hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-28 18:28:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,723 Branches 164 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
0b12c1519b C++/C#: Sync identical files 2020-04-03 10:06:37 +02:00
Mathias Vorreiter Pedersen
0f70944a5b C++: Move ValueNumberPropertyProvider into its own file to prevent accidental imports 2020-04-03 09:55:41 +02:00
Erik Krogh Kristensen
e46cde17a1 add a "../" removing taint-step for js/path-injection 2020-04-03 09:42:05 +02:00
Sauyon Lee
dcd6aaf69a Alphabetize change notes 2020-04-03 00:01:19 -07:00
Sauyon Lee
ea3a7e8038 Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-04-02 23:58:39 -07:00
Sauyon Lee
e27947e280 Add comment for new url concatenation sanitizer 2020-04-02 23:58:39 -07:00
Sauyon Lee
3c02b3ab74 Add SafeUrlFlowCustomizations doc comment 2020-04-02 23:58:38 -07:00
Sauyon Lee
c68e509508 OpenUrlRedirect: Fix some comments 2020-04-02 23:58:37 -07:00
Sauyon Lee
4e5b17e18d Sanitize hostname if there is a slash and a previous component 2020-04-02 23:58:36 -07:00
Sauyon Lee
4b3982154a Add a SafeUrlFlow configuration 2020-04-02 23:58:35 -07:00
Sauyon Lee
4bcffe2d47 RequestForgery: Add a safe URL sanitizer 2020-04-02 23:58:34 -07:00
Sauyon Lee
1c859a8991 Address review comments 2020-04-02 23:58:33 -07:00
Sauyon Lee
3577d75607 RequestForgery: Add change note 2020-04-02 23:58:17 -07:00
Sauyon Lee
89a03c8b67 RequestForgery: Add high precision 2020-04-02 23:49:58 -07:00
Sauyon Lee
830c3fce2a RequestForgery: Add tests 2020-04-02 23:49:57 -07:00
Sauyon Lee
314787956b Allow write base to be inside an implicit dereference 2020-04-02 23:49:56 -07:00
Sauyon Lee
e9b0f88946 RequestForgery: Add taint step for URL Host assignment 2020-04-02 23:49:55 -07:00
Sauyon Lee
12928d9f17 HTTP: Add model for Client.Do 2020-04-02 23:49:55 -07:00
Sauyon Lee
6876eabf54 RequestForgery: Add query help 2020-04-02 23:49:54 -07:00
Sauyon Lee
b23c75afb6 RequestForgery: move query from experimental 2020-04-02 23:49:53 -07:00
Max Schaefer
77c282824e Merge pull request #81 from gagliardetto/system-executors 
Expand system executors (continuation of #70)
 2020-04-03 07:24:05 +01:00
Shati Patel
b267df0077 Address review comments + make article intro consistent with map topic 2020-04-03 00:02:14 +01:00
Robert Marsh
a8e191248e Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Merge IR SSA test additions
 2020-04-02 15:30:20 -07:00
Grzegorz Golawski
6ca963a8c8 Fix 2020-04-03 00:30:02 +02:00
Grzegorz Golawski
f05b2af69d Move to experimental 2020-04-03 00:27:51 +02:00
Asger Feldthaus
ffbbdd7779 JS: Autoformat 2020-04-02 23:04:24 +01:00
Asger Feldthaus
93971e9433 JS: Make local flow not depend on SourceNode 2020-04-02 23:03:29 +01:00
Asger Feldthaus
346867f425 JS: Remove Import->SourceNode dependency from AMD 2020-04-02 23:03:29 +01:00
Asger Feldthaus
3804d3fcfd JS: Remove Import->SourceNode dependency from lazy cache 2020-04-02 23:03:20 +01:00
Robert Marsh
fd915bb5b1 C++: fix join order in IR virtual dispatch 2020-04-02 14:56:11 -07:00
Grzegorz Golawski
cffe89f652 Merge branch 'master' into java-spring-boot-actuators 2020-04-02 22:06:25 +02:00
Calum Grant
9481fada51 C#: Address review comments. 2020-04-02 20:29:45 +01:00
Rebecca Valentine
2a7b77c0e1 Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: Adds new version of FunctionObject.qll 2020-04-02 12:18:07 -07:00
Rebecca Valentine
161613f59e Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: Adds new version of Exceptions.qll 2020-04-02 12:17:14 -07:00
Rebecca Valentine
6517feda9a Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: Adds new version of ObjectsAPI.qll 2020-04-02 11:56:15 -07:00
Geoffrey White
c9ec30fa2a C++: Update use of deprecated methods. 2020-04-02 19:49:42 +01:00
Geoffrey White
e9132d833c C++: Autoformat. 2020-04-02 19:49:42 +01:00
Geoffrey White
ab716ebe75 C++: Change note. 2020-04-02 19:49:42 +01:00
Geoffrey White
73171682b7 C++: Switch to taint flow as suggested in the old PR. 2020-04-02 19:49:41 +01:00
Geoffrey White
b14b52d0ac C++: Add models for std::string (as in old PR). 2020-04-02 19:49:41 +01:00
Geoffrey White
69f6790c83 C++: Add a test of taint through std::strings, based on the one in the old PR. 2020-04-02 19:49:31 +01:00
Erik Krogh Kristensen
845020d2ae change getReceiver to getAMethodCall 2020-04-02 20:28:27 +02:00
Erik Krogh Kristensen
2c0bae4937 Apply suggestions from code review 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-04-02 20:28:04 +02:00
Sauyon Lee
f9610f22e7 Merge pull request #85 from max-schaefer/codeql-stats 
Use CodeQL for creating stats
 2020-04-02 10:57:20 -07:00
Rebecca Valentine
712fb8badc Python: ObjectAPI to ValueAPI: IterReturnsNonSelf: Autoformats 2020-04-02 09:19:41 -07:00
Shati Patel
26f15b8978 Include "Introduction to QL" in tutorial topic 2020-04-02 17:19:29 +01:00
Rebecca Valentine
cdda80623d Merge branch 'master' into python-objectapi-to-valueapi-iterreturnsnonself 2020-04-02 09:16:23 -07:00
Jonas Jensen
604731ba6b Merge pull request #3171 from MathiasVP/init-dynamic-alloc-newexpr 
C++: Emit InitializeDynamicAllocation instructions for NewExpr and NewArrayExpr
 2020-04-02 17:37:05 +02:00
Mathias Vorreiter Pedersen
ce5d8d516f Merge branch 'master' into ir-flow-fields 2020-04-02 15:23:00 +02:00
Mathias Vorreiter Pedersen
e2908eaf63 C++: Add comment explaining why we can split call and allocation side effects 2020-04-02 15:11:13 +02:00