hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-21 06:57:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,712 Branches 163 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
a810165e35 Fix minor formatting issues in changenotes 2024-03-18 10:57:05 +01:00
Tom Hvitved
a13391bda1 Merge pull request #15802 from hvitved/dataflow/variable-capture-overlapping-paths 
Variable capture: Avoid overlapping and false-positive data flow paths
 2024-03-18 10:45:55 +01:00
Rasmus Lerchedahl Petersen
2a0c451d2d python: No fieldFlowBranchLimit for SummarizedCallables 
Like https://github.com/github/codeql/pull/15689 for Ruby.
 2024-03-18 10:29:36 +01:00
Rasmus Lerchedahl Petersen
45c65b48aa python: make it a real package 
so python2 also respects it
 2024-03-18 08:49:31 +01:00
Jami Cogswell
a8eb1d10f6 Java: remove experimental tests 2024-03-17 22:35:27 -04:00
Jami Cogswell
658fffeac1 Java: remove experimental files 2024-03-17 22:03:59 -04:00
Owen Mansel-Chan
754d4cd959 Fix model provenance to df-manual 2024-03-17 14:36:47 +00:00
Owen Mansel-Chan
23a58a0835 Add df-manual models related to existing df-manual models 2024-03-17 14:21:05 +00:00
Owen Mansel-Chan
fc367042ef Fix df-manual model with wrong parameter type 2024-03-17 14:21:01 +00:00
Jorge
cbfd53a17c Merge pull request #37 from GitHubSecurityLab/fix-inputs 
Fix inputs with composite action
 2024-03-15 23:03:27 +01:00
Jorge
e60c0b875f Fix inputs for composite action 2024-03-15 22:01:06 +00:00
Ian Lynagh
a53d5d832d Kotlin 2: Accept more loc changes 2024-03-15 18:08:53 +00:00
Ian Lynagh
c4c843968e Kotlin 2: Accept more loc changes 2024-03-15 18:07:39 +00:00
Ian Lynagh
57d17d85f2 Kotlin 2: Accept more loc changes 2024-03-15 18:07:12 +00:00
Ian Lynagh
6c0885c24d Kotlin 2: Accept more loc changes 2024-03-15 18:06:45 +00:00
Jami Cogswell
55f7369df0 Java: performance fix 2024-03-15 14:06:36 -04:00
Ian Lynagh
5580daf60e Kotlin 2: Accept more loc changes 2024-03-15 18:06:13 +00:00
Ian Lynagh
1d2b31f0be Kotlin 2: Accept more loc changes 2024-03-15 18:05:46 +00:00
Ian Lynagh
5552fe3c34 Kotlin 2: Accept more loc changes 2024-03-15 18:05:09 +00:00
Ian Lynagh
28f98d0344 Kotlin 2: Accept more location changes 2024-03-15 18:04:28 +00:00
Ian Lynagh
354cdf44aa Kotlin 2: Accept more location changes 2024-03-15 18:03:55 +00:00
Ian Lynagh
f4542f6160 Kotlin2 : Accept some more location changes 2024-03-15 18:02:54 +00:00
Mathias Vorreiter Pedersen
e23e3d7fb4 C++: Run tests without the extractor and analysis changes. 2024-03-15 17:35:47 +00:00
Mathias Vorreiter Pedersen
a8718f99a1 C++: Add qhelp for 'cpp/iterator-to-expired-container'. 2024-03-15 17:35:47 +00:00
Mathias Vorreiter Pedersen
3a8db49573 C++: Add tests for 'cpp/iterator-to-expired-container'. 
NOTE: This is with the yet-to-be-merged changes to the extractor and IR generation.
 2024-03-15 17:35:17 +00:00
Mathias Vorreiter Pedersen
f4f417c3f9 C++: Fix QLoc. 2024-03-15 17:19:36 +00:00
Mathias Vorreiter Pedersen
b5e59492bf C++: Add change note. 2024-03-15 17:17:05 +00:00
Mathias Vorreiter Pedersen
fb218150e1 C++: Change the testcase so that it outputs the controlling values for switch statements as well. 2024-03-15 17:05:42 +00:00
Mathias Vorreiter Pedersen
07ebbb0591 C++: Accept test changes. 2024-03-15 17:04:27 +00:00
Mathias Vorreiter Pedersen
34decd3cf1 C++: Add more general public predicates to work with abstract values. 2024-03-15 17:03:45 +00:00
Mathias Vorreiter Pedersen
f4eb5f5a2d C++: Convert 'getBranchSuccessor' to use abstract values. 2024-03-15 17:03:45 +00:00
Mathias Vorreiter Pedersen
b7292fbc67 C++: Introduce 'AbstractValue' similar to what C# has. 2024-03-15 17:03:45 +00:00
Mathias Vorreiter Pedersen
2af68d37d0 C++: Include 'SwitchInstruction's as 'IRGuardCondition's. 2024-03-15 17:03:45 +00:00
Mathias Vorreiter Pedersen
704f1fad46 C++: Add switches as testcases for guard conditions. 2024-03-15 17:02:32 +00:00
Jorge
09c2ba4280 Make action download actions-all 2024-03-15 16:39:18 +01:00
Max Schaefer
daee22d38c Merge pull request #15933 from github/max-schaefer/go-incomplete-hostname-regex 
Go: Mention raw string iterals in QHelp for `go/incomplete-hostname-regexp`.
 2024-03-15 15:07:10 +00:00
Edward Minnix III
8ae64e992c Merge pull request #15929 from egregius313/egregius313/csharp/mad/source-node-clases-for-models 
C#: Add classes extending `SourceNode` for local and stored source models
 2024-03-15 11:06:14 -04:00
Joe Farebrother
8c5fff2d11 Update names and qldoc for params taint predicates 2024-03-15 14:43:29 +00:00
Mathias Vorreiter Pedersen
23cf99734a C++: Add a new experimental query ' cpp/iterator-to-expired-container'. 2024-03-15 14:29:29 +00:00
Mathias Vorreiter Pedersen
f7c29e6bfb C++: Expose some previously private classes from our models so they can be used in queries. 2024-03-15 14:21:39 +00:00
Rasmus Lerchedahl Petersen
cfbc3f73ec Pyhton: add test for conflicting summaries 
We noticed that when
- a function has more than one summary (with different charpred)
- one summary is subsumed by a subpath (or something happens around the function being extracted)
- the function is called multiple times(we needed at least three)
one of the summaries would no longer lead to flow.
 2024-03-15 15:13:39 +01:00
Jorge
e0bbb66be4 Try to fix actions-all suite 2024-03-15 15:11:21 +01:00
Sim4n6
3acdd3382c Update the expected file 2024-03-15 14:17:23 +01:00
Sim4n6
26a16b7857 use of a single var "op" of type Cmpop 2024-03-15 14:17:23 +01:00
Sim4n6
a717bf1b9d Fix p tag in UnicodeDoS.qhelp 2024-03-15 14:17:23 +01:00
Sim4n6
af19a0342e Fix UnicodeDoS vulnerability in CWE-770 code 2024-03-15 14:17:23 +01:00
Sim4n6
085d803b14 Fix UnicodeDoS vulnerability in CWE-770 2024-03-15 14:17:23 +01:00
Sim4n6
31dc542111 Update request parameter name in good_1() function 2024-03-15 14:17:23 +01:00
Sim4n6
70ebc58b4c Refactor Unicode normalization code 2024-03-15 14:17:23 +01:00
Sim4n6
3d8868a6c3 Add routes for bad_5 and bad_6, and fix routes for good_3 and good_4 2024-03-15 14:17:23 +01:00