hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-05 17:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
53,865 Commits 1,689 Branches 160 Tags
codeql-cli/v2.13.1
Commit Graph

1692 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
246d904712 Merge pull request #12948 from aschackmull/dataflow/pathnode-type-tostring 
Dataflow: Add type to PathNode.toString.
 2023-04-27 14:14:10 +02:00
Geoffrey White
5a77dfb5d5 Merge pull request #12905 from geoffw0/webviewdoc 
Swift: Doc review for swift/unsafe-webview-fetch
 2023-04-27 11:23:53 +01:00
Geoffrey White
507bb61c3c Swift: Add missing '.' 2023-04-27 11:00:35 +01:00
Geoffrey White
c823c58e00 Swift: WebView -> web view. 2023-04-27 10:57:25 +01:00
Geoffrey White
cc8d7bff0b Update swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-04-27 10:12:13 +01:00
Mathias Vorreiter Pedersen
d114388470 Swift: Implement 'isAbnormalExitType' and accept test changes. 2023-04-26 15:36:52 +01:00
Anders Schack-Mulligen
d681671356 Dataflow: Sync. 2023-04-26 14:45:07 +02:00
Anders Schack-Mulligen
74242638e2 Swift: One more expected output fix. 2023-04-26 14:10:13 +02:00
Anders Schack-Mulligen
9fe5462b1b Swift: Update more expected output. 2023-04-26 13:41:50 +02:00
Anders Schack-Mulligen
6b049cb37a Swift: Update expected output. 2023-04-26 13:15:39 +02:00
Anders Schack-Mulligen
3d01763092 Swift: Remove empty string DataFlowType in PathNode. 2023-04-26 13:10:01 +02:00
Paolo Tranquilli
9d80a43d6a Merge pull request #12500 from github/redsun82/swift-dispatcher-rework 
Swift: rework fetching and dispatching
 2023-04-26 09:58:19 +02:00
Geoffrey White
84ddfe9c3f Merge pull request #12919 from geoffw0/precision2 
Swift: Upgrade two queries to precision high.
 2023-04-25 14:04:52 +01:00
Alex Denisov
125aab8107 Swift: rework fetching and dispatching 
* visiting now happens in a later stage than fetching labels. While
  fetching a list of entities to be visited is created, and then acted
  upon in actual extraction. This partially flattens the recursive
  nature of `fetchLabel` into a loop inside `SwiftVisitor::extract`.
  Recursion in `fetchLabel` will only happen on labels fetched while
  naming an entity (calling into `SwiftMangler`).
* The choice whether to name a declaration or type has been moved from
  the translators to `SwiftMangler`. Acting on this choice is contained
  in `SwiftDispatcher::createLabel`.
* The choice whether to emit a body of a declaration has been moved from
  `DeclTranslator` to the dispatcher. This choice is also contained in
  `SwiftDispatcher::createLabel`.
* The simple functionality of the `LabelStore` has been moved to the
  `SwiftDispatcher` as well.
 2023-04-25 11:15:27 +02:00
Geoffrey White
0ebb06e185 Merge branch 'main' into flowsources 2023-04-25 10:08:15 +01:00
Geoffrey White
2c28fae7e3 Merge pull request #12836 from geoffw0/precision 
Swift: Downgrade swift/unsafe-js-eval to precision medium.
 2023-04-25 09:58:11 +01:00
Geoffrey White
b0b2d6e05f Swift: Upgrade two queries to @precision high. 2023-04-25 09:42:49 +01:00
Michael Nebel
8ade7247a1 Merge pull request #12885 from michaelnebel/mergepathgraph3 
Dataflow: Introduce param module for merging three path graphs.
 2023-04-24 12:49:28 +02:00
Geoffrey White
1f126b60ff Swift: Touch UnsafeWebViewFetch.qhelp. 2023-04-24 09:35:32 +01:00
Nora Dimitrijević
1f861fda25 Merge pull request #12736 from d10c/swift/capture-flow 
Swift: Closure Capture Helper APIs
 2023-04-20 18:45:56 +02:00
Michael Nebel
656d8d2451 Sync files. 2023-04-20 11:29:51 +02:00
Geoffrey White
7285704807 Merge pull request #12876 from geoffw0/extensiondecl 
Swift: Improve ExtensionDecl.toString
 2023-04-19 16:41:48 +01:00
Geoffrey White
e895cac569 Merge pull request #12877 from geoffw0/deprecated 
Swift: Delete deprecated classes
 2023-04-19 16:41:25 +01:00
Geoffrey White
3779d8423f Swift: Autoformat. 2023-04-19 14:57:17 +01:00
Geoffrey White
4484574301 Swift: Rename clashing CleartextStorage modules. 2023-04-19 14:29:25 +01:00
Geoffrey White
10c222e7e2 Swift: Remove deprecated classes from queries. 2023-04-19 14:26:03 +01:00
Geoffrey White
a3c66b6032 Merge pull request #12833 from geoffw0/addmodels 
Swift: Add some sink models
 2023-04-19 14:18:29 +01:00
Geoffrey White
49dccaa89d Swift: Fix other tests. 2023-04-19 14:16:24 +01:00
Geoffrey White
e9ffefaa96 Swift: Improve ExtensionDecl.toString. 2023-04-19 13:38:04 +01:00
Geoffrey White
c092851c28 Swift: Add a test for ExtensionDecls. 2023-04-19 11:50:49 +01:00
Mathias Vorreiter Pedersen
8d62d5916e Merge pull request #12807 from MathiasVP/dataflow-for-keypaths 
Swift: Dataflow for keypaths
 2023-04-19 10:00:49 +01:00
Geoffrey White
c7ea08aa73 Swift: Fix inline expectations. 2023-04-18 17:32:38 +01:00
Nora Dimitrijević
7f675d8c3b Swift: more CapturedDecl test cases 2023-04-18 16:50:38 +02:00
Nora Dimitrijević
96f06f8eca Swift: refactor the public API wrt captures 
This exposes capture- and access-related methods under different names.
 2023-04-18 16:50:37 +02:00
Mathias Vorreiter Pedersen
231b0fcab2 Swift: Add more tests. 2023-04-18 12:01:08 +01:00
Tom Hvitved
f6d000eb20 Merge pull request #12805 from hvitved/remove-queries-xml 
Remove all `queries.xml` files
 2023-04-18 10:52:14 +02:00
Paolo Tranquilli
edb355b47f Swift: add QLdoc for generated Raw and Synth modules 2023-04-17 09:38:26 +02:00
Geoffrey White
d94ed1b4a3 Merge pull request #12824 from geoffw0/modernsec4 
Swift: Add CryptoSwift sinks in swift/weak-sensitive-data-hashing
 2023-04-14 19:56:37 +01:00
Geoffrey White
706fdce527 Swift: Downgrade swift/unsafe-js-eval to precision medium. 2023-04-14 18:16:16 +01:00
Geoffrey White
2adc4c0feb Swift: PredicatUpgrade predicate injection sources from RemoteFlowSource to FlowSource. Even local input should be in parameters rather than concatenated into the predicate. 2023-04-14 17:50:57 +01:00
Geoffrey White
7b8606d411 Swift: Delete unnecessary import. 2023-04-14 16:36:22 +01:00
Geoffrey White
9ecba6a94d Swift: Add missing imports in ExternalFlow.qll. 2023-04-14 14:58:24 +01:00
Geoffrey White
619d572d50 Swift: Add RNCryptor hmacKey encryption-key sinks. 2023-04-14 14:58:15 +01:00
Geoffrey White
46da73cc11 Swift: Add realm path-injection sinks. 2023-04-14 14:50:50 +01:00
Geoffrey White
feccd307da Swift: Add realm encryption-key sinks. 2023-04-14 14:47:24 +01:00
Geoffrey White
bfdaf6951d Swift: Add some test cases. 2023-04-14 14:39:45 +01:00
Geoffrey White
21414089ee Swift: Test renaming and layout changes. 2023-04-14 14:39:32 +01:00
Geoffrey White
3f8ac1a12b Merge pull request #12794 from geoffw0/modernsec2 
Swift: Add CSV extension points to the encryption queries.
 2023-04-13 19:43:05 +01:00
Geoffrey White
8c415f3988 Swift: getName() -> getFullName(). 2023-04-13 17:56:07 +01:00
Mathias Vorreiter Pedersen
f9d5e56d9c s/entry/exit 2023-04-13 13:22:07 +01:00