hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-20 22:46:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,319 Commits 1,712 Branches 163 Tags
9d1f511ca029dd38ec0630559bed37b37b7ca221
Commit Graph

4319 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
9d1f511ca0 JS: fixup missing space 2019-04-09 10:39:26 +02:00
Esben Sparre Andreasen
89596052cf JS: autoformat TypeTracking.qll 2019-04-09 10:39:26 +02:00
Taus
adf8cdcde5 Merge pull request #1203 from markshannon/python-taint-tracking-configuration-2 
Python: Use taint tracking configuration for queries.
 2019-04-09 10:01:35 +02:00
Tom Hvitved
3f403b8f0d Merge pull request #1208 from felicity-semmle/support/SD-3189-move 
Documentation: move support information into a version-neutral location
 2019-04-09 10:01:14 +02:00
semmle-qlci
92acd322fc Merge pull request #1218 from esben-semmle/js/whitelist-typeconfusion-lt1-checks 
Approved by asger-semmle
 2019-04-09 01:11:34 +01:00
Mark Shannon
52b3f77f4f Fix typo. 2019-04-08 15:47:49 +01:00
semmle-qlci
f54366bf95 Merge pull request #1214 from asger-semmle/taint-addexpr-phi 
Approved by esben-semmle, xiemaisi
 2019-04-08 11:55:06 +01:00
Anders Schack-Mulligen
6e7ae8a0a9 Merge pull request #1217 from jbj/mergeback-20190408 
Mergeback rc/1.20 to master
 2019-04-08 12:44:19 +02:00
Esben Sparre Andreasen
52d86471af JS: whitelist another emptiness check for the type-confusion query 2019-04-08 09:52:27 +02:00
semmle-qlci
662ad4b2ca Merge pull request #1205 from asger-semmle/prefix-sanitizer 
Approved by esben-semmle
 2019-04-08 08:29:04 +01:00
Jonas Jensen
fedd652de8 Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-20190408 2019-04-08 08:39:44 +02:00
semmle-qlci
0bd4fde34d Merge pull request #1216 from geoffw0/revert-microsoft 
Approved by dave-bartolomeo, jbj
 2019-04-06 01:02:17 +01:00
Geoffrey White
5dce09b179 Revert "CPP: Workaround improvement for File.compiledAsMicrosoft." 
This reverts commit c3ec7b55b7.
 2019-04-05 17:37:44 +01:00
Geoffrey White
918f7043af Revert "CPP: Add '/' case." 
This reverts commit 5e71207a23.
 2019-04-05 17:37:39 +01:00
Max Schaefer
cb22192378 Merge pull request #1196 from asger-semmle/shelljs 
JS: Add model for shelljs
 2019-04-05 16:45:45 +01:00
yh-semmle
3d2ae00788 Merge pull request #1201 from aschackmull/java/intmulttolong-w-range 
Java: Use range analysis in IntMultToLong (ODASA-7836).
 2019-04-05 11:14:46 -04:00
Asger F
80f413177a Merge branch 'master' into shelljs 2019-04-05 14:44:32 +01:00
Asger F
e55330b820 JS: Fix flow through += 2019-04-05 13:55:48 +01:00
Jonas Jensen
f7dda1b3a4 Merge pull request #1213 from geoffw0/pointerscaling2 
CPP: De-duplicate the PointerScaling queries.
 2019-04-05 14:42:28 +02:00
Jonas Jensen
19b05c57d7 Merge pull request #1204 from geoffw0/badlock 
CPP: Add a test of common mistakes using locking classes.
 2019-04-05 14:34:32 +02:00
Geoffrey White
f040755b3b CPP: Remove unnecessary imports. 2019-04-05 11:44:50 +01:00
Geoffrey White
44d68a761d CPP: Move 'baseType' into IncorrectPointerScalingCommon.qll. 2019-04-05 11:43:47 +01:00
Geoffrey White
695df232e3 CPP: Equalize the definitions of 'baseType'. 2019-04-05 11:28:11 +01:00
Geoffrey White
373075e06d CPP: Extend the test. 2019-04-05 11:09:13 +01:00
Geoffrey White
34fbc7b194 CPP: Guard the delete. 2019-04-05 10:00:55 +01:00
semmle-qlci
063dbeeff3 Merge pull request #1198 from esben-semmle/js/more-express-route-handlers 
Approved by xiemaisi
 2019-04-05 09:47:51 +01:00
Anders Schack-Mulligen
b5681a1260 Java: Add change note. 2019-04-05 10:44:42 +02:00
Anders Schack-Mulligen
dec31a3dd6 Java: Use range analysis in IntMultToLong. 2019-04-05 10:42:23 +02:00
Max Schaefer
2f84aac7df Merge pull request #1193 from esben-semmle/js/improve-createServer 
JS: treat the last argument to https.createServer as a route handler
 2019-04-05 08:57:24 +01:00
Tom Hvitved
67ed863c76 Merge pull request #1200 from calumgrant/cs/icryptotransform 
C#: Tidy up cs/thread-unsafe-icryptotransform-field-in-class
 2019-04-05 09:28:24 +02:00
Jonas Jensen
d619a8c693 Merge pull request #1192 from geoffw0/severity 
CPP: Change some query severities
 2019-04-05 09:23:27 +02:00
Jonas Jensen
8c17278808 Merge pull request #1191 from geoffw0/microsoft 
CPP: Workaround improvement for File.compiledAsMicrosoft.
 2019-04-05 09:22:08 +02:00
Jonas Jensen
b555f5025e Merge pull request #1209 from geoffw0/gmtime 
CPP: Add variants to PotentiallyDangerousFunction.ql
 2019-04-05 09:19:40 +02:00
yh-semmle
6ba57fc639 Merge pull request #1202 from aschackmull/java/slf4j-print-array 
Java: Exclude slf4j calls in PrintLnArray as it supports array formatting.
 2019-04-04 20:08:20 -04:00
Esben Sparre Andreasen
0ec0aa35be JS: change notes for Express 2019-04-04 21:42:23 +02:00
Esben Sparre Andreasen
60ba74a210 JS: Express cleanup and generalization 2019-04-04 21:42:08 +02:00
Esben Sparre Andreasen
c94ca46366 JS: add more Express tests 2019-04-04 21:42:08 +02:00
Geoffrey White
0a0bcdf939 CPP: Move some code into IncorrectPointerScalingCommon.qll. 2019-04-04 18:08:18 +01:00
Mark Shannon
2ba122373a Merge pull request #1128 from taus-semmle/python-paramiko-unsafe-host-key-validation 
Python: Add query for insecure SSH host key policies in Paramiko.
 2019-04-04 16:57:13 +01:00
Geoffrey White
7aee334baf CPP: Update the qhelp. 2019-04-04 16:48:14 +01:00
Geoffrey White
e8b7bf9ddf CPP: Change note. 2019-04-04 16:38:42 +01:00
Geoffrey White
a437e6c103 CPP: Extend coverage. 2019-04-04 16:31:02 +01:00
Geoffrey White
a1e503f428 CPP: Add test cases for PotentiallyDangerousFunction. 2019-04-04 16:26:53 +01:00
Felicity Chapman
bec6316c09 Move support information into a version-neutral location 2019-04-04 16:17:09 +01:00
Taus
c5f41c1a5a Merge pull request #1207 from markshannon/python-fix-cwe-ref 
Fix CWE tag for Code injection query.
 2019-04-04 17:08:51 +02:00
Mark Shannon
c2e814a11a Fix CWE tag for Code injection query. 2019-04-04 15:09:12 +01:00
Mark Shannon
3bcd445a32 Python change 'SimpleHttpResponseTaintSink' to 'HttpResponseTaintSink'. 2019-04-04 14:45:37 +01:00
Asger F
c38b8d81ca JS: review comments 2019-04-04 14:43:11 +01:00
Geoffrey White
5e71207a23 CPP: Add '/' case. 2019-04-04 14:32:22 +01:00
Asger F
d594e55a61 JS: Remove ShellJS::Instance for simplicity 2019-04-04 11:45:59 +01:00