hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 12:45:27 +02:00
Code Issues Packages Projects Releases Wiki Activity
20,778 Commits 1,741 Branches 166 Tags
b11e15154fc6aabd32c07b996920c0d514b36360
Commit Graph

20778 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
8ba820cae1 Java: Convert android XML get* methods to CSV based flow source 2021-03-09 11:42:13 +01:00
Tamas Vajk
09b0d824b4 Java: Convert org.apache.http.Http*.get* methods to CSV based flow source 2021-03-09 11:41:33 +01:00
Tamas Vajk
3c8ac5c789 Java: Convert Cookie.get* methods to CSV based flow source 2021-03-09 11:41:33 +01:00
Tamas Vajk
86cf143029 Java: Convert ServletRequestGetBodyMethod to CSV based flow source 2021-03-09 11:41:32 +01:00
Tamas Vajk
b05a9043b5 Java: Convert SpringWebRequestGetMethod to CSV based flow source 2021-03-09 11:41:32 +01:00
Tamas Vajk
09bcf878f7 Java: Convert HttpServletRequest.get* methods to CSV based flow source 2021-03-09 11:40:59 +01:00
Tamas Vajk
f2448cc921 Java: Convert SpringMultipartFileSource to CSV based flow source 2021-03-09 11:40:18 +01:00
Tamas Vajk
80b4d63d4b Java: Convert SpringMultipartRequestSource to CSV based flow source 2021-03-09 11:39:47 +01:00
Tamas Vajk
06fdd64dab Java: Remove already modelled BeanValidationSource 2021-03-09 11:35:42 +01:00
Tamas Vajk
3dfc236bbe Java: Remove already modelled RemoteTaintedMethods 2021-03-09 11:35:42 +01:00
Erik Krogh Kristensen
caf1dbdc46 move TemplateObjectInjection out of experimental 2021-03-09 11:29:45 +01:00
Tamas Vajk
ba05bf3ae0 Fix code review findings 2021-03-09 11:17:57 +01:00
Mathias Vorreiter Pedersen
d14b993aba C++: Replace 'Argument -1 indirection' with 'This indirection'. 2021-03-09 10:22:21 +01:00
Jonas Jensen
2a9f7a966c Merge pull request #5361 from MathiasVP/arguments-in-path-explanations 
C++: Show arguments in path explanations
 2021-03-09 09:35:03 +01:00
Tom Hvitved
d4e0c7efae Merge pull request #5340 from hvitved/csharp/null-checks 
C#: Use `is [not] null` throughout in the extractor
 2021-03-09 09:30:54 +01:00
Tamas Vajk
0defad77dd C#: Add tuple data flow in patterns 2021-03-09 09:14:24 +01:00
Tom Hvitved
80a7b52f38 C#: Convert data-flow test queries to path-problems 2021-03-09 09:14:24 +01:00
Tom Hvitved
0698bdd907 C#: Restrict tuple read/store steps to tuple deconstructions/constructions 2021-03-09 09:14:24 +01:00
Tamas Vajk
6d409a0050 Fix failing tests 2021-03-09 09:14:24 +01:00
Tamas Vajk
ccf68ffd16 Add change note for tuple data flow improvements 2021-03-09 09:14:24 +01:00
Tamas Vajk
fcc4758eb8 Remove old taint tracking for tuples 2021-03-09 09:14:24 +01:00
Tamas Vajk
d05a733109 Add more test cases 2021-03-09 09:14:23 +01:00
Tamas Vajk
b05199dccf Tuple data flow: take cfg reachability into account 2021-03-09 09:14:23 +01:00
Tamas Vajk
0ca4bf4267 C#: WIP: Add tuple data flow 2021-03-09 09:14:23 +01:00
Tamas Vajk
4709442ef3 Extract tuple types from patterns and variable declarations 2021-03-09 09:14:23 +01:00
Tamas Vajk
1d70bfd011 Extract non-named tuple types 2021-03-09 09:06:35 +01:00
Tamas Vajk
7e1eee5fe2 Add tests that show tuple types 2021-03-09 09:06:35 +01:00
Taus Brock-Nannestad
3d0d280972 Merge remote-tracking branch 'upstream/rc/3.1' into mergeback-rc/3.1-to-main 2021-03-08 22:15:10 +01:00
Erik Krogh Kristensen
25ef3edb20 combine stages by introducing extended stages 2021-03-08 20:48:15 +01:00
Aditya Sharad
318ce47982 Actions: Fix comment that tags the Docs team 2021-03-08 09:17:19 -08:00
Mathias Vorreiter Pedersen
7207a17f6f C++: Accept more tests. 2021-03-08 16:50:12 +01:00
Anders Schack-Mulligen
aeb13146d2 Merge pull request #5275 from Marcono1234/marcono1234/included-qhelp-files 
Use `.inc.qhelp` extension for included help files
 2021-03-08 16:26:32 +01:00
Chris Smowton
f9f143d62c Merge pull request #5347 from Marcono1234/marcono1234/simplify-tests 
Java: Simplify tests using InlineExpectationsTest
 2021-03-08 14:47:28 +00:00
Joe Farebrother
ed228cbcef Add sinks for URL Open Stream query 2021-03-08 14:07:53 +00:00
Marcono1234
95aeb7b53f Fix .qhelp file name mismatch 2021-03-08 14:27:35 +01:00
Erik Krogh Kristensen
29ae737475 update expected output for MalformedRegExp 2021-03-08 13:50:58 +01:00
Anders Schack-Mulligen
e63f81171c Merge pull request #5349 from p0wn4j/fix-nashorn-engine-1 
Java: Fix NashornScriptEngine detection in ScriptEngine query
 2021-03-08 13:23:36 +01:00
Erik Krogh Kristensen
b3ee70f4f7 update expected output for trap test 2021-03-08 13:06:17 +01:00
Chris Smowton
6cf15f49bb Replace hasTaintFlow=y with hasTaintFlow everywhere 2021-03-08 11:57:35 +00:00
Marcono1234
b7353f0bb0 Java: Simplify tests using InlineExpectationsTest 2021-03-08 11:49:52 +00:00
Mathias Vorreiter Pedersen
e2c0bf3cc0 C++: Show arguments in path explanations and accept test changes. 2021-03-08 12:44:05 +01:00
ihsinme
921c41d710 Apply suggestions from code review 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-03-08 14:23:42 +03:00
Erik Krogh Kristensen
bff59a1aaa fix parse error in regular expressions 2021-03-08 12:04:11 +01:00
Chris Smowton
790fb7829a Improve comment and change-note accuracy 2021-03-08 11:00:05 +00:00
Chris Smowton
4a4f4b01a1 Add support for java.util.concurrent.ThreadLocalRandom 2021-03-08 10:59:53 +00:00
Mathias Vorreiter Pedersen
84554af7f5 Merge pull request #5356 from yoff/tests-amend-qldoc 
InlineExpectationTest: clarify the need for an empty `.expected` file
 2021-03-08 11:53:55 +01:00
Rasmus Lerchedahl Petersen
cc9a938054 InlineExpectationTest: clarify the nedd for an 
empty `.expected` file
 2021-03-08 09:18:47 +01:00
ihsinme
2b1b94835e Update LateCheckOfFunctionArgument.ql 2021-03-07 16:10:32 +03:00
Rasmus Lerchedahl Petersen
24e406d21a Documentation: Fix typo 
in dataflow documentation for C#
 2021-03-07 09:48:20 +01:00
p0wn4j
6841f5f7c4 Java: Add NashornScriptEngine detection in ScriptEngine query 
Java: Add NashornScriptEngine detection in ScriptEngine query

Java: Add NashornScriptEngine detection in ScriptEngine query

Java: Add NashornScriptEngine detection in ScriptEngine query
 2021-03-06 16:19:07 +04:00