hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-04 01:01:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,689 Branches 159 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
4748d2c6e2 C# Exclude dynamic casts from useless casts check 2022-02-28 14:58:59 +01:00
Ian Lynagh
1e62b485a5 Merge pull request #8241 from igfoo/igfoo/stats4 
Java: Update stats and make some performance tweaks
 2022-02-28 12:58:06 +00:00
Tom Hvitved
4ecd843c05 C#: Move C# 9 standalone tests 2022-02-28 13:43:20 +01:00
haby0
be40b54b9f add test 2022-02-28 20:34:58 +08:00
Geoffrey White
2b0d473072 C++: Remove this query from exclude-slow-queries.yml. 2022-02-28 12:18:11 +00:00
Rasmus Wriedt Larsen
0e0f159891 Python: Use Python 3 for investigation tests 
Apparently there are minor differences with `test-6-max-import-depth-2`
where under Python 2 `isfile_no_problem.py` still works as before
 2022-02-28 11:33:31 +01:00
Rasmus Wriedt Larsen
01d426dc58 Python: Replace rest of from testlib import * 
I think we should write our tests in a way that puts points-to in the
best condition to resolve calls. Although this specific change did not
change much, it should help set us up for success in the future 👍
 2022-02-28 10:58:44 +01:00
Rasmus Wriedt Larsen
ead0b658d2 Python: Fix fieldflow tests by increasing max-import-depth 2022-02-28 10:58:44 +01:00
Rasmus Wriedt Larsen
a0d1cea490 Python: Add investigation of field-flow problem 
TL;DR; we used a too low value for `--max-import-depth` :(
 2022-02-28 10:58:44 +01:00
haby0
b23e28a1e6 add Server-side Request Forgery sinks 2022-02-28 15:24:02 +08:00
Alex Ford
6ddacce27a Ruby: Add OrmWriteAccess concept changenote 2022-02-28 01:18:39 +00:00
Alex Ford
63ef9a75c9 Ruby: model OrmWriteAccesses for ActiveRecord 2022-02-28 01:18:39 +00:00
Alex Ford
b1fd321b65 Ruby: update Rails framework test output for existing tests 2022-02-28 01:13:26 +00:00
Alex Ford
283a48c76d Ruby: tests for OrmWriteAccess 2022-02-28 01:12:49 +00:00
Alex Ford
8c6c680a28 Ruby: Add OrmWriteAccess concept 2022-02-28 01:11:40 +00:00
Jeroen Ketema
e40c51cc83 C++: Add documentation for TranslatedStructuredBindingVariableAccess 2022-02-27 21:13:48 +01:00
Jeroen Ketema
0a4d8132e6 C++: Consistently use getUnspecifiedType in structured binding IR translation 2022-02-27 21:13:48 +01:00
Jeroen Ketema
4ffbc2d148 C++: Ensure we use lvalue reference types for structured bindings 
This also adds a test for rvalue reference uses in the tuple
structured binding case.
 2022-02-27 21:13:48 +01:00
Jeroen Ketema
074577b539 C++: Refactor IR structured binding tuple test 2022-02-27 21:13:48 +01:00
Jeroen Ketema
edaabf8fdf C++: Add structured bindings IR change note 2022-02-27 21:13:48 +01:00
Jeroen Ketema
6515e77c0e C++: Generate additional loads for non-reference structured bindings 2022-02-27 21:13:48 +01:00
Jeroen Ketema
eebfbc12a0 C++: Add structured bindings struct as data member test case 2022-02-27 21:13:48 +01:00
Jeroen Ketema
5814349fd8 C++: Give names in structured binding declarations correct IR types 2022-02-27 21:13:48 +01:00
Jeroen Ketema
73f0366dc6 C++: Add typedef'ed reference structured binding test 2022-02-27 21:13:48 +01:00
Jeroen Ketema
91659af4d4 C++: Add array data member structured binding test 2022-02-27 21:13:48 +01:00
Jeroen Ketema
ec05942693 C++: Use unnamed_local_variable in array structured binding test 2022-02-27 21:13:48 +01:00
Jeroen Ketema
437a85dec7 C++: Add pointer related structured binding tests 2022-02-27 21:13:48 +01:00
Ahmed Farid
c207294dfc Update zipslip_good.py 2022-02-26 18:31:22 +01:00
Ahmed Farid
d0d14be693 Update ZipSlip.qhelp 2022-02-26 18:25:13 +01:00
luchua-bc
88d9694628 Query to detect insecure WebResourceResponse implementation 2022-02-26 02:03:35 +00:00
jorgectf
67b672a467 Merge remote-tracking branch 'origin/main' into jty/python/emailInjection 2022-02-26 01:22:55 +01:00
jorgectf
2f2cf2c1f6 Use StrConst.getText() instead of Str_.getS() 2022-02-26 01:19:50 +01:00
Chris Smowton
958fd9b3ea Merge pull request #7867 from ahmed532009/timing-attacks 
Java: Timing attacks while comparing the headers value
 2022-02-25 21:55:13 +00:00
Chris Smowton
f981fee37d Adjust test expectation 2022-02-25 20:05:06 +00:00
Chris Smowton
ff5d680837 Add missing substitution description 2022-02-25 19:12:25 +00:00
Ian Lynagh
0bf1370cd5 Java: Autoformat QL 2022-02-25 19:08:08 +00:00
Alexander Eyers-Taylor
d38cd4a0d7 Merge pull request #8156 from alexet/alexet/expression-pragma-doc 
QLSpeciifcation: Add documentation for expression pragmas
 2022-02-25 18:59:49 +00:00
Arthur Baars
0c23f5815f Add change note 2022-02-25 18:43:43 +01:00
Arthur Baars
5044f89105 Ruby/Python re-introduce normalCharacterSequence 2022-02-25 18:43:43 +01:00
Chris Smowton
8fbd8c52dd Fix test expectations 2022-02-25 17:35:52 +00:00
Chris Smowton
ff303db034 Autoformat and fix qhelp 2022-02-25 17:33:08 +00:00
Chris Smowton
303927c9c9 Fix qhelp 2022-02-25 17:33:08 +00:00
Chris Smowton
e02a3d0ddd Rename qlref file 2022-02-25 17:33:08 +00:00
Ahmed Farid
3a2d514b18 Create ComparingValueOfSensetiveHeader.qlref 2022-02-25 17:33:08 +00:00
Ahmed Farid
0d278f6d61 Create Test.java 2022-02-25 17:33:08 +00:00
Ahmed Farid
1bc5fe13eb Update and rename java/ql/test/experimental/query-tests/security/CWE-208/TimingAttackAgainstHeader.expected to java/ql/test/experimental/query-tests/security/CWE-208/TimingAttackAgainstHeader/TimingAttackAgainstHeader.expected 2022-02-25 17:33:08 +00:00
Ahmed Farid
63133f7e8b Update TimingAttackAgainstHeader.expected 2022-02-25 17:33:08 +00:00
Ahmed Farid
f2457dafb5 Create TimingAttackAgainstHeader.expected 2022-02-25 17:33:08 +00:00
Ahmed Farid
35abc3f9a3 Update and rename ComparingValueOfSensetiveHeader.java to Test.java 2022-02-25 17:33:08 +00:00
Chris Smowton
091227982c Delete unnecessary test files 2022-02-25 17:33:08 +00:00