codeql

mirror of https://github.com/github/codeql.git synced 2026-03-20 06:26:47 +01:00

Author	SHA1	Message	Date
Erik Krogh Kristensen	c1cb19abd7	add level PreCallGrapSteps to the callgraph	2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen	f2ecb63e5a	add a direct Export step as a PreCallGraphStep	2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen	29457c52dc	add reexported test to PackageExports test	2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen	61f6580d1e	add API in `PackageExports.qll` for getting a value exported under a name	2020-09-14 23:28:35 +02:00
Erik Krogh Kristensen	d3653b3030	add support for re-exports using the spread operator for NodeJS exports	2020-09-14 23:28:35 +02:00
Mathias Vorreiter Pedersen	0c14e2b69a	C++: Fix annotations in taint.cpp	2020-09-14 23:08:50 +02:00
Mathias Vorreiter Pedersen	3e56db7f83	C++: Make fieldReadStep private	2020-09-14 20:52:55 +02:00
Mathias Vorreiter Pedersen	7cd6137b34	Merge branch 'main' into mathiasvp/array-field-flow	2020-09-14 20:45:06 +02:00
Geoffrey White	6ca9c449af	C++: Add a test demonstrating the recent regression.	2020-09-14 17:55:20 +01:00
Rasmus Lerchedahl Petersen	839cd829ce	Python: Fix formatting	2020-09-14 18:48:55 +02:00
Taus Brock-Nannestad	3727c48227	Python: Record test changes Some of the places where flow has disappeared look a bit suspect, so I don't consider this to be the final word on these tests.	2020-09-14 18:12:20 +02:00
Taus Brock-Nannestad	0bb726f21c	Python: Fix up merge weirdness	2020-09-14 17:57:45 +02:00
yoff	5efc06da2c	Update python/ql/src/experimental/dataflow/internal/DataFlowPublic.qll Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2020-09-14 17:08:39 +02:00
Rasmus Lerchedahl Petersen	4c02852358	Python: add missing * (and a rename)	2020-09-14 16:56:46 +02:00
Erik Krogh Kristensen	03a3c4f4b2	update expected output	2020-09-14 16:50:47 +02:00
Erik Krogh Kristensen	f4f96ce04d	use new source in client-side-url-redirect test	2020-09-14 16:50:47 +02:00
Erik Krogh Kristensen	cb7de2714a	add `onmessage` handlers registered using global property as `PostMessageEventHandler`	2020-09-14 16:50:45 +02:00
Asger F	c106b6777c	Merge pull request #4254 from asgerf/js/bump-extractor-version-string JS: Bump extractor version string	2020-09-14 15:17:29 +01:00
Erik Krogh Kristensen	283be19201	add change-note for importScripts	2020-09-14 16:02:34 +02:00
Erik Krogh Kristensen	6e84ac8e6c	add test for importScripts	2020-09-14 16:02:34 +02:00
Erik Krogh Kristensen	2e3df74dce	add importScripts as a sink for js/client-side-unvalidated-url-redirection	2020-09-14 16:02:34 +02:00
Slavomir	a340270dc1	Move html TemplateEscape out of Texttemplate module	2020-09-14 15:47:52 +02:00
Slavomir	9a560e994c	Remove redundant field	2020-09-14 15:47:51 +02:00
Slavomir	ce67720542	Add taint-tracking for `html/template` package.	2020-09-14 15:47:51 +02:00
Slavomir	35136bbb2c	Add escape function.	2020-09-14 15:47:51 +02:00
Slavomir	52d4c71ec2	Add taint-tracking for `html` package.	2020-09-14 15:47:51 +02:00
Chris Smowton	8d7cbe3aa5	Merge pull request #323 from gagliardetto/standard-lib-pt-8 Add taint-tracking for packages in `encoding/*`	2020-09-14 14:41:19 +01:00
Geoffrey White	22097a9e13	C++: Add some CWE-190 tests I had lying around.	2020-09-14 14:39:02 +01:00
Rasmus Lerchedahl Petersen	ecc5a4a1f6	Python: testIsTrue -> branch	2020-09-14 15:32:03 +02:00
yoff	2a4e28db16	Apply suggestions from code review Will make the same renames in the changed code also.. Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2020-09-14 15:28:01 +02:00
Rasmus Lerchedahl Petersen	033529e85e	Python: avoid creating big predicate	2020-09-14 15:24:46 +02:00
Chris Smowton	3ba85576ea	Merge pull request #338 from smowton/smowton/admin/update-dataflow-libs-2020-09-14 Port codeql#4238 (Dataflow: small fixes for naming in taint tracking)…	2020-09-14 14:19:06 +01:00
Taus Brock-Nannestad	e197f52b6d	Merge branch 'main' into python-add-global-flow-steps	2020-09-14 15:13:07 +02:00
Taus Brock-Nannestad	0b641c5ce9	Python: Update type tracking and strange-essaflow tests	2020-09-14 15:05:16 +02:00
Taus Brock-Nannestad	5fb33c90bc	Python: Add `ModuleVariableNode` to dataflow	2020-09-14 14:57:32 +02:00
Rasmus Lerchedahl Petersen	543876f980	Python: Fix `getAGuardedNode`	2020-09-14 14:46:15 +02:00
Ian Lynagh	826c40fcac	C++: Deprecate Location subclasses The main Location class should always be used.	2020-09-14 13:14:18 +01:00
Tamás Vajk	d21c101c0d	Merge pull request #4041 from tamasvajk/feature/update-roslyn C#: upgrade Roslyn dependencies to version 3.7	2020-09-14 13:57:36 +02:00
Tamás Vajk	f5f4b8e25b	C#: Enable nullability of Semmle.Extraction.CSharp.Standalone (#4115 )	2020-09-14 13:43:57 +02:00
Slavomir	6bbe0182ca	Rename Syscall_non_windows.go to Syscall_non_win.go	2020-09-14 13:34:24 +02:00
Rasmus Wriedt Larsen	637ea4ad6f	Merge pull request #4226 from RasmusWL/python-missing-1.25-change-notes Python: Add missing 1.25 change notes	2020-09-14 13:18:24 +02:00
Slavomir	4c2537017f	Fix TaintStep.expected: add params to json.MarshalIndent	2020-09-14 13:10:25 +02:00
Slavomir	64a61bd648	Remove redundant taint-tracking from `MarshalingFunction` and `UnmarshalingFunction` classes in `EncodingXml` module.	2020-09-14 13:10:25 +02:00
Slavomir	947bbabf62	Extend `MarshalingFunction` and `UnmarshalingFunction` with `encoding/pem`	2020-09-14 13:10:25 +02:00
Slavomir	d472d5abe5	Remove redundant taint-tracking from `MarshalingFunction` and `UnmarshalingFunction` classes in `EncodingJson` module.	2020-09-14 13:10:25 +02:00
Slavomir	ed2e5b0f92	Extend `MarshalingFunction` and `UnmarshalingFunction` with `encoding/asn1`	2020-09-14 13:10:25 +02:00
Slavomir	afede9bde5	Remove encoder taint-tracking for `encoding/hex`	2020-09-14 13:10:25 +02:00
Slavomir	96a700becb	Remove encoder taint-tracking for `encoding/base64`	2020-09-14 13:10:25 +02:00
Slavomir	0baca5fa6c	Remove encoder taint-tracking for `encoding/base32`	2020-09-14 13:10:25 +02:00
Slavomir	828d3863a0	Remove encoder taint-tracking for `encoding/ascii85`	2020-09-14 13:10:25 +02:00

... 627 628 629 630 631 ...

48840 Commits