hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-03 08:41:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,812 Commits 1,687 Branches 159 Tags
codeql-cli/v2.10.3
Commit Graph

41812 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Rolfe
6bd9616c6e Ruby: interpret string escape sequences in getConstantValue() 2022-03-14 15:45:57 +00:00
Michael Nebel
bcdbfefb2b Merge pull request #8329 from michaelnebel/csharp/model-generator 
C#: Capture Summary models.
 2022-03-14 16:10:05 +01:00
Erik Krogh Kristensen
c93f29b1a1 fix typo in change note 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-03-14 16:03:45 +01:00
Joe Farebrother
d4b5eed3e4 Merge pull request #8410 from joefarebrother/sensitive-logging 
Java: Promote Sensitive Logging query
 2022-03-14 14:50:26 +00:00
Henry Mercer
8b1b2af2d8 JS: Remove isEffectiveSinkWithOverridingScore 
This was previously used in the ATM external API query, but is now dead
code.
 2022-03-14 14:25:36 +00:00
Erik Krogh Kristensen
8c28b93427 QL: rename query to ql/name-casing 2022-03-14 15:03:58 +01:00
Erik Krogh Kristensen
87987872c6 QL: use an/a correctly in the alert message 2022-03-14 15:03:07 +01:00
Erik Krogh Kristensen
93fcfc3012 QL: use negative char classes to generalize query to detect e.g. underscores 2022-03-14 15:00:27 +01:00
Mathias Vorreiter Pedersen
7593ebaa62 C++: Use 'getAstVariable' now that 'getASTVariable' is deprecated. 2022-03-14 13:38:27 +00:00
Chris Smowton
9f02ca0db2 Merge pull request #8357 from p0wn4j/jdbc-url-ssrf-sink 
Java: Add JDBC connection SSRF sinks
 2022-03-14 13:27:34 +00:00
Michael Nebel
432ac7a824 C#: Deprecate the StructuralComparisonConfig class. 2022-03-14 14:17:56 +01:00
Michael Nebel
5a4a97569f C#: Use Gvn comparison instead of StructuralComparisonConfiguration in Constants. 2022-03-14 14:17:56 +01:00
Michael Nebel
5b5ea140d2 C#: Delete the Internal StructuralComparisonConfiguration class as it is no longer needed. 2022-03-14 14:17:56 +01:00
Michael Nebel
bf4dc0034a C#: Use Gvn comparison instead of StructuralComparisonConfiguration in Guards. 2022-03-14 14:17:56 +01:00
Michael Nebel
90b4eb9e13 C#: Use Gvn comparison instead of StructuralComparisonConfiguration in UnsafeLazyInitialization. 2022-03-14 14:17:56 +01:00
Michael Nebel
74b8e73133 C#: Use Gvn comparison instead of StructuralComparisonConfiguration in MissedTernaryOpportunity. 2022-03-14 14:17:56 +01:00
Michael Nebel
94999d4df5 C#: Use Gvn comparison instead of StructuralComparisonConfiguration in UselessIsBeforeAs. 2022-03-14 14:17:56 +01:00
Michael Nebel
8e7c7d8259 C#: Use Gvn comparison instead of StructuralComparisonConfiguration in UselessNullCoalescingExpression. 2022-03-14 14:17:56 +01:00
Michael Nebel
4a1981edfd C#: Use Gvn comparison instead of StructuralComparisonConfiguration in NestedLoopsSameVariable. 2022-03-14 14:17:56 +01:00
Michael Nebel
b4f2fc60ec C#: Use Gvn comparison instead of StructuralComparisonConfiguration in SelfAssignment. 2022-03-14 14:17:56 +01:00
Michael Nebel
f241eef2ea C#: Use Gvn comparison instead of StructuralComparisonConfiguration in structuralComparison test. 2022-03-14 14:17:56 +01:00
Michael Nebel
6f5b2e8440 C#: Use Gvn comparison instead of StructuralComparisonConfiguration in UseTryGetValue. 2022-03-14 14:17:56 +01:00
Chris Smowton
ca8237b9de Make comment into qldoc 2022-03-14 13:14:31 +00:00
Mathias Vorreiter Pedersen
50b77761f1 C++: Port the 'predictable' barrier from 'DefaultTaintTracking' to 'cpp/unclear-array-index-validation' to prevent an explosion of new results. 2022-03-14 13:14:07 +00:00
Joe Farebrother
e4b762b5c5 Improve qldoc; make taint tracking 2022-03-14 13:10:34 +00:00
Michael Nebel
21bcaf6a0e C#/Java: After remaining code after rebase. 2022-03-14 14:08:49 +01:00
Michael Nebel
74352925e4 C#/Java: Remove inline from returnNodeEnclosingCallable. 2022-03-14 13:50:55 +01:00
Michael Nebel
48dc9d7057 C#/Java: Move containerContent to DataFlowPrivate. 2022-03-14 13:50:55 +01:00
Michael Nebel
b7803ef0b1 C#: Introduce SyntheticFieldContent in RelevantContent. 2022-03-14 13:50:55 +01:00
Michael Nebel
12ff2c6cd5 C#/Java: Improve comments in CaptureSummaryModels. 2022-03-14 13:50:55 +01:00
Michael Nebel
3ad9731e91 C#/Java: Add some more QL docs. 2022-03-14 13:50:50 +01:00
Michael Nebel
2476e716a2 C#: Move the isRelevantTaintStep and isRelevantContent into the shared utils. 2022-03-14 13:49:52 +01:00
Michael Nebel
665e3c9326 C#: Re-factor containerContent into standalone predicate in DataFlow library. 2022-03-14 13:49:51 +01:00
Michael Nebel
5d03e510d2 C#/Java: Include synthetic fields in isRelevantContent. 2022-03-14 13:49:51 +01:00
Michael Nebel
d881d31959 C#: Remove comma from QL Doc. 2022-03-14 13:49:51 +01:00
Michael Nebel
cd03af3be4 C#: Get rid of the isOwnInstanceAccess based on ReturnStmt. 2022-03-14 13:49:46 +01:00
Mathias Vorreiter Pedersen
0bf4ce7cf1 Merge pull request #8427 from MathiasVP/fix-bad-join-in-return-stack-allocated-memory 
C++: Fix join in `cpp/return-stack-allocated-memory`
 2022-03-14 12:49:30 +00:00
Michael Nebel
34a91f1aac C#: Rename CaptureSummaryModelsQuery to CaptureSummaryModels. 2022-03-14 13:48:56 +01:00
Michael Nebel
94a840e96b C#: Add some more testcases for flow summary generation. 2022-03-14 13:48:56 +01:00
Michael Nebel
36e0c683bd C#: Add QL Doc to the primary predicate used for capturing flow. 2022-03-14 13:48:56 +01:00
Michael Nebel
e8aacb710e C#: Add file level QL Doc to Capture Summary models specific implementations. 2022-03-14 13:48:56 +01:00
Michael Nebel
d114582b56 C#: Add QLDoc to the shared Capture summary models library. 2022-03-14 13:48:51 +01:00
Michael Nebel
8d2593ba0c C#: Add expected output from running the test. 2022-03-14 13:47:24 +01:00
Michael Nebel
4d46b581c3 C#: Add some initial examples. 2022-03-14 13:47:24 +01:00
Michael Nebel
75b4632815 C#: Add test query. 2022-03-14 13:47:24 +01:00
Michael Nebel
20cbd6b332 Java/C#: Include the share files in sync files. 2022-03-14 13:47:24 +01:00
Michael Nebel
b08e696d42 C#: Add query. 2022-03-14 13:47:24 +01:00
Michael Nebel
31a374afa3 C#: Add copy of the shared CaptureSummaryModels logic. 2022-03-14 13:47:24 +01:00
Michael Nebel
e5cce6cca3 C#: Add initial implementation of specific predicates needed to capture summary models. 2022-03-14 13:47:24 +01:00
Michael Nebel
82d93d0f9e Java: Refactor CaptureSummaryModels code to enable re-use in C#. 2022-03-14 13:47:20 +01:00