hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,223 Commits 1,673 Branches 157 Tags
86d032e2ea8021ab7af9867d24bd135cba2d057c
Commit Graph

12223 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Calum Grant
86d032e2ea C#: Remove nullability warning by lifting local function. Warning seems to be caused by a compiler bug. 2020-04-29 15:21:43 +01:00
Nick Rolfe
55301b4b2f Merge pull request #3074 from matt-gretton-dann/codeql-c-extractor/50-char8_t 
Add support for C++20's char8_t type.
 2020-04-29 12:15:25 +01:00
Mathias Vorreiter Pedersen
8a1d96b313 Merge pull request #3374 from jbj/PartialDefinition-refactor 
C++: Refactor `PartialDefinition` charpred
 2020-04-29 13:03:40 +02:00
Jonas Jensen
de3fa8e68b Merge pull request #3337 from Cornelius-Riemenschneider/alloc-type 
C++: Allocation.qll: Provide getAllocatedElementType predicate for AllocationExprs.
 2020-04-29 11:55:02 +02:00
Anders Schack-Mulligen
b6a7ab8bf4 Merge pull request #3372 from aibaars/spring-multipart 
Java: add `org.springframework.web.multipart.MultipartFile::getX` as RemoteFlowSource
 2020-04-29 11:35:04 +02:00
Matthew Gretton-Dann
a6947e0296 C++: Complete support for char8_t 2020-04-29 10:18:13 +01:00
Matthew Gretton-Dann
c0d0f7862b C++: Add DB Upgrade script 2020-04-29 10:18:13 +01:00
Matthew Gretton-Dann
52670dd956 C++: Update expected test output. 2020-04-29 10:18:13 +01:00
Matthew Gretton-Dann
2d898af2fe C++: Add library support for char8_t type. 2020-04-29 10:18:13 +01:00
Matthew Gretton-Dann
79b3a995e9 C++: Add DB support for C++20's char8_t 2020-04-29 10:18:13 +01:00
semmle-qlci
62b7cbfdb4 Merge pull request #3377 from shati-patel/mergeback 
Approved by jf205
 2020-04-29 09:15:04 +01:00
Shati Patel
5c80cd5032 Merge branch 'rc/1.24' into mergeback 2020-04-29 08:05:53 +01:00
semmle-qlci
c104898694 Merge pull request #3376 from felicitymay/1.24/SD-57-update-url 
Approved by shati-patel
 2020-04-28 19:49:50 +01:00
Felicity Chapman
7af7e8b3b4 Update URL to new location 2020-04-28 18:18:54 +01:00
Jonas Jensen
796041af72 C++: Refactor PartialDefinition charpred 
This class used `newtype` for seemingly no reason. The new code is
shorter and should be faster as well.
 2020-04-28 17:10:25 +02:00
Arthur Baars
d7774788b3 Java: add Spring MultipartFile as RemoteFlowSource 2020-04-28 16:57:03 +02:00
Arthur Baars
ae2bab7e9c Add test case 2020-04-28 16:57:03 +02:00
Shati Patel
606360c5ed Merge pull request #3370 from shati-patel/sd-88 
Docs: Delete "Technical information" articles
 2020-04-28 14:58:28 +01:00
Shati Patel
0260202ded Merge pull request #3371 from shati-patel/typo 
Docs: Update link text
 2020-04-28 14:18:55 +01:00
Felicity Chapman
b80d22ca92 Merge pull request #3369 from felicitymay/1.24/SD-16-go-cookbook-link 
Add link to new Go cookbook space
 2020-04-28 14:15:43 +01:00
Shati Patel
e18357525f Fix link 2020-04-28 14:11:36 +01:00
Shati Patel
4d31291c01 Fix typo 
Update link text
 2020-04-28 14:04:23 +01:00
Shati Patel
9705e00676 Docs: Delete "Technical information" articles 2020-04-28 13:50:13 +01:00
Felicity Chapman
118c1c97b9 Add link to new Go cookbook space 2020-04-28 13:27:24 +01:00
Shati Patel
90cce2a2f4 Merge pull request #3367 from shati-patel/docs-links 
Docs: update outdated links
 2020-04-28 12:05:33 +01:00
Shati Patel
7a4b6a62d7 Update outdated links 2020-04-28 11:52:49 +01:00
Anders Schack-Mulligen
bc7163aa68 Merge pull request #3216 from aibaars/message-digest 
Java: teach Encryption.qll about MessageDigest.getInstance
 2020-04-28 11:41:53 +02:00
yo-h
97f4cb64ef Merge pull request #3349 from aschackmull/java/qldoc1 
Java: Improve qldoc coverage.
 2020-04-27 12:49:23 -04:00
Jonas Jensen
36221fe69a Merge pull request #3334 from MathiasVP/get-an-assigned-value-join-order 
C++: Fix join order in getAnAssignedValue
 2020-04-27 17:50:12 +02:00
jcreedcmu
12f264ca63 Merge pull request #3354 from dbartol/dbartol/Recommendation 
Recommend the CodeQL for VSCode extension
 2020-04-27 10:26:02 -04:00
Esben Sparre Andreasen
04b5a794f1 Merge pull request #3313 from esbena/js/typical-bad-sanitizer 
New query: Incomplete HTML attribute sanitization
 2020-04-27 14:31:13 +02:00
Mathias Vorreiter Pedersen
b1a94d8809 Merge branch 'master' into get-an-assigned-value-join-order 2020-04-27 14:11:30 +02:00
Tom Hvitved
d28c4fb0f5 Merge pull request #3202 from jbj/pathStep-join-unique 
Java/C++/C#: Use `unique` to improve join order fix
 2020-04-27 13:06:27 +02:00
Cornelius Riemenschneider
3f7d68178c Use stripTopLevelSpecifiers() to get the allocated element type for malloc(). 2020-04-27 12:46:14 +02:00
Cornelius Riemenschneider
92e8604fa1 Provide getAllocatedElementType predicate for AllocationExprs. 
This predicate tries to determine the type of the allocated elements of an allocation expression.
 2020-04-27 12:41:19 +02:00
Cornelius Riemenschneider
203315ae33 Assign malloc results in test to variables. 2020-04-27 12:40:35 +02:00
Esben Sparre Andreasen
c0250894de Apply suggestions from code review 
Co-Authored-By: mc <42146119+mchammer01@users.noreply.github.com>
 2020-04-27 12:37:39 +02:00
Geoffrey White
230e5a3a9a Merge pull request #3326 from Cornelius-Riemenschneider/alloc-size-mul 
C++: Allocation.qll: Analyze common pattern of malloc() invocations to provide more accurate getSizeMult()
 2020-04-27 11:18:54 +01:00
Jonas Jensen
20c956e0a9 Merge pull request #3320 from Semmle/rdmarsh/cpp/taint-tracking-util-port 
C++: move logic from DefaultTaintTracking into TaintTrackingUtil
 2020-04-27 11:34:03 +02:00
Taus
de08433bd3 Merge pull request #3212 from RasmusWL/python-fix-tests-filter 
Python: Fix (some) shortcomings of tests filter
 2020-04-27 11:26:35 +02:00
James Fletcher
73c29ec189 Merge pull request #3346 from jf205/sd-48 
Learn CodeQL docs: add note about path queries to data flow tutorials
 2020-04-27 09:12:51 +01:00
Cornelius Riemenschneider
a50d5b7c6a Accept changed test output. 2020-04-27 09:17:16 +02:00
Esben Sparre Andreasen
0a8e371b0e Update javascript/ql/src/Security/CWE-116/IncompleteHtmlAttributeSanitization.qhelp 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-04-27 09:09:26 +02:00
semmle-qlci
cbe417f5eb Merge pull request #3336 from erik-krogh/MoarJQuery 
Approved by esbena
 2020-04-25 15:17:55 +01:00
Arthur Baars
59869ace63 Java: teach Encryption.qll about MessageDigest.getInstance 
We already modelled usage of the protected `MessageDigest(String algo)`
constructor as a crypto algorithm specification. For some reason we did
not model the more commonly used public `MessageDigest.getInstance` method.
 2020-04-25 00:41:10 +02:00
Robert Marsh
4eea62cbde Merge pull request #3345 from Cornelius-Riemenschneider/openssl-allocators 
C++: Allocation.qll: Add support for openssl allocation/deallocation functions.
 2020-04-24 14:48:05 -07:00
Dave Bartolomeo
5e09d6d02d Tell GitHub to allow JSON files with comments 2020-04-24 14:04:05 -04:00
Dave Bartolomeo
5180b44e1e Recommend the CodeQL for VSCode extension 
I've added a `.vscode/extensions.json` file that will automatically recommend the CodeQL for Visual Studio Code extension to anyone who opens the repo in VS Code (without the extension already installed).
 2020-04-24 13:46:35 -04:00
Mathias Vorreiter Pedersen
38ebb81036 Merge pull request #3352 from jbj/SuspiciousAddWithSizeof-select 
C++: Speed up SuspiciousAddWithSizeof select
 2020-04-24 18:27:25 +02:00
Jonas Jensen
5917ce60b7 Merge pull request #3342 from dbartol/dbartol/SyncTask 
Add a VS Code task to run `sync-files.py`
 2020-04-24 16:42:44 +02:00