hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-09 04:30:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,625 Commits 1,680 Branches 157 Tags
df8be438bbbec0fb42ee1fb9360d7f588700fb91
Commit Graph

9625 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
df8be438bb Python: Show that list(tainted_string) works 2020-01-22 14:24:50 +01:00
Rasmus Wriedt Larsen
0da78f216a Python: Show that e, f, g = tainted_list doesn't work 2020-01-22 14:24:50 +01:00
Rasmus Wriedt Larsen
a55c13e61c Python: Improve tests for StringDictKind taint 
+ show we handle dict.values()
+ show we don't handle dict.items()
 2020-01-22 14:24:50 +01:00
Robert Marsh
c79d7acbfc Merge pull request #2656 from jbj/asDefiningArgument 
C++: Add DataFlow::Node.asDefiningArgument in IR
 2020-01-21 15:42:57 -05:00
Jonas Jensen
5ac56c2e3a C++: Add DataFlow::Node.asDefiningArgument in IR 2020-01-21 11:52:06 +01:00
Geoffrey White
80997a3323 Merge pull request #2655 from Semmle/jbj-patch-1 
C++: Fix typo in MallocSizeExpr
 2020-01-21 09:44:41 +00:00
Jonas Jensen
cdcd3ed748 Merge pull request #2647 from geoffw0/modelpure 
CPP: Improve strlen model
 2020-01-21 09:42:10 +01:00
Jonas Jensen
0568ed6451 C++: Fix typo in MallocSizeExpr 
The first argument is index 0, not 1.
 2020-01-21 09:09:49 +01:00
Geoffrey White
4f02183dc2 CPP: Re-layout test. 2020-01-20 15:00:09 +00:00
Geoffrey White
2133fbd155 CPP: Fix the nulltermination test. 2020-01-20 14:55:52 +00:00
Geoffrey White
952b9e1581 CPP: Use hasGlobalName where appropriate. 2020-01-20 14:24:38 +00:00
Geoffrey White
79811fcccd Merge pull request #2642 from jbj/TaintTracking-indirection 
C++: Indirection for security.TaintTracking impl
 2020-01-20 12:25:51 +00:00
Geoffrey White
5a20e85598 Merge pull request #2638 from jbj/ir-dispatch 
C++ IR: Support for global virtual dispatch
 2020-01-20 12:04:09 +00:00
Jonas Jensen
391b80eac4 C++: Show virtual inheritance problem in vdispatch 2020-01-20 11:17:44 +01:00
Jonas Jensen
2a0fc31b68 C++: Comment and rename getSrc -> getDispatchValue 
Better clarity was requested in the PR review.
 2020-01-20 11:03:03 +01:00
Jonas Jensen
742bd1c6ad Merge pull request #2648 from rdmarsh2/getMemoryOperandDefinition-perf 
C++: Performance fix for getMemoryOperandDefinition
 2020-01-20 08:49:55 +01:00
Jonas Jensen
d3a1856793 Merge pull request #2646 from geoffw0/modelinet 
CPP: Fix a mistake in Inet.qll.
 2020-01-17 22:53:43 +01:00
Geoffrey White
97c346285e CPP: Change note. 2020-01-17 18:56:21 +00:00
Geoffrey White
fcea3693f9 CPP: Remove now redundant special cases. 2020-01-17 18:56:21 +00:00
Geoffrey White
200545d88c CPP: Add detail to the model. 2020-01-17 18:56:21 +00:00
Geoffrey White
77a3778eef CPP: Add some strlen variants to the PureStrFunction model. 2020-01-17 18:56:21 +00:00
Jonas Jensen
3632d51abc Merge pull request #2635 from geoffw0/modelstrdup 
CPP: Model strdup
 2020-01-17 19:26:26 +01:00
Geoffrey White
803da339a1 CPP: Fix a mistake in Inet.qll. 2020-01-17 17:44:42 +00:00
Geoffrey White
7dbda22a29 CPP: Update change note. 2020-01-17 16:19:39 +00:00
Robert Marsh
bd98427c5a C++: sync files 2020-01-17 08:05:40 -08:00
Robert Marsh
bbf191e857 C++: fix join order in hasMemoryOperandDefinition 2020-01-17 08:05:40 -08:00
Robert Marsh
d91bc4ba72 C++: pull out hasMemoryOperandDefinition (slow) 2020-01-17 08:05:26 -08:00
Dave Bartolomeo
c7e62b4a35 Merge pull request #2613 from rdmarsh2/getPhiOperandDefinition-perf-2 
C++: performance fixes for getPhiOperandDefinition
 2020-01-17 09:01:33 -07:00
Jonas Jensen
53e10e4c7f Merge pull request #2634 from MathiasVP/overrideable-taint-sources 
C++: Overrideable taint sources in DefaultTaintTracking
 2020-01-17 13:01:03 +01:00
Jonas Jensen
d19c77d473 C++: Indirection for security.TaintTracking impl 
This change should make it easier to switch to the IR-based
`DefaultTaintTracking` code without getting a large and conflict-prone
diff.
 2020-01-17 12:04:53 +01:00
Jonas Jensen
5d08a0e338 Merge pull request #2558 from MathiasVP/ast-classes-should-not-be-abstract 
C++: Ast classes should not be abstract
 2020-01-17 08:47:55 +01:00
Geoffrey White
3c41ed56a1 CPP: Support taint to return value derefs instead. 2020-01-16 18:15:21 +00:00
semmle-qlci
8dff8e77e1 Merge pull request #2637 from hvitved/csharp/non-assigned-fields-bad-magic 
Approved by calumgrant
 2020-01-16 15:44:25 +00:00
Robert Marsh
e0406190a1 Merge branch 'master' into getPhiOperandDefinition-perf-2 2020-01-16 07:23:59 -08:00
Robert Marsh
c942da524c C++/C#: Sync 2020-01-16 07:16:57 -08:00
Robert Marsh
1b5d33023e C++: actually fix Chi total operands 2020-01-16 07:15:08 -08:00
Jonas Jensen
f4d0c5e905 C++ IR: Support for global virtual dispatch 
The IR data flow library now supports virtual dispatch with a library
that's similar to `security.TaintTracking`. In particular, it should
have the same performance characteristics. The main difference is that
non-recursive callers of `flowsFrom` now pass `_` instead of `true` for
`boolean allowFromArg`. This change allows flow through `return` to
actually work.
 2020-01-16 14:51:28 +01:00
semmle-qlci
4efc418e2c Merge pull request #2617 from asger-semmle/prototype-pollution-utility 
Approved by esbena, mchammer01
 2020-01-16 13:02:07 +00:00
Tom Hvitved
f4c255cb62 C#: Fix bad magic optimization in NonAssignedFields.ql 2020-01-16 12:31:14 +01:00
Geoffrey White
f4aba14d3a CPP: Change note. 2020-01-16 11:08:19 +00:00
Geoffrey White
ef47563139 CPP: Support flow of pointed-to things through function calls. 2020-01-16 11:08:19 +00:00
Mathias Vorreiter Pedersen
87c59e0017 C++: Overrideable taint sources in DefaultTaintTracking 2020-01-16 11:10:43 +01:00
Asger F
7a1d068f1c Update javascript/ql/src/Security/CWE-400/PrototypePollutionUtility.qhelp 
Co-Authored-By: mc <42146119+mchammer01@users.noreply.github.com>
 2020-01-16 09:47:18 +00:00
Mathias Vorreiter Pedersen
603b1c26a7 Merge branch 'master' into ast-classes-should-not-be-abstract 2020-01-16 10:16:03 +01:00
semmle-qlci
8128d23b6e Merge pull request #2505 from erik-krogh/EventEmitter 
Approved by esbena, max-schaefer
 2020-01-16 08:47:38 +00:00
semmle-qlci
18879386bf Merge pull request #2627 from asger-semmle/js-useless-expression-trycatch 
Approved by esbena
 2020-01-16 08:40:57 +00:00
Dave Bartolomeo
48301e1187 Merge pull request #2594 from rdmarsh2/ir-overlappingVariableMemoryLocations 
C++: compute overlap on irvars with vvar indexes
 2020-01-15 13:06:33 -07:00
Tom Hvitved
e5abaa79ae Merge pull request #2585 from calumgrant/cs/serialization-check-bypass 
C#: Improvements to cs/serialization-check-bypass
 2020-01-15 20:40:51 +01:00
Geoffrey White
04af2ace94 CPP: Add DataFlow to strdup. 2020-01-15 19:18:37 +00:00
Geoffrey White
9b5be995d2 CPP: Split Strdup model into it's own class and file. 2020-01-15 18:38:33 +00:00