hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 15:22:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Rolfe
7db2f643cc Vim syntax: add missing annotations and annotation arguments 2019-02-11 11:42:53 +00:00
semmle-qlci
10b00254ec Merge pull request #915 from asger-semmle/closure-uri-methods 
Approved by xiemaisi
 2019-02-11 10:51:07 +00:00
Anders Schack-Mulligen
e4ba5ce608 Merge pull request #787 from hmakholm/pr/fix-useless-parameter 
Fix false positives in java/unused parameter
 2019-02-11 11:49:21 +01:00
Robin Neatherway
409733838b Java: Add a flow step for Path::toFile in ZipSlip 2019-02-11 10:33:44 +00:00
Taus
fb8d0f5b1f Merge pull request #850 from markshannon/python-improve-import-analysis 
Python improve import analysis
 2019-02-11 10:28:37 +01:00
Max Schaefer
10ef945b51 JavaScript: Restrict InstanceFieldAsPropWrite to fields with initializers. 2019-02-11 08:17:53 +00:00
Robert Marsh
184e65d8a1 Merge pull request #919 from dave-bartolomeo/dave/SSATests 
C++: Split out SSA IR tests
 2019-02-08 18:18:01 -08:00
Dave Bartolomeo
bda00bbff2 C++: Split out SSA IR tests 
The IR tests were getting kind of unwieldy. We were using "ir.cpp" to contain test cases that covered both IR construction (every language construct imaginable) and SSA construction. We would then build and dump all three flavors of IR. For IR construction tests, examining the SSA dumps when you add a new test case is tedious.

To make this easier to manage, I've split the SSA-specific test cases out into a separate directory. "ir.cpp" should now contain only IR construction test cases, and "ssa.cpp" should contain only SSA construction test cases. We dump just the raw IR for "ir.cpp", and just the two SSA flavors for "ssa.cpp". We still run all three flavors of the IR sanity tests for "ir.cpp", though.

I also removed the "ssa_block_count.ql" test, which wasn't really adding any coverage, because any change to the block count would be reflected in the dump as well.
 2019-02-08 15:28:06 -08:00
semmle-qlci
986afa1b1b Merge pull request #909 from xiemaisi/js/improve-incomplete-sanitization-alerts 
Approved by esben-semmle
 2019-02-08 17:39:36 +00:00
semmle-qlci
232d81a4ed Merge pull request #908 from xiemaisi/js/enable-ms-queries 
Approved by esben-semmle
 2019-02-08 17:38:27 +00:00
Mark Shannon
ee143ee041 Python: Add change note for unified parser. 2019-02-08 16:44:01 +00:00
Asger F
74a9c4b500 JS: use type inference to back up function-style classes 2019-02-08 16:42:24 +00:00
Mark Shannon
e37bda27d5 Python points-to: Clarify use of '$' variable. 2019-02-08 15:54:51 +00:00
Calum Grant
9319d66c13 Merge pull request #893 from hvitved/csharp/cfg/splitting-performance-tweaks 
C#: CFG performance improvements
 2019-02-08 15:52:51 +00:00
Geoffrey White
8b2405b267 CPP: Update severity/precision of LargeParameter.ql. 2019-02-08 15:23:57 +00:00
calum
d18bbf6a73 C#: Make query only apply to reftypes, since I believe valuetypes are safe or cannot be fixed trivially using the volatile keyword. 2019-02-08 15:18:29 +00:00
Asger F
f6e0ccfcf0 JS: model URI and XHR methods from closure library 2019-02-08 15:18:27 +00:00
Asger F
fd2e9f1fcb JS: shift line numbers in RequestForgery test 2019-02-08 15:13:33 +00:00
Mark Shannon
52ddd79cab Python: Add 2/3 specific query tests. 2019-02-08 15:13:17 +00:00
calum
b473d2f7a8 C#: Update change notes. Decrease the priority of this query because the volatile keyword is no longer needed on modern .Net runtimes. 2019-02-08 14:59:45 +00:00
calum
7addd41e38 C#: Fixes to double-checked lock. 2019-02-08 14:57:57 +00:00
Mark Shannon
adb4c42aa5 Python: Add 2-only library tests. 2019-02-08 14:49:04 +00:00
Mark Shannon
49307a72b4 Python: Add 3-only library tests. 2019-02-08 14:39:27 +00:00
calum
c9cf183878 C#: Fix merge conflicts. 2019-02-08 14:38:51 +00:00
calum
08d13ea363 C#: Address review comments. 2019-02-08 14:38:51 +00:00
calum
15a2f9dc13 C#: Add change note. 2019-02-08 14:38:51 +00:00
calum
7f7a92d092 C#: Model Json.NET dataflow. 2019-02-08 14:37:54 +00:00
semmle-qlci
937049e060 Merge pull request #891 from xiemaisi/js/simplify-sensitive-actions 
Approved by esben-semmle
 2019-02-08 14:12:47 +00:00
Taus
90eccbdf76 Merge pull request #836 from markshannon/python-mutating-descriptor 
Python: Fix up mutating-descriptor query
 2019-02-08 15:10:30 +01:00
Nick Rolfe
01fac31641 Vim syntax: highlight numbers and new keywords 2019-02-08 13:43:15 +00:00
Jonas Jensen
566eafc706 Merge pull request #823 from dave-bartolomeo/dave/IdentityString 
C++: Declaration.getIdentityString and Type.getTypeIdentityString
 2019-02-08 13:16:02 +01:00
Mark Shannon
465f42eb2f Python: Add 'special operation' pseudo-expression type, for use in semantic stubs file. No use of it as yet. 2019-02-08 11:31:34 +00:00
semmle-qlci
7e298cfbbe Merge pull request #900 from esben-semmle/js/defuse-default 
Approved by xiemaisi
 2019-02-08 11:28:32 +00:00
semmle-qlci
a48594ad8e Merge pull request #906 from asger-semmle/q-library 
Approved by xiemaisi
 2019-02-08 11:12:50 +00:00
Asger F
bfe88e9784 JS: make Closure::moduleImport handle member access. 2019-02-08 10:51:07 +00:00
Max Schaefer
6ce77ea1ef JavaScript: Add change note. 2019-02-08 09:57:07 +00:00
Max Schaefer
b314c546e1 JavaScript: Track taint through RegExp.prototype.replace. 2019-02-08 09:57:07 +00:00
Max Schaefer
25d06ad0cf JavaScript: Treat regexp replacements of HTML metacharacters as sanitizers for XSS queries. 2019-02-08 09:57:06 +00:00
Max Schaefer
18c23ecfd4 JavaScript: Introduce shared library for modelling XSS-relevant concepts. 
As its first application, this library makes it possible for `StoredXss` to reuse the `Source` classes of `DomBasedXss` and `ReflectedXss` without having to pull in their libraries (which contain their `Configuration` classes, causing `StoredXss` to recompute all flow information for the other two queries).
 2019-02-08 09:53:51 +00:00
semmle-qlci
0558b58193 Merge pull request #907 from asger-semmle/reapply-closure-modules 
Approved by xiemaisi
 2019-02-08 09:23:47 +00:00
Max Schaefer
3e26bc6446 JavaScript: Improve alert location and message for IncompleteSanitization. 
We now highlight the `replace` call (instead of the regular expression), and the alert message for the case of missing backslash escapes clarifies that it is talking about failure to escape backslashes in the input, not in the replacement text.
 2019-02-08 09:13:40 +00:00
Max Schaefer
aebc5bc6c3 JavaScript: Update qhelp example for CleartextStorage. 2019-02-08 08:43:22 +00:00
Max Schaefer
0be81dacdc JavaScript: Add classification of sensitive expressions. 
We now classify sensitive expressions into four categories (secret, id, password, certificate). This allows queries more fine-grained control over what kinds of sensitive data they want to deal with: for clear-text storage, for instance, user ids aren't so much of a problem.
 2019-02-08 08:43:22 +00:00
Max Schaefer
6389f32847 JavaScript: Update expected output for ExtractSinkSummaries query. 2019-02-08 08:43:22 +00:00
Max Schaefer
326b93bf84 JavaScript: Clean up classification of sensitive strings. 2019-02-08 08:43:22 +00:00
ian-semmle
f337c9faf4 Merge pull request #888 from dave-bartolomeo/dave/Capture 
C++: Update captures test for closure fields extractor fix
 2019-02-07 22:54:01 +00:00
Dave Bartolomeo
1e7dcedcdf C++: Fix semantic merge conflict 2019-02-07 14:32:26 -08:00
Dave Bartolomeo
283991d520 C++: Handle ProxyClass in getIdentityString() 2019-02-07 14:26:01 -08:00
Dave Bartolomeo
3414c105c6 C++: Hoist getTemplateArgument() and friends into Declaration 2019-02-07 14:26:01 -08:00
Dave Bartolomeo
1c6b14e505 C++: Remove deprecation of getFullSignature() until we can fix internal tests to use getIdentityString() 2019-02-07 14:26:01 -08:00