Geoffrey White
af8d4e5ab2
Swift: Change note.
2023-08-04 09:42:53 +01:00
Jeroen Ketema
d80eff330b
C++: Add test for __declspec attribute on a global variable
2023-08-04 10:35:32 +02:00
Anders Starcke Henriksen
3ef82c1091
Address comments.
2023-08-04 10:22:17 +02:00
Geoffrey White
d24db3fcd3
Swift: Use .ArrayElement in the models, where appropriate.
2023-08-04 09:18:37 +01:00
Geoffrey White
b41d47b910
Swift: Array.withUnsafeBytes doesn't reliably match ContiguousBytes, so define models there as well.
2023-08-04 09:18:36 +01:00
Geoffrey White
c48d47484a
Swift: Fix mistake in the string taint test.
2023-08-04 09:18:36 +01:00
Geoffrey White
664dc01c48
Swift: Add closure function models.
2023-08-04 09:18:36 +01:00
Geoffrey White
49d1556c29
Swift: Model update(repeating:), to support the tests.
2023-08-04 09:18:36 +01:00
Geoffrey White
315cb32f6c
Swift: Remove special case from UnsafeJsEval query.
2023-08-04 09:18:35 +01:00
Geoffrey White
feadd7127b
Swift: Add tests with some different container types.
2023-08-04 09:18:35 +01:00
Geoffrey White
63c71f0b77
Swift: Add tests of with* closure methods.
2023-08-04 09:18:34 +01:00
Tony Torralba
586c8803c5
Move the sources back the .ql files
...
Otherwise they would both apply at the same time, making both versions of the query identical.
2023-08-04 10:02:56 +02:00
Tony Torralba
e9bad321b6
Apply suggestions from code review
2023-08-04 09:21:45 +02:00
Maiky
0cd1c1e2e5
Make private
...
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com >
2023-08-03 17:08:50 +02:00
Maiky
0dec4876f1
Replace cast to DataFlow::CallNode
...
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com >
2023-08-03 17:08:35 +02:00
Maiky
6f1b406b3a
typo
...
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com >
2023-08-03 17:08:10 +02:00
Maiky
0237f37842
typo
...
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com >
2023-08-03 17:07:58 +02:00
Maiky
c54561e775
Merge branch 'main' into maikypedia/ldap-improper-auth
2023-08-03 16:49:30 +02:00
Maiky
fd649c1702
Fix getHost() (ldap.host = ip is not covered)
2023-08-03 16:37:48 +02:00
Maiky
f7a662814d
simplify usesSsl()
2023-08-03 16:20:20 +02:00
Maiky
2d87489dfa
change useSsl() to usesSsl()
2023-08-03 16:18:44 +02:00
Anders Starcke Henriksen
e7ca2330cb
Update workspace.
2023-08-03 15:55:42 +02:00
Mathias Vorreiter Pedersen
7270b5079b
C++: Add a type-based 'SemReason'.
2023-08-03 15:26:10 +02:00
Paul Hodgkinson
fba37aa7c9
Merge branch 'main' into java/experimental/command-injection
2023-08-03 14:12:38 +01:00
Geoffrey White
deb97a6ccc
Swift: Improve regex performance with possessive matching (i.e. don't backtrack).
2023-08-03 13:57:49 +01:00
aegilops
fc7f8409be
Fix up for code review
2023-08-03 13:50:40 +01:00
aegilops
3658710578
Fixed formatting, committed expected test results
2023-08-03 13:50:40 +01:00
Tom Hvitved
b69188fee9
C#: Adopt shared CFG construction library from shared controlflow pack
2023-08-03 14:12:24 +02:00
Tom Hvitved
e011480114
Merge pull request #13509 from hvitved/cfg-pack
...
Convert shared CFG construction library to a parameterized module
2023-08-03 14:11:56 +02:00
Anders Starcke Henriksen
e2abd3ff13
Create separate automodel pack.
2023-08-03 13:55:15 +02:00
Mathias Vorreiter Pedersen
9ed8dec87f
Merge pull request #13877 from jketema/constant-doc
...
C++: Improve the QL doc of `isConstant`
2023-08-03 13:41:44 +02:00
Mathias Vorreiter Pedersen
50f5c4d5f6
DataFlow: Don't support stateless sink nodes in partial flow exploration.
2023-08-03 13:30:05 +02:00
Paolo Tranquilli
67cd25184a
Merge pull request #12433 from github/alexdenisov+redsun82/tuple-mangling
...
Swift: properly identify types and declarations in trap files via mangling
2023-08-03 13:27:07 +02:00
Jeroen Ketema
48048d6f38
Merge pull request #13874 from jketema/use-after-free
...
C++: Improve use-after-free example code
2023-08-03 13:21:12 +02:00
Owen Mansel-Chan
00c704201c
Merge pull request #13871 from github/rc/3.10
...
Merge `rc/3.10` into `main`
2023-08-03 11:24:07 +01:00
Jeroen Ketema
7ff6f09626
C++: Improve the QL doc of isConstant
2023-08-03 12:16:12 +02:00
Jeroen Ketema
0c0720a962
C++: Improve use-after-free example code
...
* Remove the mismatch between `new` and `free` and use `delete` instead
* Make the function `void`, so people copying the code will not forget
to add a `return`.
* Balance out the `...` for omitted code.
2023-08-03 11:06:15 +02:00
Tom Hvitved
2ac646770e
Merge ControlFlowTreeBase and AstNode
2023-08-03 10:59:26 +02:00
Jeroen Ketema
1ad533a4f8
Merge pull request #13873 from jketema/ir-range-test
...
C++: Add semantic range analysis test as IR test
2023-08-03 10:58:24 +02:00
Chris Smowton
8702efda1e
Merge pull request #13835 from github/smowton/fix/logrus-with-context
...
Don't treat logrus' WithContext method as a logging function
2023-08-03 09:57:30 +01:00
Tom Hvitved
525ed65b0b
Rename getNode to getAstNode
2023-08-03 10:56:50 +02:00
Jeroen Ketema
f7923d93f1
C++: Add semantic range analysis test as IR test
...
The range analysis test currently fails with the frontend update, because the
generated IR is incorrect after the update.
2023-08-03 10:13:23 +02:00
Anders Schack-Mulligen
0ae81eace3
Java: update fixed test
2023-08-03 10:07:00 +02:00
Asger F
5950865b55
Merge pull request #13755 from github/max-schaefer/js-server-crash-help
...
JavaScript: Improve qhelp for js/server-crash.
2023-08-03 10:04:08 +02:00
Anders Schack-Mulligen
72171972c3
Apply suggestions from code review
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
84316c41a3
Java: Add more qldoc.
2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
90052a3ca2
Java: Add proper types for capture nodes.
2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
e2a0849a0e
Java: Add more qldoc.
2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
37455ec29e
Java: Replace ratpack test fix with general heuristic summary.
2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen
c5990311ca
Java: Redesign and reimplement variable capture flow.
2023-08-03 10:04:06 +02:00
