hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-23 16:06:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,322 Commits 1,712 Branches 163 Tags
90f013d74f3be2ae38a21cf60da5bbaca820ad12
Commit Graph

15322 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
90f013d74f Merge pull request #4176 from aibaars/missing-qhelp 
Add missing QHelp files
 2020-09-02 16:12:42 +02:00
Asger F
2c0e9f0c86 Merge pull request #4186 from github/rc/1.25 
Mergeback: 1.25 -> main
 2020-09-02 15:12:25 +01:00
CodeQL CI
c017308505 Merge pull request #4134 from erik-krogh/genCalls 
Approved by asgerf
 2020-09-02 14:23:39 +01:00
Jonas Jensen
5760213490 Merge pull request #4190 from lcartey/cpp/range-analysis-extensible-assign-ops 
C++: Support `AssignOperation`s with `SimpleRangeAnalysisExpr`s
 2020-09-02 15:16:35 +02:00
Anders Schack-Mulligen
ca8fd6197a Merge pull request #4187 from RasmusWL/java-experimental-file-structure 
Java: Move files in experiemntal dirs to be consistent
 2020-09-02 14:41:26 +02:00
lcartey@github.com
fdfa75f3ec C++: Range analysis, allow extensible assign operations 
- defDependsOnDef supporting all analyzable AssignOperations
 - getDef(Upper|Lower)Bound supporting all analyzable AssignOperations
 2020-09-02 12:22:14 +01:00
Rasmus Wriedt Larsen
7a54d0b493 Java: Move files in experiemntal dirs to be consistent 2020-09-02 13:19:21 +02:00
Jonas Jensen
8e8c65a164 Merge pull request #4146 from jbj/partiallyDefinesVariableAt 
C++: Fix two join orders in FlowVar.qll
 2020-09-02 13:11:29 +02:00
CodeQL CI
48a1ee6233 Merge pull request #4130 from erik-krogh/bbFix 
Approved by asgerf
 2020-09-02 10:38:50 +01:00
Calum Grant
29b3759655 Merge pull request #3961 from tausbn/python-add-typetracker 
Python: Add type tracker and step summary implementation.
 2020-09-02 09:42:14 +01:00
Jonas Jensen
db45b29806 Merge pull request #4102 from rdmarsh2/rdmarsh2/cpp/input-iterators-1 
C++: Basic input iterator models
 2020-09-02 07:57:35 +02:00
Robert Marsh
015bf6e879 C++: Add reverse flow when this ptr is returned 2020-09-01 13:08:44 -07:00
Robert Marsh
2a57fa22e3 C++: handle reference args to iterator operators 2020-09-01 12:52:01 -07:00
Erik Krogh Kristensen
6cbdc7ad8f autoformat 2020-09-01 20:16:49 +02:00
Anders Schack-Mulligen
cc61e6117e Merge pull request #3542 from porcupineyhairs/mongoJava 
Java : add MongoDB injection sinks
 2020-09-01 16:19:17 +02:00
CodeQL CI
311e62f21d Merge pull request #4081 from aschackmull/java/dispatch-ctx-this-param 
Approved by aibaars
 2020-09-01 15:06:47 +01:00
yoff
caa680c72e Merge pull request #4149 from RasmusWL/python-more-additional-taint-steps 
Python: more additional taint steps
 2020-09-01 14:38:33 +02:00
Taus Brock-Nannestad
6a96c53d15 Python: Add missing getNode invocation 2020-09-01 14:04:31 +02:00
Taus Brock-Nannestad
26d14aba98 Python: Use nodeFrom/nodeTo instead of pred/succ 2020-09-01 14:00:30 +02:00
CodeQL CI
b9a6183ec2 Merge pull request #4175 from aschackmull/java/adjust-cwe-089-qltest 
Approved by aibaars
 2020-09-01 12:43:56 +01:00
Erik Krogh Kristensen
2628c05e43 split out comment over multiple lines 2020-09-01 13:12:44 +02:00
Erik Krogh Kristensen
c6947320ea use isAsyncOrGenerator instead of isOrdinary 2020-09-01 13:11:44 +02:00
Arthur Baars
2729d109a5 Merge pull request #4123 from aschackmull/java/records-dataflow 
Java: Add data flow for record getters.
 2020-09-01 13:02:24 +02:00
Anders Schack-Mulligen
e5d7208c12 Java: Adjust a few qltests. 2020-09-01 12:49:09 +02:00
Arthur Baars
aedfa47cb4 Add missing QHelp files 2020-09-01 12:46:57 +02:00
Rasmus Wriedt Larsen
c5e3333d10 Python: Update expected tests after last commit 
I'm pushing too fast it seems
 2020-09-01 12:01:34 +02:00
Rasmus Wriedt Larsen
e0cfe8123e Python: Update comments for new taint tests 
I see I didn't keep them up to date as I implemented things
 2020-09-01 11:58:26 +02:00
Rasmus Wriedt Larsen
cda88a5e64 Python: Refactor: use DataFlow::Node.asExpr() 2020-09-01 11:53:06 +02:00
Rasmus Wriedt Larsen
ddc55a18cf Python: Fix taint handling of copy.deepcopy 
(test results didn't change)

Thanks @yoff 👍
 2020-09-01 11:50:46 +02:00
Rasmus Wriedt Larsen
e5a361c230 Python: Better taint tests for copy.deepcopy 2020-09-01 11:50:33 +02:00
Mathias Vorreiter Pedersen
aa3b268525 Merge pull request #4162 from jbj/ssa-ref-parameters 
C++: SSA and range analysis for reference parameters
 2020-09-01 11:48:41 +02:00
Anders Schack-Mulligen
82692876d8 Java: Add some test cases. 2020-09-01 11:24:30 +02:00
Anders Schack-Mulligen
c25dd4be8c Merge pull request #3363 from ggolawski/xslt-injection 
CodeQL query to detect XSLT injections
 2020-09-01 11:03:19 +02:00
Anders Schack-Mulligen
1dae99e4a5 Merge pull request #3543 from porcupineyhairs/WebsocketReadAsSource 
Java: add websocket reads as remote flow source.
 2020-09-01 10:58:02 +02:00
Anders Schack-Mulligen
beca44ec2f Merge pull request #4172 from rvermeulen/java/xss-sink-extensible 
Java: Customizable XSS analysis
 2020-09-01 09:27:50 +02:00
Robert Marsh
87b657054f C++: reverse flow for iterator operator qualifiers 2020-08-31 14:53:05 -07:00
Robert Marsh
d4cf92e374 C++: Improve non-member iterator operator detection 2020-08-31 14:52:29 -07:00
Robert Marsh
10005dd199 Merge branch 'main' into rdmarsh2/cpp/input-iterators-1Merge changes to input/output models for functions that return thisand resolve conflicting changes to taint tests. 2020-08-31 14:49:01 -07:00
Remco Vermeulen
2bdd3d7712 Apply qldoc suggestions 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-08-31 17:28:51 +02:00
Taus Brock-Nannestad
ec64606d5a Python: Remove CopyStep branch type 2020-08-31 17:23:02 +02:00
Taus Brock-Nannestad
eb6443df21 Merge branch 'python-add-typetracker' of github.com:tausbn/ql into python-add-typetracker 2020-08-31 17:22:13 +02:00
Taus
8e1f99af99 Python: Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-08-31 17:20:12 +02:00
Taus Brock-Nannestad
3547c70d35 Python: Add tests with redefinition of fields/variables 2020-08-31 17:17:37 +02:00
Taus Brock-Nannestad
06103f4ff2 Python: Consistently use attribute/attr 2020-08-31 17:16:31 +02:00
CodeQL CI
35494ab97c Merge pull request #4171 from max-schaefer/js/promise-flow-public 
Approved by erik-krogh
 2020-08-31 15:15:27 +01:00
CodeQL CI
79e87a6c3d Merge pull request #4088 from aschackmull/java/string-formatted 
Approved by aibaars
 2020-08-31 15:02:49 +01:00
Rasmus Wriedt Larsen
cf2eacd7a6 Python: Adjust additional taint after PostUpdateNode addition 
Still no results though :(
 2020-08-31 14:59:29 +02:00
Rasmus Wriedt Larsen
4e73abc254 Merge branch 'main' into python-more-additional-taint-steps 2020-08-31 14:34:42 +02:00
Tom Hvitved
4e963a8a8e Merge pull request #4165 from hvitved/csharp/foreach-guard 
C#: Fix bug in guards logic for `foreach` loops
 2020-08-31 14:32:09 +02:00
CodeQL CI
dc9cc20fdd Merge pull request #4161 from yoff/SharedDataflow_PostUpdateNodes 
Approved by RasmusWL, aschackmull, hvitved, jbj
 2020-08-31 11:57:44 +01:00