hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-02 05:38:21 +02:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,723 Branches 164 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
61976d8dea Fix code that does not account for the fact that Field is a subtype of ValueEntity. 2020-01-14 15:52:48 +00:00
Max Schaefer
0c254f8cd1 Fix a typo. 2020-01-14 15:35:18 +00:00
Max Schaefer
c96cebb022 Make reads(ValueEntity) and writes(ValueEntity) work for fields. 2020-01-14 15:35:18 +00:00
Geoffrey White
170981ef41 CPP: Change note. 2020-01-14 14:36:44 +00:00
Geoffrey White
e8139c0f31 CPP: Autoformat. 2020-01-14 14:35:58 +00:00
Geoffrey White
2fa846d1a6 CPP: Correct test. 2020-01-14 14:33:43 +00:00
Geoffrey White
d98d80b07d CPP: Improve locations for AV Rule 114.ql. 2020-01-14 14:33:43 +00:00
Anders Schack-Mulligen
a6526c60cb Java: Replace ad-hoc TestClass detection. 2020-01-14 14:26:22 +01:00
semmle-qlci
3c4749be88 Merge pull request #2624 from asger-semmle/js-duplicate-alert-strict-mode 
Approved by max-schaefer
 2020-01-14 11:59:45 +00:00
Anders Schack-Mulligen
241b8a05e4 Java/C++/C#: Address review comment. 2020-01-14 11:59:55 +01:00
Asger Feldthaus
2245882441 JS: Add change note and fix cwe tags 2020-01-14 10:53:40 +00:00
Asger Feldthaus
d76859b7df JS: Address review comments 2020-01-14 10:53:00 +00:00
Asger F
2c05ee8ab8 JS: Add regression test 2020-01-14 10:53:00 +00:00
Asger F
9bd3c4a11c JS: Add sanitizer for "in" exprs 2020-01-14 10:53:00 +00:00
Asger Feldthaus
7ac30e2289 JS: Add test for rephinement nodes 2020-01-14 10:53:00 +00:00
Asger F
a447645c10 JS: Add test with typeof on value 2020-01-14 10:52:59 +00:00
Asger F
bd9405ab84 JS: Guard against more FPs 2020-01-14 10:52:59 +00:00
Asger F
738123d3f5 JS: More sanitizers 2020-01-14 10:52:59 +00:00
Asger F
f7543aec95 JS: Support Reflect.ownKeys 2020-01-14 10:52:59 +00:00
Asger F
8af233307a JS: Support enumeration through Object.entries 2020-01-14 10:52:59 +00:00
Asger F
ac2f0a8e11 JS: Do not require flow from key -> rhs 2020-01-14 10:52:59 +00:00
Asger F
96bf9db200 JS: Add another test and more barriers 2020-01-14 10:52:59 +00:00
Asger F
bc7871078a JS: Fix FPs from Object.create(null) 2020-01-14 10:52:59 +00:00
Asger F
c889420dd3 JS: Add qhelp samples to test suite 2020-01-14 10:52:59 +00:00
Asger F
654f145772 JS: Add PrototypePollutionUtility query 2020-01-14 10:52:59 +00:00
Asger F
52cec25035 JS: Build access paths for array accesses 2020-01-14 10:52:59 +00:00
Sauyon Lee
1125c1ac41 Merge pull request #216 from Semmle/add-sql-tx-support 
Add tests for https://github.com/github/codeql-go/pull/15
 2020-01-14 01:55:29 -08:00
Tom Hvitved
5a4be67d81 Merge pull request #2597 from calumgrant/cs/multiline-alert-suppression 
C#: Alert suppression through single-line /* */ style comments
 2020-01-14 10:35:11 +01:00
Max Schaefer
efc72fa01a Remove Entity.getAUse() and replace uses with getAReference(). 
The former had result type `Ident`, so it wouldn't pick up references to methods and fields. Apart from that, it is subsumed by the latter anyway.
 2020-01-14 07:15:43 +00:00
Asger Feldthaus
73e60a7400 JS: Ignore strict-mode-call-stack-introspection for expr stmts 2020-01-13 16:03:03 +00:00
Anders Schack-Mulligen
041bcc5812 Java/C++/C#: Small perf improvement and simplification. 2020-01-13 17:00:56 +01:00
Jonas Jensen
b8ee5a63db Merge pull request #2614 from geoffw0/arithun 
CPP: Speed up ArithmeticUncontrolled.ql
 2020-01-13 15:25:12 +01:00
Jonas Jensen
3183893a98 Merge pull request #2530 from geoffw0/hiddenqueries2 
CPP: Speed up nullCheckAssert in InconsistentCheckReturnNull.ql.
 2020-01-13 15:23:55 +01:00
Mathias Vorreiter Pedersen
1bc3829a72 C++: Use newly created library versions of the 'Underspecified Functions' queries in new ImplicitFunctionDeclaration query 2020-01-13 14:01:01 +01:00
Mathias Vorreiter Pedersen
acb106be44 C++: Fix formatting 2020-01-13 13:20:23 +01:00
semmle-qlci
40de391490 Merge pull request #2616 from asger-semmle/promise-missing-await-change-note 
Approved by mchammer01
 2020-01-13 12:03:11 +00:00
Asger F
6c4da30a64 Update change-notes/1.24/analysis-javascript.md 
Co-Authored-By: mc <42146119+mchammer01@users.noreply.github.com>
 2020-01-13 11:05:03 +00:00
Mathias Vorreiter Pedersen
394a864b0a C++: Factored the body of TooManyArguments.ql out into a library file 2020-01-13 11:44:58 +01:00
Mathias Vorreiter Pedersen
6cff36b9c9 C++: Factored the body of TooFewArguments.ql out into a library file 2020-01-13 11:36:22 +01:00
Mathias Vorreiter Pedersen
e2244d41f5 C++: Factored the body of MistypedFunctionArguments.ql out into a library file 2020-01-13 11:34:01 +01:00
Anders Schack-Mulligen
183fd91a01 Merge pull request #2615 from yo-h/java-add-change-note 
Java: add change note for `java/maven/non-https-url`
 2020-01-13 09:54:48 +01:00
Max Schaefer
d339d55faa Merge pull request #15 from RicterZ/add-sql-tx-support 
Add sql.Tx.Exec/Query... support
 2020-01-13 08:38:32 +00:00
Max Schaefer
d55ebd731d Autoformat. 2020-01-13 08:37:32 +00:00
Max Schaefer
36c620d1dd Add tests and change note. 2020-01-13 08:37:01 +00:00
Ricter Zheng
a6e0dcaefc Add sql.Tx.Exec/Query... support 
Ref: https://golang.org/pkg/database/sql/#Tx.ExecContext
 2020-01-13 15:17:55 +08:00
Grzegorz Golawski
3e86dd1182 Query to detect LDAP injections in Java 
Apache LDAP API sink
 2020-01-12 20:19:25 +01:00
Mathias Vorreiter Pedersen
c9439df914 C++: Added query that detects implicit function declarations 2020-01-12 16:28:30 +01:00
Grzegorz Golawski
c01aa3d2ee Query to detect LDAP injections in Java 
Spring LDAP sink
 2020-01-12 13:28:29 +01:00
Grzegorz Golawski
7570fa9137 Query to detect LDAP injections in Java 
JNDI and UnboundID sinks
JNDI, UnboundID and Spring LDAP sanitizers
 2020-01-11 21:55:54 +01:00
Sauyon Lee
00dd464697 Update stats 2020-01-10 19:27:47 -08:00