codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00

Author	SHA1	Message	Date
Geoffrey White	3fed7bf6d0	C++: Extend cpp/cleartext-transmission using PrivateData.qll.	2022-03-28 11:16:56 +01:00
Geoffrey White	202b6d44a5	C++: Update SensitiveExprs.qll to clarify the relationship.	2022-03-28 10:54:56 +01:00
Geoffrey White	0453c0f0a1	C++: Convert to C++ and make it look more like SensitiveExprs.qll.	2022-03-28 10:54:55 +01:00
Geoffrey White	ec98269a24	C++: Copy PrivateData.qll from csharp.	2022-03-28 10:54:54 +01:00
Geoffrey White	bb272003b4	C++: More test cases.	2022-03-28 10:54:54 +01:00
4B5F5F4B	2d7b9c0c4f	modify a little cute typo	2022-03-26 22:55:27 +08:00
4B5F5F4B	7a091f808b	Create NoCheckBeforeUnsafePutUser.ql	2022-03-26 22:45:03 +08:00
4B5F5F4B	64863d493b	Delete cve-2017-5123.ql	2022-03-26 22:42:59 +08:00
Andrew Eisenberg	5fb84a774b	Merge pull request #8553 from github/aeisenberg/cpp-suites Suites: Remove self-referential `from` directives	2022-03-25 09:15:53 -07:00
Geoffrey White	2014599f88	Merge pull request #8318 from geoffw0/cwe497b C++: New query cpp/potential-system-data-exposure	2022-03-25 14:55:00 +00:00
Geoffrey White	9f3fd57534	Merge branch 'main' into cwe497b	2022-03-25 11:57:30 +00:00
Mathias Vorreiter Pedersen	c115c68247	Merge pull request #8542 from MathiasVP/public-iterated-dominance-frontier C++: Use `iterated (post)dominance frontier` algorithm in `IRBlock`	2022-03-25 11:51:15 +00:00
Geoffrey White	e377eebdbc	C++: More 'adversary' -> 'malicious user' and related doc changes.	2022-03-25 11:34:37 +00:00
Geoffrey White	11074b6d77	Update cpp/ql/src/Security/CWE/CWE-497/PotentiallyExposedSystemData.ql Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>	2022-03-25 11:08:07 +00:00
Geoffrey White	6b6ee61d3f	Apply suggestions from code review Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>	2022-03-25 11:06:46 +00:00
Jeroen Ketema	94f014d948	C++: Update tests for handling of bitwise copies in copy constructors	2022-03-25 11:43:01 +01:00
Jeroen Ketema	b18b86b2e2	C++: Remove check for value-less literals in constructors	2022-03-25 11:43:01 +01:00
Andrew Eisenberg	99f14af56a	Suites: Remove self-referential `from` directives Fixes https://github.com/github/codeql/issues/8412 See https://github.com/github/codeql/issues/8412#issuecomment-1078281668 for more detail.	2022-03-24 14:19:20 -07:00
Mathias Vorreiter Pedersen	80630972b1	Merge branch 'main' into public-iterated-dominance-frontier	2022-03-24 12:50:29 +00:00
Mathias Vorreiter Pedersen	61c944201f	Merge pull request #8461 from Paul1nh0/dev_cve_2016_6480 Add query for double-fetch vulnerability	2022-03-23 18:15:05 +00:00
Mathias Vorreiter Pedersen	c76a323246	C++/C#: Sync identical files.	2022-03-23 17:27:25 +00:00
Mathias Vorreiter Pedersen	1b4fb45089	C++: Use the iterated (post)dominance frontier algorithm in the public '(post)dominanceFrontier' predicate on 'IRBlocks'.	2022-03-23 17:27:16 +00:00
Mathias Vorreiter Pedersen	8b8f0ca6e5	Merge pull request #8479 from geoffw0/widecharperf C++: Fix expensive getWideCharType().	2022-03-23 14:22:17 +00:00
Geoffrey White	9ae1ec69dc	C++: Autoformat.	2022-03-23 13:37:39 +00:00
Mathias Vorreiter Pedersen	a81024a485	Merge pull request #8525 from MathiasVP/more-precise-is-before C++: Consider columns in `Location.isBefore`	2022-03-23 11:04:34 +00:00
Mathias Vorreiter Pedersen	0eab54d385	Merge pull request #8491 from jketema/command-line-injection-with-flow-state C++: Use flow states in `cpp/command-line-injection`	2022-03-23 11:03:29 +00:00
Mathias Vorreiter Pedersen	a84ee50af0	Update cpp/ql/src/change-notes/2022-03-21-command-line-injection-with-flow-states.md	2022-03-23 09:35:41 +00:00
Paul1nh0	5a1dc61d9d	modify arguments check logic As far as I can tell, root cause of double-fetech issue is read from the same user mode memory twice, so it makes sense that only check whether user mode pointer is same or not	2022-03-23 11:20:08 +08:00
Paul1nh0	6a6cd61d83	automated using CodeQL for VSCode extension	2022-03-23 09:37:45 +08:00
Mathias Vorreiter Pedersen	01929d484e	Merge pull request #8526 from MathiasVP/internal-diagmetric-queries-ql C++: Add internal `ExtractionError` query	2022-03-22 17:26:38 +00:00
Robert Marsh	6be3db8575	C++: update test expectations for extractor changes	2022-03-22 13:01:56 -04:00
Paul1nh0	f2728f5284	delete some unused code	2022-03-22 23:20:30 +08:00
Mathias Vorreiter Pedersen	c35b385383	C++: Fix 'implicit this' warning.	2022-03-22 13:32:46 +00:00
Paul1nh0	afe4a8435f	Using globalValueNumber to match same arguments	2022-03-22 21:14:07 +08:00
Mathias Vorreiter Pedersen	93346a574f	C++: Add a new 'Location.isBefore' predicate that also considers columns.	2022-03-22 12:16:53 +00:00
Mathias Vorreiter Pedersen	c6c3206031	C++: Add example of 'goto' on the same line as the destination label.	2022-03-22 12:11:29 +00:00
Mathias Vorreiter Pedersen	5cdf0b5ee2	Merge pull request #8507 from geoffw0/sde-perf C++: Make getUnderlyingType nomagic	2022-03-22 11:12:44 +00:00
Paul1nh0	d476493c3e	Add double-fetch.ql under CWE-362 directory	2022-03-22 19:08:44 +08:00
Paul1nh0	dd4e82126c	remove to another directory	2022-03-22 19:06:53 +08:00
Paul1nh0	2dad2c477b	query description added	2022-03-22 19:06:03 +08:00
Geoffrey White	5d5904d6c8	C++: Autoformat.	2022-03-22 10:55:04 +00:00
Mathias Vorreiter Pedersen	5cbd86519b	C++: Add internal extraction errors query and modify the 'code-scanning-selectors' to exclude internal queries.	2022-03-22 10:52:02 +00:00
Jeroen Ketema	2d9b630fa8	C++: Fix `ExecTainted.ql` formatting	2022-03-21 23:28:58 +01:00
Jeroen Ketema	b79eb6d10d	C++: Encode string value of data flow nodes in `ExecState`	2022-03-21 21:29:42 +01:00
Robert Marsh	23e9963a19	Merge branch 'main' into rdmarsh2/ir-global-vars	2022-03-21 16:13:40 -04:00
Robert Marsh	5bb6441047	C++: Fix consistency issues with aggregate inits	2022-03-21 16:01:24 -04:00
github-actions[bot]	a3e74efc21	Post-release preparation for codeql-cli-2.8.4	2022-03-21 19:36:47 +00:00
Robert Marsh	a36c6f2dab	C++: restrict IR generation to global vars w inits	2022-03-21 14:26:29 -04:00
Robert Marsh	c27dfb5120	C++: IR translation for global variable inits	2022-03-21 13:17:05 -04:00
github-actions[bot]	dedc8c2254	Release preparation for version 2.8.4	2022-03-21 13:25:49 +00:00

... 3 4 5 6 7 ...

7611 Commits