hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-04 01:01:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,689 Branches 159 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
3c321dd98d Python: Model lxml.etree.get_default_parser in own class 2022-03-03 13:49:17 +01:00
Rasmus Wriedt Larsen
52891cb476 Python: Add PoC for XML vulns 2022-03-03 13:48:46 +01:00
Joe Farebrother
4ad402f33f Move from experimental to main 2022-03-03 12:13:14 +00:00
Tom Hvitved
ba6ff88d05 Sync files 2022-03-03 12:30:50 +01:00
Tom Hvitved
b23ab8089a Ruby: Clear call contexts after jump steps in type tracking 2022-03-03 12:29:47 +01:00
Geoffrey White
5c6923c099 C++: Improve and differentiate the qhelp. 2022-03-03 11:04:55 +00:00
Geoffrey White
88b7a085b0 C++: Make the bulk of test cases in tests.cpp more relevant. 2022-03-03 10:40:17 +00:00
Geoffrey White
07b4bf7023 C++: Use the same trick as in ExposedSystemData to catch a few more results. 2022-03-03 10:33:39 +00:00
Geoffrey White
6e5729c924 C++: Fix typo and adjust violation message wording. 2022-03-03 10:28:53 +00:00
Geoffrey White
9e193f624c C++: Change note. 2022-03-03 09:55:02 +00:00
Rasmus Wriedt Larsen
661d8bf553 Python: Better handling of resolve_entities arg in lxml 2022-03-03 10:05:57 +01:00
Rasmus Wriedt Larsen
515b824b3c Python: Add lxml positive test 2022-03-03 09:42:19 +01:00
Jeroen Ketema
f80372b837 C++: Update the DB scheme stats file 2022-03-03 09:02:37 +01:00
Jeroen Ketema
3fc2f2f3dc Merge pull request #8309 from jketema/taint-join-order 
C++: Fix join order in the IR dataflow library
 2022-03-03 09:00:42 +01:00
ihsinme
01f9114a80 Update test.cpp 2022-03-03 10:57:11 +03:00
ihsinme
bec4170bdf Update ImproperCheckReturnValueScanf.expected 2022-03-03 10:39:19 +03:00
ihsinme
8e0c0ad200 Update test.cpp 2022-03-03 10:37:31 +03:00
ihsinme
25b3aba823 Update test.cpp 2022-03-03 10:21:38 +03:00
ihsinme
2dc85e183c Update test.cpp 2022-03-03 10:20:41 +03:00
ihsinme
547342cd61 Update test.cpp 2022-03-03 10:16:00 +03:00
ihsinme
1a30b8d467 Apply suggestions from code review 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-03-03 10:14:22 +03:00
Jeroen Ketema
2fd950caad C++: Fix join order in the IR dataflow library 
Not having this fixed caused problems when updating the database
scheme stats file.
 2022-03-03 07:42:52 +01:00
jorgectf
3159d8e211 Correlate SendGridMail declaration with its predicates 2022-03-03 04:33:10 +01:00
Jonathan Leitschuh
fea50065f5 Fix duplicated comment 2022-03-02 19:54:04 -05:00
Jonathan Leitschuh
85de9f305e Fix naming of OSCheck method 2022-03-02 19:41:46 -05:00
Jonathan Leitschuh
a7adbb7291 Refactor more system property access logic 2022-03-02 19:33:05 -05:00
Harry Maclean
4a43731b83 Ruby: Use SimpleSummarizedCallable 
This simplifies some String flow summaries.
 2022-03-03 10:49:44 +13:00
Robert Marsh
9fb94d85b4 C++: performance tweaks for InsufficientKeySize 2022-03-02 15:59:42 -05:00
Arthur Baars
692fc4cb02 Update ruby/ql/lib/change-notes/2022-02-28-regex-string-literals.md 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-03-02 21:13:23 +01:00
Jonathan Leitschuh
3c53a05e16 Add OS Checks based upon separator or path separator 2022-03-02 14:15:56 -05:00
Geoffrey White
2a14a4f14e C++: Fill in metadata. 2022-03-02 18:52:52 +00:00
Geoffrey White
66b9356eb9 C++: There is no overlap between OutputWrite and RemoteFlowSinkFunction. 2022-03-02 18:16:39 +00:00
Geoffrey White
a1ace7122d C++: Move SystemData class into a library. 2022-03-02 18:01:06 +00:00
Geoffrey White
70e4a409fd C++: Add the new query to tests. 2022-03-02 17:56:53 +00:00
Geoffrey White
d95b56fca0 C++: Create prototype query. 2022-03-02 17:56:49 +00:00
Jonathan Leitschuh
82d3cd8924 Improve system property lookup 2022-03-02 12:51:15 -05:00
Jonathan Leitschuh
dad9a02fbd Update TempDirInfoDisclosure with new OS Guards 2022-03-02 12:51:15 -05:00
Jonathan Leitschuh
5913c9acad Refactor OS Guard Checks 2022-03-02 12:51:14 -05:00
Jonathan Leitschuh
fd63107edf Update OS Check from Review Feedback 2022-03-02 12:51:12 -05:00
Jonathan Leitschuh
9f5022ee95 Review fixup and add test for apache SystemUtils 2022-03-02 12:50:38 -05:00
Jonathan Leitschuh
49513443f2 Update java/ql/lib/semmle/code/java/os/OSCheck.qll 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2022-03-02 12:50:37 -05:00
Jonathan Leitschuh
3cdfc00542 Cleanup from review feedback 2022-03-02 12:50:37 -05:00
Jonathan Leitschuh
39828fd596 Apply OS guard checks to TempDirLocalInformationDisclosure 2022-03-02 12:50:37 -05:00
Jonathan Leitschuh
cd073a2173 Java: Add Guard Classes for checking OS 2022-03-02 12:50:35 -05:00
Geoffrey White
67aa1449ce C++: Add some more test cases (moved from the private repo). 2022-03-02 17:23:07 +00:00
Ahmed Farid
c45b67c316 Create zipslip_good.py 2022-03-02 18:10:24 +01:00
Ahmed Farid
aef1df122b Create zipslip_bad.py 2022-03-02 18:09:45 +01:00
Ahmed Farid
c8f73ec845 Create ZipSlip.qlref 2022-03-02 18:08:32 +01:00
Rasmus Lerchedahl Petersen
6946ae931a python: missed a spot.. 2022-03-02 17:12:48 +01:00
Geoffrey White
19718fa280 C++: Add a couple of new test cases. 2022-03-02 15:18:04 +00:00