hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-19 01:14:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,679 Branches 158 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
af17ae236f C++: Autoformat. 2024-01-30 13:47:11 +00:00
Geoffrey White
310c78d1e7 C++: Add PreprocBlock.qll library. 2024-01-30 13:47:07 +00:00
Asger F
6cfdd7aec4 JS: Add InlineExpectationsTest 2024-01-30 13:20:57 +01:00
Asger F
8930ce74af JS: Do not view packages as nested in a private package 2024-01-30 13:20:57 +01:00
Asger F
2d8d11fa78 JS: Restrict type-only exports in API graphs 2024-01-30 13:20:57 +01:00
Asger F
0e0fb0e52d JS: Remove API graph edge causing ambiguity 2024-01-30 13:20:56 +01:00
Asger F
e441dd472b JS: Expose hasBothNamedAndDefaultExports() 2024-01-30 13:20:55 +01:00
Mathias Vorreiter Pedersen
e2ae4a699c C++: Add change note. 2024-01-30 11:44:46 +00:00
Mathias Vorreiter Pedersen
33e37536df C++: Accept test changes. 2024-01-30 11:32:50 +00:00
Mathias Vorreiter Pedersen
1dfd32ee5c C++: Model function calls throwing exceptions. 2024-01-30 11:32:50 +00:00
Mathias Vorreiter Pedersen
eb94203f04 C++: Add an 'EdgeKind' column to 'getExceptionSuccessorInstruction'. 2024-01-30 11:32:50 +00:00
Mathias Vorreiter Pedersen
8bb17a7127 C++: Add an 'EdgeKind' column to 'getInitializationSuccessor'. 2024-01-30 11:32:50 +00:00
Mathias Vorreiter Pedersen
4fb20e14f5 C++: Add an 'EdgeKind' column to 'getChildTrueSuccessor' and 'getChildFalseSuccessor'. 2024-01-30 11:32:47 +00:00
Mathias Vorreiter Pedersen
10ae793de5 C++: Add an 'EdgeKind' column to 'getFirstInstruction'. 2024-01-30 11:31:41 +00:00
Mathias Vorreiter Pedersen
d2e8b88b24 C++: Add an 'EdgeKind' column to 'getChildSuccessor'. 2024-01-30 11:26:46 +00:00
Rasmus Wriedt Larsen
c70b32f7eb Python: Require quote escaping for html.escape 2024-01-30 12:17:01 +01:00
Harry Maclean
f230e618a3 Ruby: Update tests 2024-01-30 09:43:56 +00:00
Michael Nebel
41cca4711b Merge pull request #15426 from michaelnebel/csharp/collectionexpressions 
C# 12: Support for collection expressions.
 2024-01-30 10:39:39 +01:00
Mathias Vorreiter Pedersen
78d5d9a7ab Merge pull request #15448 from microsoft/false_positive_cpp_incorrect_string_type_conversion 
cpp/incorrect-string-type-conversion false positive fixes
 2024-01-30 09:37:01 +00:00
Mathias Vorreiter Pedersen
56e44f9b3c Merge pull request #15458 from MathiasVP/dataflow-node-deduplication 
C++: Fix more `asExpr` duplication
 2024-01-30 09:34:57 +00:00
Mathias Vorreiter Pedersen
436a9ce604 Merge pull request #15460 from MathiasVP/fix-scanf-fp-2 
C++: Fix another FP in `cpp/incorrectly-checked-scanf`
 2024-01-30 09:32:32 +00:00
Tom Hvitved
503d2f7b95 Ruby: Rework mayBenefitFromCallContext 2024-01-30 09:57:29 +01:00
Harry Maclean
75b13da4e4 Ruby: Block flow from LHS of && expressions 
The only values that can flow from the LHS of an && expression are
`false` and `nil`, neither of which seem relevant for any of our
queries.
 2024-01-30 08:53:32 +00:00
Joe Farebrother
460ffc89b2 Add additional test cases 2024-01-29 22:43:28 +00:00
Sid Shankar
b1d7a635f5 Renames diagnostic query files and tests 
This commit renames the files relating to the diagnostic query that produces information on the number of files extracted. The files have been renamed from "SuccessfullExtractedFiles.*" to "ExtractedFiles.*". All related tests and test files have been renamed too.

The `@tags` and `@id` attributes of the queries have been left untouched, consistent with the `@tags` and `@id` for similar queries in other languages.
 2024-01-29 20:19:20 +00:00
Benjamin Rodes
13cf555cee False positive fix for cpp/uninitialized-local 2024-01-29 13:21:05 -05:00
Joe Farebrother
3abd67064d Add change note 2024-01-29 16:33:07 +00:00
Mathias Vorreiter Pedersen
5024df9c4e C++: Add change note. 2024-01-29 16:30:55 +00:00
Joe Farebrother
94075ef148 Fix FPs - consider flow through fields when determining whether a view is masked, and find more instances of findViewById. 2024-01-29 16:25:38 +00:00
Joe Farebrother
8d201626e1 Add documentation 2024-01-29 16:25:38 +00:00
Joe Farebrother
aa78050933 Implement checks for elements hidden by their xml attributes 2024-01-29 16:25:38 +00:00
Joe Farebrother
6081f18089 Add unit tests + make some fixes 2024-01-29 16:25:37 +00:00
Joe Farebrother
8582093e65 Implement checks for parent views being hidden 2024-01-29 16:25:37 +00:00
Joe Farebrother
1b13597d72 Implement checks for calls that may safely mask information 2024-01-29 16:25:37 +00:00
Joe Farebrother
5dd0addfc2 Add sensitive text flow query 2024-01-29 16:25:36 +00:00
Mathias Vorreiter Pedersen
ea79a84c2e C++: Accept test changes. 2024-01-29 16:24:44 +00:00
Mathias Vorreiter Pedersen
ebd1595fbe C++: Fix FP by concluding that a less-than-zero check also implies a not-equal-to-EOF check. 2024-01-29 16:24:36 +00:00
Mathias Vorreiter Pedersen
7e29141196 C++: Add FP test. 2024-01-29 16:23:37 +00:00
Ben Rodes
308a3b533f Update cpp/ql/src/change-notes/2024-01-29-false_positive_incorrect_string_type_conversion.md 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2024-01-29 09:35:59 -05:00
Mathias Vorreiter Pedersen
aeae208dc3 Merge pull request #15456 from MathiasVP/fix-scanf-fp 
C++: Fix FP in `cpp/incorrectly-checked-scanf`
 2024-01-29 14:30:20 +00:00
Benjamin Rodes
6f17c432d9 Change log 2024-01-29 09:19:39 -05:00
Mathias Vorreiter Pedersen
320092092d C++: Accept test changes. 2024-01-29 14:11:07 +00:00
Mathias Vorreiter Pedersen
a4727b5597 C++: Fix 'asExpr' duplication. 2024-01-29 14:11:01 +00:00
Mathias Vorreiter Pedersen
044d94c580 C++: Add change note 2024-01-29 13:47:17 +00:00
Michael Nebel
cda09478c5 C# Update expected test output and remove false positive. 2024-01-29 14:37:25 +01:00
Michael Nebel
63c06b72b1 C#: Chop dataflow of spread into smaller steps and make sure to only propagate element flow for the spread operator. 2024-01-29 14:34:57 +01:00
Michael Nebel
b6f94ea44a C#: Add example test of field flow via the spread operator, which leads to a false positive. 2024-01-29 14:30:52 +01:00
Rasmus Wriedt Larsen
5867fb3d29 Python: Add change-note 2024-01-29 14:30:20 +01:00
Rasmus Wriedt Larsen
3f0dc2b022 Python: Model the psycopg package 2024-01-29 14:30:20 +01:00
Michael Nebel
cd5f678e1c C#: Add IntegerCollection class to the CollectionFlow tests and update line numbers in expected test output. 2024-01-29 14:28:05 +01:00