hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-15 03:39:32 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,969 Commits 1,758 Branches 167 Tags
codeql-cli/v2.25.3
Commit Graph

86969 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeroen Ketema
095a9cbc73 Merge pull request #21588 from jketema/jketema/compiler-error-bmn 
C++: Silence `ExtractionRecoverableWarning`s when BMN is active
 2026-03-30 14:17:26 +02:00
Mathias Vorreiter Pedersen
5db069eb56 C++: Fix more consistency errors. 2026-03-30 12:08:08 +01:00
Óscar San José
9f27a5278f Merge pull request #21579 from github/post-release-prep/codeql-cli-2.25.1 
Post-release preparation for codeql-cli-2.25.1
 2026-03-30 12:47:59 +02:00
Mathias Vorreiter Pedersen
9247e6af0c C++: Add change note. 2026-03-30 11:30:17 +01:00
Mathias Vorreiter Pedersen
29768bbed4 Update cpp/ql/test/library-tests/dataflow/dataflow-tests/type-bugs.ql 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-30 11:26:24 +01:00
Mathias Vorreiter Pedersen
78c0c7cb76 C++: Exclude flow summaries from 'irTypeBugs'. 2026-03-30 11:04:42 +01:00
Paolo Tranquilli
1d028382da Merge branch 'main' into wild-crest-ql 2026-03-30 12:04:16 +02:00
Mathias Vorreiter Pedersen
503c15334a C++: Accept test changes. 2026-03-30 11:03:52 +01:00
Mathias Vorreiter Pedersen
599b7a6653 C++: Handle fields in 'getThisType'. 2026-03-30 11:00:40 +01:00
Mathias Vorreiter Pedersen
9cb8edb41a C++: Change 'Function' to 'Declaration' in a few places to handle enclosing callables being fields. 2026-03-30 11:00:38 +01:00
Mathias Vorreiter Pedersen
eb35fa0d5e C++: Unify 'isSourceParameterOf' for this parameters with the implementation for positional parameters. 2026-03-30 11:00:37 +01:00
Jeroen Ketema
6692f23cbd C++: Add change note 2026-03-30 11:50:31 +02:00
Jeroen Ketema
8349bd50ba Merge pull request #21391 from jketema/jketema/nsdmi 
C++: Handle field initialization via NSDMI in IR generation
 2026-03-30 11:35:06 +02:00
Óscar San José
59eec7ffa2 Merge branch 'main' of https://github.com/github/codeql into post-release-prep/codeql-cli-2.25.1 2026-03-30 10:51:12 +02:00
github-actions[bot]
ce6e6d5db3 Post-release preparation for codeql-cli-2.25.1 2026-03-30 08:43:48 +00:00
Paolo Tranquilli
6fad5b823c Kotlin: accept test changes 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-03-30 10:07:17 +02:00
Owen Mansel-Chan
898d12b0be Merge pull request #21608 from MarkLee131/fix/tainted-arithmetic-bounds-check-barrier 
Exclude bounds-check arithmetic from tainted-arithmetic sinks
 2026-03-29 22:47:20 +01:00
MarkLee131
e6adfbca77 Address review: update QLDoc comment and fix expected test output 
- Clarify that arithmeticUsedInBoundsCheck applies to if-condition
  comparisons, not all comparisons
- Update expected test line numbers to reflect added test calls
 2026-03-29 11:53:06 +08:00
Kaixuan Li
b595a70384 Update java/ql/lib/change-notes/2026-03-28-tainted-arithmetic-bounds-check.md 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-29 11:45:27 +08:00
Kaixuan Li
938039d82c Merge branch 'main' into fix/tainted-arithmetic-bounds-check-barrier 2026-03-29 10:25:39 +08:00
Kaixuan Li
f5cfc5e282 Update java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTainted.java 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2026-03-29 10:25:10 +08:00
Owen Mansel-Chan
58218ee630 Merge pull request #21594 from MarkLee131/fix/add-ec-to-secure-algorithm-whitelist 
Add EC to secure algorithm whitelist for Java CWE-327 query
 2026-03-28 17:13:19 +00:00
Owen Mansel-Chan
2b8558706f Add sentence to change note. 2026-03-28 16:39:16 +00:00
Owen Mansel-Chan
ea9b99f67c Rephrase change note 2026-03-28 16:36:39 +00:00
MarkLee131
0c5e89a68e Exclude bounds-check arithmetic from tainted-arithmetic sinks 
The java/tainted-arithmetic query now recognizes when an arithmetic
expression appears directly as an operand of a comparison (e.g.,
`if (off + len > array.length)`). Such expressions are bounds checks,
not vulnerable computations, and are excluded via the existing
overflowIrrelevant predicate.

Add test cases for bounds-checking patterns that should not be flagged.
 2026-03-28 17:39:40 +08:00
MarkLee131
da4a2238bc Address PR review: add Signature.getInstance sink, HMAC/PBKDF2 whitelist, fix test APIs 
- Model Signature.getInstance() as CryptoAlgoSpec sink (previously only
  Signature constructor was modeled)
- Add HMAC-based algorithms (HMACSHA1/256/384/512, HmacSHA1/256/384/512)
  and PBKDF2 to the secure algorithm whitelist
- Fix XDH/X25519/X448 tests to use KeyAgreement.getInstance() instead of
  KeyPairGenerator.getInstance() to match their key agreement semantics
- Add test cases for SHA384withECDSA, HMACSHA*, and PBKDF2WithHmacSHA1
  from user-reported false positives
- Update change note to document all additions
 2026-03-28 16:53:46 +08:00
MarkLee131
a9449cc991 Add EC to secure algorithm whitelist for Java CWE-327 query 2026-03-28 16:48:58 +08:00
Taus
a0b3c2f13a Python: Update change note 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-27 23:46:50 +01:00
Taus
187f7c7bcf Python: Move isNetworkBind check into isSink 2026-03-27 22:45:26 +00:00
Owen Mansel-Chan
37aac05964 Replace branch with acceptingValue 2026-03-27 22:39:10 +00:00
Taus
c5ef1f6342 Python: Port UseOfExit.ql 2026-03-27 22:28:38 +00:00
Owen Mansel-Chan
a7fdc4b543 Replace acceptingvalue with acceptingValue 2026-03-27 22:15:45 +00:00
Owen Mansel-Chan
a8b52acaa9 Merge pull request #21585 from github/copilot/convert-models-to-yml 
C++: Convert remaining CSV models to .model.yml and remove CSV model infrastructure
 2026-03-27 20:48:34 +00:00
Geoffrey White
a9cce1c0fa C++: Undo increasing query precision. 2026-03-27 17:32:03 +00:00
Geoffrey White
4f3108c444 C++: Update change note. 2026-03-27 17:04:05 +00:00
Taus
4f74d421b9 Python: Exclude AF_UNIX sockets from BindToAllInterfaces 
Looking at the results of the the previous DCA run, there was a bunch of
false positives where `bind` was being used with a `AF_UNIX` socket (a
filesystem path encoded as a string), not a `(host, port)` tuple. These
results should be excluded from the query, as they are not vulnerable.

Ideally, we would just add `.TupleElement[0]` to the MaD sink, except we
don't actually support this in Python MaD...

So, instead I opted for a more low-tech solution: check that the
argument in question flows from a tuple in the local scope.

This eliminates a bunch of false positives on `python/cpython` leaving
behind four true positive results.
 2026-03-27 16:55:10 +00:00
Geoffrey White
50681a3c42 C++: Add note to the .qhelp. 2026-03-27 16:47:31 +00:00
Geoffrey White
bb9873dc8f C++: Increase the query precision to high. 2026-03-27 16:40:45 +00:00
Jeroen Ketema
0f8e39a236 C++: Silence ExtractionRecoverableWarnings when BMN is active 2026-03-27 13:42:44 +01:00
Taus
47d24632e6 Python: Port ShouldUseWithStatement.ql 
Only trivial test changes.
 2026-03-27 12:34:20 +00:00
Taus
0ea80ac184 Python: Port UnusedExceptionObject.ql 
Depending on whether other queries depend on this, we may end up moving
the exception utility functions to a more central location.
 2026-03-27 12:34:14 +00:00
Taus
60f9ce4ce7 Python: Port UnreachableCode.ql 2026-03-27 12:33:04 +00:00
Owen Mansel-Chan
b3285c6ae2 Make description of acceptingvalue column clearer 2026-03-27 11:35:22 +00:00
Owen Mansel-Chan
c07a814515 Add comments to converted MaD file 2026-03-27 11:23:33 +00:00
Mathias Vorreiter Pedersen
8fc914f636 Merge pull request #21591 from MathiasVP/restrict-pair-cand 
C++: Fix join orders in virtual dispatch computation
 2026-03-27 11:20:53 +00:00
Owen Mansel-Chan
7e1ad825c3 Fix model row with misaligned columns 
The original CSV had too many columns, and copilot cut off the last one, before adding the provenance column at the end.
 2026-03-27 11:17:15 +00:00
Tom Hvitved
6dc98cfd01 Rust: Infer argument types based on trait bounds on parameters 2026-03-27 11:39:03 +01:00
Owen Mansel-Chan
f897575d3f Update change note 2026-03-27 10:11:13 +00:00
Paolo Tranquilli
55b95d22e9 Merge pull request #21580 from github/dependabot/bazel/rules_shell-0.7.1 
Bump rules_shell from 0.6.1 to 0.7.1
 2026-03-27 11:08:39 +01:00
Owen Mansel-Chan
5451424e75 Rust: Fix columns for neutrals 2026-03-27 09:47:36 +00:00