hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 21:34:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,697 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
ef9999a4a1 Python: fix test annotation 2020-10-30 17:43:56 +01:00
Rasmus Lerchedahl Petersen
37ad59a92a Python: subclas of known subclasses 2020-10-30 17:37:54 +01:00
Dave Bartolomeo
ec398b2a67 Merge remote-tracking branch 'upstream/main' into work 2020-10-30 12:36:33 -04:00
yoff
a3cc9b6982 Update python/ql/src/experimental/semmle/python/frameworks/Flask.qll 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-30 17:29:35 +01:00
Cornelius Riemenschneider
310975bf8d Merge pull request #4581 from criemen/printast-stmtpexpr 
C++: Add support for StmtExpr to Print AST.
 2020-10-30 17:29:23 +01:00
Asger Feldthaus
c7667d372e JS: Address review comments 2020-10-30 16:25:30 +00:00
Dave Bartolomeo
42373417e2 Merge from main 2020-10-30 12:02:56 -04:00
Mathias Vorreiter Pedersen
45b24a9bc8 Python: Update inline-expectation tests 2020-10-30 16:53:33 +01:00
Mathias Vorreiter Pedersen
6ac740a490 Python: Sync identical file 2020-10-30 16:53:17 +01:00
Mathias Vorreiter Pedersen
ee77e988b2 C++: Allow strings in inline-expectation tests 2020-10-30 16:49:14 +01:00
Cornelius Riemenschneider
e7d995313e C++: Address review. 2020-10-30 16:30:57 +01:00
Nick Rolfe
075c72e6ef Iterate through path components to 'normalize' paths on windows 2020-10-30 15:26:46 +00:00
Mathias Vorreiter Pedersen
177f94368e C++: Respond to review comments and accept test changes. 2020-10-30 15:59:39 +01:00
Cornelius Riemenschneider
84fe7ba199 C++: Add support for StmtExpr to Print AST. 2020-10-30 15:53:54 +01:00
Cornelius Riemenschneider
d3631d8f2e Merge pull request #4562 from criemen/printast-labels 
C++: Change PrintAST to provide the predicates that can be used to traverse the AST.
 2020-10-30 15:48:46 +01:00
Arthur Baars
3e12aa457f Basic FileSystem.qll 2020-10-30 15:40:29 +01:00
Nick Rolfe
e73500ef7c Cope with empty filenames/extensions 2020-10-30 14:38:24 +00:00
Dave Bartolomeo
36b27add24 Simplify ordering of children with conversions using rank 
In `getChild(int childIndex)`, the actual values of `childIndex` don't matter, as long as they are in the correct order. Rather than doing complicated math to compute the indices for the synthesized `.getFullyConverted()` children, just use the `rank` aggregate to order all children first by whether or not the child is a conversion, then by the original child index.
 2020-10-30 10:00:23 -04:00
Nick Rolfe
0a754334cf Don't generate the QL File class 2020-10-30 13:41:27 +00:00
Nick Rolfe
35cb379db7 Fix name of table for locations 2020-10-30 13:24:16 +00:00
Nick Rolfe
a54f923a73 Normalize the absolute path in the files table 2020-10-30 13:22:58 +00:00
Rasmus Lerchedahl Petersen
e7c9bc388b Python: support some custom subclasses 2020-10-30 14:16:48 +01:00
Nick Rolfe
4b8bbd101c Give locations full ids matching the common spec 2020-10-30 13:06:21 +00:00
Nick Rolfe
79d15051be Fix full ids for files to match common spec 2020-10-30 12:45:23 +00:00
Rasmus Lerchedahl Petersen
e69349791a Python: django.http.response.HttpRequest.write 2020-10-30 12:51:23 +01:00
Cornelius Riemenschneider
cf8f802310 C++: Rename predicate. 2020-10-30 12:51:19 +01:00
Cornelius Riemenschneider
ab42ddb0dc C++: Adjust code for the conversions PR, provide correct childIndexes for the new nodes. 2020-10-30 12:48:53 +01:00
Nick Rolfe
7f03206b52 Use a key id for file entities 2020-10-30 11:29:04 +00:00
Nick Rolfe
826b4571a0 Canonicalize source file paths in main 2020-10-30 11:21:51 +00:00
Rasmus Lerchedahl Petersen
ffe10d1b7c Python: test HttpResponse.write 2020-10-30 12:16:12 +01:00
Rasmus Lerchedahl Petersen
fa3a7e6686 Python: Known subclasses of HttpResponse 2020-10-30 11:53:24 +01:00
Nick Rolfe
d47bd32b58 Now that we also generate conjunctions, use parentheses in disjunctions 2020-10-30 10:34:42 +00:00
Nick Rolfe
f198dc530f Use fromSource = 1 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2020-10-30 10:25:09 +00:00
Nick Rolfe
2232700428 Correct comment 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2020-10-30 10:24:24 +00:00
Rasmus Lerchedahl Petersen
c962377ef4 Python: test for subclasses 2020-10-30 10:37:40 +01:00
Erik Krogh Kristensen
39028f62a3 add test for outDir 2020-10-30 10:37:10 +01:00
Asger Feldthaus
6ab7846e81 JS: Restrict getAContextInput 2020-10-30 09:28:06 +00:00
Jonas Jensen
ba41417d61 Merge pull request #4553 from geoffw0/samateregtests 
C++: Additional pointer tests for DefaultTaintTracking.
 2020-10-30 10:02:11 +01:00
Erik Krogh Kristensen
ebc4856456 detect more expensive regexps in js/polynomial-redos 2020-10-30 09:52:13 +01:00
Tom Hvitved
54e2741064 Merge pull request #4580 from hvitved/csharp/1.26-change-notes 
C#: Convert 1.26 change notes
 2020-10-30 09:17:52 +01:00
Tom Hvitved
6723e5b31c C#: Restrict post-dominance to normal execution 2020-10-30 09:14:12 +01:00
Tom Hvitved
ade8ff9593 C#: Add more CFG tests 2020-10-30 09:14:12 +01:00
Tom Hvitved
91d72945d7 Merge pull request #4568 from hvitved/csharp/cfg/multi-asserts 
C#: Fix CFG for assertions with multiple assertion arguments
 2020-10-30 09:13:38 +01:00
Rasmus Lerchedahl Petersen
08af839757 Python: django.http.response.HttpResponseRedirect 2020-10-30 01:29:49 +01:00
Rasmus Lerchedahl Petersen
52be896666 Python: django.http.response.JsonResponse 
It s possible this class is not relevant to XSS
 2020-10-30 01:05:36 +01:00
Rasmus Lerchedahl Petersen
0f9b8595d1 Python: rename functions by vulnerability 2020-10-30 00:51:09 +01:00
Rasmus Lerchedahl Petersen
97153b56ad Python: add false negatives to test 2020-10-30 00:48:19 +01:00
Rasmus Lerchedahl Petersen
262b249e10 Merge branch 'main' of github.com:github/codeql into RasmusWL-python-port-reflected-xss 2020-10-30 00:40:39 +01:00
Rasmus Lerchedahl Petersen
2ca86f5ea7 Python: django.http.response.HttpResponse 2020-10-30 00:22:53 +01:00
Robert Marsh
7e8770d731 C#: Remove reference to InitializeNonLocal in IR 2020-10-29 16:08:23 -07:00