hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 15:22:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
a5ad4c8263 QL: Update printAst output 
Annotations are not longer their own children/parent.
 2022-04-13 10:29:21 +02:00
Rasmus Wriedt Larsen
4927f0018b Merge branch 'main' into django-filefield-uploadto 2022-04-13 10:22:28 +02:00
Erik Krogh Kristensen
41bdd8f4da minor fixes 2022-04-13 10:11:07 +02:00
Erik Krogh Kristensen
b13e7c055b move the sanitizer-guard to the Query.qll file 2022-04-13 09:58:33 +02:00
Erik Krogh Kristensen
96e4633dfe remove more code that did nothing 2022-04-13 09:57:32 +02:00
Erik Krogh Kristensen
a9595af01e update expected output 2022-04-13 09:43:21 +02:00
Erik Krogh Kristensen
d35604ed82 remove the length sanitizer from loop-bound-injection - it did nothing 2022-04-13 09:43:21 +02:00
Erik Krogh Kristensen
dd28157d0a add test of a length check 2022-04-13 09:43:21 +02:00
Erik Krogh Kristensen
8e47a9b242 add sanitizer step for .length in js/resource-exhaustion 2022-04-13 09:30:09 +02:00
Stephan Brandauer
fb66ccff39 handlebars taint step: conservatively assume unknown templates have no flow to helpers 2022-04-13 09:27:59 +02:00
Asger Feldthaus
c1827cfd30 QL: Add test for getAStringValue 2022-04-13 08:45:25 +02:00
Asger Feldthaus
4c72c31a5a QL: Add InlineExpectationsTest 2022-04-13 08:45:25 +02:00
Asger Feldthaus
b0801c9b2f QL: Add some missing qldoc 2022-04-13 08:45:25 +02:00
Asger Feldthaus
8188e2876c QL: Autoformat 2022-04-13 08:45:25 +02:00
Asger Feldthaus
6632b7da1c QL: Add FrameworkCoverage query 2022-04-13 08:45:25 +02:00
Alex Denisov
b8c1f1a6e1 Swift: run QL tests on Linux 2022-04-13 07:44:19 +02:00
Geoffrey White
cdce72b87c C++: Better join order for reachesWithoutAssignment. 2022-04-12 17:34:02 +01:00
Porcupiney Hairs
785dc1af3c Include changes from review 2022-04-12 21:17:39 +05:30
Paolo Tranquilli
141ba2e039 Bazel: rename workspace to codeql 2022-04-12 17:37:29 +02:00
Robert Marsh
0e3e35f233 C++: don't dump global vars without initializers 2022-04-12 11:21:41 -04:00
Paolo Tranquilli
03ebf8b049 Merge pull request #8700 from redsun82/swift-skeleton 
Swift: first skeleton extractor
dsp-testing/codeql-swift-artifacts 		2022-04-12 17:14:42 +02:00
Paolo Tranquilli
8ef28787b6 Swift: do not fail pack creation if dir does not exist 2022-04-12 17:05:26 +02:00
Erik Krogh Kristensen
a2d2626c9c add security severity 2022-04-12 16:34:00 +02:00
Erik Krogh Kristensen
d64df30724 reintroduce the reverted qhelp 2022-04-12 16:33:06 +02:00
Erik Krogh Kristensen
ebf9ba7250 remove the type-overloaded new Buffer() as a sink 2022-04-12 16:29:58 +02:00
Erik Krogh Kristensen
e2b7f7d05d reintroduce the number sinks 2022-04-12 16:26:10 +02:00
Erik Krogh Kristensen
029459cc35 reorganize CWE-770 tests 2022-04-12 16:15:40 +02:00
Paolo Tranquilli
6440242268 Swift+Bazel: apply review comments 2022-04-12 16:03:20 +02:00
Erik Krogh Kristensen
688b2b6898 use the Query.qll pattern 2022-04-12 15:52:52 +02:00
Erik Krogh Kristensen
8fb54c3f32 move js/resource-exhaustion out of experimental 2022-04-12 15:51:36 +02:00
Asger Feldthaus
4b74fa628c QL: Add global flow and type-tracking 2022-04-12 15:25:09 +02:00
Asger Feldthaus
0ffb558e48 QL: Support local flow via unification 2022-04-12 15:25:06 +02:00
Asger Feldthaus
49d5b662ff QL: Add Node.getEnclosingPredicate 2022-04-12 15:25:03 +02:00
Asger Feldthaus
2b8454001a QL: Add scoped variable nodes 2022-04-12 15:24:59 +02:00
Asger Feldthaus
2d640e7e95 QL: Add basic data flow nodes 2022-04-12 15:24:55 +02:00
Asger Feldthaus
c9b9751894 QL: Add NodeNumbering library 2022-04-12 15:24:52 +02:00
Asger Feldthaus
60a22b71b4 QL: Remove redundant union part 2022-04-12 15:24:48 +02:00
Asger Feldthaus
f02912bdf5 QL: Add VarDef.getAnAccess 2022-04-12 15:24:45 +02:00
Asger Feldthaus
85403cd4de QL: Fix up parent-child relation in tree 2022-04-12 15:24:42 +02:00
Erik Krogh Kristensen
df295e69d6 add change-note 2022-04-12 14:37:51 +02:00
Erik Krogh Kristensen
bca4d14129 rename files 2022-04-12 14:37:43 +02:00
Erik Krogh Kristensen
591fcda862 various improvements to the js/missing-origin-verification query 2022-04-12 14:20:41 +02:00
Erik Krogh Kristensen
2d6d304d7c add InclusionTest to PostMessageEventSanitizer 2022-04-12 14:12:36 +02:00
Chris Smowton
a8eeef6ef8 Merge pull request #718 from owen-mc/fix-incorrect-integer-conversion-for-type-assertions 
Integer conversion should ignore type assertions
 2022-04-12 12:44:43 +01:00
Paolo Tranquilli
f2f99611bd .gitignore CLion project files 2022-04-12 12:41:00 +02:00
Paolo Tranquilli
a205b465ba Bazel: reorganization 
* fixed 5.0.0 as bazel version
* made dependencies better loadable
* moved `//swift/install` to `//swift:create-extractor-pack` (following
  the clearer ruby naming)
* renamed `extractor_pack` to `extractor-pack` for consistency with Ruby
 2022-04-12 12:40:59 +02:00
Paolo Tranquilli
13b2442fed Bazel: code reorganization 2022-04-12 12:40:59 +02:00
Paolo Tranquilli
664d5ba0a9 Swift: moved install to a separate package 
When importing the workspace from semmle-code, we do not need nor want
to instantiate `@util`, so that must be in a separate bazel package.
 2022-04-12 12:40:59 +02:00
Paolo Tranquilli
95dbf2d666 Swift: first skeleton extractor 
This adds a first dummy extractor for swift.

Running `bazel run //swift:install` will create an `extractor_pack`
directory in `swift`. From that moment providing `--search-path=swift`
will pick up the extractor.
 2022-04-12 12:40:59 +02:00
Owen Mansel-Chan
f9f21e9891 Integer conversion should ignore type assertions 2022-04-12 10:58:07 +01:00