hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 19:55:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,858 Commits 1,741 Branches 166 Tags
faaca2199600dd348a2e4f4b06aa79a9da971cbc
Commit Graph

1858 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
9922e36590 CPP: Add missing file. 2018-11-20 16:55:10 +00:00
Geoffrey White
ae91581204 CPP: Change note. 2018-11-20 16:52:36 +00:00
Geoffrey White
0493b68b50 Merge pull request #497 from jbj/disable-no-virtual-destructor 
C++: Remove @precision from AV Rule 78
 2018-11-20 16:44:36 +00:00
Geoffrey White
d8381ef448 CPP: Add change notes for some more changes. 2018-11-20 16:42:17 +00:00
Geoffrey White
7df7d8dd9e CPP: Add change notes for new query contributions. 2018-11-20 16:14:22 +00:00
Geoffrey White
e8f967a477 CPP: Add change notes for my recent changes. 2018-11-20 16:14:22 +00:00
Tom Hvitved
3e78c2671f C#: Generalize pre-SSA library to include local-scope-like fields/properties 2018-11-20 15:07:44 +01:00
Tom Hvitved
25150265dc C#: Compute phi inputs in pre-SSA library 
Logic is copied directly from the ordinary SSA library.
 2018-11-20 15:07:43 +01:00
Jonas Jensen
33111b6b27 Merge pull request #498 from geoffw0/test-cleanup 
CPP: Clean up some test code.
 2018-11-20 14:44:52 +01:00
Tom Hvitved
252b756184 Merge pull request #472 from felicity-semmle/csharp/SD-2778-qhelp-update 
C#: Minor updates for consistency (SD-2778)
 2018-11-20 14:28:29 +01:00
semmle-qlci
4b5f24d99e Merge pull request #449 from hvitved/csharp/ssa/live-at-rank 
Approved by calumgrant
 2018-11-20 13:01:02 +00:00
semmle-qlci
1c1d2e943a Merge pull request #496 from esben-semmle/js/yui-directives 
Approved by xiemaisi
 2018-11-20 12:59:55 +00:00
semmle-qlci
8333f72030 Merge pull request #470 from esben-semmle/custom-abstract-values-only 
Approved by xiemaisi
 2018-11-20 12:59:35 +00:00
Max Schaefer
c1690a69e5 JavaScript: Make TargetBlank only highlight the first line of the link. 
Otherwise alerts for multi-line `<a>` elements end up looking very red.

I also took the opportunity to improve the tests slightly.
 2018-11-20 12:53:27 +00:00
Esben Sparre Andreasen
82fc8ae32a JS: support indirection with extra args in js/missing-this-qualifier 2018-11-20 11:29:03 +01:00
Geoffrey White
342164ff71 CPP: Clean up / normalize some test code. 2018-11-20 09:50:59 +00:00
Jonas Jensen
6c0305cb80 Merge pull request #495 from geoffw0/returnvalue 
CPP: Fix 'Missing return statement'
 2018-11-20 10:16:30 +01:00
Jonas Jensen
d7c2f9d185 C++: Remove @precision from AV Rule 78 
This rule, named "No virtual destructor", was supposed to be superseded
by `cpp/virtual-destructor` in 0c796de83, but that commit didn't
actually disable this rule, so both rules are now active in the LGTM
suite.

This commit disables the rule by removing `@precision`. We're still
discussing the best way to disable rules that are precise and valid but
not universally applicable. For now, removing `@precision` is consistent
with how we're keeping most other JSF queries from appearing on LGTM.
 2018-11-20 09:43:54 +01:00
Jonas Jensen
cc28d04ba7 Merge pull request #405 from geoffw0/selfcompare 
CPP: Fix false positives in PointlessSelfComparison.ql
 2018-11-20 09:25:10 +01:00
Tom Hvitved
9f7eef02ec C#: Address review comments 2018-11-20 09:24:53 +01:00
Esben Sparre Andreasen
54fea1a4cb JS: support "xyz:nomunge" YUI compressor directives 2018-11-20 09:00:33 +01:00
Esben Sparre Andreasen
ee7a6af7c7 JS: address review comments 2018-11-20 08:37:23 +01:00
Felicity Chapman
fc6e9be75a Fix incorrect tag 2018-11-20 07:12:48 +00:00
semmle-qlci
26a248b14a Merge pull request #487 from xiemaisi/js/lint-join-order 
Approved by esben-semmle
 2018-11-20 06:51:33 +00:00
semmle-qlci
7df397f8ab Merge pull request #486 from xiemaisi/js/lower-severities 
Approved by asger-semmle
 2018-11-20 06:39:23 +00:00
semmle-qlci
f5e25e61e0 Merge pull request #490 from xiemaisi/js/remove-actual 
Approved by asger-semmle
 2018-11-19 16:20:19 +00:00
Geoffrey White
5cae65295d CPP: Fix FPs from AV Rule 114.ql. 2018-11-19 16:09:40 +00:00
Geoffrey White
d18a7012f5 CPP: Add a test case. 2018-11-19 16:08:32 +00:00
Geoffrey White
33130b9800 CPP: Apply recommended fix. 2018-11-19 14:39:28 +00:00
Geoffrey White
6a14748af8 CPP: Add recommended test. 2018-11-19 14:25:11 +00:00
Geoffrey White
646bb01a5f CPP: Change note. 2018-11-19 14:04:14 +00:00
Jonas Jensen
111df470c3 Merge pull request #485 from geoffw0/limitedscopefunction 
CPP: Fix Limitedscopefunction.ql
 2018-11-19 14:51:20 +01:00
Jonas Jensen
6d17642240 Merge pull request #476 from geoffw0/av_165 
CPP: Fix AV Rule 165
 2018-11-19 14:32:02 +01:00
Jonas Jensen
2ce2c0a876 Merge pull request #475 from geoffw0/av_164 
CPP: Fix AV Rule 164
 2018-11-19 14:23:36 +01:00
Max Schaefer
6021d2499d JavaScript: Remove accidentally committed .actual file. 2018-11-19 12:24:19 +00:00
Geoffrey White
cf27978325 CPP: Give OffsetUseBeforeRangeCheck.ql a precision. 2018-11-19 11:56:07 +00:00
Geoffrey White
e72505707b CPP: Check for a range check before the use. 2018-11-19 11:49:22 +00:00
Geoffrey White
6cdfaeea3c CPP: getAChild() -> getAChild*(). 2018-11-19 11:47:14 +00:00
Geoffrey White
01611d4d96 CPP: Add a test for OffsetUseBeforeRangeCheck.ql. 2018-11-19 11:47:14 +00:00
Max Schaefer
73ad3f5c8a JavaScript: Tweak JSLint library to avoid bad join order. 2018-11-19 09:12:02 +00:00
Tom Hvitved
dd4c9654f2 Merge pull request #483 from calumgrant/cs/vulnerable-package 
C#: Remove duplicate results from cs/use-of-vulnerable-package
 2018-11-19 10:09:37 +01:00
Max Schaefer
1b59a28be0 JavaScript: Downgrade a few "error" rules to "warning". 
For all of these queries, the results we tend to see in practice are certainly worth investigating, but aren't crashing bugs, so making them warnings seems more appropriate.
 2018-11-19 09:09:26 +00:00
Max Schaefer
db175f5584 JavaScript: Sort change notes alphabetically. 2018-11-19 09:00:38 +00:00
semmle-qlci
9e4aeb36a6 Merge pull request #436 from asger-semmle/url-concat 
Approved by xiemaisi
 2018-11-19 08:57:24 +00:00
semmle-qlci
328c86c552 Merge pull request #479 from asger-semmle/typescript-extractor-perf1 
Approved by xiemaisi
 2018-11-19 08:53:41 +00:00
semmle-qlci
128118cfa7 Merge pull request #481 from asger-semmle/typescript-jsx 
Approved by xiemaisi
 2018-11-19 08:53:15 +00:00
yh-semmle
47b9218b05 Merge pull request #480 from aschackmull/java/path-problem-conversion 
Java: Convert security queries to path-problem.
 2018-11-18 20:55:52 -05:00
Geoffrey White
a51b9847b2 CPP: Modify similar query as well. 2018-11-16 22:49:35 +00:00
Geoffrey White
9f688eb7e2 CPP: Exclude variables that have non-function accesses. 2018-11-16 22:48:30 +00:00
Geoffrey White
2d07410f97 CPP: Exclude variables that are part of an interface. 2018-11-16 22:46:11 +00:00