hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-21 10:24:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,377 Commits 1,684 Branches 158 Tags
ea3d7b1b2f24ae00a3bb070ec831218a5865ec6a
Commit Graph

9377 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
ea3d7b1b2f Java: Adjust stubs and unit test. 2020-01-30 11:27:33 +01:00
Anders Schack-Mulligen
9391058363 Java: Add unit test for ldap injection. 2020-01-29 11:37:33 +01:00
Grzegorz Golawski
bbcfbd7a28 Apply suggestion from code review 2020-01-28 22:34:01 +01:00
Grzegorz Golawski
7b2192d2e3 Apply suggestion from code review 2020-01-27 22:34:15 +01:00
ggolawski
408c49a61c Apply suggestions from code review 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-01-27 22:31:51 +01:00
Grzegorz Golawski
968c18d208 Query to detect LDAP injections in Java 
Refactoring according to review comments.
 2020-01-23 22:51:10 +01:00
Grzegorz Golawski
bed6a9886f Query to detect LDAP injections in Java 
Autoformat
 2020-01-22 21:42:47 +01:00
Grzegorz Golawski
00ee3d2549 Query to detect LDAP injections in Java 
Cleanup
 2020-01-18 20:21:38 +01:00
Grzegorz Golawski
95723b08e1 Query to detect LDAP injections in Java 
Add help
 2020-01-18 19:01:35 +01:00
Grzegorz Golawski
8cec46342f Query to detect LDAP injections in Java 
Refactoring
 2020-01-18 17:14:22 +01:00
Grzegorz Golawski
b7325232d7 Query to detect LDAP injections in Java 
Consider DNs as injection points as well
Add more taint steps
 2020-01-14 23:07:21 +01:00
Grzegorz Golawski
3e86dd1182 Query to detect LDAP injections in Java 
Apache LDAP API sink
 2020-01-12 20:19:25 +01:00
Grzegorz Golawski
c01aa3d2ee Query to detect LDAP injections in Java 
Spring LDAP sink
 2020-01-12 13:28:29 +01:00
Grzegorz Golawski
7570fa9137 Query to detect LDAP injections in Java 
JNDI and UnboundID sinks
JNDI, UnboundID and Spring LDAP sanitizers
 2020-01-11 21:55:54 +01:00
Robert Marsh
367d13c0ad Merge pull request #2570 from jbj/ir-overlappingVariableMemoryLocations 
C++: Fix overlappingVariableMemoryLocations perf
 2020-01-06 10:57:48 -08:00
Tom Hvitved
ed2125969e Merge pull request #2568 from calumgrant/cs/assignment-to-_ 
C#: Remove FP in useless assignment to _
 2020-01-06 15:39:45 +01:00
Max Schaefer
9160fbf106 Merge pull request #2435 from asger-semmle/phi-edge-barrier-guards 
JS: Phi edge barrier guards
 2020-01-06 14:14:18 +00:00
semmle-qlci
f48e4bc2a0 Merge pull request #2580 from asger-semmle/typescript-unbounded-recursion 
Approved by max-schaefer
 2020-01-06 14:00:55 +00:00
semmle-qlci
0c0073fb02 Merge pull request #2582 from asger-semmle/spurious-css-import 
Approved by max-schaefer
 2020-01-06 14:00:08 +00:00
semmle-qlci
7e9b5b1036 Merge pull request #2590 from asger-semmle/ts-install-deps-unverbose 
Approved by max-schaefer
 2020-01-06 13:57:43 +00:00
semmle-qlci
39531c6516 Merge pull request #2574 from max-schaefer/js/fix-17 
Approved by erik-krogh
 2020-01-06 12:43:56 +00:00
Asger F
79f8d02019 JS: Add change note 2020-01-06 11:38:13 +00:00
Asger F
4d25bfc038 JS: Fix copy pasta 2020-01-06 11:37:21 +00:00
Asger F
142c83f38f JS: Add negative dominance test 2020-01-06 11:37:21 +00:00
Asger F
aa6572b5c8 JS: Sanitize phi edges from barrier guards 2020-01-06 11:37:21 +00:00
Asger F
0b04f0d8f7 JS: Add test case for phi input 2020-01-06 11:37:20 +00:00
Asger F
a3481b3713 TS: Do not pass --verbose to yarn 2020-01-06 11:18:58 +00:00
semmle-qlci
48deb30756 Merge pull request #2573 from max-schaefer/js/generalise-alert-suppression 
Approved by asgerf
 2020-01-06 10:43:17 +00:00
semmle-qlci
5dcc5b3b1e Merge pull request #2581 from erik-krogh/FlowUselessExpr 
Approved by max-schaefer
 2020-01-06 08:33:36 +00:00
shati-patel
9b9d7121e8 Merge pull request #2583 from jf205/advanced-ql 
CodeQL documentation: reorganize 'Advanced QL' topics
 2020-01-03 16:02:28 +00:00
James Fletcher
47f61f3569 Update docs/language/learn-ql/writing-queries/debugging-queries.rst 
Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
 2020-01-03 15:55:14 +00:00
james
537739c42d docs: address review comments 2020-01-03 15:31:31 +00:00
semmle-qlci
dc7863ce29 Merge pull request #2579 from asger-semmle/typescript-trace-resolution 
Approved by max-schaefer
 2020-01-03 12:57:43 +00:00
james
23d1e06aa4 docs: move abstract classes topic to handbook 2020-01-03 12:07:01 +00:00
james
e8016a2303 docs: delete equivalence topic 2020-01-03 12:07:01 +00:00
james
fe18c18619 docs: move folding predicates topic 2020-01-03 12:06:55 +00:00
Asger F
4772798d7b JS: do not resolve arbitrary extensions to JavaScript files 2020-01-03 11:37:51 +00:00
Asger F
c5f73cb868 JS: Add test showing spurious .css import 2020-01-03 10:59:10 +00:00
semmle-qlci
29be46169a Merge pull request #2576 from asger-semmle/typescript-cyclic-prop-fallthroughnode 
Approved by max-schaefer
 2020-01-03 10:50:05 +00:00
Asger F
f31d47c66e TS: explain test case 2020-01-03 10:48:15 +00:00
Asger F
36546ce7fe TS: Print warning when bailing out of symbol type 2020-01-03 10:45:18 +00:00
Erik Krogh Kristensen
c22d3d0b3a add test for block-level flow type annotations 2020-01-03 11:07:35 +01:00
semmle-qlci
06d812a6ff Merge pull request #2556 from erik-krogh/RegexpVoidCxt 
Approved by max-schaefer
 2020-01-03 08:38:56 +00:00
Asger F
3a4771c29c TS: Wrap getTypeOfSymbolAtLocation in try/catch 2020-01-02 16:55:17 +00:00
Asger F
202746e92d TS: Guard getTypeAtLocation with try/catch 2020-01-02 16:31:23 +00:00
Asger F
0388e9ca0c TS: Add regression test 2020-01-02 16:28:49 +00:00
shati-patel
564013d188 Merge pull request #2578 from jf205/ql-spec-fixes 
QL spec: fix bullet list in 'Aggregations' section
 2020-01-02 15:55:49 +00:00
james
618a3f91d8 docs: fix list 2020-01-02 15:48:57 +00:00
Asger F
2ca0e7d232 TS: Disable output from tracing 2020-01-02 15:38:10 +00:00
Asger F
8f478f7caf TS: Add test with traceResolution: true 2020-01-02 15:04:30 +00:00