hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-15 03:54:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
79,243 Commits 1,736 Branches 164 Tags
e848aa747b181e5f87dc93343fc72b37329aefec
Commit Graph

699 Commits

Author SHA1 Message Date
Nicolas Will
ab3f62eed1 Add missing tags to PrintCBOMGraph.ql queries 2025-05-12 14:34:16 +02:00
Nicolas Will
d0510bc672 Merge branch 'main' into quantum-experimental 2025-05-08 04:37:37 +02:00
Nicolas Will
0c6e124b01 Delete development test query 2025-05-08 03:02:59 +02:00
Nicolas Will
7339dd0077 Rename "Quantum" to "quantum" in dir structure 2025-05-08 02:39:40 +02:00
Nicolas Will
ac72abd3a6 Refactor directory structure (shared experimental) 2025-05-08 02:35:09 +02:00
Nicolas Will
c19291be88 Refactor 'cryptography' and 'Quantum' to 'quantum' 2025-05-08 01:38:53 +02:00
Owen Mansel-Chan
cf614a596d Fix cwe tags to include leading zero 2025-04-30 16:43:03 +01:00
Nicolas Will
4d44755945 Refactor Model and CBOM print queries 2025-02-11 15:37:15 +01:00
Nicolas Will
3dc28c2d17 Move language-agnostic model to shared library 2025-02-06 21:54:18 +01:00
Nicolas Will
69a63855cc Update CBOMGraph.ql 2025-01-29 21:55:57 +01:00
Nicolas Will
9af18bc100 WIP: add dgml/dot output/remove test code 2025-01-29 19:45:04 +01:00
Nicolas Will
e027b0e9a0 WIP: add properties 2025-01-28 02:02:06 +01:00
Nicolas Will
1a7d8cb99d WIP 2025-01-24 17:33:03 +01:00
Jeroen Ketema
d9b278de66 C++: Promote cpp/guarded-free 2024-11-26 11:45:55 +01:00
Jeroen Ketema
88be4b88ab C++: Address review comments 2024-11-18 14:27:01 +01:00
Jeroen Ketema
20685918bd C++: Silence ql-for-ql warning 2024-11-14 13:10:20 +01:00
Jeroen Ketema
b581723a63 C++: Ignore complex guards and the comma operator 2024-11-14 12:53:54 +01:00
Jeroen Ketema
176acabd9d C++: Ignore free calls that are macro defined or #if/#ifdef guarded 2024-11-14 12:51:04 +01:00
Jeroen Ketema
a31e983e9e C++: Also allow single statement blocks in cpp/guarded-free 2024-11-14 12:47:29 +01:00
Jeroen Ketema
c86bbbb063 C++: Fix cpp/guarded-free FPs when there are other blocks depending on the guard 2024-11-14 11:48:17 +01:00
Jeroen Ketema
a065434dd7 Merge pull request #16811 from porcupineyhairs/curlssl 
CPP: Disabled SSL certificate verification
 2024-09-19 20:02:17 +02:00
Porcupiney Hairs
ee41e65e90 Include changes from review 2024-09-19 22:52:20 +05:30
Porcupiney Hairs
57d1035acd Include changes from review 2024-09-19 03:32:34 +05:30
am0o0
401bb24fde remove redundent zStreamAccess in flow steps 2024-09-05 17:09:26 +02:00
Jeroen Ketema
3aa68b34bb C++: Fix zstd and clean up test 2024-09-04 22:25:44 +02:00
Jeroen Ketema
9b905d5e84 C++: Set precision to low 
There are no barriers, so the query as is will flag up any use of the
identified functions.
 2024-09-04 14:13:43 +02:00
Jeroen Ketema
238895e677 C++: Fix formatting 2024-09-04 14:10:24 +02:00
Jeroen Ketema
92c6170a76 C++: Simplify QLhelp 
One good and one bad example suffices to get the point across, and makes the
help more readable. The examples also do not have to be complete.
 2024-09-04 14:06:12 +02:00
Jeroen Ketema
2369b18ca6 C++: Make additional flow steps more uniform 2024-09-04 13:43:03 +02:00
Jeroen Ketema
8fe0d0a045 C++: Improve query output 2024-09-04 13:22:02 +02:00
Jeroen Ketema
8d22d147b8 C++: Clean up QLDoc 2024-09-04 13:16:56 +02:00
Jeroen Ketema
65fafbf4df C++: Fix QL-for-QL warnings 2024-09-04 11:57:10 +02:00
Jeroen Ketema
084dbc4e12 C++: Rename qhelp file to match ql file 2024-09-04 11:48:42 +02:00
Jeroen Ketema
50d9e77339 C++: Move experimental files into the correct locations 2024-09-04 09:33:27 +02:00
am0o0
386e45a11e delete bzip2 as it is not updated for more than three years so it is not in the priority 2024-09-03 15:33:14 +02:00
am0o0
81283d59ab remove more unused imports, add tests for zstd, add flow steps for zstd 
zstd is not finilized
 2024-09-03 15:26:38 +02:00
am0o0
4fc971dbcb remove xz(lzma) 2024-09-03 14:48:52 +02:00
am0o0
6c97096642 remove unused imports, add tests for libarchive 2024-09-03 14:16:25 +02:00
am0o0
9531701129 delete miniz support because there is no good documents and i don't have enough time as the library is not popular enough. add tests for minizip lib 2024-09-03 13:08:00 +02:00
am0o0
8c1c537150 finilize tests for zlib 2024-09-03 09:12:54 +02:00
am0o0
f97b1039cd update test files, add one more additional flow step for inflate function, fix gzopen additional flow step thanks to @jketema 2024-07-30 17:49:34 +02:00
am0o0
a10b5021b4 fix tests, it is not fixed 100% 2024-07-15 10:13:57 +02:00
am0o0
361ad6be6a use abstract class for decompression flow steps 2024-06-26 12:45:31 +02:00
am0o0
656dc4e276 use abstract class for decompression sinks 2024-06-25 18:09:27 +02:00
am0o0
13f697c056 relocate the query 2024-06-25 17:31:40 +02:00
Porcupiney Hairs
a7cdf0e2fd CPP: Disabled SSL certificate verification 
Disable SSL certificate verification can expose the communication to MITM attacks.

This PR adds a query to detect the same. This also include the tests and qhelp for the same.
 2024-06-23 14:27:04 +05:30
am0o0
11a416ea7c add FlowSources as a common source for all sinks, so we don't need States anymore 2024-06-13 03:30:07 +02:00
am0o0
273848c879 remove old comments 2024-06-07 05:40:17 +02:00
am0o0
a5363286f1 add implicit this 2024-06-07 05:37:58 +02:00
am0o0
184aa0480e Merge branch 'amammad-cpp-bombs' of https://github.com/amammad/codeql into amammad-cpp-bombs 2024-06-07 05:27:12 +02:00