hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-11 13:40:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,239 Commits 1,679 Branches 158 Tags
codeql-cli/v2.15.2
Commit Graph

60239 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
james
70076fd3f0 remove lgtm from presentations 2023-07-19 09:33:13 +01:00
Geoffrey White
a58dbf26b5 Merge pull request #13759 from geoffw0/parsemode2 
Swift: Refactor regex library
 2023-07-19 08:36:28 +01:00
Geoffrey White
cf7311f3f1 Swift: Expand parse mode support to include NSRegularExpression options. 2023-07-19 08:34:30 +01:00
Geoffrey White
cd1e73bd65 Swift: Add some more test cases. 2023-07-19 08:34:29 +01:00
Geoffrey White
dc5f964ce0 Swift: Modify the test stubs to test flow models more robustly. 2023-07-19 08:34:29 +01:00
Geoffrey White
84f592b8a1 Swift: Add another test case. 2023-07-19 08:34:29 +01:00
Geoffrey White
f8b8c67813 Swift: Clean up and autoformat. 2023-07-19 08:34:27 +01:00
Geoffrey White
3c1f755580 Swift: Support other parse modes. 2023-07-19 08:33:48 +01:00
Geoffrey White
8273fa1a8c Swift: Track parse modes (prototype version). 2023-07-19 08:33:43 +01:00
Anders Schack-Mulligen
afc46576f0 Docs: Review fix. 2023-07-19 09:14:33 +02:00
Owen Mansel-Chan
9b0d7f3515 Merge pull request #13739 from owen-mc/go/extractor-use-origin 
Use Origin() in Go extractor
 2023-07-18 21:37:46 +01:00
Robert Marsh
093c6905dd Swift: only read ArrayContent from subscript keypaths 2023-07-18 19:42:54 +00:00
Jeroen Ketema
b72d89295a Merge pull request #13762 from jketema/fun-qual 
C++: Handle `FunctionAccess`es with qualifiers
 2023-07-18 21:17:30 +02:00
Mathias Vorreiter Pedersen
3e1b4d97fe C++: Add QLDoc. 2023-07-18 18:15:25 +01:00
Mathias Vorreiter Pedersen
576f021c25 C++: Fix Code Scanning errors. 2023-07-18 18:15:25 +01:00
Mathias Vorreiter Pedersen
4762e883fc C++: Add inline expectations tests for the invalid-pointer-to-dereference stage of the query. 2023-07-18 18:15:24 +01:00
Mathias Vorreiter Pedersen
a735d18a1b C++: Add inline expectations tests for the allocation-to-invalid-pointer stage of the query. 2023-07-18 18:15:24 +01:00
Mathias Vorreiter Pedersen
5099de5b3d C++: Split the query into 4 files. 2023-07-18 18:15:18 +01:00
Mathias Vorreiter Pedersen
5a15c19e4b QL: Accept test changes. 2023-07-18 18:04:46 +01:00
Mathias Vorreiter Pedersen
3b3f374223 QL: Fix FP in 'ql/missing-noinline'. 2023-07-18 17:55:44 +01:00
Geoffrey White
5dea539f3f Swift: Fix QL-for-QL suggestion. 2023-07-18 16:51:12 +01:00
Arthur Baars
99d8ae720f Swift: improve print-cfg query 2023-07-18 16:49:58 +02:00
Jeroen Ketema
aad094bdd0 C++: Handle FunctionAccesses with qualifiers 
Also fix the IR generation for these and add more IR tests involving value
categories.
 2023-07-18 16:35:39 +02:00
Robert Marsh
bcc45658b3 Swift: Change note for ArrayContent 2023-07-18 14:12:53 +00:00
Robert Marsh
1fac08ef6c Swift: add qldoc for ArrayContent and Array models 2023-07-18 14:08:33 +00:00
Robert Marsh
dfa5e18988 Swift: autoformat 2023-07-18 14:01:30 +00:00
Mathias Vorreiter Pedersen
a038b389c3 C++: More cleanup. 2023-07-18 14:03:04 +01:00
Mathias Vorreiter Pedersen
d41d2bc29e Merge pull request #13699 from MathiasVP/final-config-to-invalid-pointer-deref 
C++: Handle call-contexts mismatches in `cpp/invalid-pointer-deref`
 2023-07-18 13:08:21 +01:00
Geoffrey White
efea11fd0f Swift: getFullName. 2023-07-18 12:53:45 +01:00
Alex Ford
e803e98ee4 Merge pull request #13585 from alexrford/rb/rack-env-query-string 
Ruby: add rack `env['QUERY_STRING']` as a remote flow input
 2023-07-18 12:44:07 +01:00
yoff
a1aa16f901 Merge pull request #13745 from GeekMasher/py-mad-xss 
Python - Add Models as Data support for Reflected XSS Query
 2023-07-18 13:39:17 +02:00
Paul Hodgkinson
c7084b6d8e Merge branch 'main' into java/experimental/command-injection 2023-07-18 11:38:44 +01:00
Geoffrey White
1deacf40ca Merge pull request #13660 from geoffw0/regexinjection 
Swift: Query for regular expression injection
 2023-07-18 10:25:30 +01:00
Geoffrey White
96dece3c88 Swift: ReDoS query result changes. 2023-07-18 10:11:22 +01:00
Jeroen Ketema
5d8b203112 Merge pull request #13758 from jketema/val-cat-tests 
C++: Add more IR tests
 2023-07-18 11:02:27 +02:00
Geoffrey White
86c6960e2a Swift: Add RegexUseFlow and modify the role of StringLiteralUseFlow. 2023-07-18 09:49:47 +01:00
Geoffrey White
c76d85df1b Swift: Create a model for RegexCreation. 2023-07-18 09:49:47 +01:00
Geoffrey White
734a00d616 Swift: Rename so that different data flows will be clear. 2023-07-18 09:49:47 +01:00
Geoffrey White
f243e854ae Swift: Move regex dataflow code into a RegexTracking library (similar to the layout in Ruby and Python). 2023-07-18 09:49:36 +01:00
Anders Schack-Mulligen
e72366194b Merge pull request #13754 from aschackmull/java/remotesource-inbarrier 
Java: Exclude source-to-source flow in 5 queries.
 2023-07-18 10:33:44 +02:00
Geoffrey White
b5a8a8d431 Merge pull request #13715 from geoffw0/parsemode 
Swift: Recognize regular expression parse mode flags
 2023-07-18 09:09:56 +01:00
Jeroen Ketema
e2de94b233 C++: Add more IR tests 
These show the value categories for more static member calls, and show that
a load occurs when a `volatile` variable is being used in an empty context.
 2023-07-18 08:40:54 +02:00
Jeroen Ketema
a426010b06 Merge pull request #13621 from MathiasVP/deprecate-ast-dataflow 
C++: Deprecate AST dataflow
 2023-07-18 08:13:47 +02:00
Robert Marsh
81a25b23ba Swift: fix tests for array concatenation 2023-07-17 19:10:46 +00:00
Robert Marsh
d4b635d674 Swift: add ArrayContent summary support 2023-07-17 19:09:05 +00:00
Robert Marsh
169326ffe5 Swift: support array keypath reads in dataflow 2023-07-17 18:05:06 +00:00
Robert Marsh
0b35be284e Swift: additional dataflow tests for arrays 2023-07-17 18:03:20 +00:00
Owen Mansel-Chan
a7469ce4f1 Use Origin() 2023-07-17 16:11:25 +01:00
Geoffrey White
ddb499071c Swift: Pragmatic fix for CustomUrlSchemes.qll. 2023-07-17 16:10:37 +01:00
Mathias Vorreiter Pedersen
d63ead55dc C++: Remove barrier that's no longer needed. 2023-07-17 15:59:35 +01:00