hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-20 22:46:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,960 Commits 1,712 Branches 163 Tags
f190f834062aef2fbc36ab32b5e18b76704420da
Commit Graph

2960 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mark Shannon
f190f83406 Python: Give most non-self instance attributes the 'unknown' value; improves reachability analysis. 2019-01-31 15:05:13 +00:00
Felicity Chapman
54242f4009 Merge pull request #849 from jf205/locations 
Update links to QL help topics in GH repo files (SD-2999)
 2019-01-30 11:06:22 +00:00
Calum Grant
9b7f4a8ce5 Merge pull request #845 from hvitved/csharp/get-type-non-null 
C#: Teach guards library about `object.GetType()`
 2019-01-30 10:08:05 +00:00
Calum Grant
722402fc89 Merge pull request #825 from hvitved/csharp/cfg/splitting-performance 
C#: Improve performance of CFG split set computation
 2019-01-30 10:05:25 +00:00
james
7cc1442ecb Update link text 2019-01-30 09:44:07 +00:00
james
a98aae0a24 update links to lgtm.com/docs 2019-01-30 08:02:03 +00:00
james
81137aa7b4 update links to locations in .ql files 2019-01-30 08:02:02 +00:00
james
9d1a050f35 update links to locations in .qll files 2019-01-30 08:01:49 +00:00
Taus
83e2689645 Merge pull request #844 from markshannon/python-hide-magic-variables-in-test 
Python tests: Further hiding of special ESSA variables in tests
 2019-01-29 18:51:06 +01:00
Taus
3d7821c83a Merge pull request #820 from markshannon/python-incomplete-url-sanitize 
Python: Two new queries for URL and hostname sanitization (CWE-020).
 2019-01-29 17:48:42 +01:00
Tom Hvitved
16d3399039 C#: Teach guards library about object.GetType() 2019-01-29 16:40:36 +01:00
Tom Hvitved
87bb4a1d56 C#: Add null guard test involving GetType() 2019-01-29 16:32:13 +01:00
Mark Shannon
9820249c71 Python tests: Further hiding of special ESSA variables in tests, to ease transition from '*' to '$' variable. 2019-01-29 15:06:47 +00:00
Taus
9adb19f3a9 Merge branch 'master' into python-incomplete-url-sanitize 2019-01-29 14:17:37 +01:00
Jonas Jensen
d776d9f903 Merge pull request #821 from geoffw0/query-tags-case 
CPP: Improve ArrayArgSizeMismatch.ql
 2019-01-29 03:52:52 -08:00
semmle-qlci
a5aee9ed0f Merge pull request #833 from esben-semmle/js/sharpen-cond 
Approved by xiemaisi
 2019-01-29 08:03:06 +00:00
Taus
1d28c63703 Merge pull request #810 from markshannon/python-hide-magic-variables 
Python hide magic variables
 2019-01-28 23:21:31 +01:00
Taus
0f5b21e392 Merge pull request #807 from markshannon/python-insecure-file-permission 
Python: Weak file permissions query.
 2019-01-28 23:21:10 +01:00
semmle-qlci
bf64fee4bd Merge pull request #790 from rdmarsh2/rdmarsh/cpp/futile-params 
Approved by semmledocs-ac
 2019-01-28 22:11:44 +00:00
Robert Marsh
9642a78bde C++: add FutileParams.ql to C++ suite 
In theory this query will produce no results on C++ code; in practice, I
suspect the "cpp" suite is often run on code compiled as C, so it is
likely to be worth running anyways.
 2019-01-28 09:40:19 -08:00
Robert Marsh
54fdf9f29d C++/Docs: respond to doc comments on PR 2019-01-28 09:34:45 -08:00
Taus
15643d1bb6 Merge pull request #814 from markshannon/python-fix-tornado-request-path 
Python: Fix tornado and twisted request attribute tracking.
 2019-01-28 17:38:34 +01:00
Calum Grant
c86e6bd6ff Merge pull request #826 from hvitved/csharp/autobuild/dotnet-install-script-cleanup 
C#: Cleanup dotnet install script after installation in autobuilder
 2019-01-28 16:33:55 +00:00
Calum Grant
eef1abfa69 Merge pull request #743 from hvitved/csharp/dataflow-splitting 
C#: Teach data flow library about CFG splitting
 2019-01-28 16:31:24 +00:00
Taus
c503ec4608 Merge pull request #806 from markshannon/python-points-to-remove-some-negation 
Python: Remove some negation from points-to, in preparation for ADT Objects.
 2019-01-28 16:25:18 +01:00
Taus
f61e7b66cc Merge pull request #835 from markshannon/python-compare-is-enum 
Python: Fix 'comparison using is' query to account for enum members.
 2019-01-28 16:22:57 +01:00
Mark Shannon
39705cf733 Python: Clarify predicate a bit. 2019-01-28 14:33:39 +00:00
Mark Shannon
6d553ae2be Python: Check os.open as well as os.chmod for weak file permissions. 2019-01-28 14:26:16 +00:00
Tom Hvitved
86721ff800 C#: Add more documentation to SuccSplits module 2019-01-28 14:12:17 +01:00
Taus
e891ab7a54 Merge pull request #834 from markshannon/python-move-test-to-internal 
Python: Remove AST test (it will be added to the extractor tests).
 2019-01-28 14:03:33 +01:00
Mark Shannon
4e5d4e265c Add change note. 2019-01-28 13:01:04 +00:00
Mark Shannon
53fbf51ee8 Python: Fix handling of enum members in python/ql/src/Expressions/IsComparisons.qll. 2019-01-28 12:20:31 +00:00
Mark Shannon
5da209f876 Python: add failing test for comparison using 'is' and enum members. 2019-01-28 12:19:54 +00:00
Mark Shannon
1bec219048 Python: Remove AST test (it will be added to the extractor tests). 2019-01-28 11:41:12 +00:00
Mark Shannon
b841ecbb7c Python: Fix tornado and twisted request attribute tracking; 'path' attribute can be trusted, but 'uri' and 'arguments' cannot. 2019-01-28 11:26:00 +00:00
Jonas Jensen
ccfb1c229a Merge pull request #831 from geoffw0/query-tags-5 
CPP: Tweak tags for consistency
 2019-01-28 10:55:09 +01:00
Geoffrey White
bf7cdad736 CPP: Change note. 2019-01-28 09:31:06 +00:00
Esben Sparre Andreasen
239fe6e419 fixup! JS: sharpen the js/trivial-conditional whitelist 2019-01-28 10:18:03 +01:00
semmle-qlci
962416ffc2 Merge pull request #805 from asger-semmle/callback-taint-source 
Approved by xiemaisi
 2019-01-28 08:45:37 +00:00
semmle-qlci
8b029a2d9f Merge pull request #827 from xiemaisi/js/duplicate-toplevel-percent 
Approved by esben-semmle
 2019-01-28 08:40:23 +00:00
Jonas Jensen
4d441a3bdb Merge pull request #824 from geoffw0/fread 
CPP: Add 'fread' to BufferAccess.qll
 2019-01-28 09:07:22 +01:00
Jonas Jensen
0dad04bd7e Merge pull request #829 from geoffw0/deprecate-fpv 
CPP: Deprecate FunctionPointerVariable and FunctionPointerMemberVariable
 2019-01-28 08:47:49 +01:00
semmle-qlci
65b64c7c05 Merge pull request #645 from sb-semmle/configuration-file-library 
Approved by yh-semmle
 2019-01-26 02:06:16 +00:00
Esben Sparre Andreasen
ef3b107cc1 JS: sharpen the js/trivial-conditional whitelist 2019-01-25 18:19:45 +01:00
Geoffrey White
1328cb8013 CPP: Tweak tags for consistency across near duplicate queries. 2019-01-25 16:50:05 +00:00
Mark Shannon
3850f87879 Make qhelp for 'Incomplete URL substring sanitization' consistent across languages. 2019-01-25 16:47:23 +00:00
Geoffrey White
98ba308207 CPP: Use memberMayBeVarSize. 2019-01-25 16:40:11 +00:00
Geoffrey White
c527f9c90c CPP: Upgrade precision to high. 2019-01-25 16:38:25 +00:00
Jonas Jensen
c90d4bb24c Merge pull request #822 from geoffw0/query-tags-4 
CPP: Query tags 4
 2019-01-25 17:08:56 +01:00
semmle-qlci
d8947a71a5 Merge pull request #735 from asger-semmle/string-ops 
Approved by xiemaisi
 2019-01-25 15:15:19 +00:00