hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-26 04:43:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,508 Commits 1,688 Branches 158 Tags
codeql-cli/v2.10.4
Commit Graph

42508 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Farebrother
d2007bcd6e Merge pull request #9663 from joefarebrother/android-certificate-validation 
Java: Add query for improper webview certificate validation
 2022-08-05 20:49:15 +01:00
Mathias Vorreiter Pedersen
f2767eb03a Merge pull request #9972 from MathiasVP/swift-taint-through-interpolated-strings 
Swift: Taint through interpolated strings
 2022-08-05 15:55:35 +01:00
Robert Marsh
10710e27df Merge pull request #9978 from MathiasVP/swift-fix-mad 
Swift: Fix flow summaries for methods
 2022-08-05 09:53:16 -04:00
Tony Torralba
03b854a1ed Add test for initializer method 2022-08-05 15:29:17 +02:00
Mathias Vorreiter Pedersen
6cfeb24d94 Swift: More comments. 2022-08-05 13:30:45 +01:00
Tom Hvitved
400071091c C#: Also disable shared compilation in the tracer for dotnet msbuild 2022-08-05 14:17:16 +02:00
AlexDenisov
d3e5449e3b Merge pull request #9979 from MathiasVP/add-inline-expectations-framework-to-Swift 
Swift: Add InlineExpectationsTest framework
 2022-08-05 14:10:41 +02:00
Joe Farebrother
dd83c17144 Use more precise control flow logic 2022-08-05 12:56:21 +01:00
Joe Farebrother
e9f9e681ef Change man-in-the-middle back to machine-in-the-middle 
(gender-neutral language)

This reverts commit d5ab330450d3f5c1d36d0d9b6a8f1dc32bc908e3.
 2022-08-05 12:56:21 +01:00
Joe Farebrother
79b1f24133 Change machine-in-the-middle to man-in-the-middle 2022-08-05 12:56:20 +01:00
Joe Farebrother
04df556861 Add suggested reference 2022-08-05 12:56:20 +01:00
Joe Farebrother
abf894a64c Fix typos 2022-08-05 12:56:20 +01:00
Joe Farebrother
03c2a0e818 Add missing qldoc 2022-08-05 12:56:20 +01:00
Joe Farebrother
0d09484efc Add change note 2022-08-05 12:56:19 +01:00
Joe Farebrother
f8ccbcba70 Add qhelp 2022-08-05 12:56:19 +01:00
Joe Farebrother
a2245bb858 Fix test 2022-08-05 12:56:19 +01:00
Joe Farebrother
498ad230c2 Update stubs 2022-08-05 12:56:19 +01:00
Joe Farebrother
c4de158e0d Add tests 2022-08-05 12:56:18 +01:00
Joe Farebrother
16e16f08dc Add webview cert validation query 2022-08-05 12:56:18 +01:00
Mathias Vorreiter Pedersen
b20b0a091d Update identical-files. 2022-08-05 11:49:36 +01:00
Mathias Vorreiter Pedersen
46ec7a9b82 Swift: Add the InlineExpectationsTest framework. 2022-08-05 11:49:15 +01:00
Mathias Vorreiter Pedersen
69564d2192 Swift: Add a couple of standard Comment subclasses. 2022-08-05 11:48:29 +01:00
Tony Torralba
b75b073dae Remove unused class member 2022-08-05 12:21:22 +02:00
Mathias Vorreiter Pedersen
946b8c68a6 Swift: Accept test changes. 2022-08-05 11:19:00 +01:00
Mathias Vorreiter Pedersen
a302570349 Merge branch 'main' into swift-taint-through-interpolated-strings 2022-08-05 11:17:54 +01:00
AlexDenisov
a779f0e376 Merge pull request #9977 from github/alexdenisov/extract-swift-comments 
Swift: extract comments
 2022-08-05 12:15:56 +02:00
Mathias Vorreiter Pedersen
24c9ab8015 Swift: Fix MaD for methods 2022-08-05 10:52:28 +01:00
Alex Denisov
5e69adb0a9 Swift: extract comments 2022-08-05 11:50:48 +02:00
Mathias Vorreiter Pedersen
1c8090fa04 Merge pull request #9964 from geoffw0/cwe95 
Swift: Query for CWE-79 / CWE-95
 2022-08-05 10:38:33 +01:00
Geoffrey White
1ce06accbd Swift: Fix capitalization issue? 2022-08-05 10:20:51 +01:00
Mathias Vorreiter Pedersen
ac26371de0 Merge pull request #9909 from geoffw0/stringlengthconflation6 
Swift: Understand String.utf8.count etc in the string length conflation CVE query
 2022-08-05 10:13:25 +01:00
Tony Torralba
9ee90f8022 Remove unnecessary import from test 2022-08-05 11:11:13 +02:00
Tony Torralba
792d34c3a1 Add change note 2022-08-05 11:10:09 +02:00
Anders Schack-Mulligen
3d47875b60 Dataflow: Generate shorter RA/DIL names. 2022-08-05 11:00:56 +02:00
Anders Schack-Mulligen
d3dcc3ce3a Dataflow: Sync. 2022-08-05 11:00:56 +02:00
Anders Schack-Mulligen
09d0f8e0ce Dataflow: Replace stage duplication with parameterised modules. 2022-08-05 11:00:56 +02:00
Tom Hvitved
56ee07e24c Merge pull request #9936 from aibaars/gh-codeql-nightly 
Use 'gh codeql' with the nightly release for CI jobs
 2022-08-05 10:34:39 +02:00
Tony Torralba
5ebce6ee4f Improve AsyncTask data flow support 
Model the life-cycle described here: https://developer.android.com/reference/android/os/AsyncTask\#the-4-steps
 2022-08-05 10:29:49 +02:00
Tom Hvitved
e0dadb4df6 Ruby: Simplify flow summaries for hash literals 2022-08-05 10:20:07 +02:00
Jeroen Ketema
ba2cee07a9 Merge pull request #8596 from rdmarsh2/rdmarsh2/dataflow-global-vars 
C++: IR data flow through global variables
 2022-08-05 10:07:00 +02:00
Anders Schack-Mulligen
1fde06c0a8 Merge pull request #9970 from aschackmull/java/confusingoverload-perf 
Java: Improve performance of ConfusingOverloading.
 2022-08-05 09:38:22 +02:00
Harry Maclean
74d529d3e3 Merge pull request #9918 from hmac/hmac/mime-type-match 
Ruby: Model Mime::Type
 2022-08-05 11:51:45 +12:00
Harry Maclean
157bbccf62 Merge pull request #9851 from hmac/hmac/active-record-improvements 
Ruby: Recognise more AR write accesses
 2022-08-05 11:49:50 +12:00
Mathias Vorreiter Pedersen
2f13c65ad7 Update swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-08-04 22:45:45 +01:00
Mathias Vorreiter Pedersen
05e6dd85d4 Swift: Add taint tests for flow through interpolated strings. 2022-08-04 21:57:05 +01:00
Mathias Vorreiter Pedersen
9c48ce1bf2 Swift: Flow (1) through the internal function calls generated by the compiler during string interpolation, and (2) out of the internal 'TapExpr' and into the interpolated string result. 2022-08-04 21:57:05 +01:00
Mathias Vorreiter Pedersen
52b78b6e68 Swift: Don't assume we know the call target statically in 'TInOutUpdateNode'. 2022-08-04 21:57:04 +01:00
Mathias Vorreiter Pedersen
ff6b8c5c9c Swift: Replace 'CallExpr' with 'ApplyExpr'. This is needed because not all the calls inside the interpolated string computations are 'CallExpr's. 2022-08-04 21:57:04 +01:00
Mathias Vorreiter Pedersen
3028b80e46 Swift: Control-flow through interpolated strings. 2022-08-04 21:57:04 +01:00
Tom Hvitved
6fa1e06afb Merge pull request #9966 from hvitved/csharp/no-clr-tracer 
C#: Disable CLR tracer
 2022-08-04 20:50:19 +02:00