Tom Hvitved
|
ba575db93b
|
C#: Add QL doc to SuccessorType.qll
|
2019-02-07 12:09:09 +01:00 |
|
Calum Grant
|
383e82a3f3
|
Merge pull request #886 from hvitved/csharp/cfg/restructure
C#: Split up `ControlFlowGraph.qll` into multiple files
|
2019-02-07 11:06:19 +00:00 |
|
Tom Hvitved
|
5f027e1761
|
Merge pull request #860 from calumgrant/cs/library-flow
C#: Refactor LibraryTypeDataFlow
|
2019-02-07 11:52:05 +01:00 |
|
Calum Grant
|
4274bb136f
|
Merge pull request #892 from hvitved/csharp/get-arg-for-param-bad-magic
C#: Prevent bad magic in `getArgumentForParameter()`
|
2019-02-07 10:50:21 +00:00 |
|
Calum Grant
|
73d56e1bdb
|
Merge pull request #881 from hvitved/csharp/remove-get-url
C#: Remove `getUrl()` predicate
|
2019-02-07 10:47:56 +00:00 |
|
Jonas Jensen
|
47ad280e34
|
Merge pull request #842 from geoffw0/gets
CPP: Clean up PotentialBufferOverflow.ql, PotentiallyDangerousFunction.ql
|
2019-02-07 09:27:00 +01:00 |
|
semmle-qlci
|
b4b37b3a7b
|
Merge pull request #880 from esben-semmle/js/better-alert-message-1
Approved by xiemaisi
|
2019-02-07 08:01:21 +00:00 |
|
Max Schaefer
|
812cba0fe3
|
Merge pull request #828 from esben-semmle/js/vue-support-1
JS: basic Vue support
|
2019-02-07 08:00:17 +00:00 |
|
Robert Marsh
|
97c5b8ee44
|
Merge pull request #882 from jbj/ir-ConstantAnalysis-perf
C++: Speed up IR ConstantAnalysis
|
2019-02-06 22:29:09 -08:00 |
|
Dave Bartolomeo
|
1f873d0c9c
|
Merge pull request #890 from aeyerstaylor/more-field-overriding
C++: Use more field overriding in IR construction
|
2019-02-06 17:04:43 -08:00 |
|
Max Schaefer
|
95185345fd
|
Merge pull request #897 from Semmle/revert-817-closure-modules
Revert "JS: Add support for Closure modules"
|
2019-02-06 18:14:50 +00:00 |
|
Asger F
|
e46e2b2515
|
Revert "JS: Add support for Closure modules"
|
2019-02-06 17:30:45 +00:00 |
|
calum
|
ce7e9901cc
|
C#: Address review comments.
|
2019-02-06 17:15:43 +00:00 |
|
semmle-qlci
|
b8be66ec48
|
Merge pull request #887 from asger-semmle/jsdoc-accessors
Approved by xiemaisi
|
2019-02-06 16:30:48 +00:00 |
|
semmle-qlci
|
b13c11017c
|
Merge pull request #885 from asger-semmle/async-waterfall
Approved by xiemaisi
|
2019-02-06 16:30:17 +00:00 |
|
Esben Sparre Andreasen
|
235625d03a
|
Merge branch 'master' into js/vue-support-1
|
2019-02-06 16:57:16 +01:00 |
|
semmle-qlci
|
09825f28ed
|
Merge pull request #817 from asger-semmle/closure-modules
Approved by esben-semmle, xiemaisi
|
2019-02-06 15:51:53 +00:00 |
|
Tom Hvitved
|
8812f26517
|
C#: Address review comments
|
2019-02-06 13:17:47 +01:00 |
|
Tom Hvitved
|
c3378c44a1
|
C#: Prevent bad magic in getArgumentForParameter()
|
2019-02-06 13:09:56 +01:00 |
|
Calum Grant
|
dd75e5bce3
|
Merge pull request #877 from hvitved/csharp/matches-handle
C#: Use `matchesHandle()` instead of `getLabel()`
|
2019-02-06 11:02:09 +00:00 |
|
semmle-qlci
|
a2691b32b5
|
Merge pull request #851 from xiemaisi/js/post-message-star
Approved by esben-semmle
|
2019-02-06 09:57:04 +00:00 |
|
Asger F
|
abb7e63697
|
JS: update GlobalVariableRef.expected
|
2019-02-06 09:16:30 +00:00 |
|
Asger F
|
44939263e4
|
JS: update TRAP files
|
2019-02-06 09:12:16 +00:00 |
|
Asger F
|
c52ed9152f
|
JS: handle .mjs files correctly
|
2019-02-06 09:12:10 +00:00 |
|
Esben Sparre Andreasen
|
fb19032038
|
JS: change notes for Vue support
|
2019-02-06 09:38:00 +01:00 |
|
Esben Sparre Andreasen
|
f15af70c02
|
JS: use HTML::ScriptElement::getScript in Vue
|
2019-02-06 09:38:00 +01:00 |
|
Esben Sparre Andreasen
|
5e2b1c026a
|
JS: introduce HTML::ScriptElement::getScript()
|
2019-02-06 09:38:00 +01:00 |
|
Esben Sparre Andreasen
|
a78dd422b6
|
JS: add query js/vue/arrow-method-on-vue-instance
|
2019-02-06 09:38:00 +01:00 |
|
Esben Sparre Andreasen
|
ea175b2a9f
|
JS: introduce Vue XSS sinks
|
2019-02-06 09:38:00 +01:00 |
|
Esben Sparre Andreasen
|
a6cfee5f26
|
JS: prevent inlining of three auxiliary Vue methods
|
2019-02-06 09:37:23 +01:00 |
|
Esben Sparre Andreasen
|
ddf9ca2505
|
JS: introduce base Vue model
|
2019-02-06 09:37:23 +01:00 |
|
Geoffrey White
|
2321ae911e
|
CPP: Fix the test by adding PotentiallyDangerousFunction.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
018450500d
|
CPP: Fix closing tag.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
c05df6ea4c
|
CPP: Add reference.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
f73a3a6a24
|
CPP: Explain the danger of gets a bit more in qhelp.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
0541950c44
|
CPP: Clean up PotentialBufferOverflow.ql a bit.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
2a708d3243
|
CPP: Change note.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
c32e1b8000
|
CPP: Change the @name of PotentialBufferOverflow.ql to be in line with everything else.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
f7e7737789
|
CPP: Update qhelp.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
87a25f0cbe
|
CPP: Update CWE tags.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
429f53ed74
|
CPP: Move the 'gets' case.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
a82832e779
|
CPP: Add a test that uses 'gets'.
|
2019-02-05 17:58:30 +00:00 |
|
Geoffrey White
|
bbc8e7886b
|
CPP: Rearrange PotentiallyDangerousFunction.ql.
|
2019-02-05 17:58:30 +00:00 |
|
Asger F
|
ddd72190cb
|
JS: change note
|
2019-02-05 16:59:29 +00:00 |
|
Asger F
|
46b996a936
|
JS: autoformat ¯\_(ツ)_/¯
|
2019-02-05 16:52:06 +00:00 |
|
Asger F
|
8924aa3ee0
|
JS: add test case
|
2019-02-05 16:51:21 +00:00 |
|
Asger F
|
cad5a064cd
|
JS: recognize a-sync-waterfall package
|
2019-02-05 16:38:47 +00:00 |
|
semmle-qlci
|
4b81ffab96
|
Merge pull request #869 from hvitved/csharp/autoformat
Approved by calumgrant
|
2019-02-05 16:35:10 +00:00 |
|
Tom Hvitved
|
37c55750f7
|
Merge pull request #873 from calumgrant/cs/format-getresource-strings
C#: Fix FP in cs/format-argument-unused
|
2019-02-05 17:12:04 +01:00 |
|
yh-semmle
|
3e8f7a740c
|
Merge pull request #838 from aschackmull/java/taint-collections
Java: Add additional taint steps through collections.
|
2019-02-05 09:59:24 -05:00 |
|