hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 15:22:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,684 Branches 159 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeroen Ketema
93215ba7e1 Merge pull request #13355 from jketema/ptr-deref-forward 
C++: Ensure that the sink instruction occurs last in `cpp/invalid-pointer-deref`
 2023-06-05 15:56:50 +02:00
Jeroen Ketema
86df424fca C++: Fix query formatting 2023-06-05 15:10:54 +02:00
Jeroen Ketema
4a27028768 C++: Remove cpp/invalid-pointer-deref results duplicating ones with smaller k 2023-06-05 15:03:58 +02:00
Jeroen Ketema
90f0209095 C++: Add cpp/invalid-pointer-deref test case with almost duplicated results 2023-06-05 15:03:57 +02:00
Jeroen Ketema
7f7b048f50 C++: Update expected test results 2023-06-05 15:00:11 +02:00
Ian Lynagh
a4a7ad8f99 Java/Kotlin: Split lines of code by language 
We were giving the sum of all lines for both languages, but labelling it
as "Total lines of Java code in the database", which was confusing.

Now we give separate sums for Kotlin and Java lines.
 2023-06-05 13:57:47 +01:00
Paolo Tranquilli
dc26dc81a9 Merge pull request #13370 from github/redsun82/swift-fix-cmake 
Swift: fix cmake generation
 2023-06-05 14:52:40 +02:00
Nick Rolfe
02395867c8 Python: avoid selecting getLocation() in py/truncated-division 2023-06-05 13:42:46 +01:00
Mathias Vorreiter Pedersen
52fb00cac3 Merge pull request #12036 from nmouha/patch-1 
CPP: Add query for CVE-2022-37454: Integer addition may overflow inside if statement
 2023-06-05 12:13:27 +01:00
Jeroen Ketema
11182e4ee4 C++: Move location where getASuccessor is used to avoid join order problems 2023-06-05 12:36:25 +02:00
Nick Rolfe
c67a350e36 Python: avoid selecting getLocation() in py/unnecessary-delete 2023-06-05 11:16:13 +01:00
Paolo Tranquilli
be9d32a6c1 Bazel/CMake: make include not use cmake include 
...but rather just pass along targets. This is required to fix CMake
generation in the internal repository.
 2023-06-05 11:43:48 +02:00
Michael B. Gale
06d48dca67 Merge pull request #13211 from github/mbg/identify-environment-stubs 
Shared: Add stubs for `identify-environment` scripts
 2023-06-05 10:29:06 +01:00
Nick Rolfe
dadb5b34e6 C#: avoid call to Location::toString() in cs/expose-implementation 2023-06-05 10:19:27 +01:00
Paolo Tranquilli
400176f677 Swift: fix cmake generation 
The bazel -> cmake generator is currently not capable of handling
separate included generated cmake files making use of common C/C++
dependencies.

To work around this limitation, a single generated cmake is now in
place. Long-term, we should either:
* make the cmake generator handle common dependencies gracefully, or
* make the cmake generation aspect travel up `pkg_` rules `srcs`
  attributes
so to avoid having to list the targets to be generated in the top-level
`BUILD` file.

Other things fixed:
* removed some warning spam about redefined `BAZEL_CURRENT_REPOSITORY`
* fixed the final link step, that was failing because `libswiftCore.so`
  was not being linked.
 2023-06-05 11:12:11 +02:00
Michael B. Gale
5d89b0739b Swift: Remove .cmd script 2023-06-05 09:12:21 +01:00
Maiky
1a9bfb38aa Correct barrier 2023-06-05 01:25:17 +02:00
Maiky
bf9d0b93d7 Add Improper LDAP Auth Query (CWE-287) 2023-06-03 23:20:11 +02:00
Nick Rolfe
79b3a8c955 C#: avoid call to Location::toString() 2023-06-02 19:39:24 +01:00
Jami
64830809a6 Merge pull request #13228 from jcogs33/jcogs33/deprecated-sink-error-message 
Java: add error message for outdated sink kinds in `getInvalidModelKind`
 2023-06-02 13:44:18 -04:00
jorgectf
3e8c7f72b6 Add changenote 2023-06-02 18:20:55 +02:00
Alex Ford
c95cf5ad6f Merge pull request #13062 from maikypedia/maikypedia/sqli-sink 
Ruby: Add MySQL as SQL Injection Sink
 2023-06-02 17:06:35 +01:00
jorgectf
5608082f35 Update py/unsafe-deserialization name 2023-06-02 17:57:24 +02:00
Jeroen Ketema
8ac1d56a7f C++: Fix join order in cpp/invalid-pointer-deref 2023-06-02 16:37:35 +02:00
Erik Krogh Kristensen
219ec9d05d Merge pull request #13127 from erik-krogh/polReDoS 
ReDoS: revert new superlinear algorithm.
 2023-06-02 16:10:24 +02:00
Geoffrey White
4c8225724b Swift: Fix QL-for-QL warnings. 2023-06-02 12:21:17 +01:00
Geoffrey White
14d193383e Swift: Put the change note in the right place. 2023-06-02 12:03:22 +01:00
Geoffrey White
8e8696a8ed Swift: Autoformat. 2023-06-02 12:02:33 +01:00
Geoffrey White
c7c8807f40 Swift: Use FieldDecl.hasQualifiedName. 2023-06-02 11:56:16 +01:00
Jeroen Ketema
ac4933a9cc C++: Ensure that the sink instruction occurs last in cpp/invalid-pointer-deref 
This avoids some counter-intuitive paths where we would seemingly jump back
to an earlier instruction, which might actually have been in bounds.
 2023-06-02 12:36:34 +02:00
Jeroen Ketema
5f64354a70 Merge pull request #13353 from jketema/expecation 
Fix typo in spelling of expectation
 2023-06-02 12:29:49 +02:00
Mathias Vorreiter Pedersen
05e5ebe4f4 Merge pull request #13331 from aibaars/use-shortest-distances-to-count-indirections 
C++: Use the shortestDistances HOP to count indirections (rebased copy of #13323)
 2023-06-02 11:22:59 +01:00
Geoffrey White
5bf82aeddf Swift: Add FieldDecl.hasQualifiedName. 2023-06-02 11:13:57 +01:00
erik-krogh
ac9ede4ec0 add change-notes 2023-06-02 11:58:11 +02:00
erik-krogh
f61b781386 JS: delete effectively empty file 2023-06-02 11:58:09 +02:00
erik-krogh
5cbe6db37d C++: sync files from C# 2023-06-02 11:58:08 +02:00
erik-krogh
3584e85fe8 JS: fix tutorial 2023-06-02 11:58:08 +02:00
erik-krogh
3dfe2b30b1 C#: delete override where the parent predicate no longer existed 2023-06-02 11:58:08 +02:00
erik-krogh
c3e57382f7 Ruby: fix compilation 2023-06-02 11:58:08 +02:00
erik-krogh
9000243828 JS: fix compilation 2023-06-02 11:58:08 +02:00
erik-krogh
44b6366586 delete old deprecations 2023-06-02 11:58:08 +02:00
Geoffrey White
d7e4c5f044 Swift: Change note. 2023-06-02 10:42:52 +01:00
Geoffrey White
00cd347117 Swift: Add more heuristic expressions. 2023-06-02 10:42:52 +01:00
Geoffrey White
bc57e464e5 Swift: Add some more test cases. 2023-06-02 10:42:51 +01:00
Mathias Vorreiter Pedersen
0adff53afd Merge pull request #13190 from geoffw0/sharedsensitive 
Swift: Adopt the shared sensitive data library
 2023-06-02 10:36:22 +01:00
Tony Torralba
41bd1ae54e Merge pull request #13351 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-06-02 11:19:04 +02:00
Mathias Vorreiter Pedersen
cc8aac5435 C++: Use the 'shortestDistances' HOP to count indirections instead of manual recursion. This avoids cyclic problems when we have invalid types. 2023-06-02 11:17:08 +02:00
Tony Torralba
ad2f558002 Add Hudson models 
Includes models-as-data rows, flow sources, and XSS sanitizers.

Tests for models-as-data rows not included.
 2023-06-02 11:06:24 +02:00
Michael Nebel
3a3f9a2655 Merge pull request #13298 from michaelnebel/csharp/paramdefaultimplicitconversion 
C#: Extract default parameter values.
 2023-06-02 10:52:24 +02:00
Erik Krogh Kristensen
d7c3ac4830 Merge pull request #13349 from erik-krogh/stopRecLaterAccess 
JS: stop recursive fromRhs related to getLaterBaseAccess
 2023-06-02 10:39:14 +02:00