hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 23:26:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,144 Commits 1,703 Branches 162 Tags
cbe417f5eb00f86ee3e27995eaa5aaa5995673d6
Commit Graph

12144 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
cbe417f5eb Merge pull request #3336 from erik-krogh/MoarJQuery 
Approved by esbena
 2020-04-25 15:17:55 +01:00
Robert Marsh
4eea62cbde Merge pull request #3345 from Cornelius-Riemenschneider/openssl-allocators 
C++: Allocation.qll: Add support for openssl allocation/deallocation functions.
 2020-04-24 14:48:05 -07:00
Jonas Jensen
5917ce60b7 Merge pull request #3342 from dbartol/dbartol/SyncTask 
Add a VS Code task to run `sync-files.py`
 2020-04-24 16:42:44 +02:00
Dave Bartolomeo
c539e84071 Update README.md with VSCode info 2020-04-24 10:36:16 -04:00
Taus
bcb980b3d5 Merge pull request #3302 from RasmusWL/python-str-taint-add-methods 
Python: Add taint for string methods
 2020-04-24 16:29:11 +02:00
Rasmus Wriedt Larsen
b2b0296120 Merge pull request #3242 from BekaValentine/python-objectapi-to-valueapi-incorrectlyoverridenmethod 
Python: ObjectAPI to ValueAPI: IncorrectlyOverriddenMethod
 2020-04-24 16:28:11 +02:00
semmle-qlci
4c7a5007d8 Merge pull request #3314 from RasmusWL/python-model-stdlib-http.server 
Approved by tausbn
 2020-04-24 15:27:21 +01:00
Dave Bartolomeo
97565fd90f Add Sync Identical Files tasks to build group 2020-04-24 10:24:17 -04:00
Dave Bartolomeo
8ed8d3ccc5 Merge pull request #3343 from sauyon/sync-files 
sync-files.py: cast line to string before concat
 2020-04-24 10:12:52 -04:00
Taus
266de2efa2 Merge pull request #3348 from RasmusWL/python-random-modernisation 
Python: random modernisations
 2020-04-24 14:18:10 +02:00
Rasmus Wriedt Larsen
2b3025265b Python: Clean up QLdoc 
Co-Authored-By: Taus <tausbn@gmail.com>
 2020-04-24 14:05:02 +02:00
Calum Grant
fcc2b66d1a Merge pull request #3347 from hvitved/csharp/vsvars-test 
C#: Update expected test output
 2020-04-24 12:12:31 +01:00
Rasmus Wriedt Larsen
367ee3e8c4 Python: Modernise security/injection/Path.qll 
And we're making things a bit more clean since it's not *any* argument of `open()` that is a taint-sink.
 2020-04-24 12:03:42 +02:00
Rasmus Wriedt Larsen
67837887c8 Python: Modernise security/injection/Exec.qll 2020-04-24 11:59:05 +02:00
Calum Grant
1f1ac72de8 Merge pull request #3309 from hvitved/csharp/cfg/catch-finally-bug 
C#: Add missing CFG edge from generic `catch` block to `finally` block
 2020-04-24 10:12:53 +01:00
semmle-qlci
28cfe548d5 Merge pull request #3325 from erik-krogh/MoreEventClasses 
Approved by asgerf
 2020-04-24 09:02:27 +01:00
semmle-qlci
671e7c6637 Merge pull request #3335 from asger-semmle/js/cached-chained-methods 
Approved by esbena
 2020-04-24 08:28:05 +01:00
Tom Hvitved
6911937ab8 C#: Update expected test output 2020-04-24 09:26:50 +02:00
Jonas Jensen
d98e956c2b Merge pull request #3322 from felicitymay/merge-124-master 
Merge rc/1.24 into master
 2020-04-24 08:48:54 +02:00
Rasmus Wriedt Larsen
8878884724 Python: Rewrite web/stdlib/Request.qll QLDoc to be more clear 2020-04-24 08:07:23 +02:00
Rasmus Wriedt Larsen
23f3736b67 Python: Simplify CgiFieldStorageFieldKind.getTaintOfAttribute 2020-04-24 08:04:55 +02:00
Cornelius Riemenschneider
c25eb19b18 Add support for openssl allocation/deallocation functions. 2020-04-24 01:57:14 +02:00
Sauyon Lee
972551edd7 sync-files.py: cast line to string before concat 2020-04-23 15:32:28 -07:00
Dave
95b55f86ba Add a VS Code task to run sync-files.py 
If you're developing one of the libraries that has muiltiple copies auto-generated by `sync-files.py`, you can now run `sync-files.py --latest` by going to the `Terminal | Run Task...` menu in VS Code and selecting the `Sync Identical Files` task. You can set a keyboard binding to run this task for quicker access.
 2020-04-23 16:58:34 -04:00
Erik Krogh Kristensen
19c6092998 autoformat 2020-04-23 20:59:34 +02:00
Erik Krogh Kristensen
ea1628ef54 fix typo in jQuery.qll 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-04-23 20:58:49 +02:00
Erik Krogh Kristensen
a71567da54 autoformat 2020-04-23 18:58:33 +02:00
Taus
1d6b6a48ae Merge pull request #2924 from BekaValentine/python-objectapi-to-valueapi-wrongnumberargumentsincall 
Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall
 2020-04-23 17:56:39 +02:00
Erik Krogh Kristensen
ee43db1b58 slightly expand the $().each model 2020-04-23 16:49:47 +02:00
Erik Krogh Kristensen
448ed150df allow the empty string to flow to a JQuery XSS sink 2020-04-23 16:45:37 +02:00
Erik Krogh Kristensen
96896fd7f5 second round of UnsafeJQueryPlugin reuse 2020-04-23 15:12:32 +02:00
Erik Krogh Kristensen
ea569dba78 update doc for JQuery plugin predicate 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-04-23 15:03:39 +02:00
Asger Feldthaus
cafdcfa4de JS: Preserve reflective calls in getAMethodCall 2020-04-23 13:57:14 +01:00
Erik Krogh Kristensen
1954a60b6e reuse existing predicate from UnsafeJqueryPlugin 2020-04-23 14:25:34 +02:00
Erik Krogh Kristensen
09b6727e6d refactor $.each model 2020-04-23 14:24:56 +02:00
Erik Krogh Kristensen
ce106981b3 add tests 2020-04-23 14:24:33 +02:00
Erik Krogh Kristensen
e7d8cd8e8c Merge remote-tracking branch 'upstream/master' into MoarJQuery 2020-04-23 14:10:53 +02:00
semmle-qlci
36b28386f8 Merge pull request #3332 from erik-krogh/JGrowl 
Approved by esbena
 2020-04-23 13:06:00 +01:00
Erik Krogh Kristensen
67443718c0 change note 2020-04-23 13:55:37 +02:00
Erik Krogh Kristensen
6897dda614 model that this in $().each(callback) is a DOM-node 2020-04-23 13:51:17 +02:00
Erik Krogh Kristensen
8de86967aa model that this in a jQuery plugin is a jQuery object 2020-04-23 13:48:54 +02:00
semmle-qlci
801ce89c67 Merge pull request #3099 from esbena/js/introduce-poi-utility 
Approved by erik-krogh
 2020-04-23 12:14:00 +01:00
Jonas Jensen
312e6229fb Merge pull request #3330 from MathiasVP/libc-assert 
C++: Generalize charpred of LibcAssert
 2020-04-23 13:06:41 +02:00
Erik Krogh Kristensen
d8c498bd15 add NOT OK comment 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-04-23 12:17:25 +02:00
Erik Krogh Kristensen
e1423b0fa5 add test for jGrowl 2020-04-23 11:58:06 +02:00
Erik Krogh Kristensen
5382976195 change note 2020-04-23 11:52:16 +02:00
Taus
54d1991a9d Merge pull request #3300 from RasmusWL/python-pointsto-regression-open 
Python: Add points-to regression for uncalled function
 2020-04-23 11:50:30 +02:00
Pavel Avgustinov
adf12ba2b4 Merge pull request #3333 from sj/patch-3 
Update CODE_OF_CONDUCT.md to be based on Contributor Covenant template
 2020-04-23 10:46:41 +01:00
Bas van Schaik
0c8786f941 Update code of conduct in line with GH 
Updates CODE_OF_CONDUCT.md to use the Contributor Covenant Code of Conduct that is widely used for other open source projects at GitHub.
 2020-04-23 10:19:13 +01:00
Jonas Jensen
d6f77c0f98 Merge pull request #3328 from MathiasVP/literal-comment 
C++: Remove unnecessary part of comment
 2020-04-23 11:10:16 +02:00