hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-10 05:00:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,929 Commits 1,679 Branches 158 Tags
codeql-cli/v2.15.3
Commit Graph

60929 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
7b9b96d657 Swift: Unify the two sink models into one (needs further polish). 2023-08-04 17:01:04 +01:00
Geoffrey White
8c2140b28d Swift: Add tests. 2023-08-04 17:01:04 +01:00
Geoffrey White
2664c306d3 Swift: Qhelp / examples. 2023-08-04 17:01:04 +01:00
Geoffrey White
048daa9a57 Swift: QLDoc comments and metadata. 2023-08-04 17:01:03 +01:00
Jeroen Ketema
7b3bdee5ea C++: Update dbscheme and add upgrade and downgrade scripts 2023-08-04 17:59:03 +02:00
Jeroen Ketema
ea9f49efa1 C++: Remove support for _Float128x which is not actually supported by gcc 2023-08-04 17:23:11 +02:00
Alexandre Boulgakov
97c688849d Merge pull request #13869 from github/sashabu/swift-logging-compiler 
Swift: Route compiler diagnostics through our log.
 2023-08-04 16:13:12 +01:00
Mathias Vorreiter Pedersen
2d832db883 C++: Accept test changes. 2023-08-04 16:12:00 +02:00
Mathias Vorreiter Pedersen
9807c0b0a6 C++: Filter type-based reasons out of MCTV queries. 2023-08-04 16:11:35 +02:00
Mathias Vorreiter Pedersen
b14db86ef9 C++: Let 'hasConstantBound' determine a reason. 2023-08-04 16:09:07 +02:00
Mathias Vorreiter Pedersen
050a563580 C++: Infer a constant upper bound whenever we convert to a 'larger' upper bound (and similarly for lower bounds). 2023-08-04 16:03:09 +02:00
Tony Torralba
33eaeb9cf8 Merge pull request #13484 from aegilops/java/experimental/command-injection 
Java: Experimental version of Java Command Injection query
 2023-08-04 15:48:15 +02:00
Michael Nebel
51c8331c8f Merge pull request #13522 from michaelnebel/csharp/usestubs4 
C#: Use stubs for query tests.
 2023-08-04 15:40:08 +02:00
Mathias Vorreiter Pedersen
3e9d9e72dc Merge pull request #13880 from MathiasVP/type-bounds-preparation 
C++: Add a type-based `SemReason`.
 2023-08-04 14:52:16 +02:00
Mathias Vorreiter Pedersen
98e670f25c Update cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/RangeAnalysisStage.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-08-04 14:34:03 +02:00
Mathias Vorreiter Pedersen
121d754be4 Update cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/RangeAnalysisImpl.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-08-04 14:33:58 +02:00
Michael Nebel
9c4d77a925 Java: Address review comments. 2023-08-04 13:47:30 +02:00
Michael Nebel
d3eb9c1325 Java: Add release note and address review comments. 2023-08-04 13:36:43 +02:00
Paul Hodgkinson
5db569da89 Merge branch 'main' into java/experimental/command-injection 2023-08-04 12:11:29 +01:00
Mathias Vorreiter Pedersen
e066e87890 Update shared/dataflow/codeql/dataflow/DataFlowImpl.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-08-04 11:32:41 +02:00
Jeroen Ketema
877ee7047d Merge pull request #13884 from jketema/global-var-declspec 
C++: Add test for `__declspec` attribute on a global variable
 2023-08-04 11:26:10 +02:00
Mathias Vorreiter Pedersen
86dbb507fd C++: Add more comments to explain the meaning of 'combineWith'. 2023-08-04 11:20:17 +02:00
Mathias Vorreiter Pedersen
eb19052a7d Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-08-04 11:10:12 +02:00
Mathias Vorreiter Pedersen
981f67531c DataFlow: Introduce 'revSinkNode'. 2023-08-04 11:09:08 +02:00
Mathias Vorreiter Pedersen
75c333273c C++: Bind 'impl'. Oops. 2023-08-04 10:58:54 +02:00
Mathias Vorreiter Pedersen
d398c8c5a8 C++: Share some code by introducing a parameterized module to construct reasons. 2023-08-04 10:52:18 +02:00
Geoffrey White
af8d4e5ab2 Swift: Change note. 2023-08-04 09:42:53 +01:00
Jeroen Ketema
d80eff330b C++: Add test for __declspec attribute on a global variable 2023-08-04 10:35:32 +02:00
Anders Starcke Henriksen
3ef82c1091 Address comments. 2023-08-04 10:22:17 +02:00
Geoffrey White
d24db3fcd3 Swift: Use .ArrayElement in the models, where appropriate. 2023-08-04 09:18:37 +01:00
Geoffrey White
b41d47b910 Swift: Array.withUnsafeBytes doesn't reliably match ContiguousBytes, so define models there as well. 2023-08-04 09:18:36 +01:00
Geoffrey White
c48d47484a Swift: Fix mistake in the string taint test. 2023-08-04 09:18:36 +01:00
Geoffrey White
664dc01c48 Swift: Add closure function models. 2023-08-04 09:18:36 +01:00
Geoffrey White
49d1556c29 Swift: Model update(repeating:), to support the tests. 2023-08-04 09:18:36 +01:00
Geoffrey White
315cb32f6c Swift: Remove special case from UnsafeJsEval query. 2023-08-04 09:18:35 +01:00
Geoffrey White
feadd7127b Swift: Add tests with some different container types. 2023-08-04 09:18:35 +01:00
Geoffrey White
63c71f0b77 Swift: Add tests of with* closure methods. 2023-08-04 09:18:34 +01:00
Tony Torralba
586c8803c5 Move the sources back the .ql files 
Otherwise they would both apply at the same time, making both versions of the query identical.
 2023-08-04 10:02:56 +02:00
Tony Torralba
e9bad321b6 Apply suggestions from code review 2023-08-04 09:21:45 +02:00
Maiky
0cd1c1e2e5 Make private 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-03 17:08:50 +02:00
Maiky
0dec4876f1 Replace cast to DataFlow::CallNode 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-03 17:08:35 +02:00
Maiky
6f1b406b3a typo 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-03 17:08:10 +02:00
Maiky
0237f37842 typo 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-03 17:07:58 +02:00
Maiky
c54561e775 Merge branch 'main' into maikypedia/ldap-improper-auth 2023-08-03 16:49:30 +02:00
Maiky
fd649c1702 Fix getHost() (ldap.host = ip is not covered) 2023-08-03 16:37:48 +02:00
Maiky
f7a662814d simplify usesSsl() 2023-08-03 16:20:20 +02:00
Maiky
2d87489dfa change useSsl() to usesSsl() 2023-08-03 16:18:44 +02:00
Anders Starcke Henriksen
e7ca2330cb Update workspace. 2023-08-03 15:55:42 +02:00
Mathias Vorreiter Pedersen
7270b5079b C++: Add a type-based 'SemReason'. 2023-08-03 15:26:10 +02:00
Paul Hodgkinson
fba37aa7c9 Merge branch 'main' into java/experimental/command-injection 2023-08-03 14:12:38 +01:00