codeql

mirror of https://github.com/github/codeql.git synced 2026-03-04 14:46:48 +01:00

Author	SHA1	Message	Date
Rasmus Wriedt Larsen	b36a6aa5b5	Python: Remove unused variable from exists expression	2020-01-28 13:05:25 +01:00
Rasmus Wriedt Larsen	0a1c91fbb8	Python: Autoformat web tests QL files	2020-01-28 13:05:25 +01:00
Calum Grant	f23438ea65	C#: Add test showing false positive	2020-01-28 11:48:59 +00:00
semmle-qlci	5ab6457370	Merge pull request #2699 from asger-semmle/js/callback-doc-typo Approved by max-schaefer	2020-01-28 11:00:49 +00:00
Jonas Jensen	23030aa324	Merge pull request #2706 from MathiasVP/ql-tests-taint-tracking Ql tests for virtual dispatch taint tracking	2020-01-28 11:56:10 +01:00
Asger Feldthaus	b306571d52	JS: Type-track react component factories	2020-01-28 10:22:04 +00:00
Mathias Vorreiter Pedersen	611d9553dd	C++: Fix formatting	2020-01-28 10:22:33 +01:00
Anders Schack-Mulligen	0b3c90b526	Java: Fix whitespace query.	2020-01-28 10:15:48 +01:00
Anders Schack-Mulligen	34e6679afd	Java: Add upgrade script.	2020-01-28 10:15:48 +01:00
Anders Schack-Mulligen	f8805ebb24	Java: Update 2 queries.	2020-01-28 10:15:48 +01:00
Anders Schack-Mulligen	4bd332ddca	Java: Add Expr.isParenthesized, adjust VarAccess.toString, and fix tests.	2020-01-28 10:15:48 +01:00
Anders Schack-Mulligen	597d8e7d94	Java: Update dbscheme for ParExpr removal.	2020-01-28 10:15:48 +01:00
Anders Schack-Mulligen	dc7e8ad2ff	Java: Reword help according to review comment.	2020-01-28 10:13:35 +01:00
Anders Schack-Mulligen	a99a6f79cd	Apply suggestions from code review Co-Authored-By: Felicity Chapman <felicitymay@github.com>	2020-01-28 10:13:35 +01:00
Anders Schack-Mulligen	4cb28d9b1d	Java: Add new query for large left shifts and bugfix ConstantExpAppearsNonConstant.	2020-01-28 10:13:34 +01:00
Mathias Vorreiter Pedersen	130911ad44	C++: Accept new output in already existing test	2020-01-28 10:00:52 +01:00
Mathias Vorreiter Pedersen	fd79e7991d	C++: Add tests demonstrating differences between AST virtual dispatch analysis and IR virtual dispatch analysis	2020-01-28 10:00:21 +01:00
Geoffrey White	1ddabee1b8	C++: Change note.	2020-01-28 08:46:46 +00:00
Geoffrey White	30580e97dc	C++: Add a TaintFunction model to FormattingFunction.	2020-01-28 08:46:46 +00:00
Geoffrey White	1d46971bb7	C++: Add an ArrayFunction model to FormattingFunction.	2020-01-28 08:46:46 +00:00
Geoffrey White	06f5720cd5	C++: Add taint tests of formatting functions.	2020-01-28 08:46:46 +00:00
Erik Krogh Kristensen	082967a629	add EventEmitter models for `net.createServer()` and `respjs`.	2020-01-28 09:38:38 +01:00
Erik Krogh Kristensen	a2e54b1477	add support for `this` references in classes that extend EventEmitter	2020-01-28 09:37:54 +01:00
yo-h	8c00671f24	Merge pull request #2698 from aschackmull/java/changenote-csrf-query Java: Add change note for java/spring-disabled-csrf-protection.	2020-01-27 21:09:15 -05:00
Sauyon Lee	497bfeee83	BadRedirectSanitizer: Use SsaWithFields instead of ValueEntity	2020-01-27 17:33:54 -08:00
Sauyon Lee	f897f68ead	SsaWithFilds: Add a getQualifiedName predicate	2020-01-27 17:33:53 -08:00
Sauyon Lee	a31ad88fc9	BadRedirectSanitizer: Transition to using data-flow API	2020-01-27 17:33:53 -08:00
Sauyon Lee	abc9438cd3	Apply suggestions from code review Co-Authored-By: Max Schaefer <max@semmle.com>	2020-01-27 17:33:52 -08:00
Sauyon Lee	3a73658a9c	BadRedirectSanitizer: Bind e to hp Address doc review comments	2020-01-27 17:33:51 -08:00
Sauyon Lee	aa28724f7c	Add `BadRedirectCheck` query	2020-01-27 17:33:50 -08:00
Sauyon Lee	9c6aa80718	Move OpenUrlRedirect tests into their own directory	2020-01-27 17:33:49 -08:00
Sauyon Lee	c889cb3501	Add getAnOperand to OperatorExpr	2020-01-27 17:33:48 -08:00
Robert Marsh	1b9e375341	C++: Move getACallArgumentOrIndirection	2020-01-27 16:44:41 -08:00
Robert Marsh	fd807d46d6	C++: IR dataflow through modeled functions	2020-01-27 16:38:07 -08:00
Robert Marsh	a9bcc1dcc6	Merge pull request #2667 from dbartol/dbartol/NoEscape C++/C#: Make escape analysis unsound by default	2020-01-27 19:17:33 -05:00
Robert Marsh	c7975e83a7	Merge pull request #2657 from jbj/DefaultTaintTracking-models C++: wire up models library to DefaultTaintTracking	2020-01-27 17:41:54 -05:00
Grzegorz Golawski	7b2192d2e3	Apply suggestion from code review	2020-01-27 22:34:15 +01:00
ggolawski	408c49a61c	Apply suggestions from code review Co-Authored-By: Felicity Chapman <felicitymay@github.com>	2020-01-27 22:31:51 +01:00
Dave Bartolomeo	7df3cf4c23	C++: Accept more test output after merge	2020-01-27 13:48:43 -07:00
Dave Bartolomeo	3b3502060b	Merge remote-tracking branch 'upstream/master' into dbartol/NoEscape	2020-01-27 13:29:18 -07:00
Robert Marsh	79a72a3496	Merge pull request #2680 from geoffw0/modelstrndup CPP: Model strndup.	2020-01-27 15:19:52 -05:00
Sauyon Lee	edecb4e128	Merge pull request #227 from max/redundant-expr-bug Fix hash-consing of literals	2020-01-27 11:35:40 -08:00
Dave Bartolomeo	40952f85a9	C++: Accept test diffs	2020-01-27 10:31:18 -07:00
Robert Marsh	4d743d2bce	Merge pull request #2692 from jbj/pure-string-read C++: Model that string functions read their buffer	2020-01-27 11:40:03 -05:00
Anders Schack-Mulligen	3745388069	Merge pull request #2602 from chrisgavin/suspicious-date-format Java: Add a query for suspicious date format patterns.	2020-01-27 16:29:48 +01:00
Rasmus Wriedt Larsen	d67577e66c	Python: Modernise import related queries Except for Metrics/Dependencies/ExternalDependenciesSourceLinks.ql, since it is rather tricky :D	2020-01-27 16:01:25 +01:00
Rasmus Wriedt Larsen	647b9cdcb0	Python: Autoformat query	2020-01-27 16:01:24 +01:00
Rasmus Wriedt Larsen	081d66eaa3	Python: Recognize taint for extended iterable unpacking	2020-01-27 15:28:53 +01:00
Rasmus Wriedt Larsen	1b670354b2	Python: Add tests for extended iterable unpacking	2020-01-27 15:24:55 +01:00
Geoffrey White	4778914154	CPP: Repair flow.	2020-01-27 14:08:03 +00:00

... 1516 1517 1518 1519 1520 ...

85907 Commits