40697 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	1c91d3dbe0	Merge pull request #5168 from MathiasVP/model-bsd-sockets-part-2 ... C++: Model vector versions of BSD-style reads and writes.	2021-02-15 13:39:08 +01:00
Cornelius Riemenschneider	c9af97b742	C++: Model bsl functions in Pure.qll.	2021-02-15 12:31:16 +00:00
CodeQL CI	b5143dbdb4	Merge pull request #5117 from erik-krogh/parseForm ... Approved by asgerf	2021-02-15 04:30:59 -08:00
Cornelius Riemenschneider	79e3bf80c3	C++: Simplify code.	2021-02-15 12:13:25 +00:00
Cornelius Riemenschneider	da38377e36	C++: Simplify code.	2021-02-15 12:12:29 +00:00
Arthur Baars	d69a1731f9	Fix QL doc	2021-02-15 12:53:13 +01:00
Arthur Baars	ddea74265d	AST: rescue modifier	2021-02-15 12:50:00 +01:00
Owen Mansel-Chan	a2c0b6ade6	Merge pull request #464 from owen-mc/list-constants-sanitizers ... List of constants sanitizer guards (switch statement in function only)	2021-02-15 11:39:40 +00:00
Cornelius Riemenschneider	2a3d20d9a9	C++: Refactor Memset.qll and include bsl model.	2021-02-15 12:36:18 +01:00
Erik Krogh Kristensen	74ce7369f8	Update javascript/change-notes/2021-02-09-form-parsers.md ... Co-authored-by: Asger F <asgerf@github.com>	2021-02-15 12:35:16 +01:00
Owen Mansel-Chan	6d29a35ac9	Factor the duplicate code in LogCall ... Co-authored-by: Chris Smowton <smowton@github.com>	2021-02-15 11:20:19 +00:00
Cornelius Riemenschneider	a9071a62a0	C++: Refactor Memcpy.qll and include bsl model.	2021-02-15 12:15:17 +01:00
Mathias Vorreiter Pedersen	0f9b044814	C++: Model vector versions of BSD-style reads and writes.	2021-02-15 12:04:51 +01:00
Erik Krogh Kristensen	e5db0ef16b	remove the RequestExpr requirement from FormParsers.qll, and use API graphs.	2021-02-15 11:58:26 +01:00
Cornelius Riemenschneider	f79b3144e3	C++: Refactor IdentityFunction.qll.	2021-02-15 11:31:31 +01:00
CodeQL CI	9b8d94d76e	Merge pull request #5148 from erik-krogh/apollo ... Approved by esbena	2021-02-15 02:23:52 -08:00
Alvaro Muñoz	00a0b12dad	update expected results	2021-02-15 11:23:40 +01:00
Owen Mansel-Chan	68c54d43e6	Move code to TaintTrackingUtil.qll	2021-02-15 10:18:00 +00:00
Alvaro Muñoz	812884341b	Merge branch 'ArrayUtils' of github.com:pwntester/codeql-1 into ArrayUtils	2021-02-15 10:59:49 +01:00
Alvaro Muñoz	504d119749	adjust max parameter number	2021-02-15 10:58:17 +01:00
Rasmus Wriedt Larsen	745148474a	Python: Model get_redirect_url in django	2021-02-15 10:55:52 +01:00
Rasmus Wriedt Larsen	6934d5e642	Python: Add django test of RedirectView subclass	2021-02-15 10:55:51 +01:00
Rasmus Wriedt Larsen	79855157b3	Python: Move django response test to django v2/v3 ... That's really the django version I care about :P	2021-02-15 10:55:50 +01:00
Arthur Baars	9cb58be5cf	AST: avoid multivalued results for MethodName::getValueText	2021-02-15 10:39:21 +01:00
Alvaro Muñoz	c7072aef16	update A.java test	2021-02-15 10:34:20 +01:00
Jonas Jensen	f0ce524c0d	Merge pull request #5147 from MathiasVP/model-bsd-sockets-part-1 ... C++: Add models for BSD-style send and recv functions	2021-02-15 10:34:11 +01:00
Owen Mansel-Chan	ef94cde0b3	Simplify Logrus model ... Make methods which add data to entries sinks in their own right, rather than trying to track the data flow of the entry to a later logging call. This may cause some false positives, but only in the situation that tainted data is added to an entry and that entry is never logged. It will save us from false negatives when tainted data is added to an entry which flows across a function boundary to a logging call.	2021-02-15 09:18:34 +00:00
Tamas Vajk	2de7fbe062	Fix build after rebase	2021-02-15 10:18:12 +01:00
Tamas Vajk	6cc858b9ef	Move AstLineCounter to top level class	2021-02-15 10:17:08 +01:00
Tamas Vajk	4f693be33b	Move location creation to instance method on context	2021-02-15 10:17:08 +01:00
Tamas Vajk	6f07230725	Relocate 'AstLineCounter'	2021-02-15 10:17:07 +01:00
Tamas Vajk	1cd7fd6cf7	Simplify 'AstLineCounter'	2021-02-15 10:17:07 +01:00
Tamas Vajk	e8fd6e1112	Move classes to seperate files	2021-02-15 10:17:07 +01:00
Tamas Vajk	5ce5a96cb6	Remove 'ContextExtensions'	2021-02-15 10:17:07 +01:00
Tamas Vajk	9ddeff80bf	Remove useless 'IExtractor' interface	2021-02-15 10:17:07 +01:00
Tamas Vajk	6cdec2d30e	C#: Remove 'extractor.CreateContext' factory method	2021-02-15 10:17:07 +01:00
Tamas Vajk	fc3e6526ce	C#: Remove IExtractionScope.FromSource	2021-02-15 10:17:07 +01:00
Tamas Vajk	a75306acbd	C#: Remove warnings from MdProvider	2021-02-15 10:17:07 +01:00
Tamas Vajk	1a4f370d15	C#: Fix formatting issues	2021-02-15 10:17:07 +01:00
Anders Schack-Mulligen	7e83a608a2	Merge pull request #4954 from aschackmull/java/member-hasqualifiedname ... Java: Add Member.hasQualifiedName.	2021-02-15 10:02:13 +01:00
Erik Krogh Kristensen	91f277681a	fix typo in ApolloClientRequest ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2021-02-15 09:59:04 +01:00
Anders Schack-Mulligen	161e756c4b	Merge pull request #5141 from github/yo-h/java-flow-check-fix ... Java: prepare to enforce additional compiler checks in test code	2021-02-15 09:41:03 +01:00
Francis Alexander	409d95c522	Sanitizer checks to decrease FP	2021-02-15 14:01:14 +05:30
luchua-bc	23f620d255	Query to detect insecure LDAP endpoint configuration	2021-02-15 05:31:29 +00:00
yo-h	1d007b6e72	Java: delete two test cases as per code review	2021-02-14 21:42:58 -05:00
Rasmus Wriedt Larsen	2478a9f10e	Python: Fix wording of change-note	2021-02-14 23:20:46 +01:00
luchua-bc	6a6727fc80	Reduce the scope of the query to reduce FPs	2021-02-14 15:01:06 +00:00
CodeQL CI	178c54e69b	Merge pull request #5139 from RasmusWL/django-improvements ... Approved by yoff	2021-02-14 02:16:52 -08:00
Tamas Vajk	4cc9bc9bf0	Add new .stats file	2021-02-13 16:21:45 +01:00
Owen Mansel-Chan	4a2a1871f7	Merge pull request #476 from owen-mc/model-zap ... Model zap	2021-02-13 13:15:06 +00:00