hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 23:56:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,969 Commits 1,703 Branches 162 Tags
f162749044f4ea91becfd2f95777b7cdce265977
Commit Graph

1117 Commits

Author SHA1 Message Date
Nick Rolfe
d293418672 Merge pull request #2478 from jbj/mergeback-20191202 
Mergeback from rc/1.23 to master
 2019-12-02 12:28:20 +00:00
semmle-qlci
dc7a0c1b91 Merge pull request #2442 from hvitved/csharp/dataflow/conversion-operator 
Approved by calumgrant
 2019-12-02 11:01:35 +00:00
Jonas Jensen
5b24b1efc3 Merge remote-tracking branch 'upstream/rc/1.23' into mergeback-20191202 
Conflicts solved:
	javascript/extractor/src/com/semmle/js/extractor/Main.java
	javascript/ql/test/query-tests/Statements/UseOfReturnlessFunction/tst.js
 2019-12-02 09:57:34 +01:00
Anders Schack-Mulligen
333d0a69d2 Java/C++/C#: Bugfix for field flow through reverse read. 2019-11-29 09:38:24 +01:00
Tom Hvitved
04cecc04dd C#: Update EntityFrameworkCore test 2019-11-28 15:28:50 +01:00
Tom Hvitved
af453d081e C#: Only track taint through conversion operators defined in libraries 2019-11-28 15:21:04 +01:00
Tom Hvitved
ce16bc553a C#: Autoformat 2019-11-27 13:47:24 +01:00
Tom Hvitved
39aaa38486 C#: Update EntityFramework test 2019-11-27 10:28:12 +01:00
Jonas Jensen
c05cc77a91 Merge pull request #2421 from dbartol/dbartol/IndirectAlias 
C++/C#: Cleanup in preparation for indirect alias analysis
 2019-11-26 21:59:17 +01:00
Dave Bartolomeo
4e1ee7a998 C++/C#: Fix formatting 2019-11-26 10:48:24 -07:00
Tom Hvitved
71e958eabc C#: Add taint-tracking steps through conversion operator calls 2019-11-26 13:53:50 +01:00
Tom Hvitved
acb069f69b C#: Add data flow tests for conversion operators 2019-11-26 13:53:17 +01:00
Dave Bartolomeo
7d48220a76 C++/C#: Make QLDoc conform to style guide 2019-11-25 11:26:45 -07:00
Dave Bartolomeo
521fbb125e C++/C#: Fix formatting 2019-11-25 11:12:23 -07:00
Tom Hvitved
fede9aed04 Merge pull request #2355 from cldrn/AspNetMaxRequestLength 
CodeQL query to check for insecure MaxLengthRequest values in ASP.NET applications
 2019-11-25 17:02:22 +01:00
Tom Hvitved
795959ef8d C#: Update expected test output 2019-11-25 13:41:12 +01:00
Tom Hvitved
71fd5379c9 C#: Remove tabs from qhelp file 2019-11-25 13:40:44 +01:00
Tom Hvitved
a26efdf4c1 Java/C++/C#: Rename DataFlowErasedType back to DataFlowType 2019-11-25 11:43:58 +01:00
Dave Bartolomeo
bd78f68975 C++/C#: Fix formatting 2019-11-22 16:08:49 -07:00
Dave Bartolomeo
df21835759 C++/C#: Refactor some integer constant code 
Make `bitsToBytesAndBits` omit the leftover bits if zero.
 2019-11-22 13:23:00 -07:00
Dave Bartolomeo
51ff262cbc C++/C#: Add IR SSA sanity tests 2019-11-22 13:16:05 -07:00
Dave Bartolomeo
bc48c25690 C++/C#: Make IRVariable and its derived classes non-abstract 2019-11-22 12:13:39 -07:00
Dave Bartolomeo
12daa76b70 C++: Make duplicateOperand query report function name 2019-11-22 11:00:01 -07:00
Dave Bartolomeo
27cc6b1e4f C++/C#: Fix compilation error in PrintSSA.qll 
We were privately importing `semmle.code.<lang>.ir.internal.Overlap`, but `PrintSSA.qll` was depending on it being public. This is made a little more complicated by the presence of cross-langage pyrameterized modules.
 2019-11-21 13:18:25 -07:00
Tom Hvitved
acc7d5298d Data flow: Sync files 2019-11-20 14:10:02 +01:00
Tom Hvitved
d0b4653e32 C#: Introduce DataFlowErasedType 2019-11-20 14:09:46 +01:00
Paulino Calderon
63884c1a86 Mixed spaces and tabs 2019-11-19 13:06:55 -05:00
Paulino Calderon
85eda8c978 Brings security tests from other PRs 2019-11-19 13:04:19 -05:00
Paulino Calderon
96a02aba3f Adds quotes on name and additional info tags 2019-11-19 12:39:10 -05:00
Calum Grant
b9d1c38753 Merge pull request #2371 from max-schaefer/rc/1.23 
Merge rc/1.23 into master
 2019-11-18 14:15:31 +00:00
semmle-qlci
ed4657c201 Merge pull request #2340 from hvitved/csharp/nunit-assertions 
Approved by calumgrant
 2019-11-18 13:02:49 +00:00
Tom Hvitved
3d1ce55642 C#: Address review comments 2019-11-18 10:53:02 +01:00
Paulino Calderon
56c12adab7 Adds check for insecure MaxLengthRequest values 2019-11-16 14:21:39 -05:00
yh-semmle
de65f023d6 Merge pull request #2167 from aschackmull/java/dataflow-out-of-arg-refactor 
Java/C++/C#: Refactor dataflow to simplify return flow.
 2019-11-15 11:10:06 -05:00
Tom Hvitved
c95db9e6f8 Merge pull request #2331 from calumgrant/cs/default-interface-methods 
C#: Tests for default interface methods
 2019-11-15 16:36:47 +01:00
Tom Hvitved
20a1cb6fc8 C#: Teach assertion library about (classical) NUnit assertions 
This commit adds support for (classical) NUnit assertions (see
https://github.com/nunit/docs/wiki/Assertions). Modern constraint-based assertions,
such as `Assert.That(o, Is.Not.Null)` are currently not supported, because they
would require a restructuring of the assertion library.
 2019-11-15 14:07:28 +01:00
Tom Hvitved
f9bff172d4 C#: Add missing assignment data flow steps 2019-11-15 11:36:05 +01:00
Tom Hvitved
f8791c884f C#: Add more data flow tests for assignments 2019-11-15 11:30:40 +01:00
Calum Grant
aac360463b C#: Tests for default interface methods. 2019-11-15 10:13:04 +00:00
Calum Grant
f3c92c5527 C#: Address review comment 2019-11-14 17:14:51 +00:00
Calum Grant
09356a377f C#: Improved CIL instruction types to pass type consistency checks 2019-11-14 17:14:51 +00:00
Calum Grant
051dd6b3dc C#: Update qltests. 2019-11-14 17:14:51 +00:00
Anders Schack-Mulligen
106b8cfbca Java/C++/C#: Fix bad magic and bad join-order. 2019-11-14 13:17:17 +01:00
Tom Hvitved
94583cde10 Merge pull request #2245 from calumgrant/cs/nullability-refactor 
C#: Store nullability on the side
 2019-11-14 11:44:39 +01:00
Dave Bartolomeo
08620046ab Merge pull request #2068 from rdmarsh2/rdmarsh/cpp/ir-constructor-side-effects 
C++: side effect instrs for constructor qualifiers
 2019-11-13 14:56:24 -07:00
Dave Bartolomeo
e89ecc19e3 Merge pull request #2302 from max-schaefer/test-qlpacks 
Add `qlpack.yml` files for test folders.
 2019-11-13 12:21:19 -07:00
Robert Marsh
0175c44a14 C#: update IR test expectations 2019-11-13 10:58:38 -08:00
Calum Grant
38f82d8377 Merge remote-tracking branch 'upstream/master' into cs/nullability-refactor 2019-11-13 15:31:45 +00:00
Tom Hvitved
46bc804562 Merge pull request #2286 from calumgrant/cs/windows-tests 
C#: Make qltests pass on all platforms
 2019-11-13 16:21:08 +01:00
Calum Grant
6e24a92179 Merge remote-tracking branch 'upstream/master' into cs/nullability-refactor 2019-11-13 14:58:58 +00:00