hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-08 19:21:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,691 Branches 160 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Smowton
1b7f529949 Restore reverse-flow models 2023-04-12 14:19:00 +01:00
Chris Smowton
de0caf2445 Go: mass-convert taint-flow models to models-as-data format 2023-04-12 14:18:44 +01:00
Chris Smowton
51ebc0bef2 Amend test now that DataFlowCallable != Callable 2023-04-12 14:15:54 +01:00
Chris Smowton
a5e5a5780d Use FlowSummaryImpl::Private::summaryParameterNodeRange 2023-04-12 14:15:54 +01:00
Chris Smowton
4ea4e0dcca Go: seperate real and synthetic callables 
This means that when a function has a real body and a summary (usually because it has a real definition in source, and implements an interface that has a model), two callables are created and dispatch considers both possible paths.

This specifically overcomes the difficulty with ParameterNodes when the real callable, if any, may or may not define an SsaNode, either because the real parameter is unused or because it is anonymous. Now the synthetic callable will always have parameter nodes, while the real one may or may not depending on whether a definition is present and
whether or not it names or uses its parameter.
 2023-04-12 14:15:54 +01:00
Erik Krogh Kristensen
cfb273ae01 Merge pull request #12799 from erik-krogh/oneColumn 
JS: use 1-based column locations for diagnostics
 2023-04-12 14:48:20 +02:00
Alexandre Boulgakov
f4b79ea07d Merge pull request #12784 from github/sashabu/keypaths 
Swift: Extract structured keypath components.
 2023-04-12 13:12:22 +01:00
Asger F
b819f55203 Merge pull request #12792 from asgerf/js/redux-model-perf 
JS: add getForwardingFunction and use to sharpen useSelector model
 2023-04-12 14:09:59 +02:00
Taus
beae3e9187 Python: Clarify version data 2023-04-12 11:53:16 +00:00
Alexandre Boulgakov
b890e2ef96 Swift: Use camelCase in KeyPathComponent predicates. 2023-04-12 12:50:50 +01:00
erik-krogh
d3cc1d6991 update expected output of diagnostics test 2023-04-12 13:42:05 +02:00
erik-krogh
b1957623c1 add browser history as XSS sink 2023-04-12 13:38:18 +02:00
Erik Krogh Kristensen
8cb54b748b Merge pull request #12787 from tyage/add-router-sink 
JS: Add New XSS sink - Next.js router.push/replace
 2023-04-12 13:30:21 +02:00
Alexandre Boulgakov
64443dfdcf Swift: Add named predicates for known KeyPathComponent kinds. 2023-04-12 12:06:14 +01:00
Mathias Vorreiter Pedersen
d1e3c1b407 C++: Fix joins in 'select' of 'cpp/constant-array-overflow'. 2023-04-12 11:39:35 +01:00
Mathias Vorreiter Pedersen
ab70f5722e C++: More QLDoc. 2023-04-12 11:22:31 +01:00
Michael Nebel
c787bb2ff9 C#: Re-factor the callablereturnarg tests. 2023-04-12 11:47:42 +02:00
Michael Nebel
9c5b8e2894 C#: Update expected output of tests using the inline flow test framework. 2023-04-12 11:15:15 +02:00
Michael Nebel
5c586c3afd C#: Re-factor the InlineFlowTest framework. 2023-04-12 11:15:15 +02:00
Michael Nebel
61b8f97b75 C#: Re-factor the flowsources test. 2023-04-12 11:15:15 +02:00
Michael Nebel
f00c97810a C#: Re-factor the NHibernate test. 2023-04-12 11:15:14 +02:00
Michael Nebel
9c60c4b3d9 C#: Re-factor the JsonNet test. 2023-04-12 11:15:14 +02:00
Michael Nebel
1f0fbfaef0 C#: Re-factor the EntityFramework test. 2023-04-12 11:15:14 +02:00
Michael Nebel
4023cd3b4c C#: Re-factor the dataflow/global tests. 2023-04-12 11:15:14 +02:00
Michael Nebel
a2c7388282 C#: Re-factor the ExternalFlow test. 2023-04-12 11:15:14 +02:00
Michael Nebel
bd886202f6 C#: Re-factor the Async test. 2023-04-12 11:15:14 +02:00
Michael Nebel
a98cf0ae45 C#: Re-factor the GlobalTaintTracking test. 2023-04-12 11:15:14 +02:00
Michael Nebel
0dc612f23f C#: Re-factor the TaintTracking test. 2023-04-12 11:15:14 +02:00
Mathias Vorreiter Pedersen
49cceb2901 C++: Fix joins. 2023-04-12 09:58:24 +01:00
Michael Nebel
b5b0d60074 Merge pull request #12731 from michaelnebel/csharp/refactorcleatextstorage 
C#: Re-factor CleartextStorage to use the new API.
 2023-04-12 09:32:56 +02:00
Tony Torralba
cc6a923eef Merge pull request #12798 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-04-12 09:04:53 +02:00
erik-krogh
fe5e4845b1 use 1-based column locations for diagnostics 2023-04-12 08:14:15 +02:00
github-actions[bot]
a55f5ed933 Add changed framework coverage reports 2023-04-12 00:15:16 +00:00
Geoffrey White
cdcee5cc75 Swift: Add high-level CryptoSwift sinks. 2023-04-11 19:59:43 +01:00
Geoffrey White
539f8f0f70 Swift: Add mid-level CryptoSwift sinks and prevent duplication that results. Overall this doesn't give us any new results in tests, but makes paths shorter, and in the real world I expect it to add reliability. 2023-04-11 19:54:55 +01:00
Geoffrey White
51a62b54ee Swift: Add low-level CryptoSwift sinks. 2023-04-11 19:54:48 +01:00
Geoffrey White
d299d92025 Swift: Prevent potentially misleading duplicate results. 2023-04-11 19:39:09 +01:00
Geoffrey White
4995f13234 Swift: Add tests for swift/weak-sensitive-data-hashing on CryptoSwift. 2023-04-11 18:46:38 +01:00
Geoffrey White
03a4084c11 Swift: Update some sinks to CSV format. 2023-04-11 18:10:54 +01:00
Geoffrey White
256c3f66ca Swift: Various minor fixes / consistency improvements to sinks. 2023-04-11 17:04:09 +01:00
Arthur Baars
83cd55cb29 Js/Yaml: add getFile() predicate 2023-04-11 16:01:44 +01:00
Robert Marsh
18c3feb9d8 C++: remove commented-out code 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-04-11 10:41:18 -04:00
Mathias Vorreiter Pedersen
259d5b6452 C++: Add use-after-free change note. 2023-04-11 15:30:51 +01:00
Mathias Vorreiter Pedersen
c1960c6ff9 C++: Add double-free change note. 2023-04-11 15:30:51 +01:00
Mathias Vorreiter Pedersen
3c88590df2 C++: Accept test changes for the new use-after-query. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
725004a6fe C++: Modernize use-after-free query using dataflow. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
17fe5f2317 C++: Change the id of the experimental double-free query to not overlap with the new non-experimental one. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
a8151b4ee4 C++: Add double-free tests. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
fb2ec15dad C++: Add double-free query documentation. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
cc12e74c23 C++: Add double-free query. 2023-04-11 14:44:15 +01:00