hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-03 22:28:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,732 Branches 164 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Ford
77f3a70376 Ruby: renames for rb/xpath-injection 2023-09-03 17:20:05 +01:00
Alex Ford
42cd58695d Ruby: configsig rb/url-redirection 2023-09-03 17:20:05 +01:00
Alex Ford
f79796a644 Ruby: configsig rb/shell-command-constructed-from-input 2023-09-03 17:20:05 +01:00
Alex Ford
f03f670312 Ruby: configsig rb/html-constructed-from-input 2023-09-03 17:20:05 +01:00
Alex Ford
8ad6c72ba2 Ruby: configsig rb/unsafe-deserialization 2023-09-03 17:20:05 +01:00
Alex Ford
461bc0d359 Ruby: configsig rb/unsafe-code-construction 2023-09-03 17:20:05 +01:00
Alex Ford
3e23a6e021 Ruby: configsig rb/server-side-template-injection 2023-09-03 17:20:05 +01:00
Alex Ford
0a73ebdbee Ruby: configsig rb/tainted-format-string 2023-09-03 17:20:05 +01:00
Alex Ford
f5e433940f Ruby: renames for rb/stored-xss 2023-09-03 17:20:05 +01:00
Alex Ford
030aae5693 Ruby: configsig rb/stack-trace-exposure 2023-09-03 17:20:05 +01:00
Alex Ford
bf1cb33be3 Ruby: configsig rb/sql-injection 2023-09-03 17:20:05 +01:00
Alex Ford
ba8ff0710d Ruby: configsig rb/request-forgery 2023-09-03 17:20:05 +01:00
Alex Ford
df9173502e Ruby: configsig rb/sensitive-get-query 2023-09-03 17:20:05 +01:00
Alex Ford
593d9a48d4 Ruby: configsig rb/reflected-xss 2023-09-03 17:20:05 +01:00
Alex Ford
ad2bbfb265 Ruby: configsig rb/path-injection 2023-09-03 17:20:05 +01:00
Alex Ford
867e47bcdd Ruby: renames for rb/log-injection 2023-09-03 17:20:04 +01:00
Alex Ford
eb34bbbfd2 Ruby: renames for rb/ldap-injection 2023-09-03 17:20:04 +01:00
Alex Ford
d46eceb5f4 Ruby: configsig rb/kernel-open 2023-09-03 17:20:04 +01:00
Alex Ford
a8ad0d8ff5 Ruby: renames for rb/insecure-download 2023-09-03 17:20:04 +01:00
Alex Ford
c973fc1274 Ruby: configsig rb/http-to-file-access 2023-09-03 17:20:04 +01:00
Alex Ford
2536f1a0cd Ruby: configsig rb/user-controlled-bypass 2023-09-03 17:20:04 +01:00
Alex Ford
377570f361 Ruby: configsig rb/command-line-injection 2023-09-03 17:20:04 +01:00
Alex Ford
b1a49ddb0d Ruby: configsig rb/code-injection 2023-09-03 17:20:04 +01:00
Alex Ford
6fa267a820 Ruby: configsig rb/clear-text-storage-sensitive-data 2023-09-03 17:20:04 +01:00
Alex Ford
2a2f21d3a9 Ruby: configsig rb/clear-text-logging-sensitive-data 2023-09-03 17:20:04 +01:00
amammad
f3ea72c234 proper tests with depstubber, remove Duplicates :( 2023-09-03 04:51:05 +10:00
amammad
b5a257ca7c add proper test cases 2023-09-03 04:09:56 +10:00
amammad
8f11543e9d fix go.mod 2023-09-02 22:47:35 +10:00
amammad
9b8f43bf63 remove tmp test 2023-09-02 22:41:39 +10:00
amammad
6af82526dc add tests 2023-09-02 22:40:18 +10:00
amammad
a8a9edcacd V1 2023-09-02 22:27:08 +10:00
Mathias Vorreiter Pedersen
20f501d1c7 C++: Change queries to use 'asExpr' instead of 'asConvertedExpr'. 2023-09-01 15:01:32 +01:00
Mathias Vorreiter Pedersen
cca6052026 C++: Use 'operandNode' to generate the string for indirect operands. 2023-09-01 14:04:54 +01:00
Mathias Vorreiter Pedersen
f1c4fa2345 C++: When we generate a string for the node we avoid multiple results by only using the 0'th result from the 'asExpr' predicate. However, when we want to convert between nodes and expressions we don't care about which one we get. 2023-09-01 14:04:52 +01:00
Mathias Vorreiter Pedersen
d2bb73ba1f C++: Use the index to to get the 'most converted' and 'least converted' instruction in a bunch of places. 2023-09-01 13:47:06 +01:00
Mathias Vorreiter Pedersen
4dfaf9225c C++: Index 'getConvertedResultExpression' by an integer. 2023-09-01 13:32:29 +01:00
Mathias Vorreiter Pedersen
16d62186c0 C++: Use this new predicate everywhere we need to convert an instruction to an expression. 2023-09-01 13:32:25 +01:00
Mathias Vorreiter Pedersen
60819ad7f2 Add a single predicate that should be used to convert an instruction to an expression. 2023-09-01 13:06:25 +01:00
Ian Lynagh
181594badb Kotlin: Add packageFqName and IrSymbolInternals compatibility 
In master, we need to switch to these, but for building for older
versions we need to add our own support.

Currently the v_1_9_255 files are nto used, but we will need them (in a
differently-named directory) for a future release.
 2023-09-01 11:20:58 +01:00
Ian Lynagh
72e08a9277 Kotlin: Tweak the build system 
You can now make a versions/* directory that the build system doesn't
know about. This can be used to add support for not-yet-supported
versions.
 2023-09-01 11:08:54 +01:00
Kasper Svendsen
4bc6ca3d84 Java: Delete java test query which fails to compile 2023-09-01 11:21:06 +02:00
Mathias Vorreiter Pedersen
67a0112fcb Merge pull request #14115 from MathiasVP/fix-incorrect-load-of-constant 
C++: Don't generate `Load`s for constant expressions
 2023-09-01 08:50:44 +01:00
Mathias Vorreiter Pedersen
72d9812fea C++: Accept more test changes. 2023-08-31 21:56:35 +01:00
Mathias Vorreiter Pedersen
dfefd62089 C++: Accept test changes. 2023-08-31 20:38:46 +01:00
Mathias Vorreiter Pedersen
aed14f2924 C++: Don't insert loads for constants. 2023-08-31 20:38:40 +01:00
Mathias Vorreiter Pedersen
b575747357 C++: Add testcase with invalid IR. 2023-08-31 20:35:33 +01:00
yoff
da64ea40b9 Merge pull request #13782 from jorgectf/jorgectf/shlex-quote 
Python: Add `shlex.quote` as `py/shell-command-constructed-from-input` sanitizer
 2023-08-31 21:08:58 +02:00
Ian Lynagh
eb59bc04cd Kotlin: Add missing imports 2023-08-31 19:28:05 +01:00
Ian Lynagh
3009f40814 Kotlin: Opt in to org.jetbrains.kotlin.ir.symbols.IrSymbolInternals 
Needed for upstream master.
 2023-08-31 19:28:05 +01:00
Ian Lynagh
1ec29bffbb Kotlin: Don't use deprecated createBlockBody 
The function that takes a list of statements is hidden in upstream
master.
 2023-08-31 19:28:05 +01:00