hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-05 09:41:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,691 Branches 159 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
384ca0c31f C++: Respond to review comments. 2023-05-25 13:50:35 -07:00
Mathias Vorreiter Pedersen
c3fdc83af6 C++: Also add an out barrier on all sinks. 2023-05-25 12:23:50 -07:00
Mathias Vorreiter Pedersen
7361ad977a Merge pull request #13291 from geoffw0/correction 
Swift: Promote some Data models to DataProtocol
 2023-05-25 11:28:42 -07:00
Mathias Vorreiter Pedersen
a7252e625e C++: Fix result duplication on 'cpp/unbounded-write' on 'kirxkirx/vast'. 2023-05-25 11:12:01 -07:00
Alex Ford
609319da20 ruby: update TaintStep.ql test output 2023-05-25 17:53:01 +01:00
Geoffrey White
3f3a5d39e5 Swift: Fix the SQL injection test. 2023-05-25 17:13:51 +01:00
Geoffrey White
85a1ab0264 Swift: Undo autocorrect. 2023-05-25 16:10:31 +01:00
Stephan Brandauer
5ca2221097 remove some of the biggest frameworks from application mode consideration 2023-05-25 17:06:02 +02:00
Geoffrey White
98e5f0fc4f Swift: Add change note. 2023-05-25 16:04:18 +01:00
Geoffrey White
51321a218b Swift: Correct models in Data.qll. 2023-05-25 15:55:45 +01:00
Geoffrey White
5dfb07ce37 Swift: Test DataProtocol. 2023-05-25 15:51:21 +01:00
Stephan Brandauer
db77c6b9a3 Java: mark functional expressions as likely not sinks 2023-05-25 16:39:27 +02:00
Stephan Brandauer
76d731a61d improve CannotBeTaintedCharacteristic 2023-05-25 16:28:07 +02:00
Paolo Tranquilli
cc271d682e Codegen: ignore synth properties in cppgen 2023-05-25 16:05:25 +02:00
Paolo Tranquilli
b09386a2c8 Codegen: ignore synth properties in Raw.qll 2023-05-25 16:05:12 +02:00
Paolo Tranquilli
00fb796f3b Codegen: ignore synth properties in dbschemegen 2023-05-25 16:05:12 +02:00
Paolo Tranquilli
d2c9847a79 Codegen: parse synth property modifier 2023-05-25 16:05:12 +02:00
Paolo Tranquilli
165ac3eeaa Codegen: define and propagate synth property flag 2023-05-25 16:05:12 +02:00
Paolo Tranquilli
242d263e8a Codegen: move ipa info from ql.Class to ql.Property 2023-05-25 16:05:11 +02:00
Asger F
9e8cef5e1b Ruby: fix type-tracking flow-through for new->initialize calls 2023-05-25 15:03:38 +02:00
Asger F
93678e5d36 Ruby: fix name of super calls in singleton methods 2023-05-25 15:03:34 +02:00
Geoffrey White
791ba81403 Swift: Add change note. 2023-05-25 13:27:23 +01:00
Stephan Brandauer
9a041243ff Java: fine-tune characteristics 2023-05-25 14:16:32 +02:00
Stephan Brandauer
f224a40dec Java: use containing call as call context, not argument 2023-05-25 14:16:23 +02:00
Stephan Brandauer
33fdb0fc52 Java: remove superfluous characteristic 2023-05-25 14:16:23 +02:00
Taus
2000f22533 Java: Port over characteristics from codex branch 2023-05-25 14:16:23 +02:00
Taus
11ab7e2e71 Java: Share argument indexing logic 
Adds a utility predicate for turning integer indices into the desired string representation.
 2023-05-25 14:16:23 +02:00
Taus
04b8bf35d4 Java: Avoid overlapping import 
Importing `AutomodelEndpointTypes` inside `AutomodelSharedUtil` non-privately made it overlap with the imports in the candidate extraction queries.
 2023-05-25 14:16:23 +02:00
Stephan Brandauer
db61a2d099 Java: share isKnownKind between modes 2023-05-25 14:16:16 +02:00
Stephan Brandauer
d93ad9b398 Java: remove unneeded abstract metadata extractor classes and fix some names 2023-05-25 14:16:11 +02:00
Stephan Brandauer
6e21f14c09 Java: update extraction query metadata 2023-05-25 14:16:03 +02:00
Stephan Brandauer
7c3bc26c41 Java: make input an actual string, not an integer 2023-05-25 14:15:59 +02:00
Stephan Brandauer
185ad101b3 Java: add application-mode and framework-mode tags to extraction queries 2023-05-25 14:15:50 +02:00
Taus
9b30f9a476 Java: Add negative characteristic for static calls 2023-05-25 14:15:49 +02:00
Taus
6fc16574b3 Java: Add QL support for automodel application mode 2023-05-25 14:15:49 +02:00
Paolo Tranquilli
5e66885a8e Swift: add change note 2023-05-25 14:00:04 +02:00
erik-krogh
9f5bf8fb22 also fix the first code-block 2023-05-25 13:56:29 +02:00
erik-krogh
765076bcba fix whitespace in the samples in ReDoS.qhelp 2023-05-25 13:28:39 +02:00
Paolo Tranquilli
51f1a5dcc8 Swift: remove getOpaqueExpr from OpenExistentialExpr's children 2023-05-25 13:05:21 +02:00
Paolo Tranquilli
7b76aa34bd Swift: fix CFG inconsistency on TapExpr 2023-05-25 13:05:21 +02:00
Paolo Tranquilli
b26b0a6e43 Swift: remove property wrapper CFG inconsistencies 2023-05-25 13:05:21 +02:00
Sim4n6
52dd247a81 Removed redundant cast 2023-05-25 11:55:13 +01:00
Paolo Tranquilli
7878bc3cc1 Swift: remove property wrapper AST inconsistencies 2023-05-25 12:15:22 +02:00
Paolo Tranquilli
5de8934525 Merge pull request #13277 from github/redsun82/swift-consistency-accept 
Swift: add consistency check and accept results for the moment
 2023-05-25 11:56:54 +02:00
Tony Torralba
a276cc3094 Convert all command injection sinks to MaD format 2023-05-25 11:41:32 +02:00
Paolo Tranquilli
f5070bb082 Merge pull request #13282 from github/redsun82/swift-change-note-check 
Swift: turn change note check on
 2023-05-25 11:23:10 +02:00
Paolo Tranquilli
d1be942f04 Swift: turn change note check on 2023-05-25 11:04:21 +02:00
Paolo Tranquilli
ac31209233 Swift: add change notes to consistency queries 2023-05-25 10:56:25 +02:00
Sim4n6
09c97ce0da Added one more example to the qhelp 2023-05-25 09:41:22 +01:00
Sim4n6
7d68f6afc9 added ActiveSupport::Multibyte::Chars normalize() sink 2023-05-25 09:21:55 +01:00