hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-25 12:22:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,686 Branches 158 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
df144f3a1e Merge pull request #14406 from amammad/amammad-python-FileSystemAccess 
Python: New FileSystem Access
 2023-11-16 10:25:34 +01:00
Geoffrey White
8b628e3ad3 Swift: Change note. 2023-11-16 09:04:52 +00:00
Geoffrey White
c49f05aa2b Swift: Fix false positive / result overlap. 2023-11-16 09:00:35 +00:00
Geoffrey White
96b4a12af7 Swift: Add heuristic sinks. 2023-11-16 09:00:35 +00:00
Geoffrey White
697c3df74a Swift: Model C printf variants. 2023-11-16 09:00:34 +00:00
Geoffrey White
1040561ec1 Swift: Model formatting append methods. 2023-11-16 09:00:34 +00:00
Rasmus Wriedt Larsen
a46dc55e84 Merge branch 'main' into python-3.12 2023-11-16 09:34:06 +01:00
Paolo Tranquilli
615a128770 Bazel/CMake: support new internal transition rules 2023-11-16 09:04:58 +01:00
Tamás Vajk
14268f3c63 Merge pull request #14792 from tamasvajk/standalone/assembly-attribute 
C#: Fix assembly attribute extraction in standalone mode
 2023-11-16 08:09:14 +01:00
Sam Browning
408ba517e5 Merge pull request #14776 from github/sabrowning1/queries-panel-language-selector 
Add content for the queries panel and language selector
 2023-11-15 17:30:21 -05:00
Mathias Vorreiter Pedersen
4d4ca6b948 Merge pull request #14794 from MathiasVP/catch-more-return-stack-allocated-memory 
C++: Catch more returns of stack-allocated memory
 2023-11-15 19:23:24 +00:00
Geoffrey White
a6fe620bcb Swift: Fix Swift warnings in the test. 2023-11-15 18:06:38 +00:00
Geoffrey White
3a38f3b947 Swift: Add test cases. 2023-11-15 18:06:37 +00:00
Geoffrey White
0ae04de7f0 Swift: Test stubs / classes. 2023-11-15 17:23:22 +00:00
Yunus AYDIN
8a24daf293 modify tests and rule 2023-11-15 19:38:16 +03:00
Sam Browning
d443354651 Apply feedback and fix syntax 2023-11-15 11:35:33 -05:00
Ian Lynagh
72af41b196 Kotlin: Prepare for a Kotlin2 copy of the testsuite 2023-11-15 16:14:34 +00:00
Tom Hvitved
57f6859ddc Shared: Update type tracking consistency checks 2023-11-15 17:08:05 +01:00
Tom Hvitved
5f087f0084 Shared: Port features from Ruby's type tracking library to the shared library 
- Cache relevant predicates.
- Expose some predicates and classes (only exposed internally).
- Make some top-level `inline_late` predicates member predicates.
- Actually eliminate type check in `flowsTo`.
- Fix bug in `getACompatibleTypeTracker`.
- Adopt the `CallGraphConstruction` module.
 2023-11-15 17:08:05 +01:00
Tom Hvitved
f66f7ce8d7 Shared: Split up TypeTracking.qll into two files 2023-11-15 17:07:27 +01:00
Owen Mansel-Chan
64bf6cc62b Update existing test (extra nodes, no extra alerts) 2023-11-15 15:33:09 +00:00
Owen Mansel-Chan
1ac3a9e8d3 Add change note 2023-11-15 15:12:58 +00:00
Owen Mansel-Chan
e0879969c9 Update tests 2023-11-15 15:08:48 +00:00
Jeroen Ketema
f22979f4b6 Merge pull request #14561 from jketema/rewrite-uncontrolled-process-operation 
C++: Rewrite `cpp/uncontrolled-process-operation` to not use `DefaultTaintTracking`
 2023-11-15 16:03:58 +01:00
Owen Mansel-Chan
aaa8f9c41f Add read and store steps for SliceElementNode 2023-11-15 14:58:23 +00:00
Owen Mansel-Chan
2b897a9825 Add synthetic SliceElementNode 2023-11-15 14:58:21 +00:00
Owen Mansel-Chan
5af3e119a6 Test value flow through SliceExpr with array content 2023-11-15 14:57:53 +00:00
Geoffrey White
0b82f8a6e6 Swift: Make QL-for-QL happy. 2023-11-15 14:32:07 +00:00
Jeroen Ketema
46e6e72593 C++: Address review comments 2023-11-15 14:57:53 +01:00
Jeroen Ketema
92c18960c5 C++: Rewrite cpp/uncontrolled-process-operation to not use DefaultTaintTracking 2023-11-15 14:57:53 +01:00
Geoffrey White
4afcbb1bc4 Swift: Autoformat. 2023-11-15 13:38:07 +00:00
Rasmus Wriedt Larsen
e349891cff Python: Apply suggestions from code review 2023-11-15 14:35:52 +01:00
Geoffrey White
3a13759f10 Swift: Clean up the test. 2023-11-15 13:35:18 +00:00
Rasmus Wriedt Larsen
e02c32f3d4 Python: options file was not enough, split into 2/3 
I reckon this is due to the Python 3 version used by the Python 2 tests
is different from 3.12, so even with --lang=3 the tests are still using
an incompatible version :(
 2023-11-15 14:24:11 +01:00
Geoffrey White
17dd119545 Swift: Fix performance. 2023-11-15 13:18:09 +00:00
Yunus AYDIN
7877082869 fix tests code issues and expected file 2023-11-15 16:08:20 +03:00
Alex Denisov
7129ffc199 Swift: add database migration scripts 2023-11-15 14:07:45 +01:00
Alex Denisov
1f5be03137 Swift: add change note 2023-11-15 14:07:45 +01:00
Alex Denisov
423c85377b Swift: skip MacroExpansionExpr/MacroExpansionDecl 
They only appear in an intermediate AST and disappear as soon as the
macro is expanded.
The only way to get these in is to construct an "incorrect" AST, e.g.:

```
let x = #does_not_exist() // MacroExpansionExpr
struct S {
  #does_not_exist() // MacroExpansionDecl
}
```
 2023-11-15 14:07:45 +01:00
Alex Denisov
8b126fe51a Swift: extract MacroDecl 2023-11-15 14:07:45 +01:00
Yunus AYDIN
1ed4d2ada7 remove database 2023-11-15 15:49:31 +03:00
Yunus AYDIN
1e915720e9 fix the rule issues 2023-11-15 15:49:09 +03:00
Rasmus Wriedt Larsen
0f1dc9b2d9 Python: Add missing options file 2023-11-15 13:24:08 +01:00
Rasmus Wriedt Larsen
ae6c95ff95 Python: Fix asyncio.coroutine deprecation 
Was removed in 3.11, see https://docs.python.org/3.10/library/asyncio-task.html#asyncio.coroutine

I couldn't make the __awwait__ actually give the result to the agen function...

I also tried looking into
https://docs.python.org/3/library/types.html#types.coroutine, but also
failed to make that work.

Without the Future, such as doing `yield SOURCE` inside `__await__` it
complains `RuntimeError: Task got bad yield: 'source'`
 2023-11-15 13:24:08 +01:00
Yunus AYDIN
d5f254781e Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-11-15 15:11:02 +03:00
Yunus AYDIN
fa1fa0d19d Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-11-15 15:08:29 +03:00
Yunus AYDIN
74f1344ac5 Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-11-15 15:08:14 +03:00
Mathias Vorreiter Pedersen
bae7e10e46 C++: Also add MSVC-related 'alloca'-like functions. 2023-11-15 12:07:17 +00:00
Mathias Vorreiter Pedersen
ec63099c54 C++: Add change note. 2023-11-15 11:57:09 +00:00
Mathias Vorreiter Pedersen
2b8b5cf1b8 C++: Accept test changes. 2023-11-15 11:52:14 +00:00