hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-23 07:56:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,712 Branches 163 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
a57dfd6b67 C++: Taint through std::string append. 2020-08-11 16:54:39 +01:00
Geoffrey White
f824a893ca C++: Add test cases for appending strings. 2020-08-11 16:50:52 +01:00
Geoffrey White
030ab4f626 C++: Add string append operators to the test (changes layout). 2020-08-11 16:47:56 +01:00
Jonas Jensen
2ea25b9d90 C++: Precise printing of integer bounds 
The pretty-printing of a QL `float` didn't include enough digits to tell
whether a large number had accurate bounds. The `toString` value of a
float appears to be more precise.
 2020-08-11 16:48:01 +02:00
lcartey@github.com
e1d4b98923 Java: Add further missing </p> to qhelp 2020-08-11 15:28:55 +01:00
lcartey@github.com
8a65dd2cd6 Java: Address review comments 2020-08-11 15:28:06 +01:00
Erik Krogh Kristensen
656ff9c441 autoformat 2020-08-11 15:40:30 +02:00
Anders Schack-Mulligen
21246624b4 Java: Add PrintWriter.format as XSS sink. 2020-08-11 15:15:39 +02:00
Erik Krogh Kristensen
a1394c363a more consistent naming of predicates 2020-08-11 14:49:51 +02:00
Erik Krogh Kristensen
2974c4923f introduce and use isAPropertyWrite 2020-08-11 14:43:25 +02:00
Erik Krogh Kristensen
8f6721e087 add explanation for purity-check in getANodeAfterWrite/getANodeBeforeWrite and move them into an internal module 2020-08-11 14:40:13 +02:00
Erik Krogh Kristensen
9e768375ce mention purity check in docstring for maybeAssignsAccessedPropInBlock 2020-08-11 14:40:02 +02:00
Erik Krogh Kristensen
374b1b7b97 apply manual magic in both cases in maybeAssignsAccessedPropInBlock 2020-08-11 14:24:49 +02:00
Rasmus Lerchedahl Petersen
dd4d00293d Python: remaining class tests 2020-08-11 14:16:02 +02:00
Erik Krogh Kristensen
d2c87d0a2e add support for the new assign expression in TypeScript 4 2020-08-11 13:57:11 +02:00
Erik Krogh Kristensen
2f34990ae6 add another test for spread elements in tuple types 2020-08-11 13:57:11 +02:00
Erik Krogh Kristensen
ea583fe862 add basic support for named tuple elements 2020-08-11 13:57:11 +02:00
Erik Krogh Kristensen
2612e0c5dd add test for spread in tuple in non-last position 2020-08-11 13:57:11 +02:00
Erik Krogh Kristensen
b602a36a24 add test for generic spreads in a tuple 2020-08-11 13:57:11 +02:00
Erik Krogh Kristensen
08c017eb09 change where tuples elements are loaded from to match TS 4.0 2020-08-11 13:57:10 +02:00
Erik Krogh Kristensen
ba2d19c70f upgrade ts version in package.json 2020-08-11 13:57:10 +02:00
Anders Schack-Mulligen
99c9524639 Java: Make XssSink extensible. 2020-08-11 13:09:27 +02:00
Rasmus Lerchedahl Petersen
394991164f Python: Update test expectations 2020-08-11 13:05:35 +02:00
Owen Mansel-Chan
08d9af1bd7 Merge pull request #280 from owen-mc/negative-length-check-unsigned 
Extend negativeLengthCheck query to unsigned integers
 2020-08-11 11:59:24 +01:00
Owen Mansel-Chan
1e0b9cc6a3 Address review comments 5 2020-08-11 10:57:02 +01:00
Owen Mansel-Chan
97bbdca8a3 Extend negativeLengthCheck query to unsigned integers 
Like return values from len and cap, unsigned integers are never negative
 2020-08-11 10:48:03 +01:00
Rasmus Lerchedahl Petersen
f834d71bab Python: split out data model tests 2020-08-11 11:22:11 +02:00
Rasmus Lerchedahl Petersen
2c5de7f50e Python: fix r/l confusion 2020-08-11 10:48:23 +02:00
Jonas Jensen
0476b97f63 Merge pull request #3789 from dilanbhalla/cpp 
C++ Memory Unsafe Functions
 2020-08-11 10:09:37 +02:00
dilanbhalla
2ee654d643 attempting to fix autoformat build error 2020-08-11 01:07:53 -07:00
Max Schaefer
117fd686c4 Merge pull request #276 from gagliardetto/standard-lib-pt-3 
Add taint tracking for the compress/* packages
 2020-08-11 07:56:45 +01:00
Max Schaefer
cb5c596ab6 Merge pull request #283 from github/rc/1.25 
Merge rc/1.25 into main
 2020-08-11 07:51:17 +01:00
Owen Mansel-Chan
c7a8730c40 Improve tests of paths with more than one sink 2020-08-11 07:24:58 +01:00
Owen Mansel-Chan
4907f6529e Address review comments 4 2020-08-11 07:24:58 +01:00
Rasmus Lerchedahl Petersen
12dfc4afd9 Python: clean up validity check code 2020-08-11 08:16:49 +02:00
Rasmus Lerchedahl Petersen
3929e01350 Python: tests for async iterators/context managers 2020-08-11 08:10:46 +02:00
Rasmus Lerchedahl Petersen
681657f070 Merge branch 'master' of github.com:github/codeql into SharedDataflow_Classes 2020-08-11 07:24:17 +02:00
dilanbhalla
4433f193f9 pr fixes for typo and qldoc 2020-08-10 16:06:02 -07:00
intrigus-lgtm
5a3acc231e Fix typo 2020-08-11 01:01:53 +02:00
dilanbhalla
7bd5464b01 Update cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.qhelp 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-08-10 15:43:16 -07:00
dilanbhalla
4dcaa7be57 pr fixes 2020-08-10 15:30:09 -07:00
dilanbhalla
dcfbb86674 pr fixes 2020-08-10 15:14:12 -07:00
dilanbhalla
7ce9e976c2 removing precision tag 2020-08-10 12:06:10 -07:00
dilanbhalla
95342cdea7 adding go crypto library 2020-08-10 11:56:41 -07:00
Owen Mansel-Chan
ed469a355e Fix mistake in test 2020-08-10 17:32:49 +01:00
Max Schaefer
097775bf64 Merge pull request #282 from sauyon/tomain 
Fix one use of master in README
 2020-08-10 17:03:22 +01:00
Max Schaefer
61f4d8ddfc Merge pull request #278 from max-schaefer/fix-upgrade-performance 
Improve performance of upgrade script
 2020-08-10 17:01:49 +01:00
Max Schaefer
d31b4d262f Merge pull request #281 from max-schaefer/has_ellipsis 
Teach extractor to distinguish calls with an ellipsis from calls without
 2020-08-10 16:51:38 +01:00
Rasmus Lerchedahl Petersen
5da37f5cf4 Python: Update test expectations 2020-08-10 17:07:00 +02:00
Owen Mansel-Chan
30f176246a Address review comments 3 2020-08-10 15:21:20 +01:00