hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-17 00:14:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,679 Branches 158 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
b9995b784d Update javascript/ql/src/semmle/javascript/frameworks/ConnectExpressShared.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-05-15 09:59:27 +01:00
Asger Feldthaus
a982cdc39c JS: Autoformat 2020-05-15 09:59:27 +01:00
Asger Feldthaus
bfbe70a7a9 JS: Fixes 2020-05-15 09:59:27 +01:00
Asger Feldthaus
82d3a7eb23 JS: Go back to disjunction 😭 2020-05-15 09:59:27 +01:00
Asger Feldthaus
c45d84f8f3 JS: Update getRouteHandlerParameter and router tracking 2020-05-15 09:59:27 +01:00
Asger Feldthaus
9cacfab7c6 JS: Recognize Express param value callback as RemoteFlowSource 2020-05-15 09:59:26 +01:00
Geoffrey White
48f3db3fbe Merge branch 'master' into fp2762 2020-05-15 09:55:30 +01:00
Erik Krogh Kristensen
6d79bab7e4 rename Fs to FS 2020-05-15 10:54:08 +02:00
Erik Krogh Kristensen
dd3342ba6f restrict the number of stored array elements 2020-05-15 10:01:27 +02:00
Erik Krogh Kristensen
4eb96848a6 add change note for bluebird and "Promise" 2020-05-15 09:58:33 +02:00
Erik Krogh Kristensen
cb96ee8def remove redundant instanceof check 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-05-15 09:58:18 +02:00
Erik Krogh Kristensen
7df35a6bab update change note 2020-05-15 09:52:59 +02:00
semmle-qlci
a536069059 Merge pull request #3408 from esbena/js/unsafe-html-expansion 
Approved by asgerf, mchammer01
 2020-05-15 08:24:12 +01:00
Tom Hvitved
01102b309b C#: Rename predicates 2020-05-15 09:06:12 +02:00
Grzegorz Golawski
14ce049fc6 Add support for Saxon 2020-05-15 00:12:08 +02:00
Dave Bartolomeo
4614372873 C++/C#: Add QLDoc 2020-05-14 17:49:23 -04:00
Dave Bartolomeo
6c12b59f0f C++/C#: Allow non-Phi memory operands to have no definition 2020-05-14 17:22:23 -04:00
Henning Makholm
43e8a0f716 Apply suggestions from code review 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2020-05-14 23:13:50 +02:00
Erik Krogh Kristensen
6775294ac1 update expected output 2020-05-14 22:26:44 +02:00
Rasmus Lerchedahl Petersen
81a5692935 Python: handle \uxxxx and refactor 2020-05-14 21:22:21 +02:00
Erik Krogh Kristensen
e7d1b12ac8 add test 2020-05-14 20:31:23 +02:00
Erik Krogh Kristensen
6d2bffef72 add fs.open/openSync as ZipSlip sinks 2020-05-14 20:31:13 +02:00
Erik Krogh Kristensen
2d675262b2 use the generalized fs module in more places 2020-05-14 20:31:00 +02:00
Geoffrey White
6579c71866 C++: Change note. 2020-05-14 18:44:06 +01:00
Geoffrey White
df5e16c45d C++: Add a 1.25 change note file (didn't we used to have templates for these?). 2020-05-14 18:41:14 +01:00
Geoffrey White
4a6021fb61 C++: Allow equality checking to block taint flow. 2020-05-14 18:32:38 +01:00
Erik Krogh Kristensen
5132e61ce7 add tests 2020-05-14 18:55:49 +02:00
Erik Krogh Kristensen
e98f794dab implement precise data-flow steps for Promise.all 2020-05-14 18:55:44 +02:00
Henning Makholm
69ba22a3c2 QL handbook: bring library path documentation up to date 2020-05-14 18:41:22 +02:00
semmle-qlci
c06680a496 Merge pull request #3470 from asger-semmle/js/cache-module-import 
Approved by esbena
 2020-05-14 17:20:04 +01:00
Mathias Vorreiter Pedersen
fe682556bf Merge pull request #3475 from jbj/field-conflation-memcpy 
C++: Test field conflation with array in struct
 2020-05-14 17:53:32 +02:00
Dave Bartolomeo
efa133f0db Merge pull request #3463 from MathiasVP/fix-field-flow-annotation 
C++: Annotate field flow tests
 2020-05-14 10:49:27 -04:00
Jonas Jensen
49ebb3197a Merge pull request #3472 from geoffw0/paramstring 
C++: Improve getParameterString().
 2020-05-14 16:48:07 +02:00
Jonas Jensen
a380dc113f C++: Test field conflation with array in struct 2020-05-14 16:29:39 +02:00
Dave Bartolomeo
9de597db25 C++: Refactor Operand to prepare for cross-phase IPA sharing 2020-05-14 10:29:08 -04:00
Geoffrey White
754d7f0be8 C++: More test cases for TaintedAllocationSize. 2020-05-14 15:23:31 +01:00
Anders Schack-Mulligen
1838a7455a Java: Add taint steps for String.formatted. 2020-05-14 16:17:03 +02:00
Rasmus Lerchedahl Petersen
21d1ea5d96 Merge branch 'boolDefault' of github.com:yoff/codeql into boolDefault 2020-05-14 16:06:58 +02:00
Tom Hvitved
2c243ad1cd C#: Add data-flow test 2020-05-14 15:58:50 +02:00
Tom Hvitved
2d7470fc3a C++: Follow-up changes 2020-05-14 15:58:50 +02:00
Tom Hvitved
e608c53c3f Java: Follow-up changes 2020-05-14 15:58:50 +02:00
Tom Hvitved
aa83cc1472 Data flow: Sync files 2020-05-14 15:58:50 +02:00
Tom Hvitved
a0d100485b Data flow: Rename Content variables from f to c 2020-05-14 15:58:50 +02:00
Tom Hvitved
f1cd53507d Data flow: Track precise types during field flow 2020-05-14 15:58:50 +02:00
Jonas Jensen
3cd377e299 C++: Fixup forgotten test annotation 
This should have been removed in 038bea2f52.
 2020-05-14 15:57:47 +02:00
Rasmus Lerchedahl Petersen
1817d2af2b Make test for wrong bool type pass 2020-05-14 15:56:57 +02:00
Rasmus Lerchedahl Petersen
7b004c3746 Python: Add test for wrong exception type 2020-05-14 15:42:52 +02:00
Anders Schack-Mulligen
0aad24e6db Java: Extend library support for switch expressions. 2020-05-14 15:40:26 +02:00
Mathias Vorreiter Pedersen
1c2b8563ae C++: Remove 'flow' value from testcases 2020-05-14 15:33:02 +02:00
Geoffrey White
6583012e6d C++: Use concat in getParameterString(). 2020-05-14 14:21:46 +01:00