hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-05 01:31:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,691 Branches 159 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
9bf0a3f2cd Merge pull request #1547 from Semmle/rc/1.21 
Merge rc/1.21 into master
 2019-07-05 07:20:28 +02:00
Esben Sparre Andreasen
fca815f96d JS: make use of the recent Configuration split 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
6d5b84fa88 JS: split XmlBomb.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
5163ccfd39 JS: split InsufficientPasswordHash.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
8664908f78 JS: split PrototypePollution.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
289c29828f JS: split UnvalidatedDynamicMethodCall.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
9e675d9973 JS: split TaintedFormatString.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
26c29cbde5 JS: split TypeConfusionThroughParameterTampering.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
8225d9923c JS: split ClientSideUrlRedirect.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
c3973c061e JS: split ZipSlip.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
29e69b32b0 JS: split XpathInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
48b655f1c7 JS: split CommandInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
ccc171ce18 JS: split RemotePropertyInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
063abb5af9 JS: split PostMessageStar.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
3ad46cd5bf JS: split HardcodedCredentials.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
ec6d233180 JS: split CleartextLogging.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
813253e0ac JS: split BrokenCryptoAlgorithm.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
27d0caed3e JS: split RegExpInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
c8a60f74f0 JS: split StackTraceExposure.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
f2b3fa57eb JS: split RequestForgery.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
6f6887993c JS: split Xxe.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
9d670f7d39 JS: split CleartextStorage.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
013f471cf6 JS: split TaintedPath.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
2bb702ceea JS: split SqlInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
2972c28e58 JS: split NosqlInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
057b18c316 JS: split ServerSideUrlRedirect.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
a89a073623 JS: split FileAccessToHttp.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
efe7ba4f3d JS: split InsecureRandomness.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
b85d3756b0 JS: split DifferentKindsComparisonBypass.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
56172317ed JS: split HardCodedDataInterpretedAsCode.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
d786f36120 JS: split CorsMisconfigurationForCredentials.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
1f54f3269d JS: split HttpToFileAccess.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen
ee6003655a JS: split UnsafeDynamicMethodAccess.qll 2019-07-04 22:42:55 +02:00
Jonas Jensen
2f8787379a Merge pull request #1535 from geoffw0/nospacezero 
CPP: Fix false positives from NoSpaceForZeroTerminator.ql
 2019-07-04 22:36:04 +02:00
Jonas Jensen
8c733fd58d Merge pull request #1537 from geoffw0/add-tests 
CPP: Add some tests
 2019-07-04 21:20:55 +02:00
Jonas Jensen
b51c78a92a Merge pull request #1546 from geoffw0/eraperf 
CPP: Speed up LeapYear.qll 'ChecksForLeapYearFunctionCall'.
 2019-07-04 21:19:34 +02:00
semmle-qlci
0290c79c54 Merge pull request #1486 from hvitved/csharp/inherited-completions 
Approved by calumgrant
 2019-07-04 19:45:25 +01:00
Geoffrey White
1fd08f4e47 CPP: Change note. 2019-07-04 17:27:40 +01:00
Geoffrey White
73c7bc1db9 CPP: Generalize a little. 2019-07-04 17:27:40 +01:00
Geoffrey White
7fc31f263a CPP: Basic fix. 2019-07-04 17:27:40 +01:00
Geoffrey White
34d307ecef CPP: Test a common false positive. 2019-07-04 17:27:40 +01:00
Geoffrey White
8ce6822d6f CPP: Fix format literal. 2019-07-04 16:31:35 +01:00
Taus Brock-Nannestad
d2113f1ced More performance stuff. (Possibly not all needed.) 2019-07-04 17:28:40 +02:00
Geoffrey White
70b996f721 CPP: Speed up LeapYear.qll 'ChecksForLeapYearFunctionCall'. 2019-07-04 15:59:32 +01:00
Tom Hvitved
349e0e8e62 C#: Address more review comments 2019-07-04 16:46:01 +02:00
semmle-qlci
298aa92814 Merge pull request #1543 from xiemaisi/js/reflective-call-flow 
Approved by asger-semmle
 2019-07-04 12:02:24 +01:00
Tom Hvitved
421e75d4c1 C#: Address review comments 2019-07-04 11:57:48 +02:00
Max Schaefer
91a718cfe5 JavaScript: Fix data flow out of reflective calls. 
We were previously missing a data-flow edge from reflected calls to the corresponding reflective call, that is, for `f.call(...)` we didn't have a flow edge from the implicit call to `f` to the result of `f.call(...)`.
 2019-07-04 08:29:04 +01:00
Esben Sparre Andreasen
bb452bea45 JS: split UnsafeDeserialization.qll 2019-07-04 08:39:10 +02:00
Esben Sparre Andreasen
626f3fa598 JS: split ConditionalBypass.qll 2019-07-04 08:33:39 +02:00