedWithPath QLDoc + simplification 2020-04-03 15:52:13 +02:00
Jonas Jensen
3653627650 C++: Let configuration class extend singleton 2020-04-03 15:52:13 +02:00
Erik Krogh Kristensen
9c2053168b writing out the truth table for DotDotSlashPrefixRemovingReplace 2020-04-03 15:46:47 +02:00
semmle-qlci
676da02118 Merge pull request #3192 from asger-semmle/js/missing-await-not-delete 
Approved by esbena
 2020-04-03 13:21:48 +01:00
Shati Patel
a93aafcab5 Merge pull request #3194 from shati-patel/50-intro-to-ql 
Docs: Include "Introduction to QL" in tutorial topic
 2020-04-03 12:12:00 +01:00
Tom Hvitved
4e2d6c0250 C#: Add missing QL doc 2020-04-03 12:45:56 +02:00
Mathias Vorreiter Pedersen
c54cddead1 C++: Include PrintValueNumbering in testcase 2020-04-03 12:42:06 +02:00
Calum Grant
adde52d33c C#: Add missing files 2020-04-03 11:22:50 +01:00
Jonas Jensen
16c7a35b1c Merge pull request #3195 from geoffw0/taintstring 
C++: Model taint flow through std::string constructor and c_str()
 2020-04-03 12:05:07 +02:00
Erik Krogh Kristensen
94751c1b31 dst can be relative for "../" replace call 2020-04-03 11:08:31 +02:00
Calum Grant
6a26a6542a C#: Remove a function. 2020-04-03 09:42:25 +01:00
semmle-qlci
dc774e0eac Merge pull request #3166 from erik-krogh/DeadLocal 
Approved by asgerf
 2020-04-03 09:36:20 +01:00
Tom Hvitved
08fbd1d2ad C#: Update change notes 2020-04-03 10:25:46 +02:00
Geoffrey White
73bfd819d9 C++: Rename classes. 2020-04-03 09:23:31 +01:00
Geoffrey White
1bcf187c3e C++: Rename Strings.qll -> StdString.qll. 2020-04-03 09:17:33 +01:00
Mathias Vorreiter Pedersen
1e73528102 C++/C#: Add synchronization 2020-04-03 10:08:00 +02:00
Mathias Vorreiter Pedersen
0b12c1519b C++/C#: Sync identical files 2020-04-03 10:06:37 +02:00
Mathias Vorreiter Pedersen
0f70944a5b C++: Move ValueNumberPropertyProvider into its own file to prevent accidental imports 2020-04-03 09:55:41 +02:00
Erik Krogh Kristensen
e46cde17a1 add a "../" removing taint-step for js/path-injection 2020-04-03 09:42:05 +02:00
Shati Patel
b267df0077 Address review comments + make article intro consistent with map topic 2020-04-03 00:02:14 +01:00
Robert Marsh
a8e191248e Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Merge IR SSA test additions
 2020-04-02 15:30:20 -07:00
Asger Feldthaus
ffbbdd7779 JS: Autoformat 2020-04-02 23:04:24 +01:00
Asger Feldthaus
93971e9433 JS: Make local flow not depend on SourceNode 2020-04-02 23:03:29 +01:00
Asger Feldthaus
346867f425 JS: Remove Import->SourceNode dependency from AMD 2020-04-02 23:03:29 +01:00
Asger Feldthaus
3804d3fcfd JS: Remove Import->SourceNode dependency from lazy cache 2020-04-02 23:03:20 +01:00
Robert Marsh
fd915bb5b1 C++: fix join order in IR virtual dispatch 2020-04-02 14:56:11 -07:00
Calum Grant
9481fada51 C#: Address review comments. 2020-04-02 20:29:45 +01:00
Geoffrey White
c9ec30fa2a C++: Update use of deprecated methods. 2020-04-02 19:49:42 +01:00
Geoffrey White
e9132d833c C++: Autoformat. 2020-04-02 19:49:42 +01:00
Geoffrey White
ab716ebe75 C++: Change note. 2020-04-02 19:49:42 +01:00
Geoffrey White
73171682b7 C++: Switch to taint flow as suggested in the old PR. 2020-04-02 19:49:41 +01:00
Geoffrey White
b14b52d0ac C++: Add models for std::string (as in old PR). 2020-04-02 19:49:41 +01:00
Geoffrey White
69f6790c83 C++: Add a test of taint through std::strings, based on the one in the old PR. 2020-04-02 19:49:31 +01:00
Rebecca Valentine
712fb8badc Python: ObjectAPI to ValueAPI: IterReturnsNonSelf: Autoformats 2020-04-02 09:19:41 -07:00
Shati Patel
26f15b8978 Include "Introduction to QL" in tutorial topic 2020-04-02 17:19:29 +01:00
Rebecca Valentine
cdda80623d Merge branch 'master' into python-objectapi-to-valueapi-iterreturnsnonself 2020-04-02 09:16:23 -07:00
Jonas Jensen
604731ba6b Merge pull request #3171 from MathiasVP/init-dynamic-alloc-newexpr 
C++: Emit InitializeDynamicAllocation instructions for NewExpr and NewArrayExpr
 2020-04-02 17:37:05 +02:00
Mathias Vorreiter Pedersen
e2908eaf63 C++: Add comment explaining why we can split call and allocation side effects 2020-04-02 15:11:13 +02:00
Mathias Vorreiter Pedersen
a273917e51 Merge branch 'master' into init-dynamic-alloc-newexpr 2020-04-02 14:11:03 +02:00
Jonas Jensen
4825774ce2 Merge pull request #3173 from geoffw0/opnew 
C++: Support operator new and operator delete in models library
 2020-04-02 14:01:10 +02:00
Anders Schack-Mulligen
01157e43e3 Merge pull request #2899 from p-/cwe-036 
Java: Calling openStream on URLs created from remote source can lead to file disclosure
 2020-04-02 13:55:06 +02:00
Asger Feldthaus
8f930fc3e6 JS: Remove recursive SourceNode from AngularJS 2020-04-02 12:25:33 +01:00
Asger Feldthaus
ee106b1103 JS: Remove tautological SourceNode::Range subclasses 2020-04-02 12:21:17 +01:00
semmle-qlci
6757924183 Merge pull request #3157 from tausbn/python-fix-analysis-qhelp-link 
Approved by felicitymay
 2020-04-02 11:43:15 +01:00
Asger Feldthaus
3a9d047cf5 JS: Ignore delete expressions in js/missing-await 2020-04-02 11:35:09 +01:00