hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,816 Commits 1,693 Branches 161 Tags
codeql-cli/v2.12.4
Commit Graph

50816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
20c3182437 Merge pull request #9087 from ihsinme/ihsinme-patch-88 
CPP: Add query for CWE-670: Always-Incorrect Control Flow Implementation when use SSL_shutdown
 2022-06-23 09:16:55 +01:00
Tamas Vajk
e65a046235 Fix test file after rebase 2022-06-23 09:51:48 +02:00
Mathias Vorreiter Pedersen
5dfa5fb877 Merge pull request #9678 from jketema/ql-fixes 
C++: Two small QL fixes
 2022-06-23 08:23:54 +01:00
Erik Krogh Kristensen
08e4c8b195 Merge pull request #9634 from erik-krogh/jqueryParam 
JS: add all jquery plugin parameters as source to js/html-constructed-from-input
 2022-06-23 08:57:20 +02:00
Tamas Vajk
579bfc22f3 Fix performance change in SecurityFlag 2022-06-23 08:46:33 +02:00
Tamas Vajk
79ec998636 Fix DB change compatibility to backwards 2022-06-23 08:45:11 +02:00
Tamas Vajk
7dad2f7fcb Fix DB upgrade properties 2022-06-23 08:45:11 +02:00
Tamas Vajk
074b90ea1a Add change note 2022-06-23 08:45:11 +02:00
Tamas Vajk
053ca2e940 Update DB stats file 2022-06-23 08:45:11 +02:00
Tamas Vajk
e03b48f293 Add DB upgrade folder 2022-06-23 08:45:11 +02:00
Tamas Vajk
dabc956dbf Unify loop break/continue statement handling between java and kotlin 2022-06-23 08:45:11 +02:00
Jeroen Ketema
b3ac7bda35 C++: Remove redundant parentheses 2022-06-23 07:25:53 +02:00
Jeroen Ketema
9cfd1a84b6 C++: Remove out-of-date comment, as we use mangled names in ResolveClass.qll 2022-06-23 07:24:04 +02:00
AlexDenisov
decb136471 Update swift/extractor/SwiftExtractor.cpp 
Co-authored-by: Paolo Tranquilli <redsun82@github.com>
 2022-06-23 07:23:17 +02:00
thiggy1342
e838b83f5f attempt to introduce dataflow tracking 2022-06-23 02:21:47 +00:00
Robert Marsh
813a8548d7 C++: accept test changes for globals in data flow 2022-06-22 16:42:42 -04:00
Geoffrey White
07b89b89d7 Swift: Clean up a bit. 2022-06-22 19:35:37 +01:00
Geoffrey White
19026e9ed5 Swift: Work around toString change. 2022-06-22 19:16:09 +01:00
Geoffrey White
da7f49155d Swift: Use dataflow. 2022-06-22 19:16:09 +01:00
Geoffrey White
28d801fde3 Swift: CWE-135 query sources and sinks. 2022-06-22 19:16:08 +01:00
Robert Marsh
b609f1ea52 Merge pull request #9668 from MathiasVP/expr-nodes-for-properties 
Swift: Make sure property setters and getters also have `ExprNodes`
 2022-06-22 14:09:46 -04:00
Robert Marsh
42929a70e8 Swift: implement LambdaCall in dataflow library 2022-06-22 17:30:54 +00:00
Andrew Eisenberg
5432be7b3a Merge pull request #9667 from github/nickrolfe/js_downgrades 
JS: create downgrades pack
 2022-06-22 10:30:41 -07:00
Mathias Vorreiter Pedersen
77b8ceb976 Swift: Make sure property setters and getters also have ExprNodes. 2022-06-22 17:53:41 +01:00
Nick Rolfe
d91e8a6309 JS: create downgrades pack 2022-06-22 17:31:49 +01:00
AlexDenisov
19bc9cf301 Merge pull request #9666 from github/redsun82/swift-code-reorg 
Swift: reorganize code
 2022-06-22 18:28:08 +02:00
Paolo Tranquilli
cfde68023d Swift: fix includes jumbled by IDE 2022-06-22 18:17:40 +02:00
Paolo Tranquilli
22321aa124 Swift: reorganize code 
Visitor code has been split between header and sources to speed up
incremental build. Moreover the code was reorganized using a new `infra`
bazel package (and `visitors` got promoted to a bazel package as well).
 2022-06-22 18:11:58 +02:00
Paolo Tranquilli
7c958dfbb9 Merge pull request #9639 from github/redsun82/swift-extraction 
Swift: some expression extractions
 2022-06-22 17:19:20 +02:00
Paolo Tranquilli
e25f22da26 Merge main into redsun82/swift-extraction 2022-06-22 16:54:52 +02:00
Chris Smowton
46e6203493 Merge pull request #9626 from smowton/smowton/fix/dont-emit-synthetic-parameter-names 
Kotlin: don't emit synthetic parameter names
 2022-06-22 15:30:54 +01:00
Paolo Tranquilli
1fc2bc4938 Swift: really fix tests 2022-06-22 16:15:02 +02:00
Jeroen Ketema
f9e09da604 Merge pull request #9643 from jketema/namespace-variable-test 
C++: Add variable in namespace test
 2022-06-22 15:58:26 +02:00
Mathias Vorreiter Pedersen
43bfa2af55 Merge pull request #9635 from MathiasVP/swift-add-remote-flow-sources 
Swift: Add `RemoteFlowSource`
 2022-06-22 14:41:19 +01:00
Mathias Vorreiter Pedersen
a293fd1f3e Merge pull request #9638 from geoffw0/stringlengthconflation 
Swift: String length conflation tests (for CVE-2022-23625)
 2022-06-22 14:39:34 +01:00
Chris Smowton
00b4070866 Merge pull request #9659 from smowton/smowton/admin/invert-java-log-injection-query 
Java: Report log-injection at the source rather than the sink
 2022-06-22 14:27:50 +01:00
Mathias Vorreiter Pedersen
07c4308a32 Merge branch 'main' into swift-add-remote-flow-sources 2022-06-22 14:27:44 +01:00
Robert Marsh
d13d4c6cd1 Merge pull request #9623 from MathiasVP/swift-interpretElement0 
Swift: Interpret MaD strings
 2022-06-22 09:27:13 -04:00
Geoffrey White
e07df0d0c8 Swift: make setters private in test. 2022-06-22 14:13:30 +01:00
Mathias Vorreiter Pedersen
1febe87356 Merge pull request #9644 from jketema/class-entry-fix 
C++: Ensure we can round trip between (forward) class declarations
 2022-06-22 14:12:11 +01:00
Chris Smowton
44cf260762 Merge pull request #9571 from smowton/smowton/fix/array-variance-lowering 
Kotlin: Implement array type variance lowering
 2022-06-22 13:38:21 +01:00
Chris Smowton
1f9f6d7c33 Java: Report log-injection at the source rather than the sink 
This should remove the problem of excessive grouping of different alerts that share a sink location, often due to wrapper functions that form the ultimate sink of all logging calls in a given codebase.
 2022-06-22 13:05:20 +01:00
Tony Torralba
cc354caa1f Merge pull request #9319 from atorralba/atorralba/add-editable-valueof-step 
Kotlin: Add taint step for String.valueOf(Editable)
 2022-06-22 13:50:30 +02:00
Geoffrey White
f9e1e630f7 Swift: more accurate NSObject / NSString hierarchy in test. 2022-06-22 12:36:40 +01:00
Tamás Vajk
c0e115700d Merge pull request #9647 from tamasvajk/kotlin-when-branch-encl-stmt 
Kotlin: Fix enclosing statement of `when` branches
 2022-06-22 13:18:56 +02:00
Michael Nebel
8899bf7f05 C#: Update tests. 2022-06-22 13:03:23 +02:00
Michael Nebel
0ef97b41c8 C#: Update .NET Runtime models and add sources and sinks. 2022-06-22 13:03:10 +02:00
Jeroen Ketema
b1dd8da587 C++: Fix query formatting 2022-06-22 12:59:49 +02:00
Ian Lynagh
c7a6b1e9a7 Merge pull request #9640 from igfoo/igfoo/vis 
Kotlin/Java: Add the beginnings of a "visibility" consistency query
 2022-06-22 11:34:15 +01:00
Paolo Tranquilli
3ed783df7f Swift: fix tests 2022-06-22 12:14:47 +02:00