hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-07 03:30:24 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,488 Commits 1,676 Branches 157 Tags
fafd2f0a7c470e8bdcbcca80e68e278ce4595fc6
Commit Graph

15488 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
fafd2f0a7c C++: Add test cases for stringstream / ostream. 2020-09-07 18:27:42 +01:00
CodeQL CI
b5872fe848 Merge pull request #3873 from asger-semmle/js/type-qualified-name-fallback 
Approved by erik-krogh
 2020-09-07 09:48:05 +01:00
yoff
2a70da4da6 Merge pull request #4210 from tausbn/python-remove-spurious-global-flow 
Python: Remove implicit uses from `essaFlowStep`
 2020-09-07 10:16:18 +02:00
yoff
ae9f58489d Merge pull request #4159 from RasmusWL/python-port-dataflow-tests 
Python: port dataflow tests
 2020-09-07 09:54:12 +02:00
Jonas Jensen
eea893483d Merge pull request #4209 from geoffw0/taintbits 
C++: Fix a few remaining holes in taint through std::string
 2020-09-04 17:52:48 +02:00
Jonas Jensen
f92139d2b0 Merge pull request #4202 from geoffw0/localhidesparam 
C++: Improve handling of template functions in cpp/declaration-hides-parameter
 2020-09-04 17:52:35 +02:00
Taus Brock-Nannestad
266365d0b6 Python: Update strange-essaflow test 2020-09-04 16:38:59 +02:00
Taus Brock-Nannestad
260763a748 Python: Update consistency test results 2020-09-04 16:35:49 +02:00
Taus Brock-Nannestad
df1448cfb2 Merge branch 'main' into python-remove-spurious-global-flow 2020-09-04 16:28:03 +02:00
Geoffrey White
156a174cf4 C++: Add explanation. 2020-09-04 14:55:55 +01:00
Geoffrey White
96098c5244 C++: Simplify getConstructedFrom. 2020-09-04 14:52:01 +01:00
Taus
5ffc959e32 Merge pull request #4211 from RasmusWL/python-strange-essaflow 
Python: Add example of strange DataFlow::jumpStep
 2020-09-04 15:47:22 +02:00
Geoffrey White
2472b40b31 C++: Fix test comments. 2020-09-04 14:37:23 +01:00
Geoffrey White
43d8e83258 Merge branch 'main' into taintbits 2020-09-04 14:26:42 +01:00
Rasmus Wriedt Larsen
720e8c432e Python: Update comment for validTest expectations 2020-09-04 15:08:57 +02:00
Geoffrey White
5d1c2a3689 Merge pull request #4204 from jbj/SimpleRangeAnalysis-NEExpr 
C++: Support `!= constant` in range analysis
 2020-09-04 13:47:59 +01:00
Rasmus Wriedt Larsen
cf57afd102 Python: Add example of strange DataFlow::jumpStep 
The example code is just copied from command injection tests, that is not too
important. The important part is that `jumpStep` says there is flow from the
import of `os` to `app.route()` :O
 2020-09-04 14:39:16 +02:00
Taus
59c7907ee4 Merge pull request #4207 from RasmusWL/python-typetracker-small-fixes 
Python: Small fixes for TypeTracker
 2020-09-04 14:30:10 +02:00
Taus Brock-Nannestad
98266ad5da Python: Remove implicit uses from essaFlowStep 2020-09-04 14:22:43 +02:00
Rasmus Wriedt Larsen
6aae75799e Python: Fix import in type tracking test 
Fixes 7855576a6
 2020-09-04 13:36:25 +02:00
CodeQL CI
fd715a5b66 Merge pull request #4179 from RasmusWL/python-tainttracking-ala-go 
Approved by tausbn, yoff
 2020-09-04 12:20:12 +01:00
Jonas Jensen
958f89905d Merge pull request #4197 from github/aeisenberg/devcontainer-settings 
Update devcontainer memory settings
 2020-09-04 12:42:34 +02:00
Asger Feldthaus
961554eb6f JS: Autoformat 2020-09-04 10:42:26 +01:00
yoff
7a00fbc654 Merge pull request #4154 from RasmusWL/python-more-complete-dataflow-tests 
Python more complete dataflow tests
 2020-09-04 11:35:24 +02:00
Rasmus Wriedt Larsen
2f480597ef Merge pull request #4157 from RasmusWL/add-labeler-action 
Enable labeler action again
 2020-09-04 11:15:15 +02:00
Rasmus Wriedt Larsen
f12fa52e22 Python: Update inline example for TypeTracker usage 2020-09-04 11:11:30 +02:00
Rasmus Wriedt Larsen
189c94f9e3 Python: Add TypeTracker::end() 
Copied from JS
 2020-09-04 11:10:10 +02:00
Rasmus Wriedt Larsen
7855576a69 Python: TypeTracker only exposes its own interface 
This is especially important if the TypeTracker needs to be publicly imported by
DataFlowPublic.
 2020-09-04 10:58:20 +02:00
Geoffrey White
6c40e22f45 C++: Support further reverse taint flows on things that return *this. 2020-09-04 09:45:10 +01:00
Geoffrey White
018b0a5abf C++: Model std::string front, back and push_back. 2020-09-04 09:45:07 +01:00
Geoffrey White
6e734a894f C++: Additional test cases for std::string. 2020-09-04 09:44:58 +01:00
Asger F
0704be4d41 Update javascript/ql/src/semmle/javascript/TypeScript.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-04 08:55:31 +01:00
CodeQL CI
58f51899c9 Merge pull request #4173 from erik-krogh/targetBlankFP 
Approved by esbena
 2020-09-04 08:21:22 +01:00
Tom Hvitved
7f18c3377e Merge pull request #4017 from hvitved/csharp/unqualify-trap-ids3 
C#: Remove assembly prefixes from TRAP labels
 2020-09-04 09:20:39 +02:00
Jonas Jensen
fbe42fb64c C++: Support != constant in range analysis 2020-09-04 09:20:23 +02:00
Jonas Jensen
d061b09fe0 C++: Test showing no support for != and ! 2020-09-04 09:02:42 +02:00
Mathias Vorreiter Pedersen
b7774b2a82 Merge pull request #4201 from geoffw0/insert 
C++: Model iterator versions of string and vector methods
 2020-09-03 21:45:36 +02:00
Geoffrey White
1d04c89927 C++: Autoformat. 2020-09-03 18:54:36 +01:00
Geoffrey White
5124660831 C++: Change note. 2020-09-03 18:54:27 +01:00
Geoffrey White
2d7552358b C++: Put in a better fix. 2020-09-03 18:51:57 +01:00
Geoffrey White
a1c7fd8fec C++: Remove the workaround for CPP-331. 2020-09-03 18:51:21 +01:00
Geoffrey White
5150bf30e7 C++: Add another test case inspired by CPP-331. 2020-09-03 18:50:11 +01:00
Geoffrey White
1483306c4c C++: Add more tests. 2020-09-03 18:39:50 +01:00
CodeQL CI
f180497554 Merge pull request #4192 from max-schaefer/js/ssa__implicitinit 
Approved by asgerf
 2020-09-03 16:46:56 +01:00
Rasmus Wriedt Larsen
29bf98ad26 Python: Fix CUSTOM_SOURCE dataflow regression test 2020-09-03 15:03:53 +02:00
Asger Feldthaus
c05f5c1bc2 JS: Change note 2020-09-03 14:02:08 +01:00
Asger Feldthaus
393db73d0a JS: Update test 2020-09-03 14:01:40 +01:00
Asger Feldthaus
bfcc434a61 JS: Use both local and global names in hasQualifiedName 2020-09-03 14:01:13 +01:00
Asger Feldthaus
f7552a77c3 JS: Add metric for number of types with qualified names 2020-09-03 14:01:13 +01:00
Rasmus Wriedt Larsen
febbe1229a Merge branch 'main' into python-more-complete-dataflow-tests 2020-09-03 14:58:20 +02:00