hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-25 20:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,527 Commits 1,688 Branches 158 Tags
codeql-cli/v2.16.0
Commit Graph

62527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
d931ade182 Merge pull request #13366 from maikypedia/maikypedia/go-ldap-improper-auth 
Go: Add Improper LDAP Authentication query (CWE-287)
 2023-11-13 14:48:19 +00:00
Sam Browning
ed9a0ea155 Merge branch 'main' of https://github.com/github/codeql 2023-11-13 08:40:42 -05:00
Geoffrey White
c3577b34d3 Swift: Clean up logic. 2023-11-13 12:37:35 +00:00
Geoffrey White
e4da8da5d9 Swift: Update the example code. 2023-11-13 12:33:20 +00:00
Tamas Vajk
b455b2c1a6 C#: Change IsARM to Apple silicon check 2023-11-13 13:20:13 +01:00
Anders Schack-Mulligen
dc4dda1dbc Merge pull request #14757 from aschackmull/rangeanalysis/simplify 
Rangeanalysis: Misc simplifications
 2023-11-13 13:16:04 +01:00
Geoffrey White
098ea50068 Swift: Repair non-inline dataflow test. 2023-11-13 12:09:08 +00:00
Geoffrey White
6e291711ac Swift: Update just enough tests to prove that that source labels are working. 2023-11-13 11:47:24 +00:00
Geoffrey White
fca6ccd2f1 Swift: Remove more unused code. 2023-11-13 11:47:22 +00:00
AlexDenisov
291bb2210c Merge pull request #14759 from github/alexdenisov/experimental-tuple 
Swift: mark BuiltinTuple as experimental
 2023-11-13 12:24:06 +01:00
Geoffrey White
4bf717c3e4 Swift: Use InlineFlowTest.qll in the data flow inline tests, so that we have less code duplication and can use flow labels. 2023-11-13 11:06:05 +00:00
Geoffrey White
d15c46836b Swift: Add features tom InlineFlowTest.qll: extended source/sink names, custom flow tags, use of line-numbers as a fallback value. 2023-11-13 10:55:17 +00:00
Alex Denisov
c0fce80b7d Swift: mark BuiltinTuple as experimental 2023-11-13 11:34:51 +01:00
Cornelius Riemenschneider
1b7e3814b0 Merge pull request #14719 from github/criemen/java-int-tests 
Java integration tests: More preparations to be executed on GH M1 machines
 2023-11-13 11:16:51 +01:00
Rasmus Wriedt Larsen
e1c47f5584 Python: Reorganize taint tests of re 
Mostly to highlight that with flow-summary modeling, we don't expect
taint for a lot of these.

I aslo opted to make `finditer()` tainted for consistency.
 2023-11-13 10:56:29 +01:00
Rasmus Wriedt Larsen
ffc27b5301 Python: Solve problems with missing TTupleElementContent 
Ruby uses 10 as their number. I considered doing the same, but didn't
really care _too_ much about it 🤷

14cfb82a8c/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll (L636)
 2023-11-13 10:48:51 +01:00
Rasmus Wriedt Larsen
c3fa3f26a7 Python: Fix problems with missing TAttributeContent 2023-11-13 10:46:40 +01:00
Rasmus Wriedt Larsen
943b2a2ed1 Python: Highlight problem with flow summaries and TAttributeContent 2023-11-13 10:42:13 +01:00
Anders Schack-Mulligen
bf6cfd3bef Rangeanalysis: Simplify api. 2023-11-13 10:35:44 +01:00
Anders Schack-Mulligen
30aefabb2a Rangeanalysis: Rename predicate. 2023-11-13 10:35:44 +01:00
Anders Schack-Mulligen
f05b75e04f Rangeanalysis: RIP standard order. 2023-11-13 10:35:44 +01:00
Anders Schack-Mulligen
c28f54a78b Rangeanalysis: Remove superfluous pragmas. These appear useless after the abolishment of the different delta orders. 2023-11-13 10:35:44 +01:00
Anders Schack-Mulligen
66b03bfb12 Java: Remove unused import 2023-11-13 10:35:44 +01:00
Anders Schack-Mulligen
71e25521cf Rangeanalysis: Use SsaReadPositionBlock.getAnSsaRead. 2023-11-13 10:35:44 +01:00
Anders Schack-Mulligen
27e6173bb7 C++: Remove SemSsaExplicitUpdate.getSourceExpr. 2023-11-13 10:35:43 +01:00
Anders Schack-Mulligen
3a73faf061 Rangeanalysis: Remove unused getAlternateType predicates. 2023-11-13 10:35:43 +01:00
AlexDenisov
352ec91a08 Merge pull request #14756 from github/alexdenisov/do-not-extract-non-ast-types 
Swift: do not extract non-AST types, NFC
 2023-11-13 10:35:00 +01:00
Anders Schack-Mulligen
00549e36ed Merge pull request #14742 from aschackmull/rangeanalysis/share-util-3 
Java/C++/Rangeanalysis: Share more range analysis utility predicates.
 2023-11-13 10:19:41 +01:00
Alex Denisov
b385ddbab1 Swift: do not extract non-AST types 2023-11-13 09:12:22 +01:00
AlexDenisov
f599c6d8a9 Merge pull request #14734 from github/alexdenisov/parameter-packs 
Swift: extract parameter packs
 2023-11-13 08:44:39 +01:00
Paolo Tranquilli
df967ce43f Merge pull request #14750 from github/alexdenisov/update-wordings 
Swift: update wordings in a downgrade script
 2023-11-13 07:00:39 +01:00
masterofnow
532f6a5b0c Removed @kind path-problem in comment. Added text message in select. 2023-11-13 08:27:07 +08:00
Maiky
6e533c6284 Import PathGraph 2023-11-12 18:22:14 +01:00
Maiky
2b1b4cd85d Remove unused LdapConn 2023-11-12 18:18:43 +01:00
Maiky
5280d69500 Change to DataFlow::ConfigSig 2023-11-12 18:17:09 +01:00
Maiky
39ed7876c3 Merge branch 'github:main' into maikypedia/go-ldap-improper-auth 2023-11-12 18:14:05 +01:00
Maiky
882280309f equalityAsSanitizerGuard and add empty string comment 2023-11-12 17:42:56 +01:00
masterofnow
20592352d0 Updated text in LoadClassNoSignatureCheck.qhelp 2023-11-12 20:48:49 +08:00
masterofnow
fd66f47d82 Added LoadClassNoSignatureCheck.ql 2023-11-12 20:27:49 +08:00
Mathias Vorreiter Pedersen
01a074c146 Merge pull request #14749 from MathiasVP/less-code-duplication 2023-11-10 19:45:56 +00:00
Geoffrey White
d56625cb8b Swift: Rename the capture test to look more like the others. 2023-11-10 17:59:44 +00:00
Alex Denisov
8f10667ee1 Swift: update wordings in a downgrade script 2023-11-10 18:10:43 +01:00
AlexDenisov
837cdc8301 Merge pull request #14745 from github/alexdenisov/parameter-packs-db-upgrade 
Swift: parameter packs migration scripts
 2023-11-10 18:07:10 +01:00
Jeroen Ketema
3a62628938 Merge pull request #14735 from jketema/strl 
C++: Add models for `strlcpy` and `strlcat`
 2023-11-10 17:51:59 +01:00
Mathias Vorreiter Pedersen
9062fb666a C++: Move a couple of predicates to 'Node0Impl'. 2023-11-10 16:26:03 +00:00
Jeroen Ketema
b48d483eba C++: Add change note 2023-11-10 17:25:19 +01:00
Geoffrey White
c327f0f0a7 Merge branch 'main' into pathinjectionsinks 2023-11-10 16:04:56 +00:00
Rasmus Wriedt Larsen
c85d99d949 Merge branch 'main' into re-modeling 2023-11-10 16:32:50 +01:00
Alex Denisov
393aad5935 Swift: downgrade parameter packs 2023-11-10 16:22:09 +01:00
Geoffrey White
8f141cb157 Swift: Change note. 2023-11-10 15:13:51 +00:00