hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
52,961 Commits 1,673 Branches 157 Tags
aa337c72c25ea660f1feeb0e153911f83039ecab
Commit Graph

52961 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
aa337c72c2 C++: Update import paths in tests and experimental queries. 2023-04-03 15:17:37 +01:00
Mathias Vorreiter Pedersen
4c5ca082ce C++: Delete the experimental range-analysis library. 2023-04-03 13:53:43 +01:00
Mathias Vorreiter Pedersen
e8800a6dba C++: Move the new range-analysis library out of experimental and into an 'internal' directory. 2023-04-03 13:53:43 +01:00
Asger F
53de9ae580 Merge pull request #12729 from asgerf/js/crypto-modernize 
JS: Modernize crypto libraries
 2023-04-03 12:16:22 +02:00
Tony Torralba
6331c37b46 Merge pull request #12735 from JLLeitschuh/doc/JLL/fix-partial-path-documentation 
Fix partial path traversal Java example Again
 2023-04-03 11:18:02 +02:00
Jeroen Ketema
e5c7c88588 Merge pull request #12737 from MathiasVP/speed-up-gvn 
C++: Speed up non-linear recursion in GVN library
 2023-04-03 10:46:37 +02:00
Jeroen Ketema
ecf92f0c5d Merge pull request #12741 from jketema/js-qhelp-example-fix 
JS: Fix qhelp after file rename
 2023-04-03 09:47:38 +02:00
Asger F
e5d090c640 Merge pull request #12671 from asgerf/ql/class-type 
QL: Make Class.getType() only return ClassType
 2023-04-03 09:43:14 +02:00
Mathias Vorreiter Pedersen
9a34a7b7cc Merge pull request #12719 from jketema/typebound-size 2023-04-03 08:31:41 +01:00
Jeroen Ketema
17bd9c12d7 JS: Fix qhelp after file rename 2023-04-03 09:25:19 +02:00
Paolo Tranquilli
5e45377ad7 Merge pull request #12725 from github/redsun82/swift-successfully-extracted-lines 
Swift: add `SuccessfullyExtractedLines` query
 2023-04-03 09:12:41 +02:00
Jeroen Ketema
69619f1fbc Merge pull request #12738 from MathiasVP/fix-join-in-suspecious-call-to-strncat 
C++: Fix join order in `cpp/unsafe-strncat`
 2023-04-01 20:10:17 +02:00
Jonathan Leitschuh
0d774a647c Fix partial path traversal Java example Again 
The original wouldn't compile, and the fix made by #11899 is sub-optimal.
This keeps the entire comparision using the Java `Path` object, which is optimal.

Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2023-03-31 23:36:07 -04:00
Jonathan Leitschuh
b9d409279b Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversalRemainder.inc.qhelp 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-31 23:36:07 -04:00
Jonathan Leitschuh
e641505361 Fix partial path traversal Java example Again 
The original wouldn't compile, and the fix made by #11899 is sub-optimal.
This keeps the entire comparision using the Java `Path` object, which is optimal.

Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2023-03-31 23:36:07 -04:00
Mathias Vorreiter Pedersen
e5700e07c7 C++: Fix join order in 'cpp/unsafe-strncat'. 2023-03-31 21:33:28 +01:00
Mathias Vorreiter Pedersen
6638df1578 C++: Sync identical files. 2023-03-31 18:25:34 +01:00
Mathias Vorreiter Pedersen
0b33d26852 C++: Speed up non-linear recursion in GVN. 2023-03-31 18:25:19 +01:00
Edward Minnix III
2b9daed26a Merge pull request #12563 from egregius313/egregius313/refactor-java-libs-to-dataflow-modules 
Java: Refactor Java query libraries to use dataflow modules
 2023-03-31 12:38:14 -04:00
Ed Minnix
800411cd81 More replacing of single-predicate classes to predicate 2023-03-31 10:55:17 -04:00
Ian Lynagh
c1a7d7f825 Merge pull request #12646 from igfoo/igfoo/expanded_args 
Java: Store expanded args in the database
 2023-03-31 15:27:02 +01:00
Erik Krogh Kristensen
1e1a692ee6 Merge pull request #12686 from erik-krogh/backtick-parse-error 
JS: add backticks around the concrete parse error
 2023-03-31 14:56:38 +02:00
Asger F
64cf27ab87 JS: Modernize crypto libraries 2023-03-31 14:49:23 +02:00
Jeroen Ketema
8d9b96b776 C++: Drop the bit size restriction in typeBound and use float 2023-03-31 14:36:11 +02:00
Geoffrey White
cc841a68f6 Merge pull request #11921 from gsingh93/range-node 
C++: Add RangeNode class
 2023-03-31 13:22:19 +01:00
Ian Lynagh
3d85c4f19c Java: Add another change note 2023-03-31 12:46:10 +01:00
Ian Lynagh
04c09a73a9 Java: Add .md extension to changenote file 2023-03-31 12:40:19 +01:00
Asger F
40530ae14d JS: Simplfy with set literal 2023-03-31 12:04:56 +02:00
Asger F
4a06b81429 JS: Use API graphs in CryptoJS 2023-03-31 12:03:14 +02:00
Asger F
dec1e4dfd6 Merge pull request #12666 from smiddy007/improve-insufficient-pw-hash-query 
JS: Improve insufficient pw hash query
 2023-03-31 11:58:41 +02:00
Geoffrey White
ddb27e5525 Merge pull request #12724 from geoffw0/modernstring2 
Swift: Add missing import.
 2023-03-31 09:48:46 +01:00
Michael Nebel
014e3e40bb Merge pull request #12707 from michaelnebel/csharp/dataflowstaticoperators 
C#: Data flow tests for virtual and abstract operators.
 2023-03-31 10:43:21 +02:00
Paolo Tranquilli
bc698546e5 Swift: specify treatment for multi-line things 2023-03-31 10:32:40 +02:00
Asger F
008ffea94f Merge pull request #12703 from asgerf/rb/api-graphs-trackdef 
Ruby: do not depend on trackDefNode in isDef
 2023-03-31 10:30:18 +02:00
Michael Nebel
f792bf09d3 C#: Update expected test output. 2023-03-31 10:13:20 +02:00
Michael Nebel
6f86cb1c1b C#: Add interface definition and add more testcases. 2023-03-31 10:13:20 +02:00
Michael Nebel
fc21f01cb9 Merge pull request #12690 from michaelnebel/csharp/checkedlocalflow 
C#: Dataflow via checked and unchecked expressions.
 2023-03-31 10:12:01 +02:00
Paolo Tranquilli
33b4d2d653 Swift: add SuccessfullyExtractedLines query 
This counts how many lines we have extracted some entity in. If we test
changes in this, we can have a more fine grained look into how much we
actually extract than looking at the extracted files.
 2023-03-31 10:02:19 +02:00
Geoffrey White
01280aee67 Swift: Add missing import. 2023-03-31 08:48:57 +01:00
Paolo Tranquilli
3e703802b1 Merge pull request #12710 from github/redsun82/swift-imported-modules-as-set 
Swift: make imported and exported modules a set
 2023-03-31 09:46:44 +02:00
Ed Minnix
ac218ba08b Replace private classes with one method to predicates 2023-03-30 22:03:05 -04:00
Edward Minnix III
8e54328315 Merge pull request #12681 from egregius313/egregius313/java/move-configurations-to-libraries 
Java: Move dataflow configurations in queries to `*Query.qll` libraries (part 1)
 2023-03-30 14:33:21 -04:00
AlexDenisov
3cd0af6622 Merge pull request #12700 from github/redsun82/swift-fix-wmo 
Swift: extract all source files in WMO mode
 2023-03-30 18:01:48 +02:00
Ed Minnix
03078603bf Reinstate private markers on additional predicates 2023-03-30 11:24:33 -04:00
Ed Minnix
684408a493 Fix StringFormat import 2023-03-30 11:20:35 -04:00
Ed Minnix
ecbd3be5e9 Remove private marker 
This class is used in the actual query, so it needs to be exposed.
 2023-03-30 11:08:41 -04:00
Ed Minnix
dba5e9e9e2 Updates to imports 
Make some imports private
Remove unnecessary imports
 2023-03-30 11:03:48 -04:00
Edward Minnix III
c7a049a867 Mark things which can be private as private 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-30 11:00:00 -04:00
Edward Minnix III
8250e4393c Typos and rewording 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-30 10:59:12 -04:00
Ian Lynagh
5c50ddce3d Java: Add up/downgrade scripts 2023-03-30 15:53:34 +01:00