hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-26 11:53:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,692 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
53c360479a Merge pull request #5329 from tamasvajk/feature/csv-taint-step 
Java: migrate taint steps to CSV
 2021-03-16 14:09:21 +01:00
Anders Schack-Mulligen
46bae88181 Merge pull request #5375 from aschackmull/dataflow/unbind 
Dataflow: Switch from unbind to pragma[only_bind_into].
 2021-03-16 14:03:54 +01:00
Tom Hvitved
88b7ad001f C#: Take phi nodes into account in Steps::getARead() 2021-03-16 13:55:30 +01:00
CodeQL CI
ae62fbc2c7 Merge pull request #5382 from erik-krogh/moreCache 
Approved by asgerf
 2021-03-16 05:53:03 -07:00
Tom Hvitved
cb8e2d451d C#: Add test for DeadStoreOfLocal.ql 2021-03-16 13:52:41 +01:00
Tom Hvitved
b11e15154f Data flow: Sync files and add stubs 2021-03-16 13:49:32 +01:00
Tom Hvitved
a373a523f6 Data flow: Move C# lambda flow logic into shared library 2021-03-16 13:49:32 +01:00
CodeQL CI
b37da7cc22 Merge pull request #5386 from erik-krogh/cachePrepend 
Approved by asgerf
 2021-03-16 05:49:24 -07:00
CodeQL CI
40acb95105 Merge pull request #5397 from erik-krogh/globalSanitizer 
Approved by asgerf
 2021-03-16 05:37:32 -07:00
Erik Krogh Kristensen
3640bbd466 add test for IncompleteHtmlAttributeSanitization 2021-03-16 13:25:27 +01:00
Erik Krogh Kristensen
1bf259beef support another String.prototype.replace pattern 2021-03-16 13:25:13 +01:00
Cornelius Riemenschneider
755fec466f Apply suggestions from code review 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-03-16 13:21:57 +01:00
Tom Hvitved
e1e4016a5c C#: Fix missing delegate flow 2021-03-16 13:16:23 +01:00
Tom Hvitved
29c6d22163 C#: Add test exposing missing delegate flow 2021-03-16 13:16:23 +01:00
Tom Hvitved
25adcfc39d C#: Fix missing phi flow 2021-03-16 13:16:23 +01:00
Tom Hvitved
e092b31791 C#: Add test exposing missing phi flow 2021-03-16 13:16:23 +01:00
Tom Hvitved
7eaf02a0bf Make external AstNode an IPA type 2021-03-16 12:50:20 +01:00
Tamas Vajk
d02fba8c37 Java: adjust wrapped constructor calls 2021-03-16 12:42:41 +01:00
Rasmus Lerchedahl Petersen
cf791e8164 Python: Describe Concepts and Attributes 2021-03-16 12:31:47 +01:00
Tamas Vajk
e3534d1635 Java: cover wrapped constructor taint flow 2021-03-16 12:10:28 +01:00
Tamas Vajk
af0dff8c6f Java: migrate constructor flow taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
f9a207dd9f Java: migrate 'arg to arg' taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
7e1534a6cd Java: migrate 'arg to return' taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
5cdbde2686 Java: migrate 'qualifier to return' taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
40126563ef Java: migrate 'qualifier to arg' taint steps to CSV 2021-03-16 12:10:28 +01:00
CodeQL CI
c08230ce1e Merge pull request #5378 from asgerf/js/meta-problem-queries 
Approved by esbena
 2021-03-16 03:58:12 -07:00
Cornelius Riemenschneider
2e8e04f73e C++: Move FailedExtractions.ql to FailedCompilations.ql. 2021-03-16 10:48:04 +00:00
Tamás Vajk
24140195d6 Merge pull request #5242 from tamasvajk/feature/tuple-df 
C#: Add tuple dataflow
 2021-03-16 11:45:11 +01:00
Tamás Vajk
8d6b8359eb Merge pull request #5316 from tamasvajk/feature/roslyn3.9 
C#: Upgrade Roslyn dependencies to 3.9
 2021-03-16 11:44:42 +01:00
Anders Schack-Mulligen
2d8d967060 Dataflow: Address review comment. 2021-03-16 11:07:33 +01:00
Cornelius Riemenschneider
fa3ac30894 C++: Update query to latest spec. 2021-03-16 09:56:38 +00:00
Chris Smowton
6d108c0fa7 Improve docstring for composedValueAndTaintModelStep 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-03-16 09:00:35 +00:00
Chris Smowton
915a19fb9d Improve naming; eliminate some harmless extra results 
Adding `src != valueSource` should have no effect as the introduced edge would already exist, but could reduce workload downstream.
 2021-03-16 08:57:14 +00:00
sn00py
4318ffee3e Merge branch 'main' into add-transport-roundtrip 2021-03-16 16:52:37 +08:00
Chris Smowton
516122aa74 Add taint-preserving edges where a call also has a value-preserving edge 
For example, for a fluent method that returns `this`, we take a tainting edge from argX to either `this` or the return value to also taint the other.
 2021-03-16 08:45:24 +00:00
CodeQL CI
86b933a0e0 Merge pull request #5354 from yoff/doc-fix-typo-csharp-dataflow 
Approved by hvitved
 2021-03-15 23:52:38 -07:00
Owen Mansel-Chan
8318dcf971 Merge pull request #502 from owen-mc/find-latest-codeql-cli-automatically 
Find latest release of the CLI automatically
 2021-03-16 06:22:50 +00:00
snoopywu
cee30cfde4 fix: autoformat 2021-03-16 01:43:33 +08:00
Jaroslav Lobačevski
8445ec6c17 Update javascript/ql/src/experimental/semmle/javascript/Actions.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-03-15 19:15:10 +02:00
yoff
14dd708abc Apply suggestions from code review 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2021-03-15 17:56:50 +01:00
Jaroslav Lobačevski
87ea442a78 qhelp 2021-03-15 18:47:45 +02:00
sn00py
00f12f9210 Update ql/src/semmle/go/frameworks/stdlib/NetHttp.qll 
Co-authored-by: Sauyon Lee <sauyon@github.com>
 2021-03-16 00:41:52 +08:00
Rasmus Lerchedahl Petersen
6fff746b16 Merge branch 'main' of github.com:github/codeql into python-port-insecure-protocol 2021-03-15 17:37:28 +01:00
Rasmus Lerchedahl Petersen
9a96230523 Python: Add changenote 2021-03-15 17:35:30 +01:00
Jaroslav Lobačevski
de6ed1dcb9 File rename 2021-03-15 18:34:10 +02:00
Rasmus Lerchedahl Petersen
514a69c47a Python: Support ssl.PROTOCOL_TLS_SERVER 
and `ssl.PROTOCOL_TLS_CLIENT`
 2021-03-15 17:30:01 +01:00
Rasmus Lerchedahl Petersen
87f3ba2684 Python: add tests for ssl.PROTOCOL_TLS_SERVER 
and `ssl.PROTOCOL_TLS_CLIENT`
 2021-03-15 17:24:39 +01:00
Jaroslav Lobačevski
a823baabfb Ranamed to CWE-094 2021-03-15 18:24:08 +02:00
Rasmus Lerchedahl Petersen
731f4559b4 Python: update test expectations 2021-03-15 17:23:58 +01:00
Jaroslav Lobačevski
16ca2314e4 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-03-15 18:14:20 +02:00