hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
12,591 Commits 1,741 Branches 165 Tags
8a0af0bcac06f606ef3fb76b6cc59475ccf91b6b
Commit Graph

12591 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
8a0af0bcac Merge pull request #3465 from MathiasVP/remove-abstract-from-access-and-cast 
C++: Remove abstract keyword from `Access` and `Cast` classes
 2020-05-15 12:25:34 +02:00
semmle-qlci
a536069059 Merge pull request #3408 from esbena/js/unsafe-html-expansion 
Approved by asgerf, mchammer01
 2020-05-15 08:24:12 +01:00
semmle-qlci
c06680a496 Merge pull request #3470 from asger-semmle/js/cache-module-import 
Approved by esbena
 2020-05-14 17:20:04 +01:00
Mathias Vorreiter Pedersen
fe682556bf Merge pull request #3475 from jbj/field-conflation-memcpy 
C++: Test field conflation with array in struct
 2020-05-14 17:53:32 +02:00
Dave Bartolomeo
efa133f0db Merge pull request #3463 from MathiasVP/fix-field-flow-annotation 
C++: Annotate field flow tests
 2020-05-14 10:49:27 -04:00
Jonas Jensen
49ebb3197a Merge pull request #3472 from geoffw0/paramstring 
C++: Improve getParameterString().
 2020-05-14 16:48:07 +02:00
Jonas Jensen
a380dc113f C++: Test field conflation with array in struct 2020-05-14 16:29:39 +02:00
Mathias Vorreiter Pedersen
1c2b8563ae C++: Remove 'flow' value from testcases 2020-05-14 15:33:02 +02:00
Geoffrey White
6583012e6d C++: Use concat in getParameterString(). 2020-05-14 14:21:46 +01:00
Geoffrey White
da83f826b9 C++: Solve duplication in getParameterString(). 2020-05-14 14:21:06 +01:00
Geoffrey White
ca0d23fd72 C++: Add a test case. 2020-05-14 14:20:02 +01:00
Mathias Vorreiter Pedersen
5f9b96cde9 C++: Fix off-by-one in test annotation 2020-05-14 15:12:00 +02:00
semmle-qlci
23532ae49a Merge pull request #3467 from erik-krogh/tarSlip 
Approved by esbena
 2020-05-14 14:06:42 +01:00
semmle-qlci
57f44c5a81 Merge pull request #2886 from asger-semmle/js/call-graph-exploration 
Approved by erik-krogh, esbena
 2020-05-14 14:01:23 +01:00
semmle-qlci
384df88df1 Merge pull request #3359 from erik-krogh/MayHavePropName 
Approved by esbena
 2020-05-14 13:52:45 +01:00
Asger Feldthaus
e491431f4e JS: Autoformat 2020-05-14 13:29:33 +01:00
Geoffrey White
78f098f37a C++: Test Function.getParameterString(). 2020-05-14 13:05:39 +01:00
Mathias Vorreiter Pedersen
f414b277ba C++: Modify complex.cpp test to account for longer access paths in the dataflow library 2020-05-14 13:58:04 +02:00
Geoffrey White
53a53fb633 C++: Modernize the Functions test. 2020-05-14 12:50:57 +01:00
Asger Feldthaus
1cdb51741f JS: Dont use deprecated API in test case 2020-05-14 11:08:31 +01:00
Anders Schack-Mulligen
5c9fb2312e Merge pull request #3090 from luchua-bc/java-insert-sensitive-info-into-log 
Java: CWE-532 sensitive info logging
 2020-05-14 11:43:47 +02:00
Mathias Vorreiter Pedersen
f5f3405ec3 C++: Modify IR field flow tests to use InlineExpectationsTest.qll 2020-05-14 11:11:21 +02:00
Erik Krogh Kristensen
b12e21edcc add test for new zipslip sanitizer 2020-05-14 10:11:37 +02:00
Erik Krogh Kristensen
422ade16db Apply suggestions from code review 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-05-14 10:05:59 +02:00
Erik Krogh Kristensen
ce5356f592 change note 2020-05-14 09:48:50 +02:00
Erik Krogh Kristensen
4175d36269 add test case 2020-05-14 09:46:54 +02:00
Erik Krogh Kristensen
b727fa81a0 add a path sanitizer to zipslip 2020-05-14 09:46:50 +02:00
Erik Krogh Kristensen
71e7083dcb add "linkname" as a file-name-property for zip-slip 2020-05-14 09:06:23 +02:00
Erik Krogh Kristensen
a19718a10f add fs.link and fs.linkSync as writing file system calls 2020-05-14 09:00:50 +02:00
Mathias Vorreiter Pedersen
671242ce5e C++: Add upgrade script 2020-05-14 08:49:34 +02:00
Mathias Vorreiter Pedersen
dbba2269ad C++: Add stats 2020-05-14 08:47:16 +02:00
Robert Marsh
396ccda81f Merge pull request #3422 from Cornelius-Riemenschneider/inbounds-ptr 
C++: Add InBoundsPointerDeref.qll to experimental
 2020-05-13 16:55:42 -07:00
Mathias Vorreiter Pedersen
8f3ba75534 C++: Remove abstract keyword from Access and Cast and create .dbscheme unions 2020-05-13 23:15:11 +02:00
Dave Bartolomeo
ea2081ca40 Merge pull request #3459 from dbartol/github/codeql-c-analysis-team/69 
C++/C#: Remove `UnmodeledUse` instruction
 2020-05-13 13:13:40 -04:00
Asger Feldthaus
2ef7719b06 JS: PathExprInModule deprecation notice 2020-05-13 16:35:24 +01:00
Asger Feldthaus
3846f534a8 JS: Factor out overridden part of PathExpr.getSearchRoot 2020-05-13 16:34:43 +01:00
Asger Feldthaus
5f510878f3 JS: Remove PathExprBase and PathExprInModule 2020-05-13 16:34:28 +01:00
Asger Feldthaus
2d88385ffb JS: Cache moduleImport 2020-05-13 15:07:13 +01:00
Mathias Vorreiter Pedersen
34314d0cb6 C++: Annotation field flow tests with [IR] and [AST] 2020-05-13 15:16:02 +02:00
Calum Grant
f5daeea618 Merge pull request #3421 from hvitved/csharp/dataflow/change-note 
C#/Java/C++: Add change note for #3110
 2020-05-13 13:53:01 +01:00
semmle-qlci
2a341d973d Merge pull request #3458 from esbena/js/NoSQLCodeInjection 
Approved by erik-krogh
 2020-05-13 13:33:28 +01:00
Bt2018
7b88988981 Convert to path-problem query 2020-05-13 08:09:22 -04:00
Dave Bartolomeo
b0f7e9c6a7 C++: Accept test output 2020-05-13 08:02:17 -04:00
Bt2018
632cb8b666 Simplify CredentialExpr as the AddExpr step is included by TaintTracking::localTaintStep(node1, node2) 2020-05-13 07:55:32 -04:00
Bt2018
d9cc3c6f8d Add a comment for reasoning in why debug and trace are included and other variations are excluded 2020-05-13 07:46:44 -04:00
Esben Sparre Andreasen
c6fa88af28 JS: change notes 2020-05-13 12:56:33 +02:00
Esben Sparre Andreasen
9552352d6a JS: address qhelp feedback 2020-05-13 12:53:59 +02:00
Esben Sparre Andreasen
7305a873b1 JS: formatting 2020-05-13 11:28:48 +02:00
Esben Sparre Andreasen
fedd32fc2b JS: address review comment 2020-05-13 09:57:02 +02:00
Esben Sparre Andreasen
91f43a7dae JS: address review comments 2020-05-13 09:52:01 +02:00