hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-12 22:14:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,749 Commits 1,681 Branches 158 Tags
codeql-cli/v2.12.2
Commit Graph

49749 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paolo Tranquilli
f7a046ccd2 Swift: add trap linkage awareness infrastructure 2023-01-18 10:07:46 +01:00
Paolo Tranquilli
5fdb09380c Swift: move TargetTrapDomain to TargetDomains in infra 2023-01-18 10:07:46 +01:00
Paolo Tranquilli
7f389b9f9a Swift: introduce TrapType 2023-01-18 10:07:46 +01:00
Paolo Tranquilli
353536b826 Swift: collect original output module paths 2023-01-18 10:07:46 +01:00
Paolo Tranquilli
84b285a4c6 Swift: collect source files 2023-01-18 10:07:46 +01:00
Paolo Tranquilli
33c4a8233c Swift: collect encountered modules 2023-01-18 10:07:46 +01:00
Paolo Tranquilli
c7f13f1036 Swift: collect TRAP files related to an extractor run 
In order to do this a mutable `SwiftExtractorState` is introduced.
 2023-01-18 10:07:46 +01:00
Paolo Tranquilli
c31c515205 Swift: move TargetFile as managed inside TrapDomain 2023-01-18 10:07:46 +01:00
Paolo Tranquilli
20eaa34485 Swift: failing tests for linkage awareness 2023-01-18 10:07:46 +01:00
Tony Torralba
c8e894b854 Merge pull request #11917 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-01-18 10:02:22 +01:00
erik-krogh
f516ccb4e2 limit the fieldFlowBranchLimit for the regexp tracker to improve performance 2023-01-18 09:31:04 +01:00
erik-krogh
2fceee4e35 track regular expressions that gets compiled with Regexp.compile 2023-01-18 09:31:04 +01:00
erik-krogh
acf28ebd98 add a RegexExecution, and use it to track regular expressions to their uses in a nice way in rb/polynomial-redos 2023-01-18 09:31:04 +01:00
erik-krogh
6e33dd5df6 add failing test 2023-01-18 09:31:04 +01:00
Erik Krogh Kristensen
1a64393c4c Merge pull request #11893 from erik-krogh/csharpIndexFiles 
C#: add --working-dir=. to pre-finalize
 2023-01-18 09:05:29 +01:00
Paolo Tranquilli
2c4c2dfeb3 Swift: remove obsolete configuration fields 2023-01-18 08:55:59 +01:00
Michael Nebel
8e3e6505ad C#: Add change note. 2023-01-18 07:56:24 +01:00
github-actions[bot]
571942fb21 Add changed framework coverage reports 2023-01-18 00:17:19 +00:00
Jeroen Ketema
6cd52237c3 Merge pull request #11913 from jketema/test-fixes 
C++: Some minor test fixes
 2023-01-17 21:52:57 +01:00
erik-krogh
4b74dec18f expand what is parsed as the stem of a pathexpr 2023-01-17 21:28:21 +01:00
yoff
5a82012d03 Merge pull request #11854 from yoff/python/fix-tarslip-improv-bug 
Python: fix bug  in `py/tarslip-extended`
 2023-01-17 20:44:06 +01:00
Geoffrey White
a568d0af7f Swift: Remove unused variable. 2023-01-17 18:10:02 +00:00
Geoffrey White
b3d30bfc4f Swift: Add NumberLiteral sources as well. 2023-01-17 18:04:26 +00:00
Jeroen Ketema
ee19c3d80f C++: Rename identically named classes in syntax-zoo 
Conceptually the test that comprises the whole of `syntax-zoo` forms one
single binary. To this binary ODR applies. There were two class definitions
`Foo` in `syntax-zoo`, violating ODR. Rename those classes to have different
names.
 2023-01-17 19:02:40 +01:00
Jeroen Ketema
06767c6760 C++: Split bad_asts.cpp IR test into two files 
The statements from `errorExpr` - which does not parse correctly - affected the
tuples that were being generated for the other code in `bad_asts.cpp` due to
the way the front-end handles parse errors. This did not affect the test
results, but was also not the intention of the test. Split off `errorExpr` into
a separate file.
 2023-01-17 18:57:29 +01:00
Geoffrey White
d1cfdb97ee Swift: Model RNCryptor. 2023-01-17 17:55:52 +00:00
Sarita Iyer
c8298356dc Rename CONTRIBUTING.MD to CONTRIBUTING.md 2023-01-17 12:32:36 -05:00
Geoffrey White
a92e1c7ea0 Swift: Add tests for RNCryptor library. 2023-01-17 17:31:49 +00:00
Geoffrey White
5e5c4e9a8c Swift: Accept QL-for-QL recommendation. 2023-01-17 16:25:34 +00:00
Geoffrey White
9911dd53e1 Merge branch 'main' into coredata 2023-01-17 16:22:53 +00:00
Geoffrey White
ea06ad1933 Merge pull request #11529 from geoffw0/format 
Swift: Uncontrolled format string query
 2023-01-17 16:16:10 +00:00
Geoffrey White
3c55cdd5be Swift: Catch the last two test results as well. 2023-01-17 16:04:58 +00:00
Geoffrey White
d42848bb7e Swift: Upgrade the query from dataflow to taint tracking, so as to support more flows. 2023-01-17 16:04:58 +00:00
Geoffrey White
28a707a956 Swift: Model RNCryptor. 2023-01-17 16:04:58 +00:00
Geoffrey White
a8ef9cc987 Swift: Add tests for RNCryptor library. 2023-01-17 16:04:57 +00:00
Edward Minnix III
4c018759c8 Merge pull request #11283 from egregius313/egregius313/webview-setAllowContentAccess 
Java: Android WebView Content Access Query
 2023-01-17 11:02:47 -05:00
Michael Nebel
62533501fe C#: Update CIL attributes test case and the expected output. 2023-01-17 17:00:01 +01:00
Geoffrey White
54b3262d9c Merge pull request #11891 from geoffw0/authbypass 
C++: Fix issue with cpp/user-controlled-bypass
 2023-01-17 15:43:08 +00:00
Jami
babdee36aa Merge pull request #11779 from jcogs33/jcogs33/model-more-top-jdk-apis 
Java: model top JDK APIs
 2023-01-17 10:20:32 -05:00
Geoffrey White
d628cc5ab8 Update cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-01-17 14:37:19 +00:00
erik-krogh
8251ad5e99 add unsafe-html-construction query 2023-01-17 15:35:17 +01:00
erik-krogh
8715790fe7 add explicit this 2023-01-17 15:17:48 +01:00
Geoffrey White
037b49b454 Update swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-01-17 14:16:52 +00:00
Paolo Tranquilli
6b43ff45a4 Merge pull request #11904 from github/redsun82/swift-extension-protocols 
Swift: extract `ExtensionDecl` protocols
 2023-01-17 15:16:20 +01:00
Paolo Tranquilli
d9bd41b8b1 Merge pull request #11571 from github/redsun82/swift-open-redirection 
Swift: generalize open redirection on both platforms and rework output rewriting
 2023-01-17 15:15:56 +01:00
Jami Cogswell
10f0975812 Java: remove models for System.[get|set]Property 2023-01-17 08:51:48 -05:00
erik-krogh
a562568522 add string concat as a sink for command-construction 2023-01-17 14:48:09 +01:00
erik-krogh
9d9de18bc9 add a generalized AddExprRoot into Operation.qll 2023-01-17 14:48:08 +01:00
erik-krogh
8fc3b268e8 add string concat as a sink for code-construction 2023-01-17 14:48:06 +01:00
Paolo Tranquilli
9e5db7c6ec Merge branch 'main' into redsun82/swift-extension-protocols 2023-01-17 14:39:09 +01:00