codeql

mirror of https://github.com/github/codeql.git synced 2026-01-29 14:23:03 +01:00

Author	SHA1	Message	Date
Jonas Jensen	e2a43eeed6	C++ IR: Tests with ErrorExpr	2019-07-09 13:18:09 +02:00
Jonas Jensen	46d779248d	Merge pull request #1559 from zlaski-semmle/zlaski/futile-params-fix Reduce precision from `very-high` to `low` due to inability to handle…	2019-07-09 06:51:56 +02:00
Dave Bartolomeo	7bbfffec4d	Merge pull request #1552 from jbj/ir-builtin_addressof C++ IR: Support __builtin_addressof	2019-07-08 17:08:38 -07:00
Dave Bartolomeo	52e0f3fb62	Merge pull request #1551 from jbj/ir-DeleteExpr-placeholder C++: Placeholder translation of delete expressions	2019-07-08 17:07:16 -07:00
Ziemowit Laski	ed5e2f3211	It turns out that the `bminor/bash` alert spewage was caused by a bug in the extractor, which is verified fixed in the next release. Reverting query to its original form.	2019-07-08 12:11:15 -07:00
Robert Marsh	11581e4720	Merge pull request #1562 from geoffw0/models CPP: Extend StrcpyFunction and update UsingStrcpyAsBoolean.ql	2019-07-08 09:56:16 -07:00
semmle-qlci	c5d0abaf8a	Merge pull request #1560 from asger-semmle/static-calls Approved by xiemaisi	2019-07-08 16:42:32 +01:00
Anders Schack-Mulligen	d8395b7268	Merge pull request #1539 from taus-semmle/python-controlflownode-getchild-performance-hotfix Python: Fix bad join ordering in `ControlFlowNode::getAChild()`.	2019-07-08 17:41:46 +02:00
Asger F	6019e48917	JS: Add annotated call graph test case	2019-07-08 13:55:29 +01:00
Asger F	b63f14fe94	JS: Move CallGraphs test into subfolder	2019-07-08 12:57:34 +01:00
Geoffrey White	29e3e2a5bd	CPP: Fix typo.	2019-07-08 09:45:40 +01:00
semmle-qlci	a6b7f2d1f6	Merge pull request #1561 from xiemaisi/js/await-sourcenode Approved by asger-semmle	2019-07-08 09:44:05 +01:00
Max Schaefer	fec87ac716	JavaScript: Address review comment.	2019-07-08 08:29:12 +01:00
Ziemowit Laski	07ee9be9b6	Set query precision to `high`	2019-07-06 14:33:00 -07:00
Asger F	37ccfd0036	JS: Resolve static calls using type tracking	2019-07-06 22:32:00 +01:00
Ziemowit Laski	be0db66a55	Squelch `bminor/bash` alerts and set query precision to `high`.	2019-07-06 14:27:02 -07:00
Ziemowit Laski	9e600e3768	Reduce precision from `very-high` to `low` due to inability to handle K&R definitions correctly.	2019-07-05 18:10:03 -07:00
Robert Marsh	10172af401	Merge pull request #1557 from jbj/hiding-range-based-for C++: Fix DeclarationHidesVariable FP for nested range-based for loops	2019-07-05 14:56:02 -07:00
Jonas Jensen	8d3cb78a9d	C++: Fix DeclarationHidesVariable FP We don't want alerts about the compiler-generated variables that appear in the desugaring of range-based `for`.	2019-07-05 20:39:43 +02:00
Jonas Jensen	443a8fbc07	C++: Test for DeclarationHidesVariable FP	2019-07-05 20:34:30 +02:00
Taus Brock-Nannestad	4ddebb9349	Better names for helper predicates.	2019-07-05 16:38:39 +02:00
Taus Brock-Nannestad	703139142a	More performance fixes.	2019-07-05 14:44:56 +02:00
Jonas Jensen	4b4e7caf9f	C++ IR: Support __builtin_addressof	2019-07-05 11:05:00 +02:00
Jonas Jensen	6fe9945c04	C++: Placeholder translation of delete expressions Before this change, `delete` and `delete[]` expressions had no control flow after them, which caused the reachability analysis to remove all code after a delete expression. This commit adds placeholder support for delete expression by translating them to `NoOp` instructions so their presence doesn't cause large chunks of the program to be removed.	2019-07-05 10:54:35 +02:00
semmle-qlci	50e8034b0b	Merge pull request #1544 from esben-semmle/js/additional-configuration-splitting Approved by xiemaisi	2019-07-05 09:10:22 +01:00
Ellen Arteca	39c37f519d	JavaScript: Use type tracking to identify more portal entry/exit nodes.	2019-07-05 09:03:37 +01:00
Arthur Baars	9bf0a3f2cd	Merge pull request #1547 from Semmle/rc/1.21 Merge rc/1.21 into master	2019-07-05 07:20:28 +02:00
Esben Sparre Andreasen	fca815f96d	JS: make use of the recent Configuration split	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	6d5b84fa88	JS: split XmlBomb.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	5163ccfd39	JS: split InsufficientPasswordHash.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	8664908f78	JS: split PrototypePollution.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	289c29828f	JS: split UnvalidatedDynamicMethodCall.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	9e675d9973	JS: split TaintedFormatString.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	26c29cbde5	JS: split TypeConfusionThroughParameterTampering.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	8225d9923c	JS: split ClientSideUrlRedirect.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	c3973c061e	JS: split ZipSlip.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	29e69b32b0	JS: split XpathInjection.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	48b655f1c7	JS: split CommandInjection.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	ccc171ce18	JS: split RemotePropertyInjection.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	063abb5af9	JS: split PostMessageStar.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	3ad46cd5bf	JS: split HardcodedCredentials.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	ec6d233180	JS: split CleartextLogging.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	813253e0ac	JS: split BrokenCryptoAlgorithm.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	27d0caed3e	JS: split RegExpInjection.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	c8a60f74f0	JS: split StackTraceExposure.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	f2b3fa57eb	JS: split RequestForgery.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	6f6887993c	JS: split Xxe.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	9d670f7d39	JS: split CleartextStorage.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	013f471cf6	JS: split TaintedPath.qll	2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen	2bb702ceea	JS: split SqlInjection.qll	2019-07-04 22:42:55 +02:00

1 2 3 4 5 ...

5716 Commits