codeql

mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00

Author	SHA1	Message	Date
Geoffrey White	a4c137fae5	C++: Add '_fsopen' as well.	2021-07-22 11:31:41 +01:00
Mathias Vorreiter Pedersen	39144ee02b	C++: Import 'GVN' in 'Overflow.qll' to prevent IR reevaluation.	2021-07-22 11:35:16 +02:00
Chris Smowton	e2a533c7de	Merge pull request #6346 from aschackmull/java/perf-fix Java: Fix bad magic.	2021-07-22 10:15:16 +01:00
Chris Smowton	605f037af8	Merge pull request #6247 from p0wn4j/spring-responseentity-redirect-sink [Java] CWE-601: Add Spring URL Redirect ResponseEntity sink	2021-07-22 09:45:30 +01:00
Anders Schack-Mulligen	dcfc027b5f	Java: Fix bad magic.	2021-07-22 10:12:49 +02:00
Chris Smowton	c568a9463a	Remove `<>` qualifier from ResponseEntity name This was an extractor bug that was fixed recently	2021-07-21 17:58:06 +01:00
Geoffrey White	fa0f5d08a2	Merge branch 'main' into toctou2	2021-07-21 16:21:29 +01:00
Ethan P	3a048a1cdd	Add ``qlpack.yml`` information	2021-07-21 09:27:41 -04:00
Mathias Vorreiter Pedersen	73ee7409f6	Merge pull request #6342 from MathiasVP/fix-fp-in-uninitialized-local C++: Fix FP in `cpp/uninitialized-local`	2021-07-21 14:46:57 +02:00
Ethan P	2cdf404e05	Create "About CodeQL packs" and add to ToC	2021-07-21 08:10:46 -04:00
Anders Schack-Mulligen	22f6b021ba	Merge pull request #6338 from aschackmull/java/cleanup-deprecated Java: Remove deprecated ParExpr.	2021-07-21 11:36:40 +02:00
Geoffrey White	daed988108	Merge pull request #6341 from MathiasVP/mergeback-2021-07-21 Mergeback `rc/3.2`	2021-07-21 10:35:07 +01:00
Mathias Vorreiter Pedersen	e536cecefe	C++: Fix FP caused by a variable missing type information.	2021-07-21 11:04:23 +02:00
Mathias Vorreiter Pedersen	6d0290809d	Merge branch 'rc/3.2' into mergeback-2021-07-21	2021-07-21 10:23:58 +02:00
Pavel Avgustinov	2d9600de4a	Merge pull request #6340 from MathiasVP/revert-path-sensitive-stackvariablereachability C++: Revert #6004	2021-07-21 09:17:56 +01:00
Ethan P	0eb2f903a3	add procedural information for publishing and using CodeQL packs	2021-07-20 23:21:36 -04:00
Ethan P	e586765cbe	add new articles to ToC	2021-07-20 22:33:06 -04:00
p0wn4j	f0d5520976	Add Spring URL Redirect ResponseEntity sink Copyedit qhelp	2021-07-21 03:16:16 +04:00
Ethan P	96de32bd2a	Add conceptual information "Creating and working with CodeQL packs"	2021-07-20 14:01:30 -04:00
Geoffrey White	473198a6ef	C++: Accept any check followed by a 'sensitive' use such as 'chmod'.	2021-07-20 18:11:05 +01:00
Aditya Sharad	46fbb2a3cc	Merge pull request #6334 from github/security-severity-docs Update CodeQL docs for security-severity levels	2021-07-20 09:58:19 -07:00
Geoffrey White	c6d8abc9b1	C++: Add a couple more testcases.	2021-07-20 17:52:59 +01:00
Mathias Vorreiter Pedersen	a006a7fb24	Revert "Merge pull request #6004 from MathiasVP/path-sensitive-stack-variable-reachability-analysis" This reverts commit `e3e7b00986`, reversing changes made to `8ccdd4fb9f`.	2021-07-20 18:06:49 +02:00
Tony Torralba	4622d8590b	Fix change note	2021-07-20 17:50:58 +02:00
Tony Torralba	26999c7ac4	Decouple UnsafeAndroidAccess.qll to reuse the taint tracking configuration	2021-07-20 17:46:35 +02:00
Tony Torralba	99e66cffa2	Merge branch 'main' into atorralba/promote-unsafe-android-webview-fetch	2021-07-20 17:30:56 +02:00
Anders Schack-Mulligen	77d53676ba	Java: Remove deprecated ParExpr.	2021-07-20 15:27:31 +02:00
Geoffrey White	5d1c7841a6	C++: Change note.	2021-07-20 14:14:01 +01:00
Tony Torralba	68df8028d2	Apply suggestions from code review Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-07-20 14:47:16 +02:00
Arthur Baars	890adf97d6	Merge pull request #6333 from github/rc/3.2 Merge rc/3.2 to main	2021-07-20 12:19:20 +02:00
Geoffrey White	ae944b268a	C++: Restrict the 'check' to stat / access only as these are by far the more reliable results.	2021-07-20 11:18:00 +01:00
James Fletcher	a365d4fb34	update docs for security-severity	2021-07-20 11:00:13 +01:00
Rasmus Wriedt Larsen	5a489a386a	Merge pull request #6329 from havron/qhelp-typo Fix qhelp typo in RequestWithoutValidation	2021-07-20 10:18:35 +02:00
Artem Smotrakov	158a75e5a1	Import UnsafeDeserializationQuery in unsafeDeserialization.ql	2021-07-20 10:14:50 +02:00
Tony Torralba	0f199601f8	Refactor GroovyInjection.qll	2021-07-20 09:44:37 +02:00
Anders Schack-Mulligen	47528b3379	Merge pull request #6332 from github/workflow/coverage/update Update CSV framework coverage reports	2021-07-20 09:27:59 +02:00
github-actions[bot]	bed08a6f4f	Add changed framework coverage reports	2021-07-20 00:06:37 +00:00
Ethan P	1cf5386824	Create publishing-and-using-codeql-packs.rst	2021-07-19 18:42:01 -04:00
Ethan P	a5cbc560e3	Add conceptual info for creating and working with CodeQL packs	2021-07-19 18:41:44 -04:00
Aditya Sharad	48778ce9a4	Merge pull request #6160 from timoles/patch-1 Add information for generating qhelp files locally	2021-07-19 14:14:22 -07:00
Ethan P	26a36592ce	Add intros and Overview headers	2021-07-19 16:29:18 -04:00
Ethan P	511e01aa1b	shorten title for `full-cwe`	2021-07-19 16:23:57 -04:00
Sam Havron	733e5b45bf	Fix qhelp typo in RequestWithoutValidation	2021-07-19 16:01:06 -04:00
Timo Müller	b24c096a76	Apply suggestions from code review Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>	2021-07-19 21:12:59 +02:00
Aditya Sharad	20fa8e49c8	Merge pull request #6326 from adityasharad/codeowners/codeql-tools Codeowners: Add reviewer teams for CodeQL tools and associated docs	2021-07-19 11:15:58 -07:00
Ethan P	5028fccee5	Create new CWE coverage overview and full CWE coverage page	2021-07-19 14:01:42 -04:00
Ethan P	618e8b34dc	Create individual language pages for CWE tables	2021-07-19 14:01:18 -04:00
Aditya Sharad	94b2b174c1	Merge pull request #6177 from skyzyx/patch-1 Update getting-started-with-the-codeql-cli.rst	2021-07-19 10:58:43 -07:00
Geoffrey White	ab4b2c2342	C++: Fix 'rename'.	2021-07-19 18:58:39 +01:00
Geoffrey White	95ec8f5394	C++: Add support for '_wfsopen'.	2021-07-19 18:36:09 +01:00

... 3 4 5 6 7 ...

24767 Commits