hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-04 18:20:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,920 Commits 1,673 Branches 157 Tags
aea6eeda38dcfd369c8f1e92115bcf9d9e855dd1
Commit Graph

256 Commits

Author SHA1 Message Date
Tom Hvitved
12d1d04592 Merge pull request #13983 from hvitved/dataflow/reduced-dispatch-early-join 
Data flow: Earlier call-context based dispatch filtering
 2023-08-21 13:20:08 +02:00
Tom Hvitved
1b4520b058 Data flow: Update QL doc 2023-08-21 12:56:37 +02:00
Jeroen Ketema
2d0f73d7c2 Merge pull request #13881 from jketema/shared-taint-tracking 
Introduce shared taint tracking library
 2023-08-21 12:45:49 +02:00
Tom Hvitved
81ed72c96a Data flow: Revert join order changes 2023-08-18 10:49:33 +02:00
Tom Hvitved
4d951d8df1 Address review comments 2023-08-17 21:04:58 +02:00
Ed Minnix
a36c12ff1f Add trust-boundary-violation sink kind 2023-08-17 13:05:37 -04:00
Tom Hvitved
7cc01ea8b5 Merge pull request #13595 from hvitved/csharp/use-shared-cfg-pack 
C#: Adopt shared CFG construction library from shared `controlflow` pack
 2023-08-17 10:37:09 +02:00
Jeroen Ketema
33e8310625 Merge branch 'main' into shared-taint-tracking 2023-08-17 00:14:25 +02:00
yoff
7f2f6f14e7 Merge pull request #13729 from yoff/python/model-aws-lambdas 
Python/JavaScript: Shared module for serverless functions
 2023-08-16 15:14:08 +02:00
Tom Hvitved
570654d1f0 Data flow: Earlier call-context based dispatch filtering 2023-08-16 14:24:45 +02:00
yoff
99bc050366 Update shared/yaml/codeql/serverless/ServerLess.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-08-15 15:09:30 +02:00
Erik Krogh Kristensen
6a3b9e10eb Merge pull request #13914 from erik-krogh/escape-unicode 
ReDoS: escape unicode chars in the output for the ReDoS queries
 2023-08-15 11:21:21 +02:00
Henry Mercer
1213eba630 Merge branch 'main' into post-release-prep/codeql-cli-2.14.2 2023-08-11 13:54:55 +01:00
Tom Hvitved
9b38028e25 Data flow: Fix localWriteStep consistency query 2023-08-10 15:31:04 +02:00
github-actions[bot]
432c21d4fb Post-release preparation for codeql-cli-2.14.2 2023-08-09 18:45:18 +00:00
erik-krogh
fe542565c3 fix performance 2023-08-09 13:48:07 +02:00
erik-krogh
0bce42410a support arbitrary codepoints in NfaUtils.qll 2023-08-08 22:14:51 +02:00
erik-krogh
859e1bfabc add constraint that i should be between 0 and 65535 2023-08-08 21:11:59 +02:00
erik-krogh
0391e063ca move to4digitHex to Numbers.qll 2023-08-08 21:10:58 +02:00
Anders Schack-Mulligen
0ca3f3308b Merge pull request #13478 from aschackmull/java/varcapture 
Java: Add proper support for variable capture flow.
 2023-08-08 16:22:56 +02:00
Anders Schack-Mulligen
1cd32722be Java: More review fixes. 2023-08-08 14:32:48 +02:00
Anders Schack-Mulligen
9d59f50340 Java: Review fixes. 2023-08-08 13:37:40 +02:00
erik-krogh
03fbd387df way better hex conversion 2023-08-08 09:08:39 +02:00
erik-krogh
92db7b047c escape unicode chars in the output for the ReDoS queries 2023-08-08 00:15:54 +02:00
github-actions[bot]
79c90fa36a Release preparation for version 2.14.2 2023-08-07 18:08:52 +00:00
Jeroen Ketema
8b6a7985db Refactor the traint-tracking library to follow the dataflow library refactoring 2023-08-07 15:23:15 +02:00
Jeroen Ketema
5d2984b7a5 Merge branch 'main' into shared-taint-tracking 2023-08-07 15:22:29 +02:00
Rasmus Lerchedahl Petersen
ef1a5cb0fa shared: change-note 2023-08-07 11:50:03 +02:00
Tom Hvitved
b926a7ebba Data flow: Update QL doc 2023-08-07 11:35:21 +02:00
Tom Hvitved
4d14311653 Data flow: Rename DataFlowParameter to InputSig 2023-08-07 11:35:21 +02:00
Tom Hvitved
6208175aa9 Data flow: Move DataFlowParameter into DataFlow.qll 2023-08-07 11:35:21 +02:00
Tom Hvitved
0d33c32d8e Data flow: Move DataFlowImpl(Common).qll into an internal folder 2023-08-07 11:35:21 +02:00
Rasmus Lerchedahl Petersen
b8717b3046 Python: remove incorrect use of "stem" 2023-08-07 11:25:31 +02:00
Jeroen Ketema
c4a65e58bb Add change note 2023-08-04 22:53:33 +02:00
Jeroen Ketema
20b792545d Add missing QLDoc 2023-08-04 22:52:05 +02:00
Jeroen Ketema
7ba2f7a22a Address review comments 2023-08-04 22:52:05 +02:00
Jeroen Ketema
bdd64ce86d Introduce shared taint tracking library 2023-08-04 22:51:55 +02:00
Mathias Vorreiter Pedersen
abe3a816ce Merge pull request #13851 from MathiasVP/sink-without-states 
DataFlow: Support stateless `isSink` in `StateConfigSig`s
 2023-08-04 18:01:42 +02:00
Mathias Vorreiter Pedersen
e066e87890 Update shared/dataflow/codeql/dataflow/DataFlowImpl.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-08-04 11:32:41 +02:00
Mathias Vorreiter Pedersen
eb19052a7d Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-08-04 11:10:12 +02:00
Mathias Vorreiter Pedersen
981f67531c DataFlow: Introduce 'revSinkNode'. 2023-08-04 11:09:08 +02:00
Tom Hvitved
b69188fee9 C#: Adopt shared CFG construction library from shared controlflow pack 2023-08-03 14:12:24 +02:00
Mathias Vorreiter Pedersen
50f5c4d5f6 DataFlow: Don't support stateless sink nodes in partial flow exploration. 2023-08-03 13:30:05 +02:00
Tom Hvitved
2ac646770e Merge ControlFlowTreeBase and AstNode 2023-08-03 10:59:26 +02:00
Tom Hvitved
525ed65b0b Rename getNode to getAstNode 2023-08-03 10:56:50 +02:00
Anders Schack-Mulligen
72171972c3 Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
84316c41a3 Java: Add more qldoc. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
90052a3ca2 Java: Add proper types for capture nodes. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
e2a0849a0e Java: Add more qldoc. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
c5990311ca Java: Redesign and reimplement variable capture flow. 2023-08-03 10:04:06 +02:00