hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-03 16:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,812 Commits 1,689 Branches 159 Tags
codeql-cli/v2.10.3
Commit Graph

41812 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
ba233ed7a1 Java: Rearrange and refactor language specific content into standalone predicates. 2022-03-14 13:46:24 +01:00
Chris Smowton
b351d5bc2f Autoformat 2022-03-14 12:44:40 +00:00
Michael Nebel
6259ecfc12 C#: Add copy of shared functionality. 2022-03-14 13:43:51 +01:00
Michael Nebel
dadc143b60 C#: Add printer predicates for parameter and return nodes. 2022-03-14 13:43:51 +01:00
Michael Nebel
2b90b5ff62 C#: Add isRelevant predicates. 2022-03-14 13:43:51 +01:00
Michael Nebel
81c8cac77e C#: Add partial model printer for TargetApi class. 2022-03-14 13:43:51 +01:00
Michael Nebel
9c6ed0ade3 C#: Add TargetAPI class. 2022-03-14 13:43:51 +01:00
Michael Nebel
9ca199c9ae Java: Move generic code out of language specific file for model generation. 2022-03-14 13:43:45 +01:00
Michael Nebel
a2d9f4f6f4 Java: Introduce language specific file for model generator code. 2022-03-14 13:40:40 +01:00
jorgectf
a0bf68f7cd Generally extend TaintTracking::AdditionalTaintStep 2022-03-14 13:39:20 +01:00
Michael Nebel
a1c642685a Java: Re-arrange code in ModelGeneratorUtils. 2022-03-14 13:35:56 +01:00
Erik Krogh Kristensen
689f3c0478 update some references to deprecated module names 2022-03-14 13:28:34 +01:00
Erik Krogh Kristensen
7c4f9f92fb Merge pull request #8422 from erik-krogh/depMore 
JS: Address some code that weren't affecting any query result
 2022-03-14 13:24:08 +01:00
Chris Smowton
f83ea25ead Add change note 2022-03-14 12:14:37 +00:00
Erik Krogh Kristensen
548e50c676 QL: add quick-eval predicate to detect unqueryable code 2022-03-14 13:04:22 +01:00
Erik Krogh Kristensen
2250ebc5e2 remove leftover comments 2022-03-14 13:04:22 +01:00
Erik Krogh Kristensen
3bf5e06d53 delete all dead code 2022-03-14 13:03:31 +01:00
Mathias Vorreiter Pedersen
7c411b4bad C++: Respond to review comments 2022-03-14 11:57:28 +00:00
Erik Krogh Kristensen
27d41cba7e QL: add ql/dead-code query 2022-03-14 12:57:02 +01:00
Chris Smowton
aada8d3af9 Merge pull request #8405 from smowton/smowton/fix/range-analysis-use-ranked-phi-nodes 
C#/Java: Range analysis: use ranked phi nodes
 2022-03-14 11:55:55 +00:00
Erik Krogh Kristensen
a4525bbb29 add change-note 2022-03-14 12:22:39 +01:00
Erik Krogh Kristensen
ad2ab5602e PY: rename remaining private python modules 2022-03-14 12:22:33 +01:00
Mathias Vorreiter Pedersen
0da5d91955 Merge branch 'main' into use-taint-configuration-in-three-more-queries 2022-03-14 11:12:23 +00:00
Jeroen Ketema
4c2081b7fc Merge pull request #8401 from jketema/taint-flow 
Extend taint tracking interface with flow states
 2022-03-14 12:06:10 +01:00
Mathias Vorreiter Pedersen
31b1e4079f C++: Prevent join-on-enclosing-callable in 'cpp/return-stack-allocated-memory'. 2022-03-14 11:01:07 +00:00
Rasmus Wriedt Larsen
2f4a22c86c Merge pull request #6112 from jorgectf/jorgectf/python/deserialization 
Python: Port and extend XXE modeling
 2022-03-14 11:59:28 +01:00
Erik Krogh Kristensen
8515a70fe6 JS: fix all ql/no-upper-case-variables 2022-03-14 11:50:48 +01:00
Erik Krogh Kristensen
02127b40cd PY: fix all ql/no-upper-case-variables 2022-03-14 11:50:48 +01:00
Erik Krogh Kristensen
83f26eb833 rename all upper-case variables to start with a lower-case letter 2022-03-14 11:50:48 +01:00
Erik Krogh Kristensen
4f0d4ecf6e QL: add no-uppercase-variables query 2022-03-14 11:50:48 +01:00
Erik Krogh Kristensen
7d6700a943 Merge branch 'main' into depMore 2022-03-14 11:49:18 +01:00
Erik Krogh Kristensen
c06336480c add change note 2022-03-14 11:41:53 +01:00
Erik Krogh Kristensen
bbb2847ec1 Merge pull request #8323 from erik-krogh/acronyms 
Enforcing consistent casing of acronyms
 2022-03-14 11:38:25 +01:00
Jeroen Ketema
c832b21fbe Add change notes for changes to the taint tracking library 2022-03-14 10:38:48 +01:00
Erik Krogh Kristensen
6d66ea4253 also deprecate the definitionReaches predicate, it was only used in a test 2022-03-14 10:14:15 +01:00
Erik Krogh Kristensen
54760081dc add pointers to the qldoc of deprecated predicates 2022-03-14 10:10:38 +01:00
Alex Ford
6eca036b44 Ruby: Add qldoc for Cryptography module (from python version) 2022-03-14 08:57:13 +00:00
Tony Torralba
1f4f4207b5 Add missing security-severity scores 2022-03-14 09:50:14 +01:00
Tom Hvitved
06b8f74644 C#: Avoid combinatorial explosion in structural comparison library 
In cases where the target of a call/access has multiple values (which is a DB
inconsistency), the GVN construction underlying the structural comparision library
may run into a combinatorial explosion. This change excludes such expressions from
the GVN construction.
 2022-03-14 09:07:45 +01:00
ihsinme
62381d0762 Update test.cpp 2022-03-14 09:36:28 +03:00
ihsinme
de92356c88 Update InsecureTemporaryFile.expected 2022-03-14 09:35:03 +03:00
ihsinme
1db759cc4d Update InsecureTemporaryFile.ql 2022-03-14 09:33:08 +03:00
4B5F5F4B
597603a3a6 Create cve-2017-5123.ql 
Add query to detect CVE-2017-5123
 2022-03-14 09:44:30 +08:00
4B5F5F4B
4030561eb7 Delete CVE 2022-03-14 09:43:04 +08:00
4B5F5F4B
880c12bd34 Create CVE 2022-03-14 09:42:40 +08:00
Erik Krogh Kristensen
8f86b067e7 deprecate the unused localTaintStep and stringStep predicates 2022-03-13 23:54:53 +01:00
Erik Krogh Kristensen
cc231fef4c deprecate some unused predicate in DefUse.qll 2022-03-13 23:54:53 +01:00
Erik Krogh Kristensen
c0a63beec1 deprecate unused document predicates in DOM.qll 2022-03-13 23:54:53 +01:00
Erik Krogh Kristensen
5e52a71091 remove test .qll files that weren't imported 2022-03-13 23:54:53 +01:00
Erik Krogh Kristensen
4fc85a791d deprecate DefiningIdentifier, it was not used in any query 2022-03-13 23:54:53 +01:00