codeql

mirror of https://github.com/github/codeql.git synced 2026-03-01 21:34:50 +01:00

Author	SHA1	Message	Date
Remco Vermeulen	fed506a12f	Rename TrustedSource to SafeHeaderSplittingSource	2020-07-09 14:36:23 +02:00
Remco Vermeulen	5f560e0465	Extract `HeaderSplittingSink` and `WhitelistedSource` - Extract `HeaderSplittingSink` and `WhitelistedSource` into an importable library. - Rename the existing `HeaderSplittingSink` implementation to `ServletHeaderSplittingSink`.	2020-07-08 17:17:24 +02:00
Anders Schack-Mulligen	c166fee198	Merge pull request #3894 from aibaars/util-arrays Java: model taint for java.util.Arrays	2020-07-08 09:06:40 +02:00
Arthur Baars	940fec5669	Drop taint tracking for Arrays.{deepToString,toString}	2020-07-07 17:26:49 +02:00
Arthur Baars	583f7f914e	Drop taint tracking for Arrays.{setAll, parallelSetAll, parallelPrefix}	2020-07-07 17:22:30 +02:00
Anders Schack-Mulligen	993506d781	Merge pull request #3820 from Marcono1234/patch-2 Add missing java.nio.file.Files methods to FileReadWrite.qll	2020-07-07 10:29:17 +02:00
Marcono1234	0a9686709b	Fix wrong method name	2020-07-06 18:52:07 +02:00
Marcono1234	6ff8508d01	Java: Clarify documentation for Location predicate results	2020-07-06 15:46:11 +02:00
Arthur Baars	d2734b2903	Merge pull request #3684 from aschackmull/java/javadoctag-qldoc Java: Improve qldoc for JavadocTag.	2020-07-06 11:42:04 +02:00
Arthur Baars	98d24101b1	Merge pull request #3687 from aschackmull/java/getanenclosingstmt Java: Add Expr.getAnEnclosingStmt.	2020-07-06 11:41:21 +02:00
Marcono1234	f8e474f89a	Add missing java.nio.file.Files methods to FileReadWrite.qll	2020-07-05 18:39:26 +02:00
Arthur Baars	0b89efbee4	Java: model Arrays::addList	2020-07-03 17:15:17 +02:00
Arthur Baars	a07af79fff	Java: model java.util.Arrays	2020-07-03 17:15:17 +02:00
Arthur Baars	c629f6b13a	Merge pull request #3869 from aibaars/util-collections Java: model java.util.Collections	2020-07-03 17:09:14 +02:00
Arthur Baars	5fff41f35b	Don't track taint on Map keys	2020-07-03 14:47:25 +02:00
Arthur Baars	21a4b8d6c0	Java: remove useless casts	2020-07-02 13:03:15 +02:00
Arthur Baars	d80bf3395f	Add Navigable variants and sort method names	2020-07-02 13:02:38 +02:00
Arthur Baars	e7b495e7d3	Java: model Collections::addAll	2020-07-02 12:38:22 +02:00
Arthur Baars	5cf5c77b09	Java: model java.util.Collections	2020-07-02 12:25:55 +02:00
Anders Schack-Mulligen	7d057598d8	Merge pull request #3857 from jbj/flowthrough-bigstep-perf C++: Remove big-step relation in flow-through code	2020-07-01 14:23:23 +02:00
Anders Schack-Mulligen	38b73ff684	Merge pull request #3854 from hvitved/dataflow/node-type-interface Data flow: Replace `getErasedRepr()` and `Node::getTypeBound()` with `getNodeType()`	2020-07-01 11:37:19 +02:00
Jonas Jensen	cff0f48d34	C++: Work around join-order issue in flow-through In this non-linear recursion, a `#prev` relation was joined earlier than the `#prev_delta` relation. As a result, each iteration of the predicate processes every tuple from previous iterations. This quadratic behavior caused severe slowdowns on oneapi-src/oneDNN.	2020-06-30 21:12:57 +02:00
Jonas Jensen	17beb2d867	C++: Remove big-step relation in flow-through code This relation was originally introduced to improve performance but may no longer be necessary. The `localFlowStepPlus` predicate had an explosion of tuples on oneapi-src/oneDNN for C++.	2020-06-30 21:06:45 +02:00
Mathias Vorreiter Pedersen	286c09183f	Merge pull request #3837 from geoffw0/qldoc5 C++/Java: Update QLDoc and terminology in Encryption.qll	2020-06-30 17:44:59 +02:00
Tom Hvitved	f1179cc202	Java: Follow-up changes	2020-06-30 17:44:16 +02:00
Tom Hvitved	1fa58bd82d	Data flow: Sync files	2020-06-30 17:37:16 +02:00
Geoffrey White	5c11c9ee43	Java: Rename additional private predicates.	2020-06-30 13:05:46 +01:00
Geoffrey White	f8425b8a58	Java: Update uses.	2020-06-30 13:02:48 +01:00
Geoffrey White	db0500b9ef	Java: Direct port of changes to Java.	2020-06-30 13:02:48 +01:00
Anders Schack-Mulligen	0bd81eb4b8	Dataflow: Fix reference to viableCallable.	2020-06-29 16:22:58 +02:00
Anders Schack-Mulligen	6c679c328d	Dataflow: Refactor dispatch with call context.	2020-06-25 14:28:35 +02:00
Anders Schack-Mulligen	941177ee25	Merge pull request #3762 from hvitved/dataflow/clear-contents Data flow: Model field clearing	2020-06-24 10:19:50 +02:00
Tom Hvitved	a3e7fd60f2	Data flow: Enable syntax highlighting in QLDoc snippets	2020-06-23 16:54:34 +02:00
Tom Hvitved	ff751ac0f8	Data flow: Sync files	2020-06-23 10:55:12 +02:00
Tom Hvitved	c01f570d9e	Java: Implement `clearsContent()`	2020-06-23 10:55:12 +02:00
Tom Hvitved	c057e82efa	Data flow: Sync files	2020-06-23 10:55:11 +02:00
Tom Hvitved	72e6c9c2b1	Data flow: Use `accessPathLimit()` in partial flow as well	2020-06-22 10:08:51 +02:00
Anders Schack-Mulligen	8107fbadc2	Merge pull request #3456 from hvitved/dataflow/precise-field-types Data flow: Track precise types during field flow	2020-06-19 11:50:10 +02:00
Anders Schack-Mulligen	74eab3cbc0	Dataflow: Fix qltest.	2020-06-17 17:23:35 +02:00
Anders Schack-Mulligen	cedfaf6aaf	Dataflow: autoformat	2020-06-17 17:09:55 +02:00
Anders Schack-Mulligen	543ab71dfe	Dataflow: minor review fixes.	2020-06-17 17:03:22 +02:00
Anders Schack-Mulligen	d28b5ace63	Dataflow: Sync.	2020-06-17 15:40:48 +02:00
Anders Schack-Mulligen	10b64fc47a	Dataflow: Record content type for stores.	2020-06-17 15:40:42 +02:00
Anders Schack-Mulligen	421a548e42	Update java/ql/src/semmle/code/java/Expr.qll	2020-06-12 09:24:37 +02:00
intrigus-lgtm	422b059aec	Fix typo	2020-06-11 22:54:13 +02:00
Anders Schack-Mulligen	c961a31789	Java: Add Expr.getAnEnclosingStmt.	2020-06-11 13:46:12 +02:00
Anders Schack-Mulligen	f23eb0432e	Java: Improve qldoc for JavadocTag.	2020-06-11 11:44:50 +02:00
semmle-qlci	1b8f3c4b84	Merge pull request #3657 from hvitved/dataflow/hidden-nodes Approved by aschackmull, jbj	2020-06-10 13:22:09 +01:00
Anders Schack-Mulligen	c334d72f11	Java: Fix CompileTimeConstantExpr qldoc and add char cast case.	2020-06-10 10:59:10 +02:00
Tom Hvitved	a371205db1	Data flow: Sync files	2020-06-09 13:55:12 +02:00

1 2 3 4 5 ...

466 Commits