hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-04 01:01:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,689 Branches 159 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mark Shannon
6a79e0aaa7 Python points-to: Prevent bad magic on 'refersTo' member predicates. 2019-06-03 12:22:22 +01:00
Mark Shannon
8d4a8a6c6b Python: Reduce the number of strings and ints identified and possible hard-coded credentials. 2019-06-03 12:22:15 +01:00
semmle-qlci
bd1920c948 Merge pull request #1390 from xiemaisi/js/shrink-configurations 
Approved by esben-semmle
 2019-06-03 12:05:09 +01:00
Jonas Jensen
ab6221d48e Merge pull request #1388 from Semmle/xiemaisi-patch-1 
CPP: Fix name of example file in qhelp.
 2019-06-03 13:00:25 +02:00
Calum Grant
032a6b1c7c Merge pull request #1375 from hvitved/csharp/switch-expr-guard 
C#: Switch expression guards
 2019-06-03 11:15:10 +01:00
Max Schaefer
d8a101df6d JavaScript: Shrink Configurations.qll some more. 2019-06-03 10:32:25 +01:00
Max Schaefer
5f32e1f637 CPP: Fix name of example file in qhelp. 
This seems to have been missed in https://github.com/Semmle/ql/pull/1315.
 2019-06-03 08:54:54 +01:00
Esben Sparre Andreasen
14644270ac JS: fix comment typo 2019-06-03 08:32:35 +02:00
Esben Sparre Andreasen
7018a38691 JS: improve tests and regexp for js/regex/missing-regexp-anchor 2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen
3289c629f7 JS: address minor review comments 2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen
0fa73b8331 JS: add query js/regex/missing-regexp-anchor 2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen
69db54a03a JS: add anchors to js/incomplete-hostname-regexp examples 2019-06-03 08:27:49 +02:00
Esben Sparre Andreasen
3358e49698 JS: refactor the predicate RegExp::regexp to three classes. 
This preserves the ad hoc message formatting in IncompleteHostnameRegExp.ql
 2019-06-03 08:27:49 +02:00
Esben Sparre Andreasen
98ae2597bb JS: refactor IncompleteHostnameRegExp::regexp to RegExp.qll 2019-06-03 08:27:49 +02:00
semmle-qlci
79406f8387 Merge pull request #987 from rdmarsh2/rdmarsh/cpp/ir-asm-stmt 
Approved by dave-bartolomeo
 2019-06-03 07:03:28 +01:00
Jonas Jensen
c9a0eed6e8 Merge pull request #1379 from geoffw0/ctime-repair 
CPP: Add DangerousFunctionOverflow.ql to the security suite.
 2019-06-02 09:56:01 +02:00
Robert Marsh
4371d02a1f C++: accept SignAnalysis.expected 2019-05-31 13:35:05 -07:00
Robert Marsh
5dd8c9cd4e C++: revert InlineAsm subclassing SideEffectOpcode 2019-05-31 13:28:26 -07:00
Robert Marsh
2770b2a9b9 C++: respond to PR comments 2019-05-31 13:19:40 -07:00
Robert Marsh
98d6f5919f C++: Treat asmStmt operands as input/output in IR 2019-05-31 12:51:44 -07:00
Robert Marsh
66d1efdb97 C++: respond to PR comments 2019-05-31 12:42:04 -07:00
Dave Bartolomeo
0bfc559cb1 Apply suggestions from code review 
Co-Authored-By: rdmarsh2 <rdmarsh2@gmail.com>
 2019-05-31 12:29:23 -07:00
Robert Marsh
23560436a7 C++: add minimal AsmStmt support to IR 2019-05-31 12:29:19 -07:00
semmle-qlci
3851261230 Merge pull request #1378 from jbj/hasQualifiedName-inline-namespace 
Approved by dave-bartolomeo
 2019-05-31 19:39:42 +01:00
semmle-qlci
c0440cf7f5 Merge pull request #1386 from asger-semmle/prototype-change-note 
Approved by xiemaisi
 2019-05-31 19:30:30 +01:00
semmle-qlci
d741e0b20c Merge pull request #1382 from jbj/redundant-null-check-gvn 
Approved by dave-bartolomeo
 2019-05-31 16:28:01 +01:00
Mark Shannon
66ba1079f3 Python points-to: Cache objects. 2019-05-31 16:26:43 +01:00
Mark Shannon
f6cc0be4a4 Python points-to. Move extension to prevent points-to being recomputed. 2019-05-31 16:26:43 +01:00
Mark Shannon
f311c2013e Python points-to: Cache a few key predicates. 2019-05-31 16:26:43 +01:00
Mark Shannon
1de0dc9282 Python taint-tracking: Fix performance of pathalogically slow predicate. 2019-05-31 16:26:43 +01:00
Mark Shannon
b182abd119 Python points-to: Fix up a number of overly slow predicates. 2019-05-31 16:26:43 +01:00
Mark Shannon
8e2d6c4fc6 Python points-to: Simplify logic w.r.t. comparisons. 2019-05-31 15:58:35 +01:00
Max Schaefer
c560096b17 JavaScript: Make Script and CodeInAttribute concrete. 2019-05-31 12:04:14 +01:00
Asger F
a4a9e951d5 JS: Add query ID to change note 2019-05-31 11:44:06 +01:00
Asger F
ffb3265b26 JS: Mention results are shown on LGTM 2019-05-31 11:35:35 +01:00
Asger F
5170fa2ded JS: Add change note for prototype pollution 2019-05-31 10:58:56 +01:00
semmle-qlci
653c8b8496 Merge pull request #1358 from AlexTereshenkov/master 
Approved by taus-semmle
 2019-05-31 10:16:44 +01:00
Max Schaefer
74688bb600 Merge pull request #1341 from esben-semmle/js/sync-suites 
JS: Add queries to the manual suite for LGTM constistency
 2019-05-31 08:18:08 +01:00
Jonas Jensen
fff6c386c9 Merge pull request #1381 from dave-bartolomeo/dave/CopyCtor 
C++: Make `constructor-used-as-copy-constructor` warning/low
 2019-05-31 09:15:37 +02:00
Max Schaefer
3097037a6f Merge pull request #1290 from esben-semmle/js/semver-lib 
JS: add SemVer library
 2019-05-31 08:09:24 +01:00
Calum Grant
5b8c6d4789 Merge pull request #1377 from hvitved/csharp/useless-upcast 
C#: Teach `cs/useless-upcast` about disambiguating constructor calls
 2019-05-31 06:51:39 +01:00
Robert Marsh
6167a556fd Merge pull request #1380 from dave-bartolomeo/dave/RangeFor 
C++: IR support for range-based `for` loops
 2019-05-30 17:21:42 -07:00
semmle-qlci
0fa06e5c8d Merge pull request #1180 from asger-semmle/tainted-path-squashed 
Approved by xiemaisi
 2019-05-30 17:20:19 +01:00
Mark Shannon
6689994285 Python points-to: Minor refactoring for clarity. 2019-05-30 17:18:16 +01:00
Dave Bartolomeo
f4d41a15d7 C++: Add change not 2019-05-30 08:33:57 -07:00
Dave Bartolomeo
e90403be31 C++: Make constructor-used-as-copy-constructor warning/low 
This query is supposed to look for constructors that unintentionally qualify as copy constructors due to default arguments. There are quite a few real-world projects that define such constructors intentionally. I've reduced the severity to "warning" and the precision to "low" due to the high false positive rate.
 2019-05-30 08:33:26 -07:00
semmle-qlci
b17eb5cc9d Merge pull request #1384 from asger-semmle/typescript-3.5 
Approved by xiemaisi
 2019-05-30 15:53:27 +01:00
semmle-qlci
9614a1a039 Merge pull request #1385 from xiemaisi/js/lgtm-yml-change-notes 
Approved by mc-semmle
 2019-05-30 15:25:49 +01:00
Asger F
be5173680d Merge pull request #2 from xiemaisi/tainted-path-squashed 
JavaScript: Update expected test output.
 2019-05-30 15:16:19 +01:00
Max Schaefer
a3be6be17d JavaScript: Add change notes for newly added lgtm.yml properties. 2019-05-30 15:11:35 +01:00