hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
83,766 Commits 1,741 Branches 165 Tags
820d8e76c44dc4dd4b22be36c61275629d22e38f
Commit Graph

83766 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Taus
820d8e76c4 Python: Remove points-to from Module 2025-10-30 13:59:30 +00:00
Taus
b93ce98612 Python: Remove points-to from Expr 2025-10-30 13:58:59 +00:00
Taus
b434ce460e Python: Get rid of getLiteralValue 
This had only two uses in our libraries, so I simply inlined the
predicate body in both places.
 2025-10-30 13:30:04 +00:00
Taus
fef08afff9 Python: Remove points-to to from ControlFlowNode 
Moves the existing points-to predicates to the newly added class
`ControlFlowNodeWithPointsTo` which resides in the `LegacyPointsTo`
module.

(Existing code that uses these predicates should import this module, and
references to `ControlFlowNode` should be changed to
`ControlFlowNodeWithPointsTo`.)

Also updates all existing points-to based code to do just this.
 2025-10-30 13:30:04 +00:00
yoff
4461be180a Merge pull request #19539 from yoff/java/conflicting-access 2025-10-28 20:37:44 +01:00
Tom Hvitved
f2380d3ef1 Merge pull request #20612 from hvitved/rust/type-inference-blanket-non-satisfaction 
Rust: Compute incompatible blanket implementations
 2025-10-28 14:00:55 +01:00
Nora Dimitrijević
727bddea19 Merge pull request #20607 from d10c/d10c/update-diff-informed-testing 
Update diff-informed testing to always treat sources and sinks as alert locations
 2025-10-28 11:52:31 +01:00
Tom Hvitved
409f7fb743 Address review comments 2025-10-28 11:48:45 +01:00
Nora Dimitrijević
a0975e7e19 Constrain location overrides to actual sources/sinks 2025-10-28 09:42:20 +01:00
Nora Dimitrijević
96e1536769 C++/SqlTainted 2025-10-28 09:42:17 +01:00
Nora Dimitrijević
8e0c453c37 Rust/InsecureCookie 2025-10-28 09:42:14 +01:00
Nora Dimitrijević
4952cb27fb Rust/AccessAfterLifetime 2025-10-28 09:42:11 +01:00
Nora Dimitrijević
0f0bd0f455 Go/SSRF 
go/ql/src/experimental/CWE-918/SSRF.ql
 2025-10-28 09:42:09 +01:00
Nora Dimitrijević
d41268fc84 Go/UnhandledCloseWritableHandle 2025-10-28 09:42:06 +01:00
Nora Dimitrijević
ec63547925 C++/UseOfHttp 2025-10-28 09:42:03 +01:00
Nora Dimitrijević
a65d4d5997 C++/TaintedAllocationSize 2025-10-28 09:42:01 +01:00
Nora Dimitrijević
f3d51e0151 C++/ArithmeticUncontrolled 2025-10-28 09:41:57 +01:00
Nora Dimitrijević
1321cbb021 C++/DecompressionBombs 2025-10-28 09:41:55 +01:00
Nora Dimitrijević
bbe2bf2b7f C++/CleartextTransmission 2025-10-28 09:41:52 +01:00
Nora Dimitrijević
b0180409f4 C++/CleartextFileWrite 2025-10-28 09:41:49 +01:00
Nora Dimitrijević
d89aa0f19d C++/CleartextBufferWrite 2025-10-28 09:41:46 +01:00
Nora Dimitrijević
17b261a506 C++/AuthenticationBypass 2025-10-28 09:41:43 +01:00
Nora Dimitrijević
0ed27f4e81 C++/CleartextSqliteDatabase 2025-10-28 09:41:40 +01:00
Nora Dimitrijević
f7a1a4cf75 C++/NonConstantFormat 2025-10-28 09:41:38 +01:00
Nora Dimitrijević
2756e8255f C++/UnboundedWrite 2025-10-28 09:41:35 +01:00
Nora Dimitrijević
a4ac0392a6 C++/OverflowDestination 2025-10-28 09:41:32 +01:00
Nora Dimitrijević
65d79ff6fc C++/ExecTainted 2025-10-28 09:41:29 +01:00
Nora Dimitrijević
464f6cb096 C++/ConstantSizeArrayOffByOne 2025-10-28 09:41:26 +01:00
Nora Dimitrijević
974d174757 Actions/CodeInjectionQuery 
actions/ql/src/Security/CWE-094/CodeInjectionMedium.ql

actions/ql/src/Security/CWE-094/CodeInjectionCritical.ql
 2025-10-28 09:41:24 +01:00
Nora Dimitrijević
62fde8f6e7 Actions/ArgumentInjectionQuery 
actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionCritical.ql

actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionMedium.ql
 2025-10-28 09:41:21 +01:00
Nora Dimitrijević
c40223319c Actions/EnvVarInjectionQuery 
actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.ql

actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.ql
 2025-10-28 09:41:18 +01:00
Nora Dimitrijević
edc72d29d7 Actions/EnvPathInjectionQuery 
actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.ql

actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.ql
 2025-10-28 09:41:16 +01:00
Nora Dimitrijević
1f53ffbdd7 Actions/ArtifactPoisoningQuery 
actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.ql

actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.ql
 2025-10-28 09:41:13 +01:00
Nora Dimitrijević
8a750b3125 Swift/UnsafeUnpackQuery 
swift/ql/src/experimental/Security/CWE-022/UnsafeUnpack.ql
 2025-10-28 09:41:10 +01:00
Nora Dimitrijević
895bd93062 Swift/UnsafeJsEvalQuery 
swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
 2025-10-28 09:41:08 +01:00
Nora Dimitrijević
cd86e7d6f5 Swift/StringLengthConflationQuery 
swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
 2025-10-28 09:41:05 +01:00
Nora Dimitrijević
5a6f731ab7 Swift/StaticInitializationVectorQuery 
swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
 2025-10-28 09:41:02 +01:00
Nora Dimitrijević
7ba7c435f2 Swift/InsufficientHashIterationsQuery 
swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql
 2025-10-28 09:41:00 +01:00
Nora Dimitrijević
6c52d4ba91 Swift/ConstantPasswordQuery 
swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
 2025-10-28 09:40:57 +01:00
Nora Dimitrijević
c190fae737 Swift/CleartextStoragePreferencesQuery 
swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql
 2025-10-28 09:40:54 +01:00
Nora Dimitrijević
2332cea330 Swift/CleartextStorageDatabaseQuery 
swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql
 2025-10-28 09:40:51 +01:00
Nora Dimitrijević
462d8c5dc4 Shared: update qldoc 2025-10-28 09:40:48 +01:00
Nora Dimitrijević
6ede0a7950 Ruby/WeakFilePermissions 2025-10-28 09:40:46 +01:00
Nora Dimitrijević
495be51ae7 Ruby/WeakParams 2025-10-28 09:40:43 +01:00
Nora Dimitrijević
50f2540db1 Ruby/ManuallyCheckHttpVerb 2025-10-28 09:40:41 +01:00
Nora Dimitrijević
6519bd9909 Ruby/PolynomialReDoSQuery 
ruby/ql/src/queries/security/cwe-1333/PolynomialReDoS.ql
 2025-10-28 09:40:38 +01:00
Nora Dimitrijević
1ff24cbee8 Python/LdapInsecureAuth 
python/ql/src/experimental/Security/CWE-522/LdapInsecureAuth.ql
 2025-10-28 09:40:35 +01:00
Nora Dimitrijević
998de144ea Python/CorsBypass 2025-10-28 09:40:32 +01:00
Nora Dimitrijević
4bc9ede2e8 Python/UnsafeUsageOfClientSideEncryptionVersion 2025-10-28 09:40:30 +01:00
Nora Dimitrijević
6d57316862 Python/UnsafeUnpackQuery 
python/ql/src/experimental/Security/CWE-022bis/UnsafeUnpack.ql
 2025-10-28 09:40:27 +01:00