codeql

mirror of https://github.com/github/codeql.git synced 2026-03-22 07:26:45 +01:00

Author	SHA1	Message	Date
Asger Feldthaus	2f58683f2d	JS: Remove PipeCallExpr	2021-01-21 12:12:17 +00:00
Asger Feldthaus	1d1149f4cd	JS: Test and QLDoc for RxJS model	2021-01-21 12:08:22 +00:00
Rasmus Lerchedahl Petersen	e786be06ae	Python: Fix broken references	2021-01-21 12:40:35 +01:00
Asger Feldthaus	144d04f3ce	JS: Add test exposing source location of attribute after line break	2021-01-21 11:25:39 +00:00
haby0	a56dd60baa	*)add CWE-652 XQueryInjection detection	2021-01-21 19:18:10 +08:00
Asger Feldthaus	7c6704a63f	JS: Shift line numbers in test case	2021-01-21 11:09:36 +00:00
Owen Mansel-Chan	7dfe5d9f07	Merge pull request #457 from owen-mc/cleanup-avoid-code-duplication Reuse existing class instead of repeating it	2021-01-21 10:56:14 +00:00
Owen Mansel-Chan	7f00ab1f08	Merge pull request #456 from owen-mc/add-guarding-function-test Add tests for guarding functions proxied by a variable	2021-01-21 10:55:54 +00:00
Asger F	34280f90b0	Update QLDoc for getATemplateArgument Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2021-01-21 10:51:46 +00:00
Erik Krogh Kristensen	a9a901d1e2	add change note	2021-01-21 11:08:39 +01:00
Erik Krogh Kristensen	dafec3ceaa	rename to `AnalyzedCompoundNumericAssignExpr`	2021-01-21 11:06:46 +01:00
Rasmus Lerchedahl Petersen	88db8f562d	Python: Elaborate comments for steps	2021-01-21 10:55:59 +01:00
Tom Hvitved	bc41c26354	Merge pull request #4959 from hvitved/csharp/ssa/split C#: Split up SSA implementation	2021-01-21 10:52:49 +01:00
Rasmus Lerchedahl Petersen	bc1b50788a	Python: Small refactor	2021-01-21 10:44:58 +01:00
Rasmus Lerchedahl Petersen	19918e2e57	Python: Have `Node`-postfix consistently	2021-01-21 10:43:15 +01:00
CodeQL CI	30015ee995	Merge pull request #4942 from esbena/js/reintroduce-resource-exhaustion Approved by erik-krogh	2021-01-21 01:21:33 -08:00
CodeQL CI	9cfbe6feb7	Merge pull request #4980 from erik-krogh/defaultExport Approved by esbena	2021-01-21 00:55:15 -08:00
Esben Sparre Andreasen	b90dd89746	JS: move js/resource-exhaustion to experimental	2021-01-21 09:09:01 +01:00
Esben Sparre Andreasen	5a6e692807	add js/server-crash to the security suite	2021-01-21 08:43:13 +01:00
Esben Sparre Andreasen	9e3cc3b1b2	JS: add qhelp and changenotes for js/server-crash	2021-01-21 08:43:13 +01:00
Your Name	ad22445d16	refactor	2021-01-21 01:52:00 +03:00
monkey-junkie	c8da633d7b	Update ql/src/experimental/CWE-369/DivideByZero.ql Co-authored-by: Chris Smowton <smowton@github.com>	2021-01-21 00:54:00 +03:00
Tamas Vajk	eb8a52ba8d	Add new .stats file	2021-01-20 21:21:03 +01:00
Rasmus Lerchedahl Petersen	419449fb8a	Python: default value for argN	2021-01-20 20:33:04 +01:00
Artem Smotrakov	7df813354a	Improved JexlInjectionLib.qll	2021-01-20 20:26:48 +01:00
Rasmus Lerchedahl Petersen	2409a7899b	Python: Remove func tag in some situations. Also make ArgumentNode public	2021-01-20 20:18:40 +01:00
Erik Krogh Kristensen	a44aefa6c9	add test for top-level closure modules - and simplify	2021-01-20 19:47:32 +01:00
Nick Rolfe	2e8d154f2b	Add AST classes and tests for method calls	2021-01-20 18:34:25 +00:00
Rasmus Lerchedahl Petersen	7a5d553dd2	Merge branch 'main' of github.com:github/codeql into python-dataflow-unpacking-assignment	2021-01-20 19:27:34 +01:00
Tom Hvitved	bf7eb022a0	CFG: Use manual `toString()`s for `AstCfgNode` when available	2021-01-20 19:15:03 +01:00
Geoffrey White	d5d8b48218	C++: More accurate solution using Guards library.	2021-01-20 17:15:42 +00:00
Mathias Vorreiter Pedersen	3877f03a46	Merge pull request #4979 from geoffw0/cpp401 C++: Improvements to experimental query cpp/memory-leak-on-failed-call-to-realloc	2021-01-20 18:10:13 +01:00
Luke Cartey	5c6f5b7b33	Java: Track taint through Spring Java bean getters on super types	2021-01-20 16:53:03 +00:00
yoff	e072864948	Apply suggestions from code review Co-authored-by: Taus <tausbn@github.com>	2021-01-20 17:38:34 +01:00
Owen Mansel-Chan	7339f3e095	Reuse existing class instead of repeating it This is already done elsewhere.	2021-01-20 16:11:33 +00:00
Geoffrey White	439fe41b0a	C++: Add a couple more test cases.	2021-01-20 15:33:32 +00:00
yoff	3fc085ff38	Update python/ql/test/experimental/dataflow/TestUtil/RoutingTest.qll Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2021-01-20 16:11:40 +01:00
yoff	d0663e5c3a	Merge pull request #4971 from RasmusWL/avoid-double-route-setup-django Python: Avoid duplicated route-setup in django	2021-01-20 16:10:33 +01:00
Erik Krogh Kristensen	bf518f1c90	flag less overly general functions with js/unneeded-defensive-code	2021-01-20 15:48:12 +01:00
Mathias Vorreiter Pedersen	b0e255eb16	C++: Encapsulate skipSkippableInstructions in a module.	2021-01-20 15:45:37 +01:00
Tamas Vajk	ab8dc27b26	Add missing 'bindingset'	2021-01-20 15:44:05 +01:00
Tamas Vajk	727412b26b	Store by-ref type annotation in trap and add tests	2021-01-20 15:44:05 +01:00
Tamas Vajk	2804f5cba9	Add by-ref, and fix pinned CIL extraction	2021-01-20 15:44:05 +01:00
Tamas Vajk	f99bf5755c	Merge parameter extraction between methods and function pointers	2021-01-20 15:44:05 +01:00
Tamas Vajk	f986c15200	Add QL classes for CIL function pointers, and add test	2021-01-20 15:44:05 +01:00
Tamas Vajk	0c213d0926	C#: Extract function pointer types from CIL	2021-01-20 15:44:05 +01:00
Mathias Vorreiter Pedersen	f12ebe88e6	Revert "C++: Replace SkippableInstruction with local flow steps." This reverts commit `258d04178f`. This change caused a ~20% performance regression.	2021-01-20 15:43:24 +01:00
Tamás Vajk	5fa0dd719c	Merge pull request #4619 from tamasvajk/feature/csharp9-function-pointer C#: Extract function pointers	2021-01-20 15:42:58 +01:00
Owen Mansel-Chan	b623a4c8ec	Add tests for guarding functions proxied by a variable Negation doesn't appear to be handled correctly, so one of the lines is marked as a false positive.	2021-01-20 14:36:53 +00:00
Rasmus Wriedt Larsen	9a397b6faf	Python: Apply code-review suggestion Co-authored-by: yoff <lerchedahl@gmail.com>	2021-01-20 15:28:20 +01:00

... 587 588 589 590 591 ...

50816 Commits