hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-10 17:44:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,739 Branches 164 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Marsh
376e01ae3d C++: update docs for new range analysis AST wrapper 2023-04-27 14:59:18 -04:00
Mathias Vorreiter Pedersen
5c23474634 C++: Add FPs for 'cpp/invalid-pointer-deref'. 2023-04-27 18:49:05 +01:00
Mathias Vorreiter Pedersen
e506f638fc DataFlow: Sync identical files. 2023-04-27 18:40:33 +01:00
Mathias Vorreiter Pedersen
478f2dca3b C++: Add a new dataflow consistency test. 2023-04-27 18:39:41 +01:00
Geoffrey White
268db8b541 Merge pull request #3 from MathiasVP/add-puns-to-mad-2 
Swift: Syntax for selecting `PostUpdateNode`s in CSV rows
 2023-04-27 17:36:23 +01:00
Mathias Vorreiter Pedersen
6c095d8143 Merge pull request #12953 from MathiasVP/fp-invalid-deref 
C++: Add FP for `cpp/invalid-pointer-deref`
 2023-04-27 17:29:37 +01:00
Michael B. Gale
72b082806b Go: Update html-template-escaping-passthrough 
Modify this query to apply sanitizers only in the data flow
between untrusted inputs and passthrough conversion types.
 2023-04-27 17:14:38 +01:00
Mathias Vorreiter Pedersen
e46c53af1d C++: accept test changes. 2023-04-27 17:13:02 +01:00
Mathias Vorreiter Pedersen
1372ee7a44 Update cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-04-27 17:10:44 +01:00
Asger F
0fb79bdf64 JS: Include a local step before store step 2023-04-27 17:58:02 +02:00
Asger F
c674afb674 JS: Fix condition in getRouteHandlerNode 
Previous version did not account for arrays
 2023-04-27 17:58:02 +02:00
Geoffrey White
74274e834e Swift: Add the four complete examples from the doc pages to the examples directory. 2023-04-27 16:52:00 +01:00
yoff
54ced06ada Merge branch 'main' into python/captured-variables-for-typetracking 2023-04-27 17:32:41 +02:00
Asger F
682ff23e04 JS: Update Express test 2023-04-27 16:36:04 +02:00
Asger F
36889f6d72 JS: Fix isResponse/isRequest 2023-04-27 16:35:56 +02:00
Asger F
70331c0ea4 JS: Decouple chaining from ExplicitResponseSource 2023-04-27 16:14:27 +02:00
Asger F
96e415aba6 JS: Track express route handlers into arrays 2023-04-27 16:14:22 +02:00
Geoffrey White
abb98be996 Swift: QLDoc Type.qll, TypeDecl.qll, and deprecate one of the predicates. 2023-04-27 15:12:54 +01:00
Geoffrey White
fc65160a78 Swift: Simplify the implemention of MethodDecl.hasQualifiedName. 2023-04-27 14:59:19 +01:00
Mathias Vorreiter Pedersen
432c0b508a C++: Add another FP. 2023-04-27 14:50:29 +01:00
Anders Schack-Mulligen
9df2ee00d6 Java: Add SrcCallable.isImplicitlyPublic convenience predicate. 2023-04-27 15:20:49 +02:00
Geoffrey White
e2e8e5ddd3 Swift: Add swift-further-reading.rst 2023-04-27 14:04:13 +01:00
Anders Schack-Mulligen
71ae0909d8 Dataflow: Enforce type pruning in all forward stages. 2023-04-27 14:55:26 +02:00
Anders Schack-Mulligen
9140cbefc0 Dataflow: Sync. 2023-04-27 14:55:23 +02:00
Geoffrey White
08854136fe Swift: QLDoc consistency. 2023-04-27 13:55:09 +01:00
Anders Schack-Mulligen
a761eea2dc Dataflow: Autoformat 2023-04-27 14:52:25 +02:00
Anders Schack-Mulligen
9ad2da6196 Java: Fix reference to TypedContent. 2023-04-27 14:52:25 +02:00
Anders Schack-Mulligen
4f2d2361a4 Dataflow: Eliminate TypedContent. 2023-04-27 14:52:25 +02:00
Anders Schack-Mulligen
5373b4d466 Dataflow: Remove superfluous predicates. 2023-04-27 14:52:25 +02:00
Anders Schack-Mulligen
b534e7b6d5 Dataflow: Remove superfluous columns 2023-04-27 14:52:25 +02:00
Anders Schack-Mulligen
a2fa97ac22 Dataflow: Replace TypedContent with Content in access paths. 2023-04-27 14:52:25 +02:00
Anders Schack-Mulligen
123534a676 Dataflow: Eliminate front type in AccessPathFront. 2023-04-27 14:52:25 +02:00
Anders Schack-Mulligen
ff3e45e1ba Dataflow: Eliminate TypedContentApprox. 2023-04-27 14:52:25 +02:00
Anders Schack-Mulligen
748bcba0ae Dataflow: Eliminate now-redundant type in nil accesspath approximations. 2023-04-27 14:52:25 +02:00
Anders Schack-Mulligen
95b95e5c27 Dataflow: Duplicate type info for AccessPathApprox tails. 2023-04-27 14:52:24 +02:00
Anders Schack-Mulligen
52f50b8d9d Dataflow: Replace AccessPath push/pop with isCons. 2023-04-27 14:52:24 +02:00
Anders Schack-Mulligen
142479eeb7 Dataflow: Duplicate type info for AccessPath tails. 2023-04-27 14:52:24 +02:00
Anders Schack-Mulligen
69202d2dae Dataflow: Include type in post-stage-5 tail relation. 2023-04-27 14:52:24 +02:00
Anders Schack-Mulligen
933d2fbb9f Dataflow: Replace RevPartialAccessPath with the now identical PartialAccessPath. 2023-04-27 14:52:24 +02:00
Anders Schack-Mulligen
2cf58fccf7 Dataflow: Remove type from PartialAccessPath. 2023-04-27 14:52:24 +02:00
Anders Schack-Mulligen
e5d36ff461 Dataflow: Add type to stage 2-5 summary ctx. 2023-04-27 14:52:24 +02:00
Anders Schack-Mulligen
77b09f3660 Dataflow: Add type to partial flow summary context 2023-04-27 14:52:24 +02:00
Anders Schack-Mulligen
11c05257d4 Dataflow: Duplicate accesspath type info in partial flow. 2023-04-27 14:52:20 +02:00
Anders Schack-Mulligen
fd36304da2 Dataflow: Add type to PathNode.toString 2023-04-27 14:50:55 +02:00
Stephan Brandauer
adcf4a3dc2 documentation clean-up 2023-04-27 14:48:48 +02:00
Stephan Brandauer
52a8230ce3 restructure shared characteristics module; add framework support for sanitizers 2023-04-27 14:46:24 +02:00
Stephan Brandauer
ffe7c62766 use US spelling 2023-04-27 14:46:24 +02:00
Stephan Brandauer
a91b71c53b add parameter names to metadata, set subtypes = false for static method candidates; remove UndocumentedMethodCharacteristics, now that we use ModelApi 2023-04-27 14:46:23 +02:00
Stephan Brandauer
3868defb87 use ModelApi to define parameters worth modeling 2023-04-27 14:46:23 +02:00
Stephan Brandauer
6eefb268dd Automodel extraction queries in java telemetry query directory 2023-04-27 14:46:08 +02:00