codeql

mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	f0ba33ae74	C++: Accept test changes.	2022-12-20 18:19:18 +00:00
Mathias Vorreiter Pedersen	07ab119b8c	C++: Add explicit qualifiers.	2022-12-20 13:38:50 +00:00
Mathias Vorreiter Pedersen	d2964a7d4a	C++: Also handle '__finally' blocks.	2022-12-20 13:28:33 +00:00
Mathias Vorreiter Pedersen	3c8efa88e0	C++: Handle Microsoft '__try __except' in the existing 'TryStmt' IR logic.	2022-12-20 13:28:28 +00:00
Mathias Vorreiter Pedersen	cd6e421cf5	C++: Add a test with '__try __except' and '__try __finally' in the 'ir' test directory.	2022-12-20 13:28:22 +00:00
Mathias Vorreiter Pedersen	cbe330eb7b	Merge pull request #11693 from jketema/argv-param-flowsource C++: Define the `argv` flow source in terms the input parameter	2022-12-20 09:30:19 +00:00
Aditya Sharad	ed29b3e4d6	Shared packs: Depend on `codeql/tutorial` from all language libraries This allows `import tutorial` from queries targeting any language, just like before, while removing the duplicate copies of `tutorial.qll`.	2022-12-19 15:52:11 -08:00
Arthur Baars	a8be5d7274	AlertSuppression: add change notes	2022-12-19 17:02:52 +01:00
Arthur Baars	0f313231bc	AlertSuppression: add more tests	2022-12-19 16:43:11 +01:00
Jeroen Ketema	0c710479ec	C++: Update experimental test changes	2022-12-19 16:35:24 +01:00
Arthur Baars	c176606be5	AlertSuppression: allow //lgtm comments to scope over the next line	2022-12-19 16:10:26 +01:00
Arthur Baars	016c7a8ca7	Merge pull request #11719 from aibaars/alert-suppression-shared Shared AlertSuppression library	2022-12-19 16:04:44 +01:00
Jeroen Ketema	edd29f4b0e	C++: Add change note	2022-12-19 13:50:50 +01:00
Jeroen Ketema	ed33b905a6	C++: Simplify `cpp/path-injection` now `argv` sources are parameters	2022-12-19 12:54:16 +01:00
Jeroen Ketema	7549915773	C++: Accept test changes	2022-12-19 12:52:35 +01:00
Arthur Baars	ad80822a52	C/C++: use shared AlertSuppression.qll	2022-12-19 12:25:46 +01:00
Jeroen Ketema	a73bd050f7	C++: Define the `argv` flow source in terms the input parameter	2022-12-19 12:13:39 +01:00
Jeroen Ketema	2705aebbbc	C++: Restrict CWE-119 semmle tests to have a single main function	2022-12-19 12:13:37 +01:00
turbo	d1d4163b79	Exclude cpp/wrong-use-of-the-umask	2022-12-18 15:55:04 +01:00
turbo	1e5426fca2	Create security-experimental suite helper and all language suite implementations	2022-12-18 15:44:08 +01:00
Henry Mercer	30451ee950	Merge pull request #11681 from github/henrymercer/mergeback-3.8 Merge `rc/3.8` back to `main`	2022-12-16 17:43:12 +00:00
Jeroen Ketema	32800bca96	Merge pull request #11680 from jketema/predefined-typedef-for-float C++: Update tests after frontend changes	2022-12-16 15:21:58 +01:00
Tom Hvitved	e45edcc159	Merge pull request #11674 from hvitved/dataflow/param-context Data flow: Track callable in flow-through pruning	2022-12-16 09:25:15 +01:00
Mathias Vorreiter Pedersen	7d5e215a93	Merge pull request #11600 from geoffw0/offsetrangecheck C++: Fix cpp/offset-use-before-range-check performance.	2022-12-15 16:44:49 +00:00
Geoffrey White	cca0722a2b	Merge pull request #11710 from geoffw0/qldocalloc C++: Clarify Allocation.qll and Deallocation.qll	2022-12-15 15:36:48 +00:00
Tom Hvitved	f8571dd0b6	Data flow: Work around functionality-induced misoptimization	2022-12-15 15:29:14 +01:00
Tom Hvitved	6eda042229	Data flow: Sync files	2022-12-15 15:29:13 +01:00
Geoffrey White	e7ea0d7ee9	C++: Attempt to clarify the way Allocation.qll and Deallocation.qll should be used.	2022-12-15 13:05:56 +00:00
Jeroen Ketema	ef61d14e9c	C++: Add change note	2022-12-15 12:57:13 +01:00
Jeroen Ketema	0b4c4fd580	C++: Simplify deallocation check	2022-12-15 12:46:32 +01:00
Jeroen Ketema	4fb43d56b3	C++: Exclude deallocation functions as `scanf` result accesses	2022-12-15 09:39:16 +01:00
turbo	4ec401a3f6	Tag all security queries in supported languages' experimental directories with an experimental tag	2022-12-14 17:15:50 +01:00
Erik Krogh Kristensen	7615668f92	Merge pull request #11662 from erik-krogh/c-useInstanceOf Swift/C++: Use instanceof in more places	2022-12-14 14:30:21 +01:00
Henry Mercer	a3933fbf4f	Bump minor versions of packs we regularly release	2022-12-13 18:59:24 +00:00
Jeroen Ketema	19fb73ce24	C++: Update tests after frontend changes	2022-12-13 19:52:59 +01:00
Henry Mercer	7167f078be	Merge branch 'main' into henrymercer/mergeback-3.8	2022-12-13 18:40:53 +00:00
Tom Hvitved	cfcb3a60ba	C++: Update expected test output	2022-12-13 09:53:01 +01:00
Tom Hvitved	bc58cbec8c	C++: Implement `ContentApprox`	2022-12-13 09:53:01 +01:00
Tom Hvitved	0c2eee2a72	Data flow: Sync files	2022-12-13 09:52:55 +01:00
erik-krogh	92a7e787a8	C: do the minimal change to ValueNumberBound instead	2022-12-12 22:17:50 +01:00
erik-krogh	698e05f85a	Swift/C++: Use instanceof in more places	2022-12-12 16:58:13 +01:00
github-actions[bot]	343b7b1c8b	Post-release preparation for codeql-cli-2.11.6	2022-12-11 18:15:04 +00:00
Jeroen Ketema	beb66d027e	C++: Use `FlowSource` in `cpp/path-injection`	2022-12-10 20:27:56 +01:00
Jeroen Ketema	d5acd310ce	Merge pull request #11644 from jketema/lower-case-flow-source-description C++: Make all flow source descriptions start with a lower case letter	2022-12-10 20:23:14 +01:00
github-actions[bot]	0b2fb4f70a	Release preparation for version 2.11.6	2022-12-10 15:49:35 +00:00
Jeroen Ketema	ce92ba640a	C++: Accept test changes	2022-12-09 23:38:03 +01:00
Jeroen Ketema	9dc2614012	C++: Make all flow source descriptions start with a lower case letter In every context where we use the description a lower case letter makes more sense.	2022-12-09 23:18:58 +01:00
Jeroen Ketema	1e1974c9fb	C++: Add change note	2022-12-09 23:17:36 +01:00
Jeroen Ketema	331fab5ac0	C++: Generalize the `ArgvSource` flow source This matches `isUserInput` and handles cases where `argv` has a different name, which is allowed.	2022-12-09 23:12:31 +01:00
Mathias Vorreiter Pedersen	7d1f10bc78	Merge pull request #11627 from jketema/getaddrinfo C++: Model `getaddrinfo` as flow source	2022-12-09 12:38:43 +00:00

1 2 3 4 5 ...

8723 Commits