hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 06:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,684 Branches 159 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
0cb27e7511 C#: Add toString functionality consistency queries 2023-06-23 13:28:11 +02:00
Asger F
0039cb141e Merge branch 'main' into rb/tracking-on-demand 2023-06-23 12:55:54 +02:00
Mathias Vorreiter Pedersen
600c60af8b Merge branch 'main' into rdmarsh2/cpp/cobo-array-vars 2023-06-23 10:54:46 +01:00
yoff
26856a82a6 Apply suggestions from code review 
Co-authored-by: Asger F <asgerf@github.com>
 2023-06-23 10:15:20 +02:00
Tom Hvitved
79ee5112fc Ruby: Add toString functionality consistency queries 2023-06-23 09:42:03 +02:00
Rasmus Lerchedahl Petersen
86dfc7b66e python: format 2023-06-23 08:18:06 +02:00
Kevin Stubbings
3605269e13 Add webix copy function 2023-06-22 22:16:28 -07:00
Mathias Vorreiter Pedersen
b615e98cc1 Merge pull request #13425 from MathiasVP/fix-more-conflation-in-dataflow 2023-06-22 22:53:34 +01:00
Mathias Vorreiter Pedersen
79fb6a6079 C++: Accept test changes. 2023-06-22 19:34:05 +01:00
Mathias Vorreiter Pedersen
0839c1aad1 C++: Allow self-flow through indirect parameters. 2023-06-22 19:33:18 +01:00
Mathias Vorreiter Pedersen
da54751d85 C++: Add testcase that demonstrate the need for self-flow out of indirect parameters. 2023-06-22 19:33:13 +01:00
Ian Lynagh
0d05f50aaa Kotlin: Remove an expected-no-getter exception 
We're not sure why it was necessary.
 2023-06-22 18:12:13 +01:00
Geoffrey White
a8aa33510d Shared: QLDoc NfaUtils::Make::State::hasLocationInfo. 2023-06-22 17:19:43 +01:00
Mathias Vorreiter Pedersen
d3bc99a9ee Merge pull request #13533 from MathiasVP/hide-summarized-nodes-from-path-graph 
Swift: Hide summarized nodes from path graphs
 2023-06-22 16:44:19 +01:00
Tony Torralba
d07e2862f9 Java: Add URL.toString summary 
This adds coverage for CVE-2023-35149.
 2023-06-22 17:39:30 +02:00
Jami
3fed2798c8 Merge pull request #13093 from GeekMasher/csharp-ext 
[CSharp] Additional data extensions for sink models
 2023-06-22 10:22:32 -04:00
Geoffrey White
fe71207475 Merge pull request #13537 from geoffw0/regexqldoc 
Ruby: Fix some QLDoc errors in ParseRegExp.qll
 2023-06-22 14:55:39 +01:00
Geoffrey White
c17de99c86 Swift: Correct QLDoc error. 2023-06-22 13:59:16 +01:00
Geoffrey White
d06f4b9567 Ruby: Correct QLDoc for qualifiedPart. 2023-06-22 13:56:42 +01:00
Geoffrey White
1c1637a886 Ruby: Correct QLDoc for charRange. 2023-06-22 13:56:06 +01:00
Alex Ford
f8140bcad3 Ruby: rack - improve performance of trackRackResponse 2023-06-22 13:45:44 +01:00
Alex Ford
b8f537a437 Ruby: update rack tests 2023-06-22 13:45:44 +01:00
Alex Ford
e8079727ee Ruby: rack - extend rack tests 2023-06-22 13:45:44 +01:00
Alex Ford
4d59181571 Ruby: rack - Rack::Response#finish constructs a valid rack response 2023-06-22 13:45:44 +01:00
Alex Ford
521e65c5bd Ruby: rack - extend rack applications to include instance methods, lambdas, and procs 2023-06-22 13:45:44 +01:00
Alex Ford
7a3b6f107b Ruby: add predicates to DataFlow::ModuleNode to get singleton methods 2023-06-22 13:45:44 +01:00
Alex Ford
24e83165ee Merge pull request #13289 from alexrford/rb/rack-redirect 
Ruby: rack - model redirect responses
 2023-06-22 13:45:02 +01:00
Mathew Payne
0fcc1cb588 Merge branch 'main' into csharp-ext 2023-06-22 13:30:08 +01:00
Ian Lynagh
7efbd8828b Merge pull request #13526 from igfoo/igfoo/diagwriter 
Kotlin: Define DiagnosticTrapWriter, for type safety
 2023-06-22 12:39:48 +01:00
Tom Hvitved
104dab4b66 QL: Improve dead-code query 2023-06-22 13:37:42 +02:00
Geoffrey White
e6695e3780 Merge branch 'main' into swiftregex 2023-06-22 12:21:58 +01:00
Geoffrey White
90499c0b17 Update swift/ql/lib/codeql/swift/regex/internal/ParseRegex.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-06-22 12:09:22 +01:00
AlexDenisov
9ab7a83e3f Merge pull request #13532 from github/alexdenisov/bump-cmake-c++ 
Swift: bump C++ version in CMake
 2023-06-22 12:56:34 +02:00
Joe Farebrother
52841e9005 Apply review suggestions - minor fixes 2023-06-22 11:30:58 +01:00
Joe Farebrother
bdaeeeadee Add good/bad indicators to tests 2023-06-22 11:21:30 +01:00
Joe Farebrother
270bcc3740 fix qhelp and remove commented out code 2023-06-22 11:20:58 +01:00
Mathias Vorreiter Pedersen
fe97572f70 C++: Fix strncpy model. 2023-06-22 10:59:12 +01:00
Mathias Vorreiter Pedersen
273e5bc21f C++: Add testcase demonstrating that the model for 'strncpy' is broken. 2023-06-22 10:59:12 +01:00
Mathias Vorreiter Pedersen
ff3c76c1fa Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-06-22 10:59:12 +01:00
Mathias Vorreiter Pedersen
4f1b2c6194 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-06-22 10:59:12 +01:00
Mathias Vorreiter Pedersen
a8a04c8588 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-06-22 10:59:12 +01:00
Mathias Vorreiter Pedersen
6528985a27 C++: Add QLDoc to 'hasAddressOperandAndIndirectionIndex'. 2023-06-22 10:59:12 +01:00
Mathias Vorreiter Pedersen
c7cff373de C++: Add another testcase with conflation. 2023-06-22 10:59:12 +01:00
Mathias Vorreiter Pedersen
3365ff0d95 C++: Ensure that 'PrintIR' for dataflow still compiles. 2023-06-22 10:59:12 +01:00
Mathias Vorreiter Pedersen
6543da9990 C++: Accept test changes. 2023-06-22 10:59:11 +01:00
Mathias Vorreiter Pedersen
3b0a286d8e C++: Adjust the rest of the library to the new API. 2023-06-22 10:59:11 +01:00
Mathias Vorreiter Pedersen
6034eb07af C++: Change the API for indirect operands and indirection instructions to not allow pointer conflation. 2023-06-22 10:59:11 +01:00
Mathias Vorreiter Pedersen
9e9c811eb3 C++: Fix conflation bug in 'getIRRepresentationOfIndirectInstruction'. 2023-06-22 10:59:11 +01:00
Mathias Vorreiter Pedersen
5816f177c9 C++: Add failing test. 2023-06-22 10:59:11 +01:00
Rasmus Lerchedahl Petersen
2264b119a6 python: more consistent tests 
- do not test taint flow whne dataflow is established
- test taint of both the collection and the expected element
 2023-06-22 11:52:25 +02:00