hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-20 22:46:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,759 Commits 1,712 Branches 163 Tags
bbf925fcc4993f16bdfdd4d3cf31a0796af2a060
Commit Graph

14759 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
bbf925fcc4 Python: Magic subscript and format 
(this in preparation for addressing reviews)
 2020-08-18 12:56:15 +02:00
Rasmus Lerchedahl Petersen
ca7c045d31 Python: bad re match made the tests fail.. 2020-08-17 16:24:00 +02:00
Rasmus Lerchedahl Petersen
8eacef3467 Python: Add QL doc 2020-08-17 12:01:36 +02:00
Rasmus Lerchedahl Petersen
7ea3fc04c8 Python: adjust test annotation (for after feature) 2020-08-14 14:46:39 +02:00
Rasmus Lerchedahl Petersen
4bc04486cb Python: Annotate tests (as before the new feature) 2020-08-14 14:41:35 +02:00
Rasmus Lerchedahl Petersen
e808d3033a Python: Add magic to DataFlowCall 2020-08-14 14:19:18 +02:00
Rasmus Lerchedahl Petersen
4211f7f346 Merge branch 'master' of github.com:github/codeql into MagicMethods 2020-08-14 13:26:27 +02:00
Rasmus Lerchedahl Petersen
360ddc6314 Python: better charPred 2020-08-14 13:25:17 +02:00
Taus
8cbd4974ae Merge pull request #3981 from yoff/SharedDataflow_Classes 
Python: Dataflow, test magic methods
 2020-08-14 12:45:55 +02:00
Jonas Jensen
e01e702f46 Merge pull request #4060 from bgianfo/patch-1 
C++: Detect GoogleTest tests cases in FNumberOfTests.ql
 2020-08-14 12:42:12 +02:00
Rasmus Lerchedahl Petersen
9556937840 Python: address review comments 2020-08-14 11:29:58 +02:00
Rasmus Lerchedahl Petersen
5ed3107045 Python: Start scaffold for magic methods 2020-08-14 11:12:23 +02:00
yoff
8d49ad7325 Update python/ql/test/experimental/dataflow/coverage/datamodel.py 
Co-authored-by: Taus <tausbn@github.com>
 2020-08-14 10:53:37 +02:00
yoff
4b336e9b01 Update python/ql/test/experimental/dataflow/coverage/classes.py 
Co-authored-by: Taus <tausbn@github.com>
 2020-08-14 10:53:10 +02:00
CodeQL CI
82f9826966 Merge pull request #4044 from aschackmull/java/xsssink-printwriter-format 
Approved by aibaars
 2020-08-14 08:34:48 +01:00
Robert Marsh
ed06604b46 Merge pull request #4045 from geoffw0/plus 
C++: Model more of std::string in models.
 2020-08-13 16:59:47 -04:00
Brian Gianforcaro
a6bcbe7974 C++: Detect GoogleTest tests cases in FNumberOfTests.ql 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-08-13 12:06:00 -07:00
Geoffrey White
498b350add Merge remote-tracking branch 'upstream/master' into plus 2020-08-13 18:21:28 +01:00
Robert Marsh
de87f8fc42 Merge pull request #4057 from geoffw0/sal 
C++: SAL.qll QLDoc and cleanup
 2020-08-13 12:33:52 -04:00
Geoffrey White
93f95b1c22 Merge pull request #4053 from jbj/SimpleRangeAnalysis-mul 
C++: SimpleRangeAnalysis: unsigned multiplication
 2020-08-13 16:59:31 +01:00
Anders Schack-Mulligen
ecbbcc2f61 Merge pull request #4066 from Marcono1234/marcono1234/simplify-VarAccess-isLValue 
[Java] Simplify VarAccess.isLValue()
 2020-08-13 16:40:28 +02:00
Geoffrey White
7349333006 C++: Taint through char append. 2020-08-13 15:13:47 +01:00
Geoffrey White
3c0e7a709f C++: Add a test of append with CharT. 2020-08-13 14:52:34 +01:00
Geoffrey White
732a8fa4c9 C++: Add another member function. 2020-08-13 14:52:34 +01:00
CodeQL CI
6c60589dbd Merge pull request #4063 from erik-krogh/noJsMsg 
Approved by esbena
 2020-08-13 14:02:18 +01:00
Anders Schack-Mulligen
3469ad7ca6 Merge pull request #3600 from luchua-bc/java-sensitive-log4j2-logging 
Add Log4J 2 and a new search string secret
 2020-08-13 13:35:52 +02:00
Marcono1234
cca2d9d825 Simplify VarAccess.isLValue() 2020-08-13 13:12:57 +02:00
Erik Krogh Kristensen
2c7bb8c51f adjust error message when files have been found while extracting 2020-08-13 11:18:27 +02:00
Geoffrey White
f5abf74e0f Update cpp/ql/src/Microsoft/SAL.qll 
Co-authored-by: Robert Marsh <rdmarsh2@gmail.com>
 2020-08-13 09:05:22 +01:00
Anders Schack-Mulligen
8891ae70b6 Merge pull request #3938 from lcartey/java/untrusted-data-to-external-api 
Java: Untrusted data used in external APIs
 2020-08-13 09:53:57 +02:00
Jonas Jensen
5e5a112c36 C++: Change note 2020-08-13 08:37:13 +02:00
Geoffrey White
2655616a0a C++: Autoformat. 2020-08-12 16:59:15 +01:00
Geoffrey White
9719da8643 C++: Move a class that looks like it's intended to be public (and is used outside of the library) above the 'Implementation details' threshold. 2020-08-12 16:58:50 +01:00
Geoffrey White
d444778535 C++: Make a few things in SAL.qll private where it looks like that was intended (and they're not used outside the file). 2020-08-12 16:57:43 +01:00
Geoffrey White
aa6cb51bba C++: QLDoc SAL.qll. 2020-08-12 16:55:26 +01:00
lcartey@github.com
6f83c55ebd Java: Switch to low as a precision 
Code Scanning doesn't support "very-low"
 2020-08-12 13:48:59 +01:00
CodeQL CI
66541f260b Merge pull request #4012 from erik-krogh/getId 
Approved by asgerf, esbena
 2020-08-12 13:28:18 +01:00
Luke Cartey
56ff8cf084 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-08-12 13:12:06 +01:00
CodeQL CI
aa9dfa0d6f Merge pull request #4039 from intrigus-lgtm/patch-3 
Approved by erik-krogh
 2020-08-12 13:07:22 +01:00
Geoffrey White
b99ca60154 C++: Address review comments. 2020-08-12 12:56:28 +01:00
Jonas Jensen
b4679cb8cf C++: Autoformat fixup 2020-08-12 13:09:23 +02:00
Jonas Jensen
93d8d8eb1d C++: Demonstrate range analysis MulExpr bugs 
Unless these issues can be reproduced in far less contrived code, I
don't think they will cause problems in practice.
 2020-08-12 12:10:23 +02:00
lcartey@github.com
6b6172fa5b Java: ExternalAPIs: Further review comments 
- Extra qldoc
 - Remove unnecessary module
 2020-08-12 09:21:14 +01:00
Jonas Jensen
1ee96a4b4f C++: SimpleRangeAnalysis: unsigned multiplication 2020-08-12 10:03:04 +02:00
Robert Marsh
e80cc63219 Merge pull request #3861 from dilanbhalla/privatedata 
C++: Private Data File/Buffer Writes
 2020-08-11 15:49:31 -04:00
Geoffrey White
a655124213 C++: I think this is more correct. 2020-08-11 17:28:31 +01:00
Geoffrey White
50558257fc C++: Change note. 2020-08-11 17:05:49 +01:00
Geoffrey White
128b8328b9 C++: Autoformat. 2020-08-11 17:03:03 +01:00
Geoffrey White
f62ad75048 C++: Taint through std::string operator+=. 2020-08-11 17:03:02 +01:00
Geoffrey White
cf6f530823 C++: Taint through std::string operator+. 2020-08-11 16:58:55 +01:00