hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-12 02:26:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,820 Commits 1,711 Branches 162 Tags
codeql-cli/v2.12.6
Commit Graph

51820 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
9335a6cb79 JavaScript: Fix missing triple backtick in qldoc comment. 2020-05-06 11:40:00 +01:00
Arthur Baars
39e652b26b Java: teach UnsafeDeserialization about ValidatingObjectInputStream 
The class org.apache.commons.io.serialization.ValidatingObjectInputStream
is an implementation of ObjectInputStream that validates the deserialized
classes against a white list. Therefore, this class should not be considered an
unsafe deserialization sink.
 2020-05-06 12:15:30 +02:00
Arthur Baars
797721cd31 Test 2020-05-06 12:15:27 +02:00
Sauyon Lee
164149b29a Merge pull request #129 from max-schaefer/fix-argument-post-update-nodes 
Fix and improve taint-tracking through function arguments
 2020-05-06 02:57:01 -07:00
monkey-junkie
122354a81a Update javascript/ql/src/experimental/Security/CWE-94/ServerSideTemplateInjection.ql 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-05-06 12:54:50 +03:00
Esben Sparre Andreasen
344f0c36b0 JS: update expected output 2020-05-06 11:18:14 +02:00
monkey-junkie
3314dd0614 Update javascript/ql/src/experimental/Security/CWE-94/ServerSideTemplateInjection.ql 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-05-06 11:17:41 +03:00
Rasmus Wriedt Larsen
f1630983d3 Python: Cleanup default-indexing upgrade script 2020-05-06 09:57:07 +02:00
Rasmus Wriedt Larsen
010d5fb769 Python: Fix indexes of keyword-only defaults in upgrade script 
Works like a charm ;)
 2020-05-06 09:57:07 +02:00
Rasmus Wriedt Larsen
a15833d194 Python: DB upgrade script for default-indexing change 
Follow this excellent guide:
https://github.com/github/codeql-c-extractor-team/blob/master/docs/db-upgrade.md
 2020-05-06 09:56:53 +02:00
Tom Hvitved
0466e36985 C#: Teach Implements.qll about nested types 2020-05-06 09:25:40 +02:00
Tom Hvitved
f9ece0aefb C#: Add implements test for nested types 2020-05-06 09:25:40 +02:00
Tom Hvitved
4c1a9b25c1 C#: Teach unification library about nested types 2020-05-06 09:25:40 +02:00
Tom Hvitved
851fc98b01 C#: Add type unification tests for nested types 2020-05-06 09:25:40 +02:00
Anders Schack-Mulligen
3b3ca6d41e Merge pull request #3214 from aibaars/base64 
Java: Add org.apache.commons.codec.(De|En)coder to TaintTrackingUtil
 2020-05-06 09:21:18 +02:00
Jonas Jensen
63f04afa8d Merge pull request #3312 from hvitved/dataflow/impl-no-postupdate 
Data flow: Support stores into nodes that are not `PostUpdateNode`s
 2020-05-06 09:09:31 +02:00
semmle-qlci
9210660ea0 Merge pull request #3401 from erik-krogh/jsonLike 
Approved by esbena
 2020-05-06 08:00:44 +01:00
Asger F
b2da4fe491 Update javascript/ql/src/semmle/javascript/internal/StmtContainers.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-05-06 07:59:04 +01:00
Asger Feldthaus
926e79d272 JS: Autoformat 2020-05-06 07:59:04 +01:00
Asger Feldthaus
f51e846439 JS: Fix ClosureModule implementation 2020-05-06 07:59:04 +01:00
Asger Feldthaus
0f870a4992 JS: Use TCapturedVariableNode as starting point of callInputStep 2020-05-06 07:59:04 +01:00
Asger Feldthaus
4d6da19173 JS: Improve performance of getExceptionTarget 2020-05-06 07:59:04 +01:00
Asger Feldthaus
639f04386c JS: Avoid bad join ordering in ClosureModule 2020-05-06 07:59:04 +01:00
Asger Feldthaus
e52e1b26c6 JS: Upgrade script 2020-05-06 07:59:04 +01:00
Asger Feldthaus
5f710bc881 JS: Move definition of getContainer() to a single rootdef 2020-05-06 07:59:04 +01:00
Max Schaefer
08f5451fce Address review comments. 2020-05-06 07:32:15 +01:00
semmle-qlci
86c5b38d62 Merge pull request #3341 from hvitved/csharp/generics-nested-types 
Approved by calumgrant
 2020-05-06 07:16:37 +01:00
Raul Garcia (MSFT)
f051f46ee9 Merge branch 'master' of https://github.com/semmle/ql 2020-05-05 13:37:03 -07:00
Erik Krogh Kristensen
52392f2a6d autoformat 2020-05-05 22:33:53 +02:00
Robert Marsh
78d2ac1ff4 Merge pull request #3368 from Cornelius-Riemenschneider/local-ala 
C++: Add experimental Array Length Tracking library
 2020-05-05 13:05:52 -07:00
Felicity Chapman
0e0d0499bb Merge pull request #3413 from felicitymay/update-docs-reviews 
Update requirements for docs review
 2020-05-05 19:05:57 +01:00
Mathias Vorreiter Pedersen
114310700a Merge pull request #3414 from geoffw0/issue3356 
C++: Fix error in QLDoc.
 2020-05-05 18:07:49 +02:00
Geoffrey White
3e2e69c06a C++: Autoformat. 2020-05-05 16:55:15 +01:00
Max Schaefer
9f59777cc9 Merge pull request #119 from jcreedcmu/jcreed/jump-to-def-ide 
Add queries for ide search.
 2020-05-05 15:10:58 +01:00
Jason Reed
c759e891d0 Python: Exclude additional tag from LGTM suites 2020-05-05 09:43:40 -04:00
jcreedcmu
6cf30ef87a Update python/ql/src/analysis/DefinitionTracking.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-05-05 09:40:54 -04:00
Jason Reed
5653889a39 Exclude IDE queries from query suites. 2020-05-05 09:22:44 -04:00
Max Schaefer
2fb3d39f61 Merge pull request #128 from sauyon/mux 
Add support for Mux library
 2020-05-05 13:57:37 +01:00
Anders Schack-Mulligen
11ffcc4378 Merge pull request #2912 from Mithrilwoodrat/master 
Add check for disabled HTTPOnly setting in Tomcat
 2020-05-05 14:39:32 +02:00
Geoffrey White
27490a35ae C++: Fix error in QLDoc. 2020-05-05 13:37:14 +01:00
monkey-junkie
560674b670 Update javascript/ql/src/experimental/Security/CWE-94/ServerSideTemplateInjection.ql 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-05-05 15:36:11 +03:00
monkey-junkie
758e85dd3e Update javascript/ql/src/experimental/Security/CWE-94/ServerSideTemplateInjection.ql 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-05-05 15:34:57 +03:00
Tom Hvitved
e8e27e0e00 C#: Address review comments 2020-05-05 14:28:13 +02:00
Tom Hvitved
3d37a49ccd C#: Add change note 2020-05-05 14:28:13 +02:00
Tom Hvitved
19c3e6a58d C#: Add DB upgrade script 2020-05-05 14:28:13 +02:00
Tom Hvitved
c324c388d0 C#: Refine UnboundGeneric and ConstructedGeneric 2020-05-05 14:28:13 +02:00
Tom Hvitved
8a01023dee C#: Add more generics tests 2020-05-05 14:28:13 +02:00
Tom Hvitved
4f7743058a C#: Restructure existing generics tests 2020-05-05 14:28:13 +02:00
Felicity Chapman
c0ebf12ab0 Update requirements for docs review 2020-05-05 13:25:19 +01:00
monkey-junkie
a8019705b5 Update javascript/ql/src/experimental/Security/CWE-94/ServerSideTemplateInjection.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-05-05 15:24:24 +03:00