hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-18 08:54:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,679 Branches 158 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
43bc7c6619 Python: Autoformat 
I'm not particularly happy about this one, but I don't care to fight about it today.
 2020-04-20 16:08:53 +02:00
Rasmus Wriedt Larsen
b7145af447 Python: Handle all methods in StringKind.getTaintOfMethodResult 2020-04-20 16:07:30 +02:00
Calum Grant
41d8d32764 C#: Address review comment: Make dictionary type more specific. 2020-04-20 15:06:42 +01:00
Asger Feldthaus
ca60e8264e JS: Autoformat 2020-04-20 14:42:41 +01:00
Jonas Jensen
9b61650cba Merge pull request #3298 from MathiasVP/no-inline-std-string-constructor 
C++: Add pragma[noinline] to StdStringConstructor
 2020-04-20 15:10:05 +02:00
Rasmus Wriedt Larsen
a5d3966cb3 Python: Refactor StringKind.getTaintOfMethodResult 
no need to match on ControlFlowNodes manually anymore 🎉
 2020-04-20 15:01:40 +02:00
Rasmus Wriedt Larsen
10b36bb7a8 Python: Taint of string method reference isn't handled 2020-04-20 15:01:40 +02:00
Rasmus Wriedt Larsen
1631787336 Python: Fix points-to regressions Test.ql 
Only being able to debug missing pointsTo for NameNode was quite limiting ...
 2020-04-20 14:41:55 +02:00
Rasmus Wriedt Larsen
8746876377 Python: Add points-to regression for uncalled function 2020-04-20 14:41:45 +02:00
Mathias Vorreiter Pedersen
8be1bfe8d0 C++: Add comments and accept expected dataflow sanity failures 2020-04-20 14:13:12 +02:00
Mathias Vorreiter Pedersen
7ba4526f50 C++: Add noinline to StdString constructor 2020-04-20 13:36:41 +02:00
Erik Krogh Kristensen
9fc29ee0f8 update qhelp 2020-04-20 13:29:00 +02:00
Erik Krogh Kristensen
73b0aa4004 add more attributes potentially vulnerable to xss-through-dom 2020-04-20 13:29:00 +02:00
Erik Krogh Kristensen
12f4ce8111 merge two cases of jQuery method calls 2020-04-20 13:28:55 +02:00
Erik Krogh Kristensen
aee7cc117d add change-note 2020-04-20 13:08:51 +02:00
Erik Krogh Kristensen
8b254f7b49 Merge remote-tracking branch 'upstream/master' into Maps 2020-04-20 13:00:39 +02:00
semmle-qlci
e965e5c73e Merge pull request #3094 from erik-krogh/Mispelled 
Approved by esbena
 2020-04-20 11:41:23 +01:00
Calum Grant
eb1474acee Merge pull request #3276 from hvitved/csharp/dataflow/array-tests 
C#: Add data-flow test for collections
 2020-04-20 11:36:17 +01:00
Calum Grant
ead916702a C#: Take nullability into account when creating symbol entities. Otherwise, an entity with the wrong (cached) nullability could be created. 2020-04-20 11:29:31 +01:00
Asger Feldthaus
bccc27f1e7 JS: Rephrase flowsTo to avoid redundant SourceNode::Range check 2020-04-20 10:57:52 +01:00
Erik Krogh Kristensen
2d3e42e6d6 update qhelp for xss-through-dom 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-04-20 11:50:46 +02:00
Mathias Vorreiter Pedersen
e0cd595d54 C++: Reduce intermediate tuple counts 2020-04-20 11:46:10 +02:00
Erik Krogh Kristensen
c713ba7bfe fix typo 2020-04-20 10:51:42 +02:00
Felicity Chapman
962f13ee13 Merge pull request #3287 from felicitymay/1.24/SD-61-Cpp-finalize-notes 
1.24 release: finalize change notes for C/C++
 2020-04-20 09:07:58 +01:00
Felicity Chapman
3bfcd618c0 Merge pull request #3286 from felicitymay/1.24/SD-61-JS-finalize-notes 
1.24 release: finalize change notes for JavaScript
 2020-04-20 09:07:47 +01:00
Tom Hvitved
e186c9ddd1 C#: Update data-flow collection test method names 2020-04-20 09:29:51 +02:00
Tom Hvitved
161093bd57 C#: Rename arrays data-flow test to collections 2020-04-20 09:20:42 +02:00
Mathias Vorreiter Pedersen
a6e619ce5b C++: Add field flow through single-field structs and accept tests 2020-04-20 08:52:46 +02:00
Mathias Vorreiter Pedersen
6fca23bc8b C++: Demonstrate lack of flow through single-field structs 2020-04-20 08:50:31 +02:00
Asger Feldthaus
bb9fea5a27 JS: Refactor isAmbient computation 2020-04-19 22:45:19 +01:00
Grzegorz Golawski
40fcd4cbe5 Fix references 2020-04-19 20:49:07 +02:00
Grzegorz Golawski
457e2eaf59 CodeQL query to detect OGNL injections 2020-04-19 20:31:57 +02:00
Erik Krogh Kristensen
2632699397 Merge branch 'master' of git.semmle.com:Semmle/ql into Mispelled 2020-04-18 17:58:57 +02:00
Dave Bartolomeo
8041b74f1c C++: Fix formatting 2020-04-18 09:56:38 -04:00
Dave Bartolomeo
de5abdb29a C++/C#: Add missing QLDoc 2020-04-18 09:55:35 -04:00
semmle-qlci
243dea706e Merge pull request #3269 from erik-krogh/Promisify 
Approved by esbena
 2020-04-18 13:02:42 +01:00
yo-h
26f624d2d4 Merge pull request #3285 from felicitymay/1.24/SD-61-Java-finalize-notes 
1.24 release: finalize change notes for Java
 2020-04-17 17:04:38 -04:00
Grzegorz Golawski
af48bc3e57 CodeQL query to detect JNDI injections 2020-04-17 21:45:42 +02:00
Robert Marsh
9008084b74 Merge pull request #3272 from dbartol/dbartol/DumpFixes 
C++: A couple of fixes for IR dumps
 2020-04-17 11:49:52 -07:00
Geoffrey White
a7c22db989 C++: Autoformat. 2020-04-17 18:50:41 +01:00
Geoffrey White
de751b0b75 C++: Correct UnsignedBitwiseAndExpr. 2020-04-17 17:10:59 +01:00
Geoffrey White
01d3257d72 C++: Add test cases involving casts. 2020-04-17 17:01:58 +01:00
Jonas Jensen
8ca6c57eef Merge pull request #3118 from MathiasVP/ir-flow-fields 
C++: IR field flow
 2020-04-17 15:49:19 +02:00
Felicity Chapman
05d0d844bd Editorial changes 2020-04-17 14:44:14 +01:00
Calum Grant
dbff9b6fc7 Merge pull request #3284 from felicitymay/1.24/SD-61-CS-finalize-notes 
1.24 release: finalize change notes for C#
 2020-04-17 14:13:39 +01:00
Felicity Chapman
d5145d9f0a Sort table alphabetically 2020-04-17 14:05:21 +01:00
Felicity Chapman
c1323886b6 Update change-notes/1.24/analysis-javascript.md 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-04-17 13:30:49 +01:00
Erik Krogh Kristensen
cffa911661 retarget change note for 1.25 2020-04-17 14:22:57 +02:00
Erik Krogh Kristensen
a2ddf7bf8f retarget change-note for 1.25 2020-04-17 14:19:17 +02:00
Erik Krogh Kristensen
88f600fa34 more -> additional 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-04-17 14:14:08 +02:00