hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-19 08:23:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,693 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Slavomir
05314a19ee Add comments, improve naming 2020-04-30 16:46:19 +03:00
Slavomir
b176c4ad19 Add ParseFloat, ParseInt, ParseUint 2020-04-30 16:46:19 +03:00
Slavomir
8ecc2b9523 add comments, improve naming, refactor 2020-04-30 16:46:19 +03:00
Slavomir
fd9e3a005e fix comments 2020-04-30 16:46:19 +03:00
Slavomir
6d2c5be196 rename OverflowingConversionExpr to NumericConversionExpr 2020-04-30 16:46:19 +03:00
Slavomir
74481c4bad CWE-681: initial commit 2020-04-30 16:46:19 +03:00
Cornelius Riemenschneider
c856552b64 Add preOffset to the bindingset for simpleArrayLengthStep. 2020-04-30 15:00:12 +02:00
semmle-qlci
606a1145eb Merge pull request #3331 from RasmusWL/python-improve-file-taint 
Approved by tausbn
 2020-04-30 13:58:03 +01:00
Jonas Jensen
8ffa124bf9 C++: Addresses may escape through call qualifiers 
Also clarify the docs on `Call` to decrease the likelyhood of such an
omission happening again.

The updated test reflects that `f1.operator()` lets the address of `f1`
escape from the caller.
 2020-04-30 14:27:40 +02:00
Rasmus Wriedt Larsen
e0b4518a3e Merge branch 'master' into python-improve-file-taint 2020-04-30 11:24:29 +02:00
semmle-qlci
59a04282c1 Merge pull request #3381 from RasmusWL/docs-minor-python-fix 
Approved by shati-patel
 2020-04-30 10:11:28 +01:00
Rasmus Wriedt Larsen
862c4b0845 Docs: Fix result of cmp.getComparator(0) in Python tutorial 
Fixes https://github.com/github/codeql/issues/3360
 2020-04-30 10:59:59 +02:00
Tom Hvitved
b03e87f623 Merge pull request #3379 from calumgrant/cs/nullability-warning 
C#: Remove nullability warnings
 2020-04-30 08:38:28 +02:00
Max Schaefer
dd4f1ca70b Merge pull request #125 from gagliardetto/exec-syscall 
Add syscall functions to SystemCommandExecutors
 2020-04-30 07:21:28 +01:00
Sauyon Lee
417102c120 Merge pull request #124 from github/rc/1.24 
Merge rc/1.24 into master
 2020-04-29 12:27:56 -07:00
Cornelius Riemenschneider
b838426421 Move ArrayLengthAnalysis library to the correct location. 2020-04-29 21:07:44 +02:00
Slavomir
a357121e89 Fix test by removing a unix-only func; add windows-only funcs 2020-04-29 19:17:24 +03:00
Slavomir
a93477c301 Add syscall functions to SystemCommandExecutors 2020-04-29 18:31:07 +03:00
Jason Reed
62c128f9a4 C++: Add QLDoc. 2020-04-29 11:06:06 -04:00
semmle-qlci
2b055de4d6 Merge pull request #3154 from erik-krogh/ImplicitConv 
Approved by asgerf
 2020-04-29 16:05:19 +01:00
Calum Grant
25d5c81896 C#: Enable nullability for Semmle.Extraction project. Some refactoring required. 2020-04-29 15:59:46 +01:00
Calum Grant
6b8a5606d6 C#: Enable nullability for Autobuild tests project. 2020-04-29 15:27:35 +01:00
Calum Grant
86d032e2ea C#: Remove nullability warning by lifting local function. Warning seems to be caused by a compiler bug. 2020-04-29 15:21:43 +01:00
Jason Reed
e73833eda6 C++: Factor out file encoding predicate 2020-04-29 10:15:26 -04:00
Jason Reed
0500715bc1 C++: Fix docstring in localReferences.ql 2020-04-29 10:15:26 -04:00
Jason Reed
f0a7ff0d9d Exclude ide queries from lgtm suite. 2020-04-29 10:15:26 -04:00
Jason Reed
b341f768de C++: Fix formatting 2020-04-29 10:15:26 -04:00
Jason Reed
3b7fecab93 C++: Fix duplicate query ids 2020-04-29 10:15:26 -04:00
Jason Reed
5390f4b255 C++: Scope tags meant for ide contextual queries 2020-04-29 10:15:26 -04:00
Jason Reed
aa7a0e6879 CPP: Add tags for VS Code jump-to-defition 2020-04-29 10:15:26 -04:00
alexet
6a41028d3a CPP:Add preliminary local jump to def queries 2020-04-29 10:15:26 -04:00
Max Schaefer
d3fea0f171 Merge pull request #123 from sauyon/dependency-licenses 
Add license files for dependency stubs
 2020-04-29 14:45:25 +01:00
Matthew Gretton-Dann
7d605095a5 C++: Update expected test results 2020-04-29 14:31:35 +01:00
Matthew Gretton-Dann
5b29a49c73 C++: Add library support for consteval 2020-04-29 14:31:35 +01:00
Cornelius Riemenschneider
f83c3452a1 Switch allocation size expression analysis to unconverted result expression. 2020-04-29 15:13:00 +02:00
Anders Schack-Mulligen
29a5ea121a Merge pull request #2901 from ggolawski/java-spring-boot-actuators 
CodeQL query to detect open Spring Boot actuator endpoints
 2020-04-29 15:10:54 +02:00
Cornelius Riemenschneider
64cf0906b5 Address review. 
Most important fix is that VNLength is now restricted to the subset
of value numbers that are Bounds in the RangeAnalysis.
 2020-04-29 15:10:30 +02:00
Erik Krogh Kristensen
2ef13ef6e8 cousing -> sibling 2020-04-29 14:30:03 +02:00
Nick Rolfe
55301b4b2f Merge pull request #3074 from matt-gretton-dann/codeql-c-extractor/50-char8_t 
Add support for C++20's char8_t type.
 2020-04-29 12:15:25 +01:00
Cornelius Riemenschneider
9d2533c8ab Fix bug in handling of subtractions. 2020-04-29 13:07:15 +02:00
Sauyon Lee
157139bb46 Add license files for dependencies 2020-04-29 04:04:38 -07:00
Mathias Vorreiter Pedersen
8a1d96b313 Merge pull request #3374 from jbj/PartialDefinition-refactor 
C++: Refactor `PartialDefinition` charpred
 2020-04-29 13:03:40 +02:00
Cornelius Riemenschneider
e6d193294a Experimental library that tracks the length of memory. 
For each pointer, we start tracking (starting from the allocation or an array declaration)
1) how long is the chunk of memory allocated
2) where the current pointer is in this chunk of memory.
This information might not always exist, but when it does, it is reliable.
Currently only works intraprocedurally.
 2020-04-29 12:55:54 +02:00
Cornelius Riemenschneider
55cd0fac5c Move useful helper predicate and types from RangeAnalysis to RangeUtils. 2020-04-29 12:55:54 +02:00
Jonas Jensen
de3fa8e68b Merge pull request #3337 from Cornelius-Riemenschneider/alloc-type 
C++: Allocation.qll: Provide getAllocatedElementType predicate for AllocationExprs.
 2020-04-29 11:55:02 +02:00
Anders Schack-Mulligen
b6a7ab8bf4 Merge pull request #3372 from aibaars/spring-multipart 
Java: add `org.springframework.web.multipart.MultipartFile::getX` as RemoteFlowSource
 2020-04-29 11:35:04 +02:00
Matthew Gretton-Dann
a6947e0296 C++: Complete support for char8_t 2020-04-29 10:18:13 +01:00
Matthew Gretton-Dann
c0d0f7862b C++: Add DB Upgrade script 2020-04-29 10:18:13 +01:00
Matthew Gretton-Dann
52670dd956 C++: Update expected test output. 2020-04-29 10:18:13 +01:00
Matthew Gretton-Dann
2d898af2fe C++: Add library support for char8_t type. 2020-04-29 10:18:13 +01:00