50816 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Owen Mansel-Chan	1e0b9cc6a3	Address review comments 5	2020-08-11 10:57:02 +01:00
Owen Mansel-Chan	97bbdca8a3	Extend negativeLengthCheck query to unsigned integers ... Like return values from len and cap, unsigned integers are never negative	2020-08-11 10:48:03 +01:00
Rasmus Lerchedahl Petersen	f834d71bab	Python: split out data model tests	2020-08-11 11:22:11 +02:00
Rasmus Lerchedahl Petersen	2c5de7f50e	Python: fix r/l confusion	2020-08-11 10:48:23 +02:00
Jonas Jensen	0476b97f63	Merge pull request #3789 from dilanbhalla/cpp ... C++ Memory Unsafe Functions	2020-08-11 10:09:37 +02:00
dilanbhalla	2ee654d643	attempting to fix autoformat build error	2020-08-11 01:07:53 -07:00
Max Schaefer	117fd686c4	Merge pull request #276 from gagliardetto/standard-lib-pt-3 ... Add taint tracking for the compress/* packages	2020-08-11 07:56:45 +01:00
Max Schaefer	cb5c596ab6	Merge pull request #283 from github/rc/1.25 ... Merge rc/1.25 into main	2020-08-11 07:51:17 +01:00
Owen Mansel-Chan	c7a8730c40	Improve tests of paths with more than one sink	2020-08-11 07:24:58 +01:00
Owen Mansel-Chan	4907f6529e	Address review comments 4	2020-08-11 07:24:58 +01:00
Rasmus Lerchedahl Petersen	12dfc4afd9	Python: clean up validity check code	2020-08-11 08:16:49 +02:00
Rasmus Lerchedahl Petersen	3929e01350	Python: tests for async iterators/context managers	2020-08-11 08:10:46 +02:00
Rasmus Lerchedahl Petersen	681657f070	Merge branch 'master' of github.com:github/codeql into SharedDataflow_Classes	2020-08-11 07:24:17 +02:00
dilanbhalla	4433f193f9	pr fixes for typo and qldoc	2020-08-10 16:06:02 -07:00
intrigus-lgtm	5a3acc231e	Fix typo	2020-08-11 01:01:53 +02:00
dilanbhalla	7bd5464b01	Update cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.qhelp ... Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>	2020-08-10 15:43:16 -07:00
dilanbhalla	4dcaa7be57	pr fixes	2020-08-10 15:30:09 -07:00
dilanbhalla	dcfbb86674	pr fixes	2020-08-10 15:14:12 -07:00
dilanbhalla	7ce9e976c2	removing precision tag	2020-08-10 12:06:10 -07:00
dilanbhalla	95342cdea7	adding go crypto library	2020-08-10 11:56:41 -07:00
Owen Mansel-Chan	ed469a355e	Fix mistake in test	2020-08-10 17:32:49 +01:00
Max Schaefer	097775bf64	Merge pull request #282 from sauyon/tomain ... Fix one use of master in README	2020-08-10 17:03:22 +01:00
Max Schaefer	61f4d8ddfc	Merge pull request #278 from max-schaefer/fix-upgrade-performance ... Improve performance of upgrade script	2020-08-10 17:01:49 +01:00
Max Schaefer	d31b4d262f	Merge pull request #281 from max-schaefer/has_ellipsis ... Teach extractor to distinguish calls with an ellipsis from calls without	2020-08-10 16:51:38 +01:00
Rasmus Lerchedahl Petersen	5da37f5cf4	Python: Update test expectations	2020-08-10 17:07:00 +02:00
Owen Mansel-Chan	30f176246a	Address review comments 3	2020-08-10 15:21:20 +01:00
Max Schaefer	6d35c60acb	Add pragma to prevent accidental inlining.	2020-08-10 14:51:28 +01:00
Max Schaefer	2ef421255a	Add a clarifying comment.	2020-08-10 14:49:19 +01:00
Max Schaefer	9385857c39	Add a regression test.	2020-08-10 14:48:13 +01:00
Erik Krogh Kristensen	dc5167bbe7	autoformat	2020-08-10 11:52:45 +00:00
Erik Krogh Kristensen	34778578db	fill in docstring	2020-08-10 13:34:36 +02:00
Erik Krogh Kristensen	9bcac10d9e	summarize exceptions thrown by immidiatly awaited function calls	2020-08-10 13:28:25 +02:00
Jonas Jensen	1f432dc45f	Merge pull request #4023 from geoffw0/loopdir ... C++: Exclude decrementing unsigned counters from inconsistentLoopDirection.ql	2020-08-10 12:10:29 +02:00
Owen Mansel-Chan	89eae10d96	Address review comments 2	2020-08-10 11:07:44 +01:00
Owen Mansel-Chan	4bfb2b4138	Address review comments 1	2020-08-10 11:04:25 +01:00
Owen Mansel-Chan	681ca9065a	Add change note	2020-08-10 11:04:25 +01:00
Owen Mansel-Chan	06d1eb9bdb	Add tests for incorrect integer conversion	2020-08-10 11:04:25 +01:00
Owen Mansel-Chan	329888e62c	Add query for incorrect integer conversion	2020-08-10 11:04:25 +01:00
Owen Mansel-Chan	34fa07267b	Add modeling to Stdlib.qll ... Adds classes for some integer-parsing functions and a constant from strconv, plus a class for calls to integer-parsing functions.	2020-08-10 11:04:25 +01:00
Owen Mansel-Chan	ac49aa2527	Delete experimental query and tests for it	2020-08-10 11:04:25 +01:00
Owen Mansel-Chan	3a6aa58e48	Fix typo in QLDoc	2020-08-10 11:04:25 +01:00
Rasmus Lerchedahl Petersen	a963f15100	Python: format strings are unnecessary and mess up ... For some reason, we got no results when format strings were present.	2020-08-10 11:54:24 +02:00
Erik Krogh Kristensen	85de5aa16b	add deprecated modifier ... Co-authored-by: Asger F <asgerf@github.com>	2020-08-10 10:51:21 +02:00
CodeQL CI	d214cecf4d	Merge pull request #4028 from asger-semmle/js/scope-manager-npe ... Approved by max-schaefer	2020-08-10 09:47:09 +01:00
Rasmus Lerchedahl Petersen	959c6315c4	Python: update reference to fix tests	2020-08-10 09:24:45 +02:00
Erik Krogh Kristensen	410b696562	add deprecated aliases getId() forwarding to getIdentifier()	2020-08-10 09:11:38 +02:00
Rasmus Lerchedahl Petersen	639d914a47	Python: test Awaitable, framework for async test	2020-08-10 09:03:28 +02:00
CodeQL CI	7c4e10df17	Merge pull request #4014 from erik-krogh/stringify ... Approved by esbena	2020-08-10 07:50:21 +01:00
Max Schaefer	c2a26f8ec9	Don't allow varargs as function outputs. ... In a call of the form `f(xs...)`, when we say that `f` taints its 0th argument its ambiguous whether that means that it taints the slice `xs` or its 0th element `xs[0]`. In practice, it's usually the latter, but we have no way of expressing that using our current `FunctionOutput` implementation.	2020-08-10 07:30:23 +01:00
Max Schaefer	bdfd1d131f	Teach extractor to record the presence of an ellipsis in a call expression.	2020-08-10 07:30:23 +01:00