hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
42,951 Commits 1,741 Branches 165 Tags
985e87ccde5d2706ec43f708f2b848230ef75c8a
Commit Graph

586 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
9f8326a3fa Merge pull request #7243 from geoffw0/sslquery2 
C++: New query for SSL certificates not checked
 2021-12-01 15:02:19 +00:00
Geoffrey White
4b221bd964 C++: Use guard.controls. 2021-11-30 15:44:48 +00:00
Geoffrey White
88fb1a18cb C++: Correct the doc. 2021-11-29 13:09:12 +00:00
Geoffrey White
d79337774d Update cpp/ql/src/Security/CWE/CWE-295/SSLResultNotChecked.qhelp 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-11-29 12:33:05 +00:00
Erik Krogh Kristensen
6ff8d4de5c add all remaining explicit this 2021-11-26 13:50:10 +01:00
Geoffrey White
e98ab5d2c2 C++: Add security-severity tag and provisional precision. 2021-11-25 15:49:40 +00:00
Geoffrey White
e9ce29664e C++: Qldoc. 2021-11-25 15:48:12 +00:00
Geoffrey White
f5b40731d6 C++: Add security-severity tag and provisional precision. 2021-11-25 13:59:21 +00:00
Geoffrey White
4c5faaf985 C++: Autoformat result not checked query. 2021-11-24 18:26:39 +00:00
Geoffrey White
8abaf1247a C++: Clean up result not checked query. 2021-11-24 18:26:39 +00:00
Geoffrey White
5ffbf563b8 C++: Add metadata for result not checked query. 2021-11-24 18:26:38 +00:00
Geoffrey White
72a03257e7 C++: Add qhelp for result not checked query. 2021-11-24 18:26:38 +00:00
Geoffrey White
5eb814fd8b C++: Prototype SSL result not checked query. 2021-11-24 18:26:37 +00:00
Geoffrey White
7869733ab5 C++: Autoformat result conflation query. 2021-11-24 18:25:58 +00:00
Geoffrey White
88b6bd9478 C++: Switch result conflation query to a slightly simpler dataflow-only approach. 2021-11-24 18:25:57 +00:00
Geoffrey White
ce2b86b9e3 C++: Add metadata for result conflation query. 2021-11-24 18:25:57 +00:00
Geoffrey White
2eae6a3e9a C++: Add qhelp for result conflation query. 2021-11-24 18:25:56 +00:00
Geoffrey White
6afcbce421 C++: Prototype SSL result conflation query. 2021-11-24 18:22:24 +00:00
Erik Krogh Kristensen
011fc20963 use matches instead of regexpMatch 2021-11-18 15:41:25 +01:00
Geoffrey White
ea9640a39d C++: Autoformat. 2021-11-16 14:26:42 +00:00
Geoffrey White
5ef71e6ef3 C++: Add a few more sinks. 2021-11-16 13:02:56 +00:00
Geoffrey White
aafa5762ad C++: Add a CWE tag associated with OWASP A8. 2021-11-16 11:21:25 +00:00
Geoffrey White
ea580cd9c0 C++: Add explanatory comments. 2021-11-11 11:49:51 +00:00
Geoffrey White
43ff3b1c80 C++: Address review comment. 2021-11-11 09:39:59 +00:00
Geoffrey White
9a1b98e1d9 C++: Fix qhelp example link. 2021-11-10 17:54:05 +00:00
Geoffrey White
c29011a5cf C++: Add more sinks. 2021-11-10 16:43:28 +00:00
Geoffrey White
ae622bd482 C++: Use hasGlobalOrStdName. 2021-11-10 14:57:07 +00:00
Geoffrey White
2f39c64cc2 C++: Fix character in qhelp. 2021-11-10 11:23:57 +00:00
Geoffrey White
ef21d1b512 C++: Add a model for curl as well. 2021-11-09 19:32:43 +00:00
Geoffrey White
d2b18d952d C++: Add qhelp. 2021-11-09 18:41:56 +00:00
Geoffrey White
bd1e708c5d C++: First version of cpp/non-https-url. 2021-11-09 18:33:49 +00:00
CodeQL CI
d5e2026a26 Merge pull request #6934 from erik-krogh/more-instanceof 
Approved by MathiasVP, esbena, yoff
 2021-11-02 03:46:23 -07:00
Erik Krogh Kristensen
e75448ebb0 remove redundant inline casts 2021-10-28 16:35:53 +02:00
Erik Krogh Kristensen
d2d6b2ca7c apply range pattern patch to cpp 2021-10-25 19:38:10 +02:00
Geoffrey White
da412178ce C++: Use set literals (more). 2021-10-20 14:18:27 +01:00
Geoffrey White
3f3c79f48f Merge pull request #6884 from geoffw0/setliterals 
Replace or chains with set literals.
 2021-10-18 16:46:55 +01:00
Geoffrey White
f38dade578 C++: Disable the two null termination queries enabled by 6794. 2021-10-15 17:39:12 +01:00
Geoffrey White
f08d2ee759 Merge branch 'main' into setliterals 2021-10-14 14:39:39 +01:00
Mathias Vorreiter Pedersen
a2371370ff Merge pull request #6865 from MathiasVP/fix-if-none 
C++/C#/JS/Python: Replace 'if p() then q() else none()' with a conjunction
 2021-10-13 19:47:55 +01:00
Geoffrey White
2e61ae244a C++: Set literals. 2021-10-13 16:12:36 +01:00
Mathias Vorreiter Pedersen
ba981c525b C++: Replace 'if p() then q() else none()' with a conjunction. 2021-10-13 12:11:42 +01:00
Geoffrey White
2c64fa50d2 Merge branch 'main' into impropnullfp 2021-10-04 16:51:21 +01:00
Mathias Vorreiter Pedersen
eac0222f2c C++: Add more CWEs to 'cpp/incorrect-allocation-error-handling'. 2021-10-04 15:15:40 +01:00
Geoffrey White
51188aa93f C++: Give the two queries medium precision (for now). 2021-10-01 17:04:22 +01:00
Mathias Vorreiter Pedersen
a3cf721b9e Merge pull request #6713 from geoffw0/cwe139 
C++: New query for 'Cleartext transmission of sensitive information'
 2021-10-01 11:10:36 +02:00
Geoffrey White
89098f54be C++: Correct comment. 2021-09-28 20:03:42 +01:00
Geoffrey White
10323ac819 Update cpp/ql/src/Security/CWE/CWE-311/CleartextStorage.inc.qhelp 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-09-28 15:13:29 +01:00
Geoffrey White
6901d9d9c2 C++: Add and use getRemoteSocket predicates. 2021-09-24 15:16:48 +01:00
Geoffrey White
9f59bc8f7b C++: Naive translation to use RemoteFlow*Function. 2021-09-24 15:12:14 +01:00
Robert Marsh
21ed5c430d Merge branch 'main' into rdmarsh2/improve-exec-tainted 
Manual fix for conflict in Models.qll
 2021-09-22 11:51:18 -07:00