hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-29 11:48:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
19,101 Commits 1,723 Branches 164 Tags
d80313be4ff6a776a06adfbea04c2e71e7ebef78
Commit Graph

19101 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
d80313be4f JS: Model pipe classes 2021-01-18 12:18:27 +00:00
Asger Feldthaus
debb5691a1 JS: Make PipeRefExpr a SourceNode 2021-01-18 12:18:27 +00:00
Asger Feldthaus
fcb8124376 JS: Expose data flow node for field declaration 2021-01-18 12:18:26 +00:00
Asger Feldthaus
9ee893c9c1 JS: Add data flow steps in Angular2 model 2021-01-18 12:16:13 +00:00
Asger Feldthaus
77fcf3d8a2 JS: Support postfix "!" operator in templates 2021-01-18 12:16:13 +00:00
Asger Feldthaus
c08ba1416d JS: Add new SourceType for angular templates 2021-01-18 12:16:13 +00:00
Asger Feldthaus
b1d45a6773 JS: Mark angular pipe refs as incomplete 2021-01-18 12:16:13 +00:00
Asger Feldthaus
4b5a861ee6 JS: Add TopLevelKind enum 2021-01-18 12:16:13 +00:00
Asger Feldthaus
9b99f56d44 JS: isAngularTemplateAttributeName 2021-01-18 12:16:13 +00:00
Asger Feldthaus
ed27c8b13f JS: Add test and fix bug in pipe parser 2021-01-18 12:16:13 +00:00
Asger Feldthaus
16a2a60b9a JS: Add AngularPipeRef 2021-01-18 12:16:13 +00:00
Asger Feldthaus
928a382ad5 JS: Add parser for angular expressions 2021-01-18 12:16:13 +00:00
Asger Feldthaus
5fa3b17956 JS: Tolerate Angular-specific HTML attribute names 2021-01-15 14:51:10 +00:00
Asger Feldthaus
f33630aab6 JS: Reformat HTMLExtractor 2021-01-15 14:51:10 +00:00
Anders Schack-Mulligen
545451e602 Merge pull request #4960 from github/yo-h/java15-change-note 
Java: update documentation on supported language versions
codeql-cli/v2.4.3 codeql-cli/v2.4.2 		2021-01-15 10:19:46 +01:00
Tamás Vajk
81ce29c6c8 Merge pull request #4656 from tamasvajk/feature/csharp9-not-pattern 
C#: Extract unary patterns
 2021-01-15 09:44:53 +01:00
yo-h
27fd16ae87 Java: update documentation on supported language versions 2021-01-14 20:29:16 -05:00
Tom Hvitved
d7ca065192 Merge pull request #4923 from hvitved/csharp/ssa/refactor 
C#: SSA refactorings
 2021-01-14 17:28:14 +01:00
Tom Hvitved
6cf684f615 C#: Fix QL doc 2021-01-14 15:59:22 +01:00
yoff
b5d40e4c9a Merge pull request #4944 from RasmusWL/flask-class-based-handlers 
Python: Add modeling of Flask class based (HTTP) request handlers
 2021-01-14 15:17:36 +01:00
yoff
de8ac6c12d Merge pull request #4869 from RasmusWL/tornado-source-modeling 
Python: Add Tornado source modeling
 2021-01-14 14:40:14 +01:00
Tamas Vajk
4b32fd0556 Update change note date 2021-01-14 14:29:13 +01:00
Tamas Vajk
b7b4ed8774 Add DB upgrade folder 2021-01-14 14:26:40 +01:00
Tamas Vajk
66d8b0f1a0 Add new .stats file 2021-01-14 14:11:28 +01:00
Rasmus Wriedt Larsen
4cb2f2ed1e Python: Proper models of flask MethodView classes 2021-01-14 13:42:18 +01:00
Rasmus Wriedt Larsen
e327fdb317 Python: Model flask View classes 2021-01-14 13:42:18 +01:00
Rasmus Wriedt Larsen
0b1cece523 Python: Add tests for class based handlers in Flask 2021-01-14 13:42:17 +01:00
Rasmus Wriedt Larsen
14bb10a361 Python: Use LocalSourceNode for TornadoRouteRegex 2021-01-14 13:39:41 +01:00
Rasmus Wriedt Larsen
f9a29cb886 Python: Add change-note for tornado source modeling 2021-01-14 13:37:27 +01:00
Rasmus Wriedt Larsen
812ea5dde5 Python: Tornado: Model request handlers without known route 2021-01-14 13:37:27 +01:00
Rasmus Wriedt Larsen
1849b9e771 Python: Tornado: Handle basic route setup with tuples 
The reason this becomes valueable right now, is that we can mark routed params
as taint-sources. Longer down the line, we can (hopefully) detect that a routed
param will only accept digits, and mark it safe for some of our taint-tracking
queries.
 2021-01-14 13:37:26 +01:00
Rasmus Wriedt Larsen
39d85896a1 Python: Add basic taint modeling of tornado request 2021-01-14 13:37:26 +01:00
Rasmus Wriedt Larsen
4641150d45 Python: Basic taint-modeling of tornado.web.RequestHandler classes 2021-01-14 13:37:25 +01:00
Rasmus Wriedt Larsen
9cd8a862a0 Python: Expand Tornado tests and add annotations 
I should probably have split this up into 2 commits, so sorry that didn't happen :|
 2021-01-14 13:37:24 +01:00
Rasmus Wriedt Larsen
b4f3399534 Python: Add reverse inheritance test for Tornado 2021-01-14 13:37:24 +01:00
Rasmus Wriedt Larsen
57d08a8523 Python: Rewrite old Tornado tests 
Now you can run them, and the examples have been adjusted so they actually work!
 2021-01-14 13:37:23 +01:00
Rasmus Wriedt Larsen
7db55906b9 Python: Copy old tornado tests 2021-01-14 13:37:22 +01:00
Tom Hvitved
f5eb131e2d C#: Address review comments 2021-01-14 12:42:43 +01:00
yoff
c69b776d34 Merge pull request #4864 from RasmusWL/django-request-handler-without-route 
Python: Model Django request handler without route
 2021-01-14 12:06:59 +01:00
Tamás Vajk
fa8e902fe4 Merge pull request #4922 from tamasvajk/feature/fix-finally-cfg-opass 
C#: Fix expanded assignment lookup in finally blocks for CFG
 2021-01-14 11:26:33 +01:00
Tamás Vajk
36a1293156 Merge pull request #4952 from tamasvajk/feature/type-mention-nullable 
C#: Fix type mention extraction of named types with nullability enabled
 2021-01-14 11:25:44 +01:00
Mathias Vorreiter Pedersen
3468593d3a Merge pull request #4915 from geoffw0/sqltaint 
C++: Fix FPs in cpp/sql-injection
 2021-01-14 11:20:08 +01:00
Tamas Vajk
48d8ee9166 Fix failing test 2021-01-14 09:47:46 +01:00
Tamas Vajk
927dd514ea C#: Extract unary patterns 2021-01-14 09:47:46 +01:00
Tamás Vajk
842ed62875 Merge pull request #4927 from tamasvajk/feature/comp-assembly 
C#: Add output assembly to compilation
 2021-01-14 09:45:11 +01:00
CodeQL CI
4229f556cb Merge pull request #4751 from erik-krogh/logInjection 
Approved by asgerf, mchammer01
 2021-01-14 00:32:46 -08:00
Tamas Vajk
05c858ec2c C#: Fix expanded assignment lookup in finally blocks for CFG 2021-01-14 08:54:10 +01:00
Tamas Vajk
5803a449be Add test case for assign operation in finally 2021-01-14 08:39:46 +01:00
Tamas Vajk
ec669c883a Add DB upgrade folder 2021-01-14 08:25:35 +01:00
Tamas Vajk
5060756a0b Fix typo in comment 2021-01-14 08:20:45 +01:00