hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 00:43:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,693 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
5dac94d24c Merge pull request #116 from gagliardetto/CWE-681 
CWE 681
 2020-05-12 11:59:08 +01:00
james
cf03e61e3a docs remove info about metrics from codeql docs 2020-05-12 11:33:22 +01:00
Jonas Jensen
451ae7b762 Merge pull request #3444 from dbartol/codeql-c-analysis-team/68 
Rename `sanity` -> `consistency`
 2020-05-12 12:33:08 +02:00
Erik Krogh Kristensen
bd768cbd7e autoformat 2020-05-12 12:28:02 +02:00
Slavomir
556f527193 Exclude results in test files 2020-05-12 13:12:47 +03:00
Slavomir
e5e74f34d7 Add note on why the zero is commented out in Lt32BitFlowConfig 2020-05-12 13:06:11 +03:00
Slavomir
623d5b3a97 Add comments 2020-05-12 13:00:50 +03:00
Slavomir
ea7c38c99c Remove references section from qhelp file 2020-05-12 13:00:27 +03:00
Slavomir
67a7294d10 Simplify and remove deprecated; add severity 2020-05-12 12:51:13 +03:00
Erik Krogh Kristensen
2fbdeceae7 add getContainedNode constraint to charpred of IndirectInclusionTest, and refactor two getEnclosingExpr() 2020-05-12 10:19:06 +02:00
semmle-qlci
8ce9c9d57e Merge pull request #3441 from erik-krogh/BabelDirectives 
Approved by esbena
 2020-05-12 08:57:20 +01:00
Mathias Vorreiter Pedersen
73882c9f90 Merge pull request #3439 from jbj/passesByReference-qualifier 
C++: Call qualifiers are passed by reference
 2020-05-12 08:31:57 +02:00
Mathias Vorreiter Pedersen
df6abdc074 Merge pull request #3389 from jbj/dataflow-defbyref-to-field 
C++: Post-update flow through &, *, +, ...
 2020-05-12 08:30:33 +02:00
yo-h
1d55dffb98 Java: add missing QLDoc for J2ObjC.qll 2020-05-11 20:01:48 -04:00
yo-h
c55d01318c Java: add missing QLDoc for JavaServerFaces.qll and JSFAnnotations.qll 2020-05-11 20:01:48 -04:00
yo-h
53ccbeed6d Java: add missing QLDoc for JavadocCommon.qll 2020-05-11 20:01:47 -04:00
yo-h
e33ebdc803 Java: add missing QLDoc for NamingConventionsCommon.qll 2020-05-11 20:01:47 -04:00
yo-h
0e1ca44dfd Java: add missing QLDoc for UnusedMavenDependencies.qll 2020-05-11 20:01:46 -04:00
yo-h
1c9c87241f Java: add missing QLDoc for JdkInternals*.qll 2020-05-11 20:01:46 -04:00
yo-h
20a8438109 Java: add missing QLDoc for default.qll 2020-05-11 20:01:46 -04:00
yo-h
6c8a016ca6 Java: add missing QLDoc for JacksonSerializability.qll 2020-05-11 20:01:45 -04:00
yo-h
45b502a82f Java: add missing QLDoc for GWT.qll, GwtUiBinder.qll, GwtXml.qll 2020-05-11 20:01:45 -04:00
yo-h
0d8d5773b7 Java: add missing QLDoc for Clover.qll 2020-05-11 20:01:44 -04:00
yo-h
6e64f3dd05 Java: add missing QLDoc for JavaxAnnotations.qll 2020-05-11 20:01:44 -04:00
yo-h
537c657b19 Java: add missing QLDoc for EJBRestrictions.qll 2020-05-11 20:01:44 -04:00
yo-h
4594b51dfc Java: add missing QLDoc for EJB.qll 2020-05-11 20:01:43 -04:00
yo-h
3a82090087 Java: add missing QLDoc for EJBJarXML.qll 2020-05-11 20:01:42 -04:00
yo-h
8fe093c854 Java: add missing QLDoc for PersistenceXML.qll 2020-05-11 20:01:42 -04:00
yo-h
5b962c1add Java: add missing QLDoc for Persistence.qll 2020-05-11 20:01:42 -04:00
Sauyon Lee
58e41e9302 ReflectedXss: More broadly exclude values with a constant prefix 2020-05-11 15:49:37 -07:00
Robert Marsh
090977447b Merge pull request #3445 from geoffw0/rangerounding 
C++: Round result of >> in SimpleRangeAnalysis
 2020-05-11 13:07:18 -07:00
Felicity Chapman
0366c5d035 Merge pull request #3446 from hmakholm/rc/1.24 
Merge rc/1.24 back into master
 2020-05-11 20:15:34 +01:00
Jason Reed
66da91fe59 Java, Javascript, Csharp: Restrict definitions predicates 
Only expose definition-use relation itself, and getEncodedFile.
 2020-05-11 15:14:16 -04:00
Dave Bartolomeo
e5bd66809a C++/C#: Add QLDoc for renamed queries 2020-05-11 14:16:21 -04:00
Geoffrey White
a4fa4c859a C++: Fix rounding for >>. 2020-05-11 18:55:01 +01:00
Geoffrey White
b1c32deabc C++: Add some tests with 64-bit values. 2020-05-11 18:54:50 +01:00
Dave Bartolomeo
3987267f26 Rename sanity -> consistency 2020-05-11 13:46:26 -04:00
Dave Bartolomeo
06783938d3 JavaScript: Rename sanity -> consistency 2020-05-11 13:46:12 -04:00
Dave Bartolomeo
b39d4bc4bd Java: Rename sanity -> consistency 2020-05-11 13:37:01 -04:00
Dave Bartolomeo
09d1da2f7a C++/C#: Rename sanity -> consistency 
I did both of these languages together because they share some of the changed code via `identical-files.json`.
 2020-05-11 13:29:52 -04:00
James Fletcher
46140c3c1f Merge pull request #3440 from jf205/sd-68-2 
CodeQL docs: more updates to "Further reading" sections
 2020-05-11 16:33:29 +01:00
Max Schaefer
a55c828fe4 Update ql/src/experimental/CWE-840/ConditionalBypass.ql 
Co-authored-by: porcupineyhairs <61983466+porcupineyhairs@users.noreply.github.com>
 2020-05-11 15:26:30 +01:00
Porcupiney Hairs
d0061bfd4b Golang : Add MongoDB injection support 
This PR adds support for MongoDB injection to the existing SQL injection query.
This models the official Golang MongoDB driver.

A  brief summary of changes made in this query are :

1. A `NoSQL.qll` files has been created to model a `NoSQLQueryString`.

2. An entry is added in `go.qll` by default as I find these changes may be generally useful.

3. Library tests along with there expected outputs are added.

4. Query tests are added. However, I am unable to add the expected output as qltest
can't find depstubber. However, these can be easily added. I have created a separate
codeql-go database with the same files and ran the query against the same. I can see
there should be 14 correct results added from this PR.
 2020-05-11 19:55:48 +05:30
Porcupiney Hairs
9b53ad3b3c model IO package 2020-05-11 19:39:01 +05:30
Asger F
86a774d912 Merge pull request #3394 from monkey-junkie/master 
JS SSTI CWE-094
 2020-05-11 15:06:17 +01:00
Porcupiney Hairs
c1856ba260 fix tests 2020-05-11 19:32:28 +05:30
James Fletcher
7f952963e1 Update docs/language/learn-ql/writing-queries/debugging-queries.rst 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2020-05-11 14:58:46 +01:00
Jonas Jensen
cec73e689e Merge pull request #3393 from dbartol/codeql-c-analysis-team/40/1 
C++: A few IR QLDoc comments
 2020-05-11 15:56:43 +02:00
Erik Krogh Kristensen
970ddcac7b autoformat 2020-05-11 15:38:45 +02:00
Jonas Jensen
48d2bd6102 C++: Improve suppression of duplicate sources 
This fixes a cosmetic bug in `.../CWE-134/.../examples.c` in the
internal repo.
 2020-05-11 14:44:53 +02:00