hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 07:06:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,907 Commits 1,700 Branches 161 Tags
codeql-cli/latest
Commit Graph

85907 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
d8a30c48a3 update expected output of TaintedPath tests 2020-02-06 09:47:15 +01:00
Mathias Vorreiter Pedersen
ba395cf11a C++: Update test annotations and accept output 2020-02-06 09:26:33 +01:00
Mathias Vorreiter Pedersen
cfcf087d3c C++: Add comment explaining buggy value number 2020-02-06 09:26:33 +01:00
Mathias Vorreiter Pedersen
4f2775012a C++/C#: Sync identical files 2020-02-06 09:26:33 +01:00
Mathias Vorreiter Pedersen
5e5bd92cba C++: Accept output 2020-02-06 09:26:33 +01:00
Mathias Vorreiter Pedersen
54f0b4a099 C++: Add more support for load instructions 2020-02-06 09:21:42 +01:00
Mathias Vorreiter Pedersen
687dcb7ad1 C++: Add testcase demonstrating unexpectly different value numbers 2020-02-06 09:21:42 +01:00
Jonas Jensen
91927c9039 Merge remote-tracking branch 'upstream/master' into ir-crement-load 
Conflicts:
	cpp/ql/test/library-tests/ir/ssa/aliased_ssa_ir.expected
	cpp/ql/test/library-tests/ir/ssa/aliased_ssa_ir_unsound.expected
	cpp/ql/test/library-tests/ir/ssa/unaliased_ssa_ir.expected
	cpp/ql/test/library-tests/ir/ssa/unaliased_ssa_ir_unsound.expected
 2020-02-06 08:37:09 +01:00
Jonas Jensen
c0417ac161 Merge pull request #2740 from dbartol/dbartol/InitializeNonLocal 
C++: Prevent `AliasedVirtualVariable` from overlapping string literals
 2020-02-06 08:28:01 +01:00
Sauyon Lee
39f5376eed ReflectedXss: Add change note for Fprintf FPs 2020-02-05 19:07:42 -08:00
semmle-qlci
5125dc7939 Merge pull request #2730 from esbena/js/model-path-parse 
Approved by asgerf
 2020-02-05 21:35:55 +00:00
Dave Bartolomeo
e06f468b59 C++: Fix test expectations after EDG update 2020-02-05 14:34:29 -07:00
Cornelius Riemenschneider
7f7cc7bece Include test output for the fixed test. 2020-02-05 22:33:26 +01:00
Cornelius Riemenschneider
c941348fea Fix test so it actually shows up in the test output. 2020-02-05 22:29:44 +01:00
Dave Bartolomeo
c53f80175f Merge pull request #2750 from Cornelius-Riemenschneider/cpp-range-analysis-casts 
C++: Support implicit casts better in range analysis
 2020-02-05 13:59:09 -07:00
Jonas Jensen
81b1bd4177 Merge pull request #2769 from aschackmull/java/perf-regression 
Java: Improve performance.
 2020-02-05 20:15:18 +01:00
Tom Hvitved
69d9d4122a C#: Add change note 2020-02-05 20:12:41 +01:00
Tom Hvitved
85e6b24c49 C#: Remove false positives for cs/useless-assignment-to-local 2020-02-05 20:12:39 +01:00
Tom Hvitved
d9f9fc510f C#: Add more tests for cs/useless-assignment-to-local 2020-02-05 20:11:22 +01:00
Dave Bartolomeo
4c31c038b8 Merge from master 2020-02-05 11:23:14 -07:00
Dave Bartolomeo
4362bdb626 C++: Accept new test output 2020-02-05 10:56:40 -07:00
Dave Bartolomeo
1b6de4b32f C++: Fix formatting 2020-02-05 10:55:49 -07:00
Jonathan Leitschuh
60f2fa9eb9 Update java/ql/src/Security/CWE/CWE-113/NettyResponseSplitting.ql 2020-02-05 12:45:47 -05:00
Jonas Jensen
a0e2d59c01 C++: Add tests for global-var support 2020-02-05 16:31:13 +01:00
Jonas Jensen
f40acc19d2 C++: Use VariableNode in DefaultTaintTracking 2020-02-05 16:29:13 +01:00
Jonas Jensen
6d081a997a C++: Add VariableNode 2020-02-05 16:29:13 +01:00
Jonas Jensen
73e34f1447 C++: Refactor to separate out InstructionNode 
This commit prepares the IR data-flow library for having more than one
type of data-flow node.
 2020-02-05 16:29:13 +01:00
Jonas Jensen
cdfcee3ae9 Merge remote-tracking branch 'upstream/master' into ir-crement-load 
Conflicts:
	cpp/ql/test/library-tests/ir/ssa/aliased_ssa_ir.expected
	cpp/ql/test/library-tests/ir/ssa/aliased_ssa_ir_unsound.expected
 2020-02-05 16:13:21 +01:00
Anders Schack-Mulligen
ba86dea657 Java: Improve taint step modeling to use postupdate nodes. 2020-02-05 15:33:29 +01:00
Anders Schack-Mulligen
07482abed7 Java/C++/C#: Sync. 2020-02-05 15:17:20 +01:00
Anders Schack-Mulligen
274919ca08 Java: Fix recent perf regressions. 2020-02-05 15:15:15 +01:00
yo-h
b5f3d776bf Merge pull request #2759 from aschackmull/java/taint-tests 
Java: Move some taint tests.
 2020-02-05 09:09:43 -05:00
semmle-qlci
163285bee7 Merge pull request #2735 from asger-semmle/prototype-pollution-manual-dataflow 
Approved by esbena
 2020-02-05 12:52:59 +00:00
Ian Lynagh
67d7e83c17 Merge pull request #2727 from matt-gretton-dann/codeql-c-extractor/7-edg-60-upgrade 
Update expected results for changes in Extractor FE
 2020-02-05 12:23:02 +00:00
Erik Krogh Kristensen
da28d3b971 add "hash" and "search" to URL taint step 2020-02-05 12:44:10 +01:00
Felicity Chapman
d0e7bfce28 Merge pull request #2738 from aschackmull/java/ldapinjection-changenote 
Java: Add change note for LDAP injection query.
 2020-02-05 11:29:29 +00:00
semmle-qlci
a5e183bde3 Merge pull request #2619 from asger-semmle/ts-monorepo-deps 
Approved by erik-krogh, max-schaefer
 2020-02-05 10:57:55 +00:00
semmle-qlci
53763c789f Merge pull request #2741 from esbena/js/split-and-slice-for-tainted-path 
Approved by erik-krogh
 2020-02-05 10:53:39 +00:00
Jonas Jensen
2928f9e5b2 Merge pull request #2703 from rdmarsh2/connect-ir-dataflow-models 
C++: IR dataflow through modeled functions
 2020-02-05 11:28:48 +01:00
semmle-qlci
52f34d7178 Merge pull request #2715 from erik-krogh/PrivateFields 
Approved by asgerf
 2020-02-05 10:20:28 +00:00
Erik Krogh Kristensen
88bb1dc23d bind this in each of the step methods of UrlSearchParamsTaintStep 2020-02-05 10:58:13 +01:00
Erik Krogh Kristensen
30d5eb5a13 update docstrings 2020-02-05 10:53:34 +01:00
Erik Krogh Kristensen
ffc6fddddd update expected test output 2020-02-05 10:52:40 +01:00
Asger F
cf18bd7bb8 Update javascript/ql/src/Security/CWE-400/PrototypePollutionUtility.ql 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-02-05 09:48:16 +00:00
Asger Feldthaus
fd9975db85 JS: Address comments 2020-02-05 09:47:51 +00:00
Esben Sparre Andreasen
f6ad22dd1f Merge pull request #2758 from asger-semmle/js/string-concat-concat 
JS: Model concat() calls as string concatenation
 2020-02-05 10:41:02 +01:00
Erik Krogh Kristensen
ec9c37075c address review feedback 2020-02-05 10:31:53 +01:00
Erik Krogh Kristensen
35a7e15a2f remove private modifer on isUrlSearchParams 2020-02-05 10:30:31 +01:00
Erik Krogh Kristensen
76aca02752 change the pseudo-property on URL to a two-stage process 2020-02-05 10:27:03 +01:00
Matthew Gretton-Dann
b601908577 CPP: Update for changes in EDG IL. 2020-02-05 09:11:23 +00:00