hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-27 17:58:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,430 Commits 1,721 Branches 164 Tags
a583f000c14aef52173ff4f2fd41cd96d836a8d4
Commit Graph

5430 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
a583f000c1 Java: Fix tests. 2019-06-27 13:20:03 +02:00
Anders Schack-Mulligen
2af3598223 Java: Restrict Object.toString dispatch based on a more closed-world assumption. 2019-06-26 17:42:40 +02:00
Jonas Jensen
d2f8029625 Merge pull request #1492 from geoffw0/exprnoeffectweak 
CPP: Fix for 'Expression has no effect' on calls to weak functions
 2019-06-25 10:58:28 +02:00
Jonas Jensen
de65dc5501 Merge pull request #1490 from geoffw0/leapyeararith 
CPP: Improvements to LeapYear.qll
 2019-06-25 10:46:12 +02:00
Max Schaefer
0fa41f7a21 Merge pull request #1493 from chrisgavin/owasp-cheat-sheet 
JavaScript: Update link to the OWASP XSS prevetion cheat sheet.
 2019-06-24 16:09:02 -07:00
Chris Gavin
bce153648e JavaScript: Update link to the OWASP XSS prevetion cheat sheet. 2019-06-24 23:21:14 +01:00
Geoffrey White
6800abdf23 CPP: Change note. 2019-06-24 22:07:55 +01:00
Geoffrey White
9a0645ac0b CPP: Calls to weak functions should be considered impure. 2019-06-24 22:04:12 +01:00
Geoffrey White
aee2af7ca1 CPP: Add a test of ExprHasNoEffect.ql with a call to a 'weak' function. 2019-06-24 22:01:46 +01:00
Geoffrey White
562141759a CPP: Autoformat LeapYear.qll. 2019-06-24 15:20:24 +01:00
Geoffrey White
69533a7fd3 CPP: Clean up duplication in Adding365DaysPerYear.ql. 2019-06-24 15:18:29 +01:00
Geoffrey White
7fca220eda CPP: Fix UncheckedLeapYearAfterYearModification FPs. 2019-06-24 11:21:48 +01:00
Geoffrey White
cff3f9bdaf CPP: Add another test case based on a real world case. 2019-06-21 17:43:17 +01:00
Geoffrey White
b1f6294083 CPP: Add a test case where a date is created. 2019-06-21 14:32:44 +01:00
Taus
927d72414b Merge pull request #1483 from markshannon/merge-121 
Merge rc/1.21 into master
 2019-06-21 14:11:07 +02:00
Geoffrey White
09b33bc1a7 CPP: Adjust file name case for consistency. 2019-06-21 12:53:04 +01:00
Geoffrey White
1a7269b206 CPP: Rename the test subdirectories. 2019-06-21 12:51:25 +01:00
semmle-qlci
59dd3b2fb7 Merge pull request #1477 from asger-semmle/ts-debug-failure-in-tsconfig 
Approved by xiemaisi
 2019-06-21 12:45:13 +01:00
Taus
832abc7835 Merge pull request #1473 from markshannon/python-points-to-more-unknowns 
Python: Fix getOperand for 'not' node and make sure it can only point-to a boolean.
 2019-06-21 11:03:23 +02:00
Mark Shannon
26f870bc7f Merge branch 'rc/1.21' into master 2019-06-21 09:52:44 +01:00
semmle-qlci
4d779026d2 Merge pull request #1479 from xiemaisi/js/remove-circularity 
Approved by asger-semmle
 2019-06-21 09:03:13 +01:00
semmle-qlci
eccf153d86 Merge pull request #1481 from xiemaisi/js/fix-yaml-extractor-npe 
Approved by asger-semmle
 2019-06-20 21:10:22 +01:00
Max Schaefer
4370f25b32 JavaScript: Remove dependency of module import on globalVarRef. 2019-06-20 21:08:34 +01:00
Max Schaefer
544a55dd0e JavaScript: Fix potential null-pointer exception in YAML extractor. 
`ScalarEvent.getStyle()` is documented as returning `null` for plain
scalars, so we need to handle that specially (cf
https://github.com/Semmle/ql/blob/master/javascript/ql/src/semmle/javascript/YAML.qll#L100
for the corresponding code in the library, which expects plain style to
be encoded as zero).
 2019-06-20 17:04:47 +01:00
Jonas Jensen
364100f043 Merge pull request #1480 from geoffw0/time 
CPP: Speed up StructWithExactEraDate.ql
 2019-06-20 15:27:52 +02:00
Taus
524a184fdb Merge pull request #1478 from markshannon/python-loop-unrolling-prepare 
Python : Prepare for loop unrolling in extractor
 2019-06-20 15:01:54 +02:00
Geoffrey White
0e69063e3c CPP: Restore the query precision. 2019-06-20 12:39:16 +01:00
Geoffrey White
936afadc43 CPP: Speed up StructWithExactEraDate.ql. 2019-06-20 12:21:06 +01:00
Ellen Arteca
99c32f08fb JavaScript: Recognize imports from TypeScript type annotations 2019-06-20 10:45:30 +01:00
Mark Shannon
eb23c11142 Python: Fix ForNode class to support loop unrolling. 2019-06-20 10:41:55 +01:00
Calum Grant
a3d5d2c8e4 Merge pull request #1345 from denislevin/denisl/cs/MishandlingJapaneseDatesAndLeapYear 
C#: Japanese Era and Leap Year checks (Likely Bugs)
 2019-06-20 10:21:26 +01:00
Arthur Baars
8b58b80e5f Merge pull request #1453 from markshannon/python-remove-redundant-override 
Python: Remove redundant override.
 2019-06-19 19:00:52 +02:00
Arthur Baars
d4bbb0f21f Merge pull request #1474 from yh-semmle/java-dbscheme-diagnostics-rc 
Java: add compilation/diagnostic relations to dbscheme (rc/1.21)
 2019-06-19 18:59:58 +02:00
Calum Grant
3c9c0e943b Merge pull request #1459 from hvitved/csharp/remove-deprecated 
C#: Remove deprecated predicates
 2019-06-19 17:56:20 +01:00
Calum Grant
07eb0ec5b2 Merge pull request #1462 from hvitved/csharp/controlflowgraph-depr 
C#: Remove uses of deprecated `ControlFlowGraph` module
 2019-06-19 17:55:04 +01:00
Calum Grant
df2a46eb80 Merge pull request #1468 from hvitved/csharp/extractor-error 
C#: Include extractor message in diagnostic queries
 2019-06-19 17:47:11 +01:00
Mark Shannon
217214c9e5 Merge pull request #1476 from aeyerstaylor/more-python-performance 
Python: Further performance improvements on large databases.
 2019-06-19 17:43:51 +01:00
alexet
78bf75544e Python: Improve performance of implicit_submodule_points_to 2019-06-19 16:01:13 +01:00
alexet
6472588569 Python: Remove pointless charpred. 2019-06-19 16:01:13 +01:00
alexet
4d1e4e0261 Python: Add no-inline to force correct join-order. 2019-06-19 16:01:12 +01:00
Taus
85ad89c299 Merge pull request #1292 from markshannon/python-prune-in-ql 
Python: Do pruning in QL.
 2019-06-19 16:58:27 +02:00
Jonas Jensen
1affd30a5a Merge pull request #1431 from geoffw0/taintedallocfp 
CPP: Fix TaintedAllocationSize.ql false positives
 2019-06-19 16:27:01 +02:00
Jonas Jensen
ad337de6ce Merge branch 'master' into taintedallocfp 2019-06-19 15:35:09 +02:00
Mark Shannon
2040b010f4 Python: Clarify qldoc. 2019-06-19 14:02:24 +01:00
Mark Shannon
30f2df8ac4 Python: Refactor pruning to be more clearly symmetric and complete. 2019-06-19 13:09:20 +01:00
Asger F
52f31dcb07 TS: Rely on ts.sys.readFile for decoding 2019-06-19 11:57:22 +01:00
Mark Shannon
5b145edc3f Python: Fix getOperand() for not node and make sure it can only point-to a boolean. 2019-06-19 11:23:02 +01:00
Taus
cb43d27344 Merge pull request #1472 from markshannon/python-taint-through-iterators 
Python: Track taint through iteration and iterators including generators.
 2019-06-19 11:33:10 +02:00
Taus
b43df7439e Merge pull request #1471 from markshannon/python-no-taint-past-sinks 
Python: Don't record taint past sinks.
 2019-06-19 11:23:27 +02:00
Jonas Jensen
53d4b2dfc9 Merge pull request #1365 from geoffw0/uninit 
CPP: Fix for the 'LoopConditionAlwaysTrueUponEntry' logic
 2019-06-19 11:01:57 +02:00