hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-15 18:01:10 +02:00
Code Issues Packages Projects Releases Wiki Activity
26,507 Commits 1,785 Branches 169 Tags
eac0222f2ca08af2c5b100b29a2b10941e2a2379
Commit Graph

26507 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
eac0222f2c C++: Add more CWEs to 'cpp/incorrect-allocation-error-handling'. 2021-10-04 15:15:40 +01:00
Tom Hvitved
70e41b180e Merge pull request #6800 from hvitved/csharp/constant-cond-tuple-discard 
C#: Filter discards in tuples in `ConstantCondition.ql`
 2021-10-04 14:38:45 +02:00
Tom Hvitved
9762ce706b Merge pull request #6799 from hvitved/csharp/dead-store-using-discard 
C#: Filter using `var _ = ... results` from `DeadStoreOfLocal.ql`
 2021-10-04 14:38:15 +02:00
Chris Smowton
041aff6bfd Merge pull request #6802 from atorralba/atorralba/fix-flowtestcasegenerator-folder 
Java: Fix flow test case generator's folder name
 2021-10-04 13:36:01 +01:00
Nick Rolfe
2a44cd8c98 Merge pull request #6803 from nickrolfe/cpp_upgrade_script 
C++: add upgrade script for dbscheme comment changes
 2021-10-04 13:31:13 +01:00
Tony Torralba
064aba810b Remove hyphens from the flow testcase generator folder name 
So that it can be imported from the autogenerated query `gen.ql`
 2021-10-04 13:31:07 +02:00
Nick Rolfe
5aec84b672 C++: add upgrade script for dbscheme comment changes 2021-10-04 12:30:42 +01:00
Tom Hvitved
a315640082 C#: Address review comments 2021-10-04 13:15:26 +02:00
Tom Hvitved
f06632a8e7 C#: Filter discards in tuples in ConstantCondition.ql 2021-10-04 13:04:18 +02:00
Anders Schack-Mulligen
65a4f36cf8 Merge pull request #6767 from aschackmull/dataflow/callback-postupdate 
Dataflow: Support side-effects for callbacks in summaries.
 2021-10-04 11:13:18 +02:00
Tom Hvitved
70b9b002cb C#: Add change note 2021-10-04 10:48:07 +02:00
Tom Hvitved
682a2aae3a C#: Filter using var _ = ... results from DeadStoreOfLocal.ql 2021-10-04 10:45:44 +02:00
Jonas Jensen
ce27acd099 Merge pull request #6793 from MathiasVP/add-return-value-deref-to-model-util 
C++: Handle return value dereferences in `ModelUtil.qll`
 2021-10-04 09:22:52 +02:00
Mathias Vorreiter Pedersen
cc8b581c06 C++: Accept test changes. 2021-10-01 22:23:17 +02:00
Mathias Vorreiter Pedersen
cca77ed65c Merge branch 'main' into add-return-value-deref-to-model-util 2021-10-01 22:02:06 +02:00
Tamás Vajk
62aa7b75bd Merge pull request #6792 from tamasvajk/fix/csv-workflow 
Let 'ql/lib' folders trigger the CSV workflow
 2021-10-01 19:44:48 +02:00
Mathias Vorreiter Pedersen
0679142607 C++: Accept test changes. 2021-10-01 18:27:55 +02:00
Mathias Vorreiter Pedersen
3463c28e24 C++: Add return value dereference to 'callOutput'. This will need to be modified once we get return value side effects in the IR. 2021-10-01 18:27:46 +02:00
Anders Schack-Mulligen
99ba80d492 C#: Adjust test output. 2021-10-01 16:57:30 +02:00
Tamas Vajk
ebe0988d9a Let 'ql/lib' folders trigger the CSV workflow 2021-10-01 16:30:56 +02:00
yoff
1ce9426adf Merge pull request #6761 from RasmusWL/cryptodome-sha3 
Python/JS: Recognize SHA-3 hash functions
 2021-10-01 13:33:36 +02:00
Anders Schack-Mulligen
eb26b4a04b Merge pull request #6755 from alexet/alexet/cache-params-string 
Java: Fix more performance issues with future versions of codeql.
 2021-10-01 12:54:53 +02:00
Mathias Vorreiter Pedersen
a3cf721b9e Merge pull request #6713 from geoffw0/cwe139 
C++: New query for 'Cleartext transmission of sensitive information'
 2021-10-01 11:10:36 +02:00
Geoffrey White
679b0f9b73 C++: Autoformat. 2021-10-01 09:40:16 +01:00
Anders Schack-Mulligen
799e099d1d Merge pull request #6784 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-10-01 10:05:34 +02:00
github-actions[bot]
3d61c81456 Add changed framework coverage reports 2021-10-01 00:09:22 +00:00
Chris Smowton
f48c418d6d Merge pull request #5907 from x-f1v3/java/hardcoded-shiro-key 
Java: CWE-798: Query to detect hard-coded SHIRO key
 2021-09-30 17:58:12 +01:00
Chris Smowton
ec4cb7c90f Fix typo 2021-09-30 16:22:12 +01:00
Chris Smowton
cb4ce36d3c Update change note; drop unnecessary import 2021-09-30 15:00:13 +01:00
Chris Smowton
b0983cb726 Specifically include Base64 encode/decode as a likely intermediate step for hardcoded credentials 2021-09-30 14:57:49 +01:00
Chris Smowton
b57a58c253 Amend change note 2021-09-30 14:27:05 +01:00
f1v3
24c9bb2fb7 autoformat 2021-09-30 14:26:19 +01:00
f1v3
168fc4170d Apply suggestions from code review 2021-09-30 14:26:14 +01:00
f1v3
f3bde56de9 detects a hard-coded cipher key for shiro 2021-09-30 14:22:48 +01:00
Chris Smowton
60a023d064 Merge pull request #5852 from luchua-bc/java/hardcoded-azure-credential 
Java: CWE-798 Query to detect hard-coded Azure credentials
 2021-09-30 14:11:29 +01:00
yoff
c1c63d0c28 Merge pull request #6738 from RasmusWL/qldoc-getArgByName 
Python: Add QLDoc to `Function.getArgByName`
 2021-09-30 14:11:18 +02:00
Jonas Jensen
45cf6344cd Merge pull request #6184 from github/rdmarsh2/improve-exec-tainted 
C++: Refactor ExecTainted.ql to only report results after string concatenation
 2021-09-29 19:21:13 +02:00
CodeQL CI
e9b4e571e1 Merge pull request #6775 from RasmusWL/fix-hasLocationInfo-url 
Approved by aschackmull, erik-krogh, hvitved, jbj, tausbn
 2021-09-29 16:51:08 +01:00
alexet
447eb23356 Java: Fix for tc magic issue with subtyping. 2021-09-29 16:01:08 +01:00
Tamás Vajk
089bb33113 Merge pull request #6773 from tamasvajk/fix/global-stmt-library 
C#: Handle invalid code gracefully: global statements in library
 2021-09-29 16:18:05 +02:00
Rasmus Wriedt Larsen
ba990f72f2 Another hasLocationInfo URL reference fix 2021-09-29 14:00:28 +02:00
Rasmus Wriedt Larsen
987b573709 Fix hasLocationInfo URL reference 
Follow up to https://github.com/github/codeql/pull/5830
 2021-09-29 13:47:58 +02:00
alexet
dea8dde566 Java: Improve performance of confusing overloading query. 2021-09-29 12:17:30 +01:00
Tamas Vajk
e17071723f C#: Handle invalid code gracefully: global statements in library 2021-09-29 10:23:33 +02:00
Mathias Vorreiter Pedersen
8dcf7926de Merge pull request #6760 from andersfugmann/relax_memberMayBeVarSize 
Increase precision to high for cpp/static-buffer-overflow
 2021-09-29 10:09:11 +02:00
Benjamin Muskalla
d09c3bf863 Merge pull request #6748 from bmuskalla/fixHiddenTypesTestGenerator 
Java: Avoid stubbing methods with private parameter types
 2021-09-29 09:27:13 +02:00
Anders Schack-Mulligen
1a92fa5d92 Merge pull request #6772 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-09-29 09:25:19 +02:00
github-actions[bot]
8d2ad4ed17 Add changed framework coverage reports 2021-09-29 00:08:05 +00:00
Geoffrey White
89098f54be C++: Correct comment. 2021-09-28 20:03:42 +01:00
Benjamin Muskalla
5f659f6e48 Merge branch 'main' into fixHiddenTypesTestGenerator 2021-09-28 17:42:39 +02:00