hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 08:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
64,832 Commits 1,693 Branches 160 Tags
bcd36b1994ba35cfca2807af4e566368bdfba9fb
Commit Graph

64832 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
bcd36b1994 C++: Recognize glib allocations and deallocations. 2024-03-13 11:39:15 +00:00
Edward Minnix III
c190dd21db Merge pull request #15877 from egregius313/egregius313/csharp/mad/sources/windows-registry 
C#: Add source models for values from the Windows registry
 2024-03-12 16:41:42 -04:00
Edward Minnix III
d54489931c Merge pull request #15869 from egregius313/egregius313/java/fix/parcelfiledescriptor-open-sink 
Java: Add path-injection sink for `ParcelFileDescriptor::open`
 2024-03-12 16:39:20 -04:00
Erik Krogh Kristensen
863e3f79e5 Merge pull request #15731 from erik-krogh/java-url 
Java: More sanitizers for request-forgery
 2024-03-12 19:31:52 +01:00
Ian Lynagh
8d1ee10981 Merge pull request #15876 from igfoo/igfoo/buildless-java-complete 
Java: Accept test changes
 2024-03-12 16:12:58 +00:00
Tamás Vajk
be2ce17376 Merge pull request #15881 from tamasvajk/buildless/fix-fallback 
C#: Deduplicate not yet restored package names
 2024-03-12 16:08:16 +01:00
erik-krogh
f613823047 add explicit QLDoc that any method named "contains" is matched 2024-03-12 15:25:27 +01:00
erik-krogh
35aae0a981 move changenote to src/ 2024-03-12 15:22:57 +01:00
Erik Krogh Kristensen
b53ae77c56 expand change-note 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-03-12 15:22:17 +01:00
Tamas Vajk
b07b0762f2 Adjust based on code review feedback 2024-03-12 15:07:58 +01:00
erik-krogh
74876ff49b add change-note 2024-03-12 15:07:36 +01:00
erik-krogh
52f71e4553 small fixes based on review 2024-03-12 15:07:29 +01:00
Ian Lynagh
c2aa334465 Java: Accept test changes 2024-03-12 14:03:02 +00:00
Tom Hvitved
dddba3228b Merge pull request #15867 from hvitved/dataflow/ap-limit 
Data flow: Add `ConfigSig::accessPathLimit`
 2024-03-12 14:57:51 +01:00
Tom Hvitved
d7790faece Address review comments 2024-03-12 13:34:55 +01:00
Michael Nebel
50851210ea Merge pull request #15794 from michaelnebel/csharp/removecil 
C#: Delete the CIL extractor.
 2024-03-12 12:48:41 +01:00
Mathias Vorreiter Pedersen
1a42e55095 Merge pull request #15820 from MathiasVP/add-type-confusion-query 
C++: Add a new query for detecting type confusion vulnerabilities
 2024-03-12 10:29:22 +00:00
Tom Hvitved
0e0b73a5e6 Address review comment 2024-03-12 11:22:04 +01:00
Michael Nebel
eb62c033aa C#: Remove the cil extractor option. 2024-03-12 11:12:56 +01:00
Michael Nebel
f59aaf1d75 C#: Add change note. 2024-03-12 11:12:55 +01:00
Michael Nebel
2e5155d1f8 C#: Remove all CIL related tests. 2024-03-12 11:12:55 +01:00
Michael Nebel
af06202241 C#: Cleanup implementation. 2024-03-12 11:12:55 +01:00
Michael Nebel
bf27f203d5 C#: Remove CIL extractor projects. 2024-03-12 11:12:55 +01:00
Tamas Vajk
1633673cc2 C#: Deduplicate not yet restored package names 2024-03-12 09:22:38 +01:00
Ed Minnix
7745c2c2b7 Change note 2024-03-11 17:00:12 -04:00
Ed Minnix
bc745dfd5e Windows registry sources 2024-03-11 13:55:34 -04:00
Joe Farebrother
9c51514bd9 Merge pull request #15857 from joefarebrother/ruby-activerecord-from 
Ruby: Model second argument of `ActiveRecord` `from`
 2024-03-11 16:49:52 +00:00
Tony Torralba
04436208ab Merge pull request #15843 from atorralba/atorralba/go/uncontrolled-allocation-size 
Go: Promote `go/uncontrolled-allocation-size` from experimental
 2024-03-11 16:12:27 +01:00
Michael Nebel
5749fdbc46 Merge pull request #15868 from michaelnebel/csharp/csharp12releasenote 
C#: Overall change note for C# 12 / .NET 8 support.
 2024-03-11 16:08:24 +01:00
Tony Torralba
ff2d78d2c8 Update go/ql/src/Security/CWE-770/UncontrolledAllocationSize.ql 2024-03-11 15:53:40 +01:00
Ed Minnix
76aeee2820 Change note 2024-03-11 10:34:15 -04:00
Ed Minnix
61dbe26858 Add sinks for android.os.ParcelFileDescriptor 2024-03-11 10:31:51 -04:00
Mathias Vorreiter Pedersen
7b0df57d7a C++: Remove the two configurations that depend on flow state to speed up performance on ChakraCore. 2024-03-11 13:56:22 +00:00
Michael Nebel
f571ebdaf4 C#: Overall change note for C# 12 / .NET 8 support. 2024-03-11 14:43:14 +01:00
yoff
e6e6a4e9c8 Merge pull request #15841 from RasmusWL/missing-use-use2 
Python: Add example of missing use-use flow
 2024-03-11 13:59:57 +01:00
yoff
adbcbefaa9 Merge pull request #15551 from yoff/python/avoid-duplicate-model-inclusions 
python: Remove `TaintStepFromSummary`
 2024-03-11 13:52:20 +01:00
Tom Hvitved
da66281fef Sync files 2024-03-11 13:02:04 +01:00
Tom Hvitved
7a39f077d9 Data flow: Add ConfigSig::accessPathLimit 2024-03-11 13:01:58 +01:00
Rasmus Wriedt Larsen
4ac8dd72a7 Merge pull request #15855 from yoff/python/add-MaD-test-tuple-output 
Python: Add test for `ReturnValue.TupleElement[n]`
 2024-03-11 12:05:31 +01:00
Mathias Vorreiter Pedersen
73c4fe08fa Merge pull request #15835 from MathiasVP/initial-def-of-addresses 
C++: Provide an initial SSA definition of the address of a variable
 2024-03-11 10:42:01 +00:00
Erik Krogh Kristensen
00c228540e Merge pull request #15836 from github/dependabot/cargo/ql/chrono-0.4.35 
Bump chrono from 0.4.34 to 0.4.35 in /ql
 2024-03-11 11:13:15 +01:00
Tamás Vajk
35a8e7cbf0 Merge pull request #15854 from tamasvajk/buildless/change-assembly-id 
C#: Change ID of buildless output assembly
 2024-03-11 10:03:40 +01:00
Rasmus Wriedt Larsen
42acd9c22c Merge pull request #15695 from github/tausbn/python-add-copy-method-as-copy-step 
Python: Add `.copy()` method call as copy step
 2024-03-11 09:43:34 +01:00
Michael Nebel
6485dcc0fc Merge pull request #15859 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-03-11 09:10:52 +01:00
Tony Torralba
a09eb9f4c5 Update go/ql/src/Security/CWE-770/UncontrolledAllocationSize.ql 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-03-11 08:58:59 +01:00
Edward Minnix III
7fe378e831 Merge pull request #15756 from egregius313/egregius313/csharp/dataflow/threat-model/remove-addlocalsource 
C#: Remove `AddLocalSource` classes from queries
 2024-03-10 22:56:28 -04:00
Ed Minnix
3fdc7e95df Add local models to CodeInjection tests 2024-03-10 22:20:54 -04:00
Ed Minnix
8187b00562 Change note 2024-03-10 22:20:52 -04:00
Ed Minnix
d300736c7e Remove AddLocalSource classes 2024-03-10 22:20:51 -04:00
Edward Minnix III
58f2777532 Merge pull request #15629 from egregius313/egregius313/csharp/dataflow/threat-modeling/remove-stored-query-variants 
C#: Remove `Stored` variants of queries
 2024-03-10 22:17:03 -04:00