hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-27 04:13:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,912 Commits 1,694 Branches 161 Tags
bd71db87be090782b3bd67694117bc1ccf818ba0
Commit Graph

38 Commits

Author SHA1 Message Date
Nora Dimitrijević
d41268fc84 Go/UnhandledCloseWritableHandle 2025-10-28 09:42:06 +01:00
Owen Mansel-Chan
d8891e34d1 Small improvement to go/unhandled-writable-file-close 2025-10-02 15:15:51 +01:00
Owen Mansel-Chan
16a11b48ad Switch to use-use dataflow. This will make post-update nodes easy to implement. 
Queries / tests that required changes:
* The CleartextLogging and MissingErrorCheck queries are updated because they assumed def-use flow
* The CommandInjection query works around the shortcomings of use-use flow by essentially reintroducing def-use flow when it applies a sanitizer
* The OpenUrlRedirect query currently just accepts its fate; the tests are updated to avoid excess sanitization while the query comments on the problem. We should choose this approach or the CommandInjection one.
 2025-10-01 16:12:07 +01:00
Chris Smowton
e9cccb46c0 Go: mistyped-exponentiation: notice constants with likely-bitmask values 2025-09-25 15:19:40 +01:00
Arthur Baars
5d3ec35e29 Remove non-breaking spaces from code 2025-09-05 09:41:15 +02:00
Nora Dimitrijević
188fc0d933 [DIFF-INFORMED] Go: UnhandledCloseWritableHandle 2025-07-17 11:46:51 +02:00
Owen Mansel-Chan
a2ff045a7a Update tags for high precision quality queries 2025-06-19 10:33:58 +01:00
Tamas Vajk
2515b06b2a Use code-quality-selectors in Go suite 2025-04-29 16:22:57 +02:00
Owen Mansel-Chan
7b2912376b Add failing test for os.File.Sync with defered Close calls 2025-03-06 10:14:28 +00:00
Owen Mansel-Chan
f322cb7968 Use getLocation instead of hasLocationInfo 2025-02-27 13:32:45 +00:00
Owen Mansel-Chan
09c44616a0 Rename "named type" to "defined type" 2025-02-13 15:22:33 +00:00
Owen Mansel-Chan
5007666d6e Add helper predicate lookThroughPointerType 2024-10-17 11:26:24 +01:00
Owen Mansel-Chan
b7dfa2347c Put QLDoc on data flow and taint tracking modules 
We preserve all old QLDocs, but move them from the
config to the Flow module. This makes more sense than
the Config module, which is often private, and is generally
not directly accessed.
 2023-08-11 10:06:12 +01:00
Owen Mansel-Chan
0e1383ddd7 Make UnhandledFileCloseWritableHandle use new API 2023-08-10 15:49:01 +01:00
Owen Mansel-Chan
374f13e0dc Revert "Go: Fix missing flow through receiver for function variable" 2023-07-20 13:31:14 +01:00
Owen Mansel-Chan
a3ba74a6a6 Cast to MethodCallNode before calling getReceiver() 
This is not required, because getReceiver is still defined on CallNode,
but is done for consistency.
 2023-07-19 11:17:38 +01:00
Owen Mansel-Chan
513409e082 Fix formatting of QLDocs 2023-03-31 16:47:56 +01:00
Michael B. Gale
6c0d2bdee1 Add example without defer statement 2023-02-06 09:10:41 +00:00
Michael B. Gale
abe38373da Inline precededBySync 2023-02-06 08:47:47 +00:00
Michael B. Gale
314ecab90a Use dominatesNode and improve variable naming 2023-02-06 08:47:46 +00:00
Michael B. Gale
85a339030b Make the query a path-problem 2023-02-06 08:47:46 +00:00
Michael B. Gale
199c8641ec Rename close to sink in query 2023-02-06 08:47:46 +00:00
Michael B. Gale
f648b021a9 Despecialise parameter names for precededBySync 2023-02-06 08:47:46 +00:00
Michael B. Gale
bd6c167be6 Fixup: more docs improvements 2023-02-06 08:47:46 +00:00
Michael B. Gale
f866e16679 Use any instead of exists for isCloseSink 2023-02-06 08:47:45 +00:00
Michael B. Gale
5ab6056b26 Fixup: docs comment 2023-02-06 08:47:45 +00:00
Michael B. Gale
3f446bc76e Use three-argument hasQualifiedName 2023-02-06 08:47:45 +00:00
Michael B. Gale
07041bb659 Use Method instead of Function where able 2023-02-06 08:47:45 +00:00
Michael B. Gale
416ed57583 Fix qldoc comments 2023-02-06 08:47:45 +00:00
Michael B. Gale
f321adf9f4 Fix typo 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-02-06 08:47:44 +00:00
Michael B. Gale
10109b4925 Fix class comments 2023-02-06 08:47:44 +00:00
Michael B. Gale
49ce91fd5b Update precision to high 2023-02-06 08:47:44 +00:00
Michael B. Gale
7e9617f3ce Detect lack of error handling for os.File.Close 2023-02-06 08:47:43 +00:00
erik-krogh
d5c45056bd fix some more style-guide violations in the alert-messages 2022-10-07 11:21:01 +02:00
erik-krogh
c241185c21 avoid more instances of "this location" and "here" in alert-messages 2022-09-20 22:51:35 +02:00
erik-krogh
e2a41cf49f fix most ql/alert-message-style-violation 2022-09-20 22:51:35 +02:00
Anders Schack-Mulligen
406f5b525b Go: Deprecate and replace BarrierGuard class 2022-06-20 15:46:27 +02:00
Chuan-kai Lin
aa514fff32 codeql-go merge prep: move into go/ directory 2022-05-20 10:07:19 -07:00