hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-21 06:57:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,365 Commits 1,712 Branches 163 Tags
9e6b178d48082cfba2ce82906367e5144192ede2
Commit Graph

4365 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
9e6b178d48 CPP: Resolve #endif FPs. 2019-04-11 11:05:53 +01:00
Geoffrey White
4beb77588a CPP: Add tests based on false positive results. 2019-04-11 10:14:32 +01:00
semmle-qlci
9f13b6be18 Merge pull request #1234 from xiemaisi/js/customizations-qll 
Approved by esben-semmle
 2019-04-11 08:31:28 +01:00
Esben Sparre Andreasen
a6cf9503da Merge pull request #1235 from xiemaisi/js/include-yaml 
JavaScript: Teach AutoBuilder to extract YAML files by default.
 2019-04-11 09:28:59 +02:00
Max Schaefer
f22cb186e3 JavaScript: Teach AutoBuilder to extract YAML files by default. 2019-04-10 18:47:06 -07:00
Max Schaefer
078151f9d1 JavaScript: Add an (empty) Customizations.qll module. 
Somewhat analogous to the `Options.qll` module in C++; see module
comments for further explanation.
 2019-04-10 18:26:27 -07:00
semmle-qlci
02fc45d923 Merge pull request #1232 from xiemaisi/js/more-socket-improvements 
Approved by asger-semmle
 2019-04-10 22:20:00 +01:00
Max Schaefer
20312fc3bf JavaScript: Improve socket.io model. 
Recognise `io` imports and use type-tracking to better track handlers.
 2019-04-10 08:02:40 -07:00
Geoffrey White
5101a5bc3d Merge pull request #1056 from jbj/SimpleRangeAnalysis-use-after-cast 
C++: Fix use-after-cast bug in SimpleRangeAnalysis
 2019-04-10 11:04:20 +01:00
Jonas Jensen
01fc721497 C++: Fixup test annotation 2019-04-10 09:28:06 +02:00
Robert Marsh
75ab311c3a Merge pull request #1223 from geoffw0/commentedoutcode 
CPP: Detect commented out preprocessor logic
 2019-04-09 16:16:19 -04:00
Robert Marsh
c9fbbfe7d8 Merge pull request #984 from rdmarsh2/rdmarsh/cpp/ir-stmtexpr 
C++: add support for GNU StmtExpr in IR
 2019-04-09 12:54:35 -04:00
Mark Shannon
97a9954e72 Merge pull request #1222 from taus-semmle/python-unify-old-and-new-query-suites 
Python: Make old query suites point to new query suites.
 2019-04-09 14:04:21 +01:00
Geoffrey White
13ed50f049 CPP: Improve the regexp. 2019-04-09 13:08:31 +01:00
Geoffrey White
d70e7ceafe CPP: Additional test cases. 2019-04-09 13:04:32 +01:00
Jonas Jensen
ca71ac7c36 C++: Accept improved test output 2019-04-09 13:38:52 +02:00
Geoffrey White
ddb1b0ac1c CPP: Declaration -> definition. 2019-04-09 12:35:20 +01:00
Jonas Jensen
fd4967e6f1 C++: Fix SnprintfOverflow issues 
Requiring strict inclusion between types turned out to cause false
positives in `SnprintfOverflow`, which relied indirectly on
`RangeAnalysisUtils::linearAccessImpl` to identify acceptable bounds
checks. This query was particularly affected because `snprintf` returns
`int` (signed) but takes `size_t` (unsigned), so conversions are bound
to happen.
 2019-04-09 11:05:14 +02:00
Esben Sparre Andreasen
e7adb62288 Merge pull request #1221 from asger-semmle/contextual-typing 
TS: Extract contextual type for object/array literals
 2019-04-09 10:43:01 +02:00
Taus
adf8cdcde5 Merge pull request #1203 from markshannon/python-taint-tracking-configuration-2 
Python: Use taint tracking configuration for queries.
 2019-04-09 10:01:35 +02:00
Tom Hvitved
3f403b8f0d Merge pull request #1208 from felicity-semmle/support/SD-3189-move 
Documentation: move support information into a version-neutral location
 2019-04-09 10:01:14 +02:00
semmle-qlci
92acd322fc Merge pull request #1218 from esben-semmle/js/whitelist-typeconfusion-lt1-checks 
Approved by asger-semmle
 2019-04-09 01:11:34 +01:00
Robert Marsh
fd7512c447 C++: accept test change in SignAnalysis 2019-04-08 14:10:37 -04:00
Geoffrey White
5bd5b1b6ce CPP: Change note. 2019-04-08 18:19:30 +01:00
Geoffrey White
48fff334da CPP: Detect commented preprocessor code. 2019-04-08 18:17:23 +01:00
Geoffrey White
4d67bd32dd CPP: Move comments explaining implementation details into the body of 'looksLikeCode'. 2019-04-08 18:14:54 +01:00
Geoffrey White
f432f1a03a CPP: Autoformat CommentedOutCode.qll. 2019-04-08 18:00:49 +01:00
Geoffrey White
92241132b5 CPP: Add test cases. 2019-04-08 18:00:34 +01:00
Taus Brock-Nannestad
98e9edc27c Delete unnecessary files. 2019-04-08 18:27:30 +02:00
Taus Brock-Nannestad
e227078953 Add note about backwards compatibility. 2019-04-08 17:55:48 +02:00
Mark Shannon
52b3f77f4f Fix typo. 2019-04-08 15:47:49 +01:00
Asger F
db9fd3f721 TS: update test change 2019-04-08 15:17:40 +01:00
Taus Brock-Nannestad
2e6291270b Python: Make old query suites point to new. 2019-04-08 14:02:34 +02:00
semmle-qlci
f54366bf95 Merge pull request #1214 from asger-semmle/taint-addexpr-phi 
Approved by esben-semmle, xiemaisi
 2019-04-08 11:55:06 +01:00
Anders Schack-Mulligen
6e7ae8a0a9 Merge pull request #1217 from jbj/mergeback-20190408 
Mergeback rc/1.20 to master
 2019-04-08 12:44:19 +02:00
Jonas Jensen
93286aabdf C++: Test for FP introduced by relOp changes 2019-04-08 11:19:57 +02:00
Esben Sparre Andreasen
52d86471af JS: whitelist another emptiness check for the type-confusion query 2019-04-08 09:52:27 +02:00
semmle-qlci
662ad4b2ca Merge pull request #1205 from asger-semmle/prefix-sanitizer 
Approved by esben-semmle
 2019-04-08 08:29:04 +01:00
Jonas Jensen
fedd652de8 Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-20190408 2019-04-08 08:39:44 +02:00
semmle-qlci
0bd4fde34d Merge pull request #1216 from geoffw0/revert-microsoft 
Approved by dave-bartolomeo, jbj
 2019-04-06 01:02:17 +01:00
Robert Marsh
8087cb5040 C++: add CopyValueInstruction for StmtExpr result 2019-04-05 11:27:19 -07:00
Asger F
50c2921625 TS: Use contextual typing for literals 2019-04-05 18:43:51 +01:00
Asger F
d7bfeeefd0 TS: add test case with nested literals 2019-04-05 18:40:24 +01:00
Geoffrey White
5dce09b179 Revert "CPP: Workaround improvement for File.compiledAsMicrosoft." 
This reverts commit c3ec7b55b7.
 2019-04-05 17:37:44 +01:00
Geoffrey White
918f7043af Revert "CPP: Add '/' case." 
This reverts commit 5e71207a23.
 2019-04-05 17:37:39 +01:00
Max Schaefer
cb22192378 Merge pull request #1196 from asger-semmle/shelljs 
JS: Add model for shelljs
 2019-04-05 16:45:45 +01:00
yh-semmle
3d2ae00788 Merge pull request #1201 from aschackmull/java/intmulttolong-w-range 
Java: Use range analysis in IntMultToLong (ODASA-7836).
 2019-04-05 11:14:46 -04:00
Asger F
80f413177a Merge branch 'master' into shelljs 2019-04-05 14:44:32 +01:00
Asger F
e55330b820 JS: Fix flow through += 2019-04-05 13:55:48 +01:00
Jonas Jensen
f7dda1b3a4 Merge pull request #1213 from geoffw0/pointerscaling2 
CPP: De-duplicate the PointerScaling queries.
 2019-04-05 14:42:28 +02:00