hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 19:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,820 Commits 1,689 Branches 160 Tags
codeql-cli/v2.12.7
Commit Graph

51820 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Bartolomeo
1fb36ff7e7 C++: Add conservative side effects for function calls 2018-11-26 12:08:18 -08:00
Robert Marsh
f9ed39915f C++: recompute IRBlock membership at each stage 
This enables the addition of new instructions in later phases of IR
construction; in particular, aliasing write instructions and inference
instructions.
 2018-11-26 12:08:18 -08:00
calumgrant
d1f7eef7eb Merge pull request #537 from hvitved/csharp/guards-splitting 
C#: Make guards library work with CFG splitting
 2018-11-26 18:19:37 +00:00
Geoffrey White
f034abc275 CPP: Add the Semmle security tests. 2018-11-26 17:52:34 +00:00
Aditya Sharad
7aef8fa945 Merge pull request #547 from pavgust/fix/cwe-497-performance 
C++: Refactor CWE-497 for clarity and performance
 2018-11-26 17:13:27 +00:00
Mark Shannon
516b29d2c9 Merge pull request #544 from pavgust/fix/python-hotfixes 
Pull recent Python fixes to RC branch
 2018-11-26 16:18:13 +00:00
Max Schaefer
8e54c7ab6c Merge pull request #503 from asger-semmle/unsafe-global-object-access 
JS: add method name injection query
 2018-11-26 15:56:20 +00:00
Aditya Sharad
38095e2f96 Python: Add QL for VS workspace settings file. 2018-11-26 15:10:12 +00:00
Max Schaefer
588defd6b6 Merge pull request #519 from esben-semmle/js/nullish-coalescing-extractor-and-ql 
JS: nullish coalescing support in extractor and QL
 2018-11-26 15:03:23 +00:00
Kevin Backhouse
4877659578 Fix names. 2018-11-26 14:56:35 +00:00
Tom Hvitved
e069041bd5 Merge pull request #431 from calumgrant/cs/extractor/fsharp-core 
C#: Fix extraction of method signatures
 2018-11-26 15:07:33 +01:00
Jonas Jensen
fcd53ae631 Merge pull request #540 from geoffw0/cpp-296 
CPP: Fix false positive from AutoGeneratedFile.qll.
 2018-11-26 15:03:21 +01:00
Tom Hvitved
7dc0a8132e Merge pull request #513 from calumgrant/cs/cwe-134 
C#: New query cs/uncontrolled-format-string
 2018-11-26 14:58:54 +01:00
calum
de36151c4a C#: Add regression test and fix for type mentions of type parameter constraints. 2018-11-26 13:51:02 +00:00
semmle-qlci
03fd5498d9 Merge pull request #542 from xiemaisi/js/move-project-file-back-to-code 
Approved by esben-semmle
 2018-11-26 11:41:39 +00:00
Max Schaefer
a1772a9ae4 Merge pull request #543 from markshannon/python-backward-compat-default 
Python: Add default.qll for backwards compatibility with older queries and libraries.
 2018-11-26 11:27:17 +00:00
Mark Shannon
4d8f5e1020 Python: Add default.qll for backwards compatibility with older queries and libraries. 2018-11-26 11:25:28 +00:00
Esben Sparre Andreasen
2d7f09d321 JS(ql): support nullish coalescing operators 2018-11-26 10:31:19 +01:00
Esben Sparre Andreasen
a2a798e59c JS(extractor): support nullish coalescing operators 2018-11-26 09:45:19 +01:00
Max Schaefer
93f4ee8813 JavaScript: Remove Eclipse metadata files for extractor. 2018-11-26 08:24:33 +00:00
Arthur Baars
8d7ace25bf Merge pull request #535 from adityasharad/merge/master-next-231118 
Merge master into next.
 2018-11-25 20:19:23 +01:00
Kevin Backhouse
bc752e1a98 Add post-dominators. 2018-11-24 18:23:27 +00:00
Geoffrey White
f338a4f0d6 CPP: Fix false positive from AutoGeneratedFile.qll. 2018-11-23 17:34:18 +00:00
Taus
f0fbed76e7 Merge pull request #539 from markshannon/python-path-fix-siblings 
Python: Fix parents relation for path queries.
 2018-11-23 17:59:04 +01:00
Aditya Sharad
c20b688a3f Merge master into next. 2018-11-23 16:36:31 +00:00
Taus
3cee874ee3 Merge pull request #536 from markshannon/python-more-shell-injection 
Python: Some additional sinks for command injection.
 2018-11-23 17:12:20 +01:00
yh-semmle
17b063f0b2 Merge pull request #473 from sb-semmle/add-properties-files-to-java-schema 
Add properties files to java schema
 2018-11-23 11:09:00 -05:00
yh-semmle
f4ec168666 Merge pull request #533 from aschackmull/java/inherit-bugfix-changenote 
Java: Add change note for #459.
 2018-11-23 10:53:44 -05:00
Mark Shannon
3190b12544 Python: Fix parent relation for path-queries. 2018-11-23 15:04:01 +00:00
Mark Shannon
bfc001cc68 Python: Add change note for requests without cert verification query. 2018-11-23 14:48:19 +00:00
Mark Shannon
6588606739 Python: Account for other 'falsey' values in query. 2018-11-23 14:42:45 +00:00
Mark Shannon
06e5bc8359 Python: Add qhelp for new query. 2018-11-23 14:42:45 +00:00
Mark Shannon
45e864a395 Python: New query to test for requests without validation. 2018-11-23 14:42:45 +00:00
Mark Shannon
f0206a2ff4 Python: Tests for new query: requests called with verify=False. 2018-11-23 14:42:45 +00:00
Mark Shannon
7f5d46b32f Python: Add change note for new sinks. 2018-11-23 14:30:57 +00:00
Mark Shannon
b94493aec3 Python: Add extra sinks for command-injection query. 2018-11-23 14:29:02 +00:00
Taus
ceb316df60 Merge pull request #527 from markshannon/python-security-change-note 
Collated python change notes
 2018-11-23 15:28:18 +01:00
Pavel Avgustinov
d4b2c01634 Lift out intermediate helper predicate. 2018-11-23 14:22:44 +00:00
Tom Hvitved
03e69e9945 C#: Make guards library work with CFG splitting 2018-11-23 15:20:33 +01:00
Tom Hvitved
228189db5a C#: Add tests for guards inside split CFG blocks 2018-11-23 15:20:27 +01:00
Taus
61f5c2e834 Merge pull request #516 from markshannon/python-path-queries 
Python path queries
 2018-11-23 15:20:19 +01:00
Anders Schack-Mulligen
d24145831b Java: Add change note for #459. 2018-11-23 14:21:30 +01:00
Aditya Sharad
10dc183495 Merge pull request #512 from hvitved/csharp/autobuilder/dirs-proj 
C#: Recognize `.proj` files in autobuilder
 2018-11-23 13:18:04 +00:00
Mark Shannon
4f5cfbc336 Correct change for extractor logging levels. 2018-11-23 13:03:16 +00:00
Mark Shannon
95f1935eaa Python change notes: Merge in internal change notes. 2018-11-23 12:55:04 +00:00
semmle-qlci
04c2b23abd Merge pull request #520 from esben-semmle/js/clear-text-logging-taint-kinds 
Approved by asger-semmle
 2018-11-23 12:40:40 +00:00
Mark Shannon
61bd8682df Python: Improve API and representation of taint tracking nodes. Update queries and tests accordingly. 2018-11-23 12:32:14 +00:00
calum
b67bc7b612 C#: Fix id generation of constructed methods, by avoid id clashes by ensuring that method type parameters are qualified where necessary. Add a qltest. 2018-11-23 12:11:10 +00:00
calum
051dd191ac C#: Change notes. 2018-11-23 12:11:10 +00:00
calum
e00807d66b C#: Fix decoding method type parameters in FSharp.Core. 2018-11-23 12:09:52 +00:00