hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-18 13:36:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,816 Commits 1,714 Branches 162 Tags
codeql-cli/v2.12.4
Commit Graph

50816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Bartolomeo
1b53c4684d Fix test expectations due to pair/make_pair fixes 2020-10-17 09:46:18 -04:00
Dave Bartolomeo
686f5aa8ed Handle parameter indirections in make_shared and make_unique 2020-10-17 08:53:55 -04:00
Dave Bartolomeo
7da4eef90d Fix subtle typing issue with std::makr_pair 2020-10-17 08:53:20 -04:00
Dave Bartolomeo
675256acab Accept test diffs from set.cpp (50 new good results!) 2020-10-16 17:14:41 -04:00
Dave Bartolomeo
af799a79da Accept good test diffs 2020-10-16 17:07:46 -04:00
Dave Bartolomeo
cf19fcf4c0 C++: Improve dataflow model for copy/move constructors 2020-10-16 16:55:59 -04:00
Robert Marsh
4766492e39 C++: respond to PR comments on output iterators 2020-10-16 13:47:20 -07:00
Robert Marsh
7f2aa81d0b Merge pull request #4498 from dbartol/dbartol/PrintCallTargets 
C++: Print static call target for `Call` instruction in dumps
 2020-10-16 16:46:33 -04:00
Robert Marsh
1f8167b47b C++: fix test annotations 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-10-16 16:16:27 -04:00
Asger Feldthaus
f0034138ce JS: Fix DefaultFlowLabels test 2020-10-16 18:13:13 +01:00
Dave Bartolomeo
9afddf0dad Insert a load of the temporary object for arguments passed by value 2020-10-16 12:56:46 -04:00
Dave Bartolomeo
6a9ecf7ba2 Dump static call target for Call instructions 2020-10-16 12:55:30 -04:00
Asger Feldthaus
4137d3f971 JS: Split CWE-079 tests into their own folders 2020-10-16 17:32:36 +01:00
Dave Bartolomeo
6a6eadcf50 C++: Print static call target for Call instruction in dumps 2020-10-16 11:53:27 -04:00
Chris Smowton
5a480bfb13 Give query an id and PathGraph query predicates 2020-10-16 16:19:58 +01:00
Vadim Peretokin
8933bbd672 Add modern C++ variant 2020-10-16 17:11:41 +02:00
Erik Krogh Kristensen
8cf21e3b2b autoformat 2020-10-16 16:56:35 +02:00
Dave Bartolomeo
14ac9859c1 Remove more ODR violations from test code. 
PrintAST now works on `library-tests/dataflow/taint-tests`.
 2020-10-16 10:26:42 -04:00
Anders Schack-Mulligen
a806a4f086 Merge pull request #4312 from JLLeitschuh/feat/JLL/java/jhipster_CVE-2019-16303 
Java: QL Query Detector for JHipster Generated CVE-2019-16303
 2020-10-16 15:47:09 +02:00
Tom Hvitved
d91ea55f0c Merge pull request #4440 from aschackmull/dataflow/adaptive-field-precision 
Dataflow: Adaptive field flow precision
 2020-10-16 15:08:56 +02:00
Erik Krogh Kristensen
27a2cd310d inline value in nodeLeadingToCsrfWrite 2020-10-16 14:21:49 +02:00
Erik Krogh Kristensen
017c73dce3 Apply suggestions from code review 
Co-authored-by: Asger F <asgerf@github.com>
 2020-10-16 14:20:40 +02:00
Owen Mansel-Chan
f49ff279b8 Merge pull request #375 from owen-mc/spew 
Model Spew logging framework
 2020-10-16 13:20:13 +01:00
Erik Krogh Kristensen
c2338b218f Update javascript/ql/src/semmle/javascript/dataflow/Nodes.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2020-10-16 14:12:36 +02:00
CodeQL CI
1d9b0ce059 Merge pull request #4460 from max-schaefer/js/unsafe-shell-command-construction-infeasible-paths 
Approved by asgerf
 2020-10-16 05:05:29 -07:00
Anders Schack-Mulligen
2b19a48030 Merge pull request #3880 from hvitved/dataflow/precise-aps 
Data flow: Precise access paths
 2020-10-16 13:54:35 +02:00
Anders Schack-Mulligen
b352605d12 Dataflow: Code review fixes. 2020-10-16 13:45:51 +02:00
Erik Krogh Kristensen
7598d31fc1 add change note 2020-10-16 13:35:31 +02:00
Erik Krogh Kristensen
b3d5f9c4dd support throttle like calls as partial calls 2020-10-16 13:33:02 +02:00
Joe Farebrother
3ef9498d53 Java: Modify privateness of a couple imports for Guava 2020-10-16 12:09:39 +01:00
Anders Schack-Mulligen
664f04020f Revert "Dataflow: Count callables instead of nodes for fieldFlowBranchLimit." 
This reverts commit 1501a40de8.
 2020-10-16 12:51:50 +02:00
Anders Schack-Mulligen
1501a40de8 Dataflow: Count callables instead of nodes for fieldFlowBranchLimit. 2020-10-16 12:51:17 +02:00
Anders Schack-Mulligen
6aae51fa4f Dataflow: Sync. 2020-10-16 12:51:17 +02:00
Anders Schack-Mulligen
8f055f56b8 Dataflow: Adaptive field flow precision. 2020-10-16 12:51:17 +02:00
Anders Schack-Mulligen
b0f0f89dbc Dataflow: Minor pruning improvements. 2020-10-16 12:51:17 +02:00
Tamas Vajk
52bdd8bf99 C#: Add support for custom assert methods ([DoesNotReturnIf(true/false)]) 2020-10-16 12:25:03 +02:00
Joe Farebrother
8cd00cf05f Java: Add change note for Guava 2020-10-16 11:08:45 +01:00
Taus Brock-Nannestad
60fcb5e7d5 Python: Add PEP-328 test example 
Based on https://www.python.org/dev/peps/pep-0328/#guido-s-decision

Original "code" is in the Public Domain.
 2020-10-16 12:03:43 +02:00
Owen Mansel-Chan
b89775ac65 Update change-notes/2020-10-14-spew.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2020-10-16 10:56:27 +01:00
Joe Farebrother
4b160b9aaf Java: Merge Guava definitions for string utilities into one file 2020-10-16 10:46:27 +01:00
Joe Farebrother
adad75bd86 Java: Update Guava modelling to use new refactor 2020-10-16 10:39:18 +01:00
Joe Farebrother
8834a8fed6 Java: Make tests less noisy 2020-10-16 10:22:41 +01:00
Joe
f58ebad756 Java: Fix QLDoc 2020-10-16 10:22:41 +01:00
Joe
fc4d7c3161 Java: Make Guava stuff private 2020-10-16 10:22:41 +01:00
Joe
28647b20e2 Java: Add tests 2020-10-16 10:22:41 +01:00
Joe
e196c75b4e Java: Add modelling for Guava Strings, Splitter, and Joiner 2020-10-16 10:22:30 +01:00
Rasmus Wriedt Larsen
86798063a3 Python: Model tainted attributes of django HttpRequest 2020-10-16 11:12:20 +02:00
Rasmus Wriedt Larsen
a3cdbf2052 Python: Basic modeling of Django HttpRequest 2020-10-16 11:12:19 +02:00
Rasmus Wriedt Larsen
f547b6010b Python: Implement routed parameter for django.urls.re_path 2020-10-16 11:12:17 +02:00
Rasmus Wriedt Larsen
ff8708df67 Python: Implement routed parameter for django.urls.path 
Matching current implementation in
f07a7bf8cf/python/ql/src/semmle/python/web/django/General.qll (L125-L133)
 2020-10-16 11:12:16 +02:00