hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-30 04:08:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,724 Branches 164 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
4298a3a931 Java: Add test. 2020-03-09 11:16:59 +01:00
Anders Schack-Mulligen
f491fcd5ae Java/C++/C#: Sync. 2020-03-09 11:05:13 +01:00
Anders Schack-Mulligen
7a74634cfd Java/C++/C#: Simplify. 2020-03-09 11:04:28 +01:00
Anders Schack-Mulligen
cf84a53573 Java/C++/C#: Fix bug in type pruning. 2020-03-09 11:04:24 +01:00
Max Schaefer
4dca00e99c Merge pull request #45 from sauyon/go-mod-libs 
Go.mod extraction libraries and tests
 2020-03-09 09:40:41 +00:00
Erik Krogh Kristensen
0f0187d585 move Array.from to ArrayCreationNode 2020-03-09 10:26:21 +01:00
Erik Krogh Kristensen
dc4e361d75 add data-flow steps for arrays 2020-03-09 09:53:08 +01:00
Erik Krogh Kristensen
8e3cf5c9c8 add test for data-flow on arrays 2020-03-09 09:25:17 +01:00
Erik Krogh Kristensen
14740d4ccc move existing array taint stracking into Arrays.qll 2020-03-09 09:20:45 +01:00
Asger Feldthaus
a9a9c14eea JS: Change note 2020-03-07 15:15:13 +00:00
Asger Feldthaus
a1d479e975 JS: Declassify sensitive exprs with special characters 2020-03-07 15:15:13 +00:00
Asger Feldthaus
759631ae56 JS: Raise default memory limit to 2.4G 2020-03-07 15:13:53 +00:00
Asger Feldthaus
c55dcf88d5 JS: Improve error reporting 2020-03-07 15:13:52 +00:00
Asger Feldthaus
549d4e9b57 JS: Do not restart in the middle of a message 2020-03-07 15:13:52 +00:00
Asger Feldthaus
e1657b237b JS: Extract compiler-restarting into a function 2020-03-07 15:13:52 +00:00
Asger Feldthaus
2ef21ea4b8 JS: Only evaluate relevant barrier guards 2020-03-07 15:13:20 +00:00
Asger Feldthaus
fd1a14d3bd JS: Add qldoc to a private predicate 2020-03-07 15:13:20 +00:00
Asger Feldthaus
eed4204e04 JS: Lift some internal members to private top-level 2020-03-07 15:13:20 +00:00
singleghost
77ec4c913f Add integer overflow detection support for codeql-go. 
I wrote a ql library which can perform range analysis on expression and
can detect whether an arithmetic operation may overflow. I wrote this library with reference to the `SimpleRangeAnalysis.qll` for C language. I hope this helps a little bit for those who want to detect integer overflow issues in code.
 2020-03-07 21:34:38 +08:00
Ted Reed
a425e5fb5c Reduce false positives with small heuristics 2020-03-06 23:12:16 -05:00
SpaceWhite
5e912cbf8e Move directory to experimental 2020-03-07 11:55:32 +09:00
SpaceWhite
8cdc2bb268 Merge branch 'master' into CWE-094 2020-03-07 11:54:31 +09:00
SpaceWhite
b7af1645aa Move directory to experimental 2020-03-07 11:49:33 +09:00
SpaceWhite
2ec107bc2d Merge branch 'master' into CWE-643 2020-03-07 11:47:53 +09:00
Rebecca Valentine
2f3967cf5e Python: Fixes erroneous modernization bug 2020-03-06 18:31:38 -08:00
Rebecca Valentine
3e36c672cf Python: Removes superfluous cast 2020-03-06 13:06:11 -08:00
Rebecca Valentine
7b49c8e6f8 Python: Fixes bug in modernization 2020-03-06 12:47:46 -08:00
Jonas Jensen
0cd3eb7b7e C++: Accept test changes 
Some IR inconsistencies are "fixed" because we no longer translate
constant initializers of static locals.
 2020-03-06 20:20:47 +01:00
Sauyon Lee
2d879458ba Merge pull request #49 from max-schaefer/more-function-outputs 
Make `FunctionOutput` more useful
 2020-03-06 09:41:40 -08:00
Max Schaefer
1be0cc57a8 Add test case from https://github.com/github/codeql-go/issues/48. 2020-03-06 17:35:50 +00:00
Max Schaefer
bcb9ce2498 Add another test for StringBreak. 2020-03-06 17:35:50 +00:00
Max Schaefer
bf6865b96a Add model of ioutil.ReadAll 2020-03-06 17:35:50 +00:00
Max Schaefer
f599243a34 Conflate references and referents more thoroughly in taint tracking. 2020-03-06 17:35:50 +00:00
Rasmus Wriedt Larsen
8b2c74a4dd Python: Modernise remaining Security/*.qll files 2020-03-06 17:30:02 +01:00
Rasmus Wriedt Larsen
14957345a3 Python: Fix formatting of isLegalExceptionType 2020-03-06 17:27:50 +01:00
Rasmus Wriedt Larsen
70634fe30e Python: Remove usage of deprecated .getValue() 2020-03-06 16:20:31 +01:00
Felicity Chapman
90a9a6d2ac Update docs/language/learn-ql/python/introduce-libraries-python.rst 2020-03-06 15:13:10 +00:00
Max Schaefer
aa8bc972d9 Address review comments. 2020-03-06 15:03:45 +00:00
Sauyon Lee
3d88032f81 Address review comments. 
Co-authored-by: Max Schaefer <max-schaefer@github.com>
 2020-03-06 06:51:30 -08:00
Sauyon Lee
43fbf47da3 Add a change note about go.mod extraction 2020-03-06 06:51:28 -08:00
Sauyon Lee
555b0a9527 Add a GoModFile class 2020-03-06 06:51:27 -08:00
Sauyon Lee
38596dddc0 Address review comments. 
Co-authored-by: Max Schaefer <max-schaefer@github.com>
 2020-03-06 06:51:26 -08:00
Sauyon Lee
34f34e2241 GoModExpr.qll: Rename getOffsetToken to GoModLine.getToken 
Also add getRawToken to do what getToken did before, and fix up
documentation.
 2020-03-06 06:51:25 -08:00
Sauyon Lee
4b9cc87c2e Add test for replace line with versions 2020-03-06 06:51:24 -08:00
Sauyon Lee
25577a8108 Remove DependencyCustomizations 2020-03-06 06:51:24 -08:00
Sauyon Lee
78239accd5 Dependencies: Make getAnImport() more precise 
In particular, ensure that the go file importing the dependency is under
the directory of the file where the dependency is declared.

Co-authored-by: Max Schaefer <max-schaefer@github.com>
 2020-03-06 06:51:23 -08:00
Sauyon Lee
b27e63ba83 Address review comments 
Co-authored-by: Max Schaefer <max-schaefer@github.com>
 2020-03-06 06:51:22 -08:00
Sauyon Lee
dd3f98c549 extractor: Don't log directory being walked for go.mod files 2020-03-06 06:51:21 -08:00
Sauyon Lee
5911b7005a Add tests for dependencies library 2020-03-06 06:51:20 -08:00
Sauyon Lee
dddc8cecd4 Add go.mod expression tests 2020-03-06 06:51:19 -08:00