hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-28 21:03:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,697 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
a6fd7a3203 C#: Extract record declarations 2021-02-04 21:08:01 +01:00
Mathias Vorreiter Pedersen
993abd4499 C++: Add query author and link to original PR in change-note. 2021-02-04 20:23:27 +01:00
Raul Garcia (MSFT)
979fdd2c6a Addressing multiple comments 2021-02-04 10:23:01 -08:00
Taus
f0d5a91d59 Merge pull request #5093 from RasmusWL/fix-query-names-with-dunder 
Python: Fix query names with dunder (__)
 2021-02-04 18:47:45 +01:00
Taus Brock-Nannestad
d035937083 Python: Add change note 2021-02-04 18:43:44 +01:00
Taus Brock-Nannestad
a505eb6922 Python: Adhere to QLDoc style guide 2021-02-04 18:34:06 +01:00
Taus Brock-Nannestad
3c7d9c3c4b Python: Fix typo 2021-02-04 18:33:50 +01:00
Geoffrey White
2160edc789 C++: Clean up bits I didn't finish. 2021-02-04 17:16:45 +00:00
Geoffrey White
1f928c2910 CPP: Examples Element.qll. 2021-02-04 17:08:29 +00:00
Geoffrey White
8ae01789b1 CPP: Examples Specifier.qll. 2021-02-04 17:08:29 +00:00
Geoffrey White
500097ca76 CPP: Examples Preprocessor.qll. 2021-02-04 17:08:29 +00:00
Geoffrey White
4b9532c6f7 CPP: Examples Namespace.qll. 2021-02-04 17:08:29 +00:00
Taus Brock-Nannestad
f6e1ea5b2a Python: Fix missing global variable source nodes 
In lieu of removing the offending flow (which would likely have
consequences for a lot of other tests), I opted to simply _include_
the relevant nodes directly.
 2021-02-04 18:07:13 +01:00
Taus Brock-Nannestad
2524f23a46 Python: Add more test cases 
There is now a bit of redundancy in the tests, but I thought it useful
to actually include some of the cases called out explicitly in the
documentation, so as to make it easy to see that the code actually
does what we expect (in these cases, anyway).
 2021-02-04 18:05:33 +01:00
Taus Brock-Nannestad
aa7e9f0b56 Python: Add big explanatory comment about prefixes. 2021-02-04 18:03:34 +01:00
Francis Alexander
683233333c test case return statements and feedback 2021-02-04 22:28:10 +05:30
Geoffrey White
69c7c83bc2 Merge pull request #5094 from MathiasVP/promote-UnsignedDifferenceExpressionComparedZero 
Promote cpp/unsigned-difference-expression-compared-zero out of experimental
 2021-02-04 16:54:45 +00:00
Mathias Vorreiter Pedersen
cf0e464ab9 Merge branch 'promote-UnsignedDifferenceExpressionComparedZero' of github.com:MathiasVP/ql into promote-UnsignedDifferenceExpressionComparedZero 2021-02-04 17:24:59 +01:00
Mathias Vorreiter Pedersen
6a97d02247 C++: Address review comments. 2021-02-04 17:24:14 +01:00
Arthur Baars
bc55fa861e Merge pull request #114 from github/aibaars/fix-scopes 
Correct the scope of class/method names etc.
 2021-02-04 17:22:25 +01:00
Chris Smowton
42ff256c42 Remove panicking edges leading from an equality test where possible 
These exist because an equality comparison of explicitly-incomparable interface values can panic, as can comparisons of arrays or structs containing them. Other type comparisons cannot panic.
 2021-02-04 15:58:54 +00:00
alexet
9d06c75aed Javascript: improve performance of ExplicitInvokeNode::getArgument 2021-02-04 15:55:51 +00:00
Mathias Vorreiter Pedersen
161e5679a7 Apply suggestions from code review 
Co-authored-by: hubwriter <hubwriter@github.com>
 2021-02-04 16:47:45 +01:00
Taus Brock-Nannestad
305bfaba2d Python: Fix imports/2 2021-02-04 16:46:22 +01:00
Mathias Vorreiter Pedersen
d9d82fc56a C++: Update change-notes 2021-02-04 16:24:56 +01:00
Geoffrey White
7c54512859 Merge pull request #5010 from ihsinme/ihsinme-patch-220 
CPP: Add query for CWE-570 detect and handle memory allocation errors.
 2021-02-04 15:17:28 +00:00
Mathias Vorreiter Pedersen
707f532e10 C++: Fix bad join-order using a poor man's unbind operator. 2021-02-04 16:11:34 +01:00
Mathias Vorreiter Pedersen
fd596ebbbb C++: Move cpp/unsigned-difference-expression-compared-zero out of experimental. 2021-02-04 16:10:34 +01:00
Mathias Vorreiter Pedersen
c1c9f963b9 C++: Fix qhelp in cpp/unsigned-difference-expression-compared-zero. 2021-02-04 16:10:30 +01:00
Arthur Baars
83bcd26244 Add dataflow step tests 2021-02-04 16:09:50 +01:00
Taus Brock-Nannestad
07ffa9f1ae Python: More documentation 2021-02-04 15:59:00 +01:00
Taus Brock-Nannestad
e54c925b70 Python: Greatly simplify imports/2 predicate 2021-02-04 15:58:15 +01:00
Rasmus Wriedt Larsen
b94658fd52 Python: Highlight that __slots__ query is only for Python 2 in qhelp 
Since I was already editing this file, it was easy to just add this extra bit of
info.
 2021-02-04 15:54:37 +01:00
Rasmus Wriedt Larsen
23d9e2646a Python: Fix name of class in example of __slots__ qhelp 2021-02-04 15:54:10 +01:00
Rasmus Wriedt Larsen
dcb185b659 Python: Fix trailing whitespace in a single qhelp file 
Since I edited already, why not get this little bonus? :D
 2021-02-04 15:53:23 +01:00
Rasmus Wriedt Larsen
32be53bf72 Python: Fix missing <code> in qhelp file 2021-02-04 15:53:04 +01:00
Rasmus Wriedt Larsen
3fe715abb6 Python: Fix query names that inclde __ (dunder) 
Without backticks, the text UNDERSCORE UNDERSCORE eq UNDERSCORE UNDERSCORE would
be considered to make things bold in our markdown output, making the query info
look strange.

Example https://codeql.github.com/codeql-query-help/python/py-slots-in-old-style-class/
 2021-02-04 15:49:37 +01:00
Sauyon Lee
5927ce5d69 Add GoKit to Go supported library list 2021-02-04 14:43:34 +00:00
Arthur Baars
62802d53c8 Ensure module/class/methods and their headers belong to the right CfgScope 2021-02-04 15:32:20 +01:00
Arthur Baars
bfc5ee3149 Correct the scope of class/method names etc. 2021-02-04 15:30:58 +01:00
Owen Mansel-Chan
d75cc40483 Make test with multiple switch statements pass 
Made various changes to make it work when there are multiple
switch statements.

Also addressed performance problems.
 2021-02-04 14:30:06 +00:00
Anders Schack-Mulligen
35e620a19c Merge pull request #4854 from luchua-bc/java/insecure-ldap-auth 
Java: Insecure LDAP authentication
 2021-02-04 14:56:38 +01:00
Tamas Vajk
ce27831b76 C#: Fix nullable warnings and some code quality issues 2021-02-04 14:43:51 +01:00
Rasmus Wriedt Larsen
4af7bc8090 Docs: Use /blob/ instead of /tree/ for direct query link 
It doesn't have a huge impact, since there is a working redirect in place, but
still more correct to use /blob/ :)

For example,

https://github.com/github/codeql/tree/main/python/ql/src/Security/CWE-094/CodeInjection.ql

redirects to

https://github.com/github/codeql/blob/main/python/ql/src/Security/CWE-094/CodeInjection.ql
 2021-02-04 14:30:56 +01:00
Mathias Vorreiter Pedersen
d3d56fb0af Merge pull request #5011 from ihsinme/ihsinme-patch-221 
CPP: add query for CWE-788 Access of memory location after the end of a buffer using strlen.
 2021-02-04 14:25:27 +01:00
Arthur Baars
a998879897 Add local flow step for parenthesized expressions 2021-02-04 14:06:58 +01:00
Mathias Vorreiter Pedersen
9b39163411 Merge pull request #5076 from MathiasVP/improve-UnsignedDifferenceExpressionComparedZero 
C++: Improve cpp/unsigned-difference-expression-compared-zero
 2021-02-04 14:05:30 +01:00
Arthur Baars
f8cca01e6f Restrict assigment flow to normal assignments only 2021-02-04 14:04:58 +01:00
ihsinme
43045c1f03 Update WrongInDetectingAndHandlingMemoryAllocationErrors.ql 2021-02-04 15:47:16 +03:00
ihsinme
a43167faf7 Update WrongInDetectingAndHandlingMemoryAllocationErrors.qhelp 2021-02-04 15:44:28 +03:00