hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-24 02:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,693 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
7cc877cbbb C++: Taint through RangeBasedForStmt (AST only) 2020-08-06 15:37:41 +02:00
Rasmus Lerchedahl Petersen
ce86a8b72e Python: format ql 2020-08-06 14:42:56 +02:00
Rasmus Lerchedahl Petersen
e77ceaf4b8 Python: Track dictionary keys 
Also, less hacky comprehension,
but I think we still want to fix the extractor
 2020-08-06 13:31:54 +02:00
Remco Vermeulen
408db412dc Add missing predicate qldoc 2020-08-06 13:29:02 +02:00
Max Schaefer
97291e4c41 Merge pull request #279 from github/rc/1.25 
Merge rc/1.25 into master
 2020-08-06 11:18:11 +01:00
Remco Vermeulen
5a819422c1 Reuse Unit class from TaintTracking 2020-08-06 12:02:34 +02:00
Remco Vermeulen
7f7ad88dea Limit LdapAdditionalTaintStep to Ldap configuration 2020-08-06 11:35:03 +02:00
Anders Schack-Mulligen
205dd1aead Merge pull request #3881 from intrigus-lgtm/more-pathcreations 
Java: Centralize and model additional path creations.
 2020-08-06 11:21:39 +02:00
Max Schaefer
75795d80c4 Improve performance of upgrade script. 2020-08-06 09:51:36 +01:00
Max Schaefer
90bab34e88 Merge pull request #277 from sauyon/file-url-fix 
autobuilder: Don't try to determine import paths for file URLs
 2020-08-06 09:46:10 +01:00
Sauyon Lee
8e6c1835dd autobuilder: Don't try to determine import paths for file URLs 
Also improve logging
 2020-08-05 23:21:34 -07:00
luchua-bc
b821f918e5 Address issues with matching empty host and host in a concatenated string 2020-08-06 01:53:29 +00:00
luchua-bc
9a8eed8440 Enhance address match 2020-08-05 19:57:31 +00:00
intrigus
1011325cf7 Accept test changes. 2020-08-05 21:45:41 +02:00
Rasmus Lerchedahl Petersen
7c235597de Python: More precise dataflow for tuples 
(and dictionaries, but that is not fleshed out)
 2020-08-05 19:22:54 +02:00
Slavomir
b0259632e1 Remove Read method 2020-08-05 18:37:35 +02:00
Slavomir
6fda46b565 Add compress/zlib taint tracking 2020-08-05 18:35:47 +02:00
Slavomir
441d29b2b7 Add compress/lzw taint tracking 2020-08-05 18:34:05 +02:00
Slavomir
053496dbcc Add compress/gzip taint tracking 2020-08-05 18:32:51 +02:00
Slavomir
7e5077c174 Add compress/flate taint tracking 2020-08-05 18:31:13 +02:00
Slavomir
6e2af3ead1 Add compress/bzip2 taint tracking 2020-08-05 18:29:12 +02:00
Max Schaefer
4e409aa9fa Merge pull request #274 from gagliardetto/standard-lib-pt-2 
Add taint tracking for bufio and bytes packages
 2020-08-05 17:10:08 +01:00
Remco Vermeulen
a1411407c1 Consolidate sanitizers into default sanitizer 2020-08-05 17:07:05 +02:00
Remco Vermeulen
0c09d66d43 Consolidate different sinks into a default sink. 2020-08-05 16:53:50 +02:00
Erik Krogh Kristensen
f1dc36244c update tests and queries that used getId() 2020-08-05 14:32:09 +00:00
James Fletcher
7f8bf21325 Merge pull request #4016 from jf205/learn-codeql/styles 
CodeQL docs: update CSS and master page template
 2020-08-05 14:20:13 +01:00
yoff
e642808a75 Update python/ql/test/experimental/dataflow/coverage/classes.py 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-08-05 15:12:27 +02:00
Jonas Jensen
5f635aca36 Merge pull request #3768 from geoffw0/copymove 
C++: Clean up ConversionConstructor.
 2020-08-05 14:35:05 +02:00
Rasmus Lerchedahl Petersen
a89624698d Python: format ql 2020-08-05 14:28:28 +02:00
Rasmus Lerchedahl Petersen
2639e68a0d Python: format ql 2020-08-05 14:16:50 +02:00
Rasmus Lerchedahl Petersen
81ad4552c9 Python: full list of magic methods to be tested 2020-08-05 13:30:30 +02:00
Erik Krogh Kristensen
cc5ef4d5e1 rename JsonSerializeCall to JsonStringifyCall 2020-08-05 13:22:41 +02:00
james
364cc19dea docs: update styles 2020-08-05 11:39:43 +01:00
Erik Krogh Kristensen
b43d410ab1 add change log for JSON serializers 2020-08-05 12:14:56 +02:00
Erik Krogh Kristensen
f70cb2e7b3 add test for new JSON serializers 2020-08-05 12:14:56 +02:00
Erik Krogh Kristensen
5a3f67a682 introduce model for JSON.stringify and similar libraries 2020-08-05 12:14:51 +02:00
Anders Schack-Mulligen
9e78341e43 Merge pull request #3928 from rvermeulen/java-importable-cwe-113 
Java: Move `HeaderSplittingSink` and `WhitelistedSource` into importable library
 2020-08-05 10:16:00 +02:00
Erik Krogh Kristensen
67c4320287 make JumpStmt non abstract 2020-08-05 10:03:46 +02:00
Erik Krogh Kristensen
016bdc1614 make ControlStmt non abstract 2020-08-05 09:59:30 +02:00
Anders Schack-Mulligen
32d9d270fc Merge pull request #3948 from aibaars/java-3941 
Java: stack trace exposure: address false positives
 2020-08-05 09:31:01 +02:00
Jonas Jensen
ea0896c78b Merge pull request #3999 from MathiasVP/mathiasvp/range-based-for-loop-taint-tests 
C++: Add tests for taint through range-based for loops
 2020-08-05 09:11:53 +02:00
Raul Garcia (MSFT)
aa27eaf7e0 Addrssing the comments from https://github.com/github/codeql/pull/3951#discussion_r464894547 that I missed previously 2020-08-04 15:50:58 -07:00
Slavomir
df71f0bf8b Remove ReadByte, WriteByte, ReadRune, WriteRune 2020-08-04 17:53:50 +03:00
Geoffrey White
9f5c37ccaa Merge branch 'master' into copymove 2020-08-04 15:41:27 +01:00
Slavomir
ff81ad622f Fix back ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.expected 2020-08-04 17:22:40 +03:00
Erik Krogh Kristensen
5727e6f9f8 make CompoundAssignExpr non-abstract 2020-08-04 16:17:08 +02:00
Slavomir
c1f2e77488 Fix generated codeql 2020-08-04 17:11:55 +03:00
Erik Krogh Kristensen
cf3f275aa1 make DestructuringPattern non-abstract 2020-08-04 16:02:32 +02:00
Rasmus Lerchedahl Petersen
d7c08f732d Merge branch 'master' of github.com:github/codeql into SharedDataflow_Classes 2020-08-04 16:01:42 +02:00
Slavomir
6b1bbf16aa Remove taint-tracking for objects that implement io.Reader 2020-08-04 16:01:30 +03:00