hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-10 12:11:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,887 Commits 1,689 Branches 160 Tags
codeql-cli/v2.13.3
Commit Graph

54887 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
e7c02027f5 CPP: Fix 'BAD'. 2019-03-28 15:49:36 +00:00
Geoffrey White
743b17af50 CPP: Autoformat. 2019-03-28 15:49:36 +00:00
Geoffrey White
0b85966b31 CPP: Fix dubious [old] taint library results involving strlen. 2019-03-28 15:49:36 +00:00
Geoffrey White
8c75e730e4 CPP: Widen TaintedAllocationSize.ql. 2019-03-28 15:49:36 +00:00
Geoffrey White
dab1bba25c CPP: Add a test of TaintedAllocationSize. 2019-03-28 15:49:36 +00:00
Asger F
4908902f47 JS: Update to use TypeTracker::end() 2019-03-28 15:26:55 +00:00
Asger F
365db0ff1f JS: track document and dom values using type tracking 2019-03-28 15:24:00 +00:00
semmle-qlci
225c22cca0 Merge pull request #1171 from hvitved/csharp/attributes-named-args 
Approved by calumgrant
 2019-03-28 12:06:13 +00:00
Calum Grant
8012dacd69 Merge pull request #1104 from hvitved/csharp/dispatch/performance 
C#: Dispatch library performance tweaks
 2019-03-28 11:57:19 +00:00
semmle-qlci
35ea746045 Merge pull request #1172 from asger-semmle/hostname-prefix-sanitizer 
Approved by xiemaisi
 2019-03-28 11:55:10 +00:00
Max Schaefer
c097031c7e JavaScript: Fix uses of TypeTracker with custom flow steps. 
These steps need to check that the type hasn't been tracked into a property.
 2019-03-28 10:33:04 +00:00
Asger F
6478d9383c JS: drive-by typo fix 2019-03-28 10:28:44 +00:00
Asger F
5dba78ba1a JS: add change note 2019-03-28 10:28:30 +00:00
Max Schaefer
b2faac30c9 JavaScript: Add a few missing doc comments. 2019-03-28 10:12:08 +00:00
Rebecca Valentine
e4c5fd4f61 autoformats 2019-03-27 17:12:10 -07:00
Rebecca Valentine
a049d9a4c6 moves lib to right place 2019-03-27 16:58:33 -07:00
Rebecca Valentine
2d3c522efc cleans up naming conventions 2019-03-27 16:57:35 -07:00
Rebecca Valentine
336eb9dcf3 adds initial qll 2019-03-27 16:31:49 -07:00
Asger F
99dc2435af JS: update test 2019-03-27 15:03:04 +00:00
Taus
eb5927a197 Merge branch 'master' into python-encapsulate-builtins 2019-03-27 15:40:34 +01:00
Asger F
0eb9231cb1 JS: Make use of TypeTracker::end() 2019-03-27 13:25:01 +00:00
Asger F
208bcd438b JS: Make type-tracking predicates private 2019-03-27 13:21:45 +00:00
Asger F
7bfad8c360 JS: trailing whitespace 2019-03-27 13:21:45 +00:00
Asger F
9bbdf84e5d JS: missing qldoc 2019-03-27 13:21:45 +00:00
Asger F
28a776a82b JS: dataflow -> data flow 2019-03-27 13:21:45 +00:00
Asger F
c0b58f6b09 JS: Capitalize Firebase in comments 2019-03-27 13:21:45 +00:00
Asger F
99cc09df8c JS: use TypeBackTracker where appropriate 2019-03-27 13:21:45 +00:00
Asger F
42c0efd549 JS: add test 2019-03-27 13:21:45 +00:00
Asger F
ad592d7cd1 JS: handle .after and .before 2019-03-27 13:21:45 +00:00
Asger F
0401b26b48 JS: handle CloudFunctions 2019-03-27 13:21:45 +00:00
Asger F
49a746b87a JS: handle Reference.transaction() 2019-03-27 13:21:45 +00:00
Asger F
f554f859aa JS: handle 'firebase-admin' package 2019-03-27 13:21:45 +00:00
Asger F
e0c06cb518 JS: handle Query methods 2019-03-27 13:21:45 +00:00
Asger F
06b0851072 JS: Add Firebase model 2019-03-27 13:21:45 +00:00
semmle-qlci
86040575b1 Merge pull request #1161 from esben-semmle/js/classify-mode-html 
Approved by xiemaisi
 2019-03-27 12:56:04 +00:00
Jonas Jensen
debc441d03 Merge pull request #1158 from geoffw0/moremsalloc 
CPP: Add more allocation functions to Alloc.qll
 2019-03-27 13:51:39 +01:00
Tom Hvitved
664aa8db47 C#: Address review comment 2019-03-27 13:32:11 +01:00
semmle-qlci
4d4055a87c Merge pull request #1163 from xiemaisi/js/more-type-tracking 
Approved by asger-semmle
 2019-03-27 12:08:11 +00:00
Asger F
d4c7312d80 JS: more sanitizing prefixes 2019-03-27 11:22:31 +00:00
Asger F
50f2afb622 JS: add test 2019-03-27 11:20:39 +00:00
Geoffrey White
885df8754e Merge pull request #1165 from dave-bartolomeo/dave/CompareFP 
C++: Fix FP in PointlessComparison due to preprocessor
 2019-03-27 10:54:26 +00:00
Tom Hvitved
7634973bb4 C#: Handle named attribute arguments 2019-03-27 11:10:24 +01:00
Tom Hvitved
12843d2b0e C#: Add tests for named attribute arguments 2019-03-27 10:58:37 +01:00
Jonas Jensen
36ba56c690 C++: Tests for PointlessComparison shortcomings 2019-03-27 10:48:35 +01:00
Jonas Jensen
1ffeebcfea C++: Range analysis: support casts from/to typedef 2019-03-27 10:48:35 +01:00
Jonas Jensen
1c71c74ce5 C++: Tests showing problems with casts of typedefs 2019-03-27 10:48:35 +01:00
Jonas Jensen
10585e719d C++: Support widening casts in range analysis 
This makes sure we can conclude from `(int)myShort == 0` that `myShort`
is 0 even though we can no longer conclude from `(short)myInt == 0` that
`myInt` is 0. Without this, we lost a good result in the test for
`InfiniteLoopWithUnsatisfiableExitCondition.ql`.
 2019-03-27 10:48:34 +01:00
Jonas Jensen
640f900efd C++: Add missing getFullyConverted for unary +/- 2019-03-27 10:48:34 +01:00
Jonas Jensen
50559d5e63 C++: Accept test output change 
The new output looks correct, although I'm not sure if it's correct for
the right reasons.
 2019-03-27 10:48:34 +01:00
Jonas Jensen
b827e7a1ea C++: Fix use-after-cast bug in SimpleRangeAnalysis 
Like everywhere else in the range analysis, operands to comparison
operators must be considered in their fully-converted form.
 2019-03-27 10:48:34 +01:00