hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-20 18:04:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,447 Commits 1,683 Branches 158 Tags
codeql-cli/v2.17.2
Commit Graph

66447 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
50b754b6c1 Merge pull request #15129 from MathiasVP/fix-joins-in-wrong-type-format-argument 
C++: Fix joins in `cpp/wrong-type-format-argument`
 2023-12-18 12:17:17 +01:00
Mathias Vorreiter Pedersen
f5c52ac496 C++: Fix joins in 'isModifiableAtImpl'. 2023-12-18 12:02:33 +01:00
Malayke
c90fcd19cc Merge branch 'main' into main 2023-12-18 18:38:20 +08:00
Michael Nebel
d8fdba009a Merge pull request #15119 from michaelnebel/csharp/stubgenimprovements 
C#: Escape method names in stub generation.
 2023-12-18 11:35:29 +01:00
Michael Nebel
b10137c24c C#: Pick the first version number encountered. 2023-12-18 11:02:49 +01:00
Tamas Vajk
de1134ac48 C#: Add linux-only integration test 2023-12-18 10:55:11 +01:00
Malayke
8d8126f849 Merge branch 'github:main' into main 2023-12-18 17:52:28 +08:00
Mathias Vorreiter Pedersen
8ed9fbb295 Merge pull request #15123 from MathiasVP/fix-fps-in-double-free 
C++: Fix FPs in `cpp/double-free` and `cpp/use-after-free`
 2023-12-18 10:44:18 +01:00
Mathias Vorreiter Pedersen
e88c6888bc Merge pull request #15121 from MathiasVP/fix-joins-in-av-rule-145 
C++: Fix joins in `AV Rule 145`
 2023-12-18 10:42:46 +01:00
Tamas Vajk
3f843d820c Add telemetry query for known/unknown expression kinds 2023-12-18 10:02:32 +01:00
Mathias Vorreiter Pedersen
3897befbe2 C++: Fix joins in 'cpp/wrong-type-format-argument'. 2023-12-18 09:49:34 +01:00
Tony Torralba
9446249e94 Merge pull request #15012 from atorralba/atorralba/java/fix-missing-pinning-fp 
Java: Fix FPs in Missing certificate pinning
 2023-12-18 09:37:18 +01:00
Tony Torralba
0524289a73 Update java/ql/src/Security/CWE/CWE-327/MaybeBrokenCryptoAlgorithm.ql 2023-12-18 08:50:10 +01:00
Tom Hvitved
020a049d30 Merge pull request #15103 from hvitved/ruby/simple-pattern-flow 
Ruby: Model simple pattern matching as value steps instead of taint steps
 2023-12-18 08:49:11 +01:00
Mathias Vorreiter Pedersen
2eda5927d9 Merge pull request #15125 from geoffw0/launchoptions 
Swift: Add more test cases for application(...launchOptions...).
 2023-12-18 08:42:50 +01:00
amammad
a72bd7efcc add GOOD and BAD comment to sinks, some chore improvements on tests 2023-12-17 20:07:16 +01:00
amammad
87b1028aab fix pgzip missed sink, apply isBarrier directly to CopyN sink, add new flow state for pgzip 2023-12-17 19:55:50 +01:00
Owen Mansel-Chan
5a2c48f37f Add change note 2023-12-17 06:28:35 +00:00
Owen Mansel-Chan
e45e92eaa7 Fix MaxIntOrMaxUint.isBoundFor 
It was wrong for strictnessOffset = 1 before.
 2023-12-17 06:16:33 +00:00
Owen Mansel-Chan
36c4f5d1b2 Add failing test 
The cause of the test failure is confusion about
whether the architecture is 32 bit or 64 bit.
 2023-12-17 04:43:14 +00:00
Malayke
ac465b9234 Merge branch 'github:main' into main 2023-12-16 18:02:14 +08:00
masterofnow
4a77f45aa6 Minor adjustment to resolve error for codeql version 2.15.4 2023-12-16 12:41:39 +08:00
masterofnow
99b273d308 Apply suggestions from code review 
Added suggestion from atorralba.

Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-12-16 12:00:45 +08:00
Rasmus Lerchedahl Petersen
64655a0ea8 Python: Use enw class name 2023-12-16 01:36:46 +01:00
Rasmus Lerchedahl Petersen
b505778bc8 Python: remove non-local steps 2023-12-16 01:03:27 +01:00
Rasmus Lerchedahl Petersen
661ba1ca7b Python: move restriction into branch predicate 
Otherwise we get loads of nodes with missing locations
from the brnach nodes that are not matched.
 2023-12-16 00:33:11 +01:00
Chad Bentz
b02bac5190 Test run 2023-12-15 22:55:10 +00:00
Rasmus Lerchedahl Petersen
5de1725648 Python: update class name 2023-12-15 23:50:29 +01:00
Rasmus Lerchedahl Petersen
4a1fcde649 Python: abandon synthetic node 
for `CapturingClosureArgumentNode`.

Unless we define it for every single `CallNode`, we need a more
sophisticated mutual recursion with the call graph construction.
There is built-in support for that, but we are currently not using it.
 2023-12-15 23:42:29 +01:00
Chris Smowton
84c86f256a Add buildless tests 2023-12-15 22:37:55 +00:00
Rasmus Lerchedahl Petersen
e36b079e0f Python: fix compilation error 
introduced by bad merge
 2023-12-15 21:27:22 +01:00
Rasmus Lerchedahl Petersen
416ba6a709 Python: use updated API 2023-12-15 21:26:05 +01:00
Eric Bickle
95ce7c9ba4 Merge branch 'main' into fix/update-gson-model 2023-12-15 10:15:53 -08:00
Geoffrey White
1908575386 Swift: Add more test cases for launchOptions as a source. 2023-12-15 18:11:28 +00:00
Mathias Vorreiter Pedersen
ef916f0ba0 C++: Mitigate ODR violations. 2023-12-15 17:16:04 +00:00
Ed Minnix
09a0730491 QLdoc fix 2023-12-15 11:13:09 -05:00
Ed Minnix
02581a3850 Move class for getProperty method call to Properties.qll 2023-12-15 11:09:08 -05:00
Ed Minnix
73cb01fc89 Remove integration test (ported to query test) 
The `.properties` file extractor has been enabled by default, so the
test about sources from `getProperty` calls can be ported to a query test.
 2023-12-15 11:09:08 -05:00
Ed Minnix
fc53727b9d Bump change note date 2023-12-15 11:09:08 -05:00
Ed Minnix
8826eaf1a3 Move test case to query tests 2023-12-15 11:09:08 -05:00
Ed Minnix
afefccf8f7 Update change note 2023-12-15 11:09:08 -05:00
Ed Minnix
0d12981d6a Bump change note 2023-12-15 11:09:08 -05:00
Ed Minnix
078a33eecc Updated change note 2023-12-15 11:09:07 -05:00
Ed Minnix
1c3993e632 QLDocs 2023-12-15 11:09:07 -05:00
Ed Minnix
8e55ced288 Update test to use MaybeBrokenCryptoAlgorithm 2023-12-15 11:09:07 -05:00
Ed Minnix
83c6ece405 Move weak hashing into MaybeBrokenCryptoAlgorithm 2023-12-15 11:09:07 -05:00
Ed Minnix
fbc2a33597 Replace MethodAccess with MethodCall 2023-12-15 11:09:07 -05:00
Ed Minnix
c20ea1f629 Bump change note date 2023-12-15 11:09:07 -05:00
Ed Minnix
cb0ea350b5 Improve docs 2023-12-15 11:09:07 -05:00
Ed Minnix
0efca8200d Weak Hashing query wording 2023-12-15 11:09:07 -05:00