hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-03 17:50:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,046 Commits 1,673 Branches 157 Tags
bb4fe2002f979343bdde191b6a5ddcb76c58aa51
Commit Graph

57046 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Marsh
bb4fe2002f Merge branch 'main' into rdmarsh2/swift/array-content-flow 2023-07-28 20:41:23 +00:00
Stephan Brandauer
40eab180cc Merge pull request #13823 from github/kaeluka/support-argument-this-in-frameworkmode-metadata-extraction 
Java: Support Argument[this] and parameters of bodiless interface methods in framework mode metadata extraction
 2023-07-28 17:38:39 +02:00
Tony Torralba
08cba7dc5f Merge pull request #13713 from pwntester/java/struts2_source_taint_inheriting 
[Java] Implement field taint inheritance for Struts2 unmarshalled objects
 2023-07-28 16:46:27 +02:00
Robert Marsh
6039af0087 Swift: autoformat 2023-07-28 14:34:57 +00:00
Robert Marsh
7ed520ab54 Swift: update test expectations after hiding InOutExpr 2023-07-28 14:29:24 +00:00
Owen Mansel-Chan
a020189895 Merge pull request #13822 from owen-mc/dataflow/mergepathgraph3-signature-fix 
Dataflow: MergePathGraph3 signature fix
 2023-07-28 15:15:43 +01:00
Shati Patel
a98ae8941c Merge pull request #13832 from github/shati-patel/docs-indentation 
Docs: Fix indentation in tutorial examples
 2023-07-28 14:07:16 +01:00
Tony Torralba
2dff0ce5b4 Merge pull request #13712 from pwntester/java/new_struts2_models 
[Java] New models for Struts2 framework
 2023-07-28 14:31:25 +02:00
Stephan Brandauer
8bf960bd44 Java: fix QL-for-QL alert 2023-07-28 14:28:47 +02:00
Stephan Brandauer
021eedfdf1 Java: format 2023-07-28 14:26:34 +02:00
Stephan Brandauer
82fd0e45aa Java: support Argument[this] in NotAModelApiParameter 2023-07-28 14:04:53 +02:00
Stephan Brandauer
a9d2f43538 Java: use a newtype for framework mode candidates 2023-07-28 13:51:25 +02:00
Stephan Brandauer
8ed773b240 Java: Framework mode extraction now uses a custom class for endpoints, so we can support both Argument[this] and interface-method parameters 2023-07-28 12:56:39 +02:00
Stephan Brandauer
09c64e8fee Java: Support Argument[this] in framework mode metadata extraction 2023-07-28 12:55:26 +02:00
shati-patel
1694915535 Docs: Fix indentation in tutorial examples 2023-07-28 11:45:39 +01:00
Ian Lynagh
499bd970d3 Merge pull request #13412 from igfoo/igfoo/json_escape 
Kotlin: Tweak our JSON escaping
 2023-07-28 11:13:51 +01:00
Alvaro Muñoz
c3a2ae2943 Account for public fields/setters 2023-07-28 12:12:07 +02:00
Alvaro Muñoz
c089368557 Merge branch 'java/struts2_source_taint_inheriting' of https://github.com/pwntester/codeql into java/struts2_source_taint_inheriting 2023-07-28 12:05:38 +02:00
Robert Marsh
c36ce785d8 Merge branch 'main' into rdmarsh2/swift/array-content-flow 2023-07-27 19:18:03 +00:00
Tony Torralba
c239a4399c Changed Struts2ActionSupportClassFieldReadSource to be a FieldValueNode instead of a field read 2023-07-27 10:39:06 +02:00
Alvaro Muñoz
97a4230d5d add change note 2023-07-27 10:39:06 +02:00
Alvaro Muñoz
f3fc56294e implement field taint inheritance for Struts2 unmarshalled objects 2023-07-27 10:39:06 +02:00
Charis Kyriakou
8438fb2310 Merge pull request #13821 from github/charisk/remove-last-updated 
Remove last updated information and sorting from MRVA views
 2023-07-27 08:31:00 +01:00
Tony Torralba
9d6bc76dc0 Merge pull request #13817 from atorralba/atorralba/java/non-static-fieldvaluenode-step 
Java: Allow flow out of FieldValueNodes for non-static fields
 2023-07-27 09:14:04 +02:00
Owen Mansel-Chan
9b2b58a823 Sync files 2023-07-26 21:48:10 +01:00
Owen Mansel-Chan
e0cc337c71 Fix DataFlow::MergePathGraph3 
Need to get the signatures correct.
 2023-07-26 21:48:08 +01:00
Owen Mansel-Chan
f40bcd0cdd Merge pull request #13824 from owen-mc/go/fix-compiler-error-messages-for-1.20.6 
Go: Compiler error messages changed in Go 1.20.6
 2023-07-26 21:46:54 +01:00
Robert Marsh
bf5ba37348 Swift: Hide InOutExpr 2023-07-26 18:42:27 +00:00
Robert Marsh
e54341a170 Swift: undo commented out line 2023-07-26 17:12:06 +00:00
Chris Smowton
c69a9ea032 Merge pull request #13793 from github/post-release-prep/codeql-cli-2.14.1 
Post-release preparation for codeql-cli-2.14.1
 2023-07-26 17:22:05 +01:00
Owen Mansel-Chan
778de6b5d2 Compiler error messages changed in Go 1.20.6 2023-07-26 16:55:26 +01:00
Charis Kyriakou
536fd349bd Remove last updated information and sorting from MRVA views 2023-07-26 15:32:16 +01:00
Tony Torralba
8685242c16 Add tests 2023-07-26 14:13:43 +02:00
Stephan Brandauer
24cdc962c2 Merge pull request #13818 from github/kaeluka/fix-erroneous-endpoints-that-are-sinks-and-summary-neutrals 
Java: Automodel Fix, Prevent Some Erroneous Endpoints
 2023-07-26 12:45:29 +02:00
Jeroen Ketema
a4a492627d Merge pull request #13775 from jketema/print-global 
C++: Support printing of global and namespace variables in `PrintAST`
 2023-07-26 11:29:39 +02:00
Jeroen Ketema
409471c3b2 C++: Rename getEnclosingDeclaration to getAnEnclosingDeclaration 2023-07-26 09:44:47 +02:00
Tony Torralba
602eb43109 Update partial flow test expectations 2023-07-26 09:32:13 +02:00
Robert Marsh
358737452e Swift: reverse flow steps through InOutExpr 2023-07-25 20:34:36 +00:00
Michael B. Gale
aa59741c38 Merge pull request #13794 from github/mbg/csharp/improve-tracer-command-detection 
C#: Limit detection of sub-command names in tracer configuration
 2023-07-25 17:01:22 +01:00
Ian Lynagh
532552a7ac Merge pull request #13751 from igfoo/igfoo/getCompilationInfo 
Java: Improve the diagnostics consistency query
 2023-07-25 16:54:17 +01:00
Michael B. Gale
f3c6564dc3 Comment out test that fails on Windows 2023-07-25 16:15:51 +01:00
Stephan Brandauer
08f5774d13 Java: Automodel extraction fix for application mode 2023-07-25 17:11:07 +02:00
Geoffrey White
fbbc2938c3 Merge pull request #13816 from geoffw0/contig2 
Swift: Use enum content in withContiguousStorageIfAvailable model.
 2023-07-25 15:57:52 +01:00
Stephan Brandauer
698b8d3c5c Java: Automodel extraction fix; previously, we treated endpoints that were marked as sinks, as well as summary-neutrals as 'erroneous' 2023-07-25 16:52:27 +02:00
Geoffrey White
ac3c4fd5ef Swift: Actually I think this is value flow. 2023-07-25 14:44:21 +01:00
Tony Torralba
b8b38e4bbe Java: Allow flow out of FieldValueNodes for non-static fields 2023-07-25 15:37:41 +02:00
Geoffrey White
5188095529 Swift: Use enum content in withContiguousStorageIfAvailable model. 2023-07-25 14:33:20 +01:00
Geoffrey White
aedd073dad Merge pull request #12416 from geoffw0/contig 
Swift: Model Sequence.withContiguousStorageIfAvailable
 2023-07-25 14:05:07 +01:00
Mathias Vorreiter Pedersen
0a7eecf28c Merge pull request #13795 from geoffw0/enumcontent 
Swift: Support EnumContent in models-as-data
 2023-07-25 14:43:44 +02:00
Tony Torralba
c9fc5a54c7 Remove generated sinks and sources 2023-07-25 14:42:32 +02:00