hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 07:12:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
09825f28ed Merge pull request #817 from asger-semmle/closure-modules 
Approved by esben-semmle, xiemaisi
 2019-02-06 15:51:53 +00:00
Tom Hvitved
8812f26517 C#: Address review comments 2019-02-06 13:17:47 +01:00
Tom Hvitved
c3378c44a1 C#: Prevent bad magic in getArgumentForParameter() 2019-02-06 13:09:56 +01:00
Calum Grant
dd75e5bce3 Merge pull request #877 from hvitved/csharp/matches-handle 
C#: Use `matchesHandle()` instead of `getLabel()`
 2019-02-06 11:02:09 +00:00
semmle-qlci
a2691b32b5 Merge pull request #851 from xiemaisi/js/post-message-star 
Approved by esben-semmle
 2019-02-06 09:57:04 +00:00
Asger F
abb7e63697 JS: update GlobalVariableRef.expected 2019-02-06 09:16:30 +00:00
Asger F
44939263e4 JS: update TRAP files 2019-02-06 09:12:16 +00:00
Asger F
c52ed9152f JS: handle .mjs files correctly 2019-02-06 09:12:10 +00:00
Esben Sparre Andreasen
fb19032038 JS: change notes for Vue support 2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen
f15af70c02 JS: use HTML::ScriptElement::getScript in Vue 2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen
5e2b1c026a JS: introduce HTML::ScriptElement::getScript() 2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen
a78dd422b6 JS: add query js/vue/arrow-method-on-vue-instance 2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen
ea175b2a9f JS: introduce Vue XSS sinks 2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen
a6cfee5f26 JS: prevent inlining of three auxiliary Vue methods 2019-02-06 09:37:23 +01:00
Esben Sparre Andreasen
ddf9ca2505 JS: introduce base Vue model 2019-02-06 09:37:23 +01:00
Geoffrey White
2321ae911e CPP: Fix the test by adding PotentiallyDangerousFunction. 2019-02-05 17:58:30 +00:00
Geoffrey White
018450500d CPP: Fix closing tag. 2019-02-05 17:58:30 +00:00
Geoffrey White
c05df6ea4c CPP: Add reference. 2019-02-05 17:58:30 +00:00
Geoffrey White
f73a3a6a24 CPP: Explain the danger of gets a bit more in qhelp. 2019-02-05 17:58:30 +00:00
Geoffrey White
0541950c44 CPP: Clean up PotentialBufferOverflow.ql a bit. 2019-02-05 17:58:30 +00:00
Geoffrey White
2a708d3243 CPP: Change note. 2019-02-05 17:58:30 +00:00
Geoffrey White
c32e1b8000 CPP: Change the @name of PotentialBufferOverflow.ql to be in line with everything else. 2019-02-05 17:58:30 +00:00
Geoffrey White
f7e7737789 CPP: Update qhelp. 2019-02-05 17:58:30 +00:00
Geoffrey White
87a25f0cbe CPP: Update CWE tags. 2019-02-05 17:58:30 +00:00
Geoffrey White
429f53ed74 CPP: Move the 'gets' case. 2019-02-05 17:58:30 +00:00
Geoffrey White
a82832e779 CPP: Add a test that uses 'gets'. 2019-02-05 17:58:30 +00:00
Geoffrey White
bbc8e7886b CPP: Rearrange PotentiallyDangerousFunction.ql. 2019-02-05 17:58:30 +00:00
Asger F
ddd72190cb JS: change note 2019-02-05 16:59:29 +00:00
Asger F
46b996a936 JS: autoformat ¯\_(ツ)_/¯ 2019-02-05 16:52:06 +00:00
Asger F
8924aa3ee0 JS: add test case 2019-02-05 16:51:21 +00:00
Asger F
cad5a064cd JS: recognize a-sync-waterfall package 2019-02-05 16:38:47 +00:00
semmle-qlci
4b81ffab96 Merge pull request #869 from hvitved/csharp/autoformat 
Approved by calumgrant
 2019-02-05 16:35:10 +00:00
Tom Hvitved
37c55750f7 Merge pull request #873 from calumgrant/cs/format-getresource-strings 
C#: Fix FP in cs/format-argument-unused
 2019-02-05 17:12:04 +01:00
Taus Brock-Nannestad
b550da2b45 Improve change note. 2019-02-05 16:01:45 +01:00
yh-semmle
3e8f7a740c Merge pull request #838 from aschackmull/java/taint-collections 
Java: Add additional taint steps through collections.
 2019-02-05 09:59:24 -05:00
Esben Sparre Andreasen
b72441f9c2 JS: use StringOps:: in js/incomplete-url-substring-sanitization 2019-02-05 15:17:55 +01:00
Tom Hvitved
23b9b1eb72 C#: Cache Splits::toString() 2019-02-05 15:01:25 +01:00
Anders Schack-Mulligen
fe7add77d2 Java: Account for the repo move in NonSecurityTestClass. 2019-02-05 14:31:40 +01:00
Tom Hvitved
8c7c582e07 C#: Move successor types into own file 2019-02-05 14:27:09 +01:00
Tom Hvitved
0992e01f91 C#: Move Splitting and Reachability modules into own file 2019-02-05 14:27:09 +01:00
Tom Hvitved
3503e9b57e C#: Move PreSsa module into own file 2019-02-05 14:27:09 +01:00
alexet
59a5bec769 CPP: Use more field overriding 2019-02-05 13:07:41 +00:00
Tom Hvitved
5306d1ea0d C#: Move PreBasicBlocks module into own file 2019-02-05 13:41:50 +01:00
Asger F
51360d8772 JS: add Parameter.getJSDocTag 2019-02-05 11:35:16 +00:00
Tom Hvitved
83fb32828f C#: Move NonReturning module into own file 2019-02-05 11:50:03 +01:00
Tom Hvitved
64539b0263 C#: Move Completion.qll 2019-02-05 11:45:33 +01:00
Tom Hvitved
0211837e24 C#: Remove getUrl() predicate 2019-02-05 11:07:13 +01:00
Jonas Jensen
cad4bac548 C++: Concretize ConstantAnalysis NegateInstruction 
This is just to make the QL shorter. It generates the same DIL.
 2019-02-05 11:05:47 +01:00
Jonas Jensen
be35c674a7 C++: Factor out getConstantValueToPhi 
This speeds up `getConstantValue`, the main predicate in
`ConstantAnalysis`, from 2.4s to 1.6s on comdb2.
 2019-02-05 11:05:47 +01:00
Jonas Jensen
283bb2f6d0 C++: Factor out ConstantAnalysis BinaryInstruction 
This speeds up comdb2 constant analysis from 6.5s to 4.5s.
 2019-02-05 11:05:47 +01:00