hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-12 18:29:30 +02:00
Code Issues Packages Projects Releases Wiki Activity
48,053 Commits 1,756 Branches 167 Tags
aabbafd2bf5ee3bc03362f89ef32271c9700efdb
Commit Graph

48053 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeroen Ketema
aabbafd2bf C++: Fix QL-for-QL warning 2022-12-08 19:33:11 +01:00
Jeroen Ketema
ec0ce56269 C++: Model getaddrinfo as flow source 2022-12-08 19:20:11 +01:00
Jeroen Ketema
8f9a73ee09 C++: Address review comments 2022-12-08 16:14:12 +01:00
Jeroen Ketema
33fa76f911 C++: Add change note 2022-12-08 15:22:42 +01:00
Jeroen Ketema
b216c79992 C++: Accept test changes 2022-12-08 15:22:41 +01:00
Jeroen Ketema
f35b7f8fe8 C++: Model scanf and fscanf as flow sources 2022-12-08 15:22:41 +01:00
Chris Smowton
85ee4e6ca1 Merge pull request #11578 from retanoj/MybatisSqli 
Java: Add MyBatis Sql Injection no @Param case
 2022-12-08 13:53:44 +00:00
Henry Mercer
280bb6864f Merge pull request #11604 from github/codeql-ci/atm/release-0.4.3 
JS: Bump version numbers of ML-powered packs after 0.4.3 release
 2022-12-08 13:04:16 +00:00
Mathias Vorreiter Pedersen
6897b20722 Merge pull request #11601 from MathiasVP/keep-std-string-iterator 2022-12-08 12:59:33 +00:00
Michael Nebel
670ae6c84c Merge pull request #11593 from michaelnebel/csharp/patternmatchspan 
C#: Pattern match Span<char> and ReadOnlySpan<char> against a constant string.
 2022-12-08 13:53:00 +01:00
Michael Nebel
5883957a67 Merge pull request #11589 from michaelnebel/csharp/numericintptr 
C#: nint/System.IntPtr and nuint/System.UIntPtr are indistinguishable…
 2022-12-08 13:52:44 +01:00
Chris Smowton
81110b19e7 Merge pull request #11612 from smowton/smowton/admin/merge-rc38-into-main 
Merge rc/3.8 into main
 2022-12-08 12:25:59 +00:00
Chris Smowton
0d2474bd55 Autoformat 2022-12-08 11:30:53 +00:00
Chris Smowton
49bc524fd0 Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main 2022-12-08 11:12:30 +00:00
Rasmus Wriedt Larsen
d684dbdf5c Merge pull request #10656 from porcupineyhairs/PyPamImprove 
Python: Improve the PAM authentication bypass query
 2022-12-08 11:59:10 +01:00
Jeroen Ketema
a6bc9fd10f Merge pull request #11591 from jketema/getenv 
C++: Model `secure_getenv` and `_wgetenv` as local flow sources
 2022-12-08 10:44:28 +01:00
Jeroen Ketema
fc49ede33d C++: Add change note 2022-12-08 09:44:23 +01:00
Jeroen Ketema
a2dac3a41e C++: Move remote flow sink test and also handle local and remote sinks 2022-12-08 09:36:19 +01:00
Mathias Vorreiter Pedersen
ba3d50a462 Merge pull request #11566 from MathiasVP/skip-lvalue-types 2022-12-08 07:53:20 +00:00
retanoj
0edfc6e01e greedy matching 2022-12-08 09:23:24 +08:00
Aditya Sharad
c7725ec37c Merge pull request #11605 from github/smowton/admin/merge-2.11.5-into-rc38 
Merge codeql-cli-2.11.5 into rc/3.8
 2022-12-07 14:09:05 -08:00
Henry Mercer
78f15755d7 Merge branch 'main' into codeql-ci/atm/release-0.4.3 2022-12-07 20:49:26 +00:00
Chris Smowton
32494859cd Merge remote-tracking branch 'origin/codeql-cli-2.11.5' into smowton/admin/merge-2.11.5-into-rc38 2022-12-07 20:06:08 +00:00
github-actions[bot]
d577eeeea8 JS: Bump version of ML-powered library and query packs to 0.4.4 2022-12-07 20:05:30 +00:00
github-actions[bot]
9702ea02fb JS: Bump patch version of ML-powered library and query packs 2022-12-07 20:01:33 +00:00
Mathias Vorreiter Pedersen
54c12cd715 C++: Reintroduce 'StdBasicStringIterator'. 2022-12-07 18:21:52 +00:00
Tom Hvitved
35938067fe Merge pull request #11517 from aibaars/phi-reads-in-data-flow-graph 
Ruby: Include SSA "phi reads" in DataFlow::Node
 2022-12-07 18:58:44 +01:00
Mathias Vorreiter Pedersen
05d89b29e2 Merge branch 'main' into skip-lvalue-types 2022-12-07 17:50:23 +00:00
Arthur Baars
898a4006b0 Merge pull request #10747 from aibaars/ruby-more-flow 
Ruby: also treat included/prepended modules as subclasses
 2022-12-07 15:49:00 +01:00
Chris Smowton
9f9a51685b Merge pull request #11510 from smowton/smowton/fix/kotlin-populate-source-class-files 
Kotlin: stub trap .class files when extracting a class from Kotlin source
 2022-12-07 14:33:42 +00:00
Edward Minnix III
170c9af9e8 Merge pull request #11238 from egregius313/egregius313/webview-setjavascriptenabled 
Java: Query for detecting enabling Javascript in Android WebSettings
 2022-12-07 09:31:58 -05:00
Arthur Baars
d862972d5e Ruby: Add use-use stress test 2022-12-07 15:28:51 +01:00
Arthur Baars
d5f4340cf5 Ruby: address comment 2022-12-07 15:28:50 +01:00
Arthur Baars
f11f2cb1a0 Ruby: Update tests 2022-12-07 15:28:50 +01:00
Arthur Baars
2131b0f116 Ruby: Include SSA "phi reads" in DataFlow::Node 2022-12-07 15:28:48 +01:00
Michael Nebel
468b05ccda C#: Expressions of type Span<char> and ReadOnlySpan<char> can be matched against constant strings. 2022-12-07 14:31:51 +01:00
Mathias Vorreiter Pedersen
135c820a32 Merge pull request #11592 from github/redsun82/swift-fix-get-number-of 
Swift: fix generated `getNumberOf`
 2022-12-07 13:24:09 +00:00
retanoj
9cfeaeb18e Merge branch 'main' into MybatisSqli 2022-12-07 21:19:08 +08:00
Jami
5e694b5983 Merge pull request #11192 from jcogs33/jcogs33/share-key-sizes 
Share encryption key sizes between Java and Python
 2022-12-07 08:08:24 -05:00
Paolo Tranquilli
ef348453fe Swift: accept new, correct test result on TypeTuple::getNumberOfTypes 2022-12-07 13:46:51 +01:00
Paolo Tranquilli
194c99c513 Swift: fix getNumberOf predicate 2022-12-07 13:46:51 +01:00
Paolo Tranquilli
23626f2c69 Swift: add TupleType test 2022-12-07 13:46:51 +01:00
Paolo Tranquilli
9b89ded908 Swift: accept test changes 2022-12-07 13:46:51 +01:00
Paolo Tranquilli
d39f37540e Swift: add has and getNumberOf properties to generated tests 2022-12-07 13:46:51 +01:00
Michael Nebel
2d9975d73f C#: nint/System.IntPtr and nuint/System.UIntPtr are indistinguishable by the extractor. 2022-12-07 13:45:23 +01:00
Jeroen Ketema
01d8ad98f6 C++: Model secure_getenv and _wgetenv as local flow sources 2022-12-07 13:37:12 +01:00
Chris Smowton
c526020fd4 Note TODO re: re-enabling suspend function Java interop testing 2022-12-07 11:51:48 +00:00
Chris Smowton
ecbb96ffc1 Remove no-longer-needed diagnostic expectations 2022-12-07 11:50:41 +00:00
Jeroen Ketema
2c08b95430 Merge pull request #11434 from jketema/deprecate-default-taint-tracking 
C++: Deprecate `DefaultTaintTracking` and `TaintTrackingImpl`
 2022-12-07 12:41:04 +01:00
Tony Torralba
cabce5fb36 Merge pull request #11549 from mbaluda/mbaluda/insecure-cookie 
Java: Support interprocedural setting of cookie security
 2022-12-07 12:14:46 +01:00