hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-26 11:53:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,692 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Slavomir
17868dd6b1 Merge branch 'standard-lib-pt-16' into from-331-to-337 2020-09-20 15:47:35 +02:00
Slavomir
ed965c7101 Merge branch 'standard-lib-pt-19' into from-331-to-337 2020-09-20 15:47:14 +02:00
Slavomir
53e0e3ffbf Merge branch 'standard-lib-pt-20' into from-331-to-337 2020-09-20 15:46:47 +02:00
Slavomir
9d1381349f Merge branch 'standard-lib-pt-23' into from-331-to-337 2020-09-20 15:46:26 +02:00
Slavomir
1d13ca58ff Merge branch 'standard-lib-pt-22' into from-331-to-337 2020-09-20 15:46:02 +02:00
Slavomir
cd151fcdd1 Merge branch 'standard-lib-pt-5' into from-331-to-337 2020-09-20 15:45:46 +02:00
Slavomir
5e7b279569 Remove model for a method that satisfies an interface that already has its own model. 2020-09-20 15:38:37 +02:00
Slavomir
3fd6f9c400 Extend QueryString::Range with database/sql/driver interfaces' methods 2020-09-20 15:38:37 +02:00
Slavomir
24e8a18d22 Add database/sql/driver taint-tracking 2020-09-20 15:38:37 +02:00
Slavomir
5e4d75561c Add database/sql/driver taint-tracking 2020-09-20 15:38:37 +02:00
Slavomir
6f0bfbfa96 Add taint-tracking to database/sql package in the SQL module 2020-09-20 15:38:37 +02:00
Slavomir
55a8e24055 Taint-track package expvar 2020-09-20 15:38:37 +02:00
Slavomir
29382744fe Taint-track package errors 2020-09-20 15:38:37 +02:00
Slavomir
4127cb5cc4 Remove rune/byte read/write from TaintStep/io.go 2020-09-20 15:35:02 +02:00
Slavomir
07fdd3d17a Fix TaintStep.expected: fix io.Pipe logic, remove rune/byte read/write 2020-09-20 15:33:11 +02:00
Slavomir
c4a493f003 Remove models for methods where there are already interface models 2020-09-20 15:13:48 +02:00
Slavomir
dc159eeee1 Remove io.Writer model from io/ioutil 2020-09-20 15:13:48 +02:00
Slavomir
f1cdfff331 Import IoIoutil module 2020-09-20 15:13:48 +02:00
Slavomir
073fae9ff8 Move to stdlib and extend the module for io/ioutil package 2020-09-20 15:13:48 +02:00
Slavomir
45dfc2bcf2 Move to stdlib, extend and refactor the Io module 2020-09-20 15:13:48 +02:00
Slavomir
a784a25a61 Remove (net.IP).UnmarshalText 2020-09-20 15:01:42 +02:00
Slavomir
1578a66731 Remove models for net.Parse* 2020-09-20 15:01:42 +02:00
Slavomir
e14f857761 Add taint-tracking for package net/textproto 2020-09-20 15:01:42 +02:00
Slavomir
75751d732b Add taint-tracking for package net/mail 2020-09-20 15:01:42 +02:00
Slavomir
e6cb8fe5ce Add taint-tracking for package net/http/httputil 2020-09-20 15:01:42 +02:00
Slavomir
85f9760662 Move existing net/http classes from private module StdlibHttp to stdlib.NetHttp 2020-09-20 15:01:41 +02:00
Slavomir
e66fcef396 Add taint-tracking for net/http package 2020-09-20 15:01:41 +02:00
Slavomir
fa04d5a74d Add taint-tracking for package net 2020-09-20 15:01:41 +02:00
Slavomir
c89cfc8867 Use go 1.14.3 2020-09-20 14:52:40 +02:00
Slavomir
8eeb019b5c Move existing OS (all caps name) module classes to stdlib.Os module (notice the camelcase name) 2020-09-20 14:52:40 +02:00
Slavomir
f811dff527 Add taint-tracking for package os 2020-09-20 14:52:40 +02:00
Rasmus Lerchedahl Petersen
9aa0cfb35c Python: class callable -> class call 
Only have one type of callable, but have an extra type of call.
A constructor call directs to an init callable
(should also handle `call` overrides at some point).
 2020-09-19 22:27:11 +02:00
Rasmus Lerchedahl Petersen
b2f1c435a8 Python: update test expectations 2020-09-19 22:27:11 +02:00
Rasmus Lerchedahl Petersen
e132361736 Python: Add missing .expected file 2020-09-19 22:27:11 +02:00
Rasmus Lerchedahl Petersen
e50b66554d Python: Add explorative test 2020-09-19 22:27:10 +02:00
Rasmus Lerchedahl Petersen
aa28167177 Python: Add malloc nodes 2020-09-19 22:27:10 +02:00
Rasmus Lerchedahl Petersen
27b25565ca Python: Implement field-stores, -reads, and -content 2020-09-19 22:27:10 +02:00
Rasmus Lerchedahl Petersen
a2d006fe47 Python: Tests for field flow 2020-09-19 22:27:10 +02:00
Robert Marsh
6b3557ec58 C++: cache localAdditionalTaintStep 2020-09-18 15:42:14 -07:00
Robert Marsh
bc3e74f7d6 Merge branch 'main' into rdmarsh2/cpp/ir-qualifier-flow 
Fix test conflicts
 2020-09-18 15:40:43 -07:00
Robert Marsh
12be90a6af C++: remove unneeded cast 2020-09-18 15:00:01 -07:00
Robert Marsh
c179a07fc7 C++: fix constructor models 2020-09-18 14:43:39 -07:00
Robert Marsh
bd7f5a41d1 C++: autoformat 2020-09-18 14:19:29 -07:00
Robert Marsh
b84bf5e9bb C++: QLDoc for IteratorPartialDefinitionNode 2020-09-18 14:18:38 -07:00
Robert Marsh
107e9770da C++: remove accidentally committed test code 2020-09-18 14:12:33 -07:00
Tom Hvitved
d867172d27 Merge pull request #4300 from hvitved/csharp/runtime-checks-bypass-bad-magic 
C#: Avoid bad magic in `RuntimeChecksBypass.ql`
 2020-09-18 19:40:34 +02:00
Taus Brock-Nannestad
11c85f0fb5 Python: Clean up various jump/local data flow steps 
Removes steps from `ModuleVariableNode`s from `essaFlowStep`, and
instead puts them only in `jumpStep`. This cleans up the logic a bit.

This slightly broke the type tracker implementation (as it relied on
`essaFlowStep` being fairly liberal), so I have rewritten it to
explicitly rely on just familiar predicates for local and jump steps.

Additionally, we disallow Essa-to-Essa steps where exactly one of the
two nodes corresponds to a global variable (i.e. only local-local and
global-global steps).
 2020-09-18 18:14:47 +02:00
Mathias Vorreiter Pedersen
53da751b15 C++: Accept tests 2020-09-18 17:12:27 +02:00
Mathias Vorreiter Pedersen
b6b17fe95e C++: Add a read and store step that replace ArrayContent with FieldContent when we realize that the target of a store is a field. 2020-09-18 17:12:09 +02:00
Joe
9baf2b9eff Fix cartesian product 2020-09-18 15:42:03 +01:00