hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-20 01:44:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,683 Branches 158 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
14740d4ccc move existing array taint stracking into Arrays.qll 2020-03-09 09:20:45 +01:00
Asger Feldthaus
a9a9c14eea JS: Change note 2020-03-07 15:15:13 +00:00
Asger Feldthaus
a1d479e975 JS: Declassify sensitive exprs with special characters 2020-03-07 15:15:13 +00:00
Asger Feldthaus
759631ae56 JS: Raise default memory limit to 2.4G 2020-03-07 15:13:53 +00:00
Asger Feldthaus
c55dcf88d5 JS: Improve error reporting 2020-03-07 15:13:52 +00:00
Asger Feldthaus
549d4e9b57 JS: Do not restart in the middle of a message 2020-03-07 15:13:52 +00:00
Asger Feldthaus
e1657b237b JS: Extract compiler-restarting into a function 2020-03-07 15:13:52 +00:00
Asger Feldthaus
2ef21ea4b8 JS: Only evaluate relevant barrier guards 2020-03-07 15:13:20 +00:00
Asger Feldthaus
fd1a14d3bd JS: Add qldoc to a private predicate 2020-03-07 15:13:20 +00:00
Asger Feldthaus
eed4204e04 JS: Lift some internal members to private top-level 2020-03-07 15:13:20 +00:00
Ted Reed
a425e5fb5c Reduce false positives with small heuristics 2020-03-06 23:12:16 -05:00
SpaceWhite
5e912cbf8e Move directory to experimental 2020-03-07 11:55:32 +09:00
SpaceWhite
8cdc2bb268 Merge branch 'master' into CWE-094 2020-03-07 11:54:31 +09:00
SpaceWhite
b7af1645aa Move directory to experimental 2020-03-07 11:49:33 +09:00
SpaceWhite
2ec107bc2d Merge branch 'master' into CWE-643 2020-03-07 11:47:53 +09:00
Rebecca Valentine
2f3967cf5e Python: Fixes erroneous modernization bug 2020-03-06 18:31:38 -08:00
Rebecca Valentine
3e36c672cf Python: Removes superfluous cast 2020-03-06 13:06:11 -08:00
Rebecca Valentine
7b49c8e6f8 Python: Fixes bug in modernization 2020-03-06 12:47:46 -08:00
Jonas Jensen
0cd3eb7b7e C++: Accept test changes 
Some IR inconsistencies are "fixed" because we no longer translate
constant initializers of static locals.
 2020-03-06 20:20:47 +01:00
Rasmus Wriedt Larsen
8b2c74a4dd Python: Modernise remaining Security/*.qll files 2020-03-06 17:30:02 +01:00
Rasmus Wriedt Larsen
14957345a3 Python: Fix formatting of isLegalExceptionType 2020-03-06 17:27:50 +01:00
Rasmus Wriedt Larsen
70634fe30e Python: Remove usage of deprecated .getValue() 2020-03-06 16:20:31 +01:00
Felicity Chapman
90a9a6d2ac Update docs/language/learn-ql/python/introduce-libraries-python.rst 2020-03-06 15:13:10 +00:00
Jonas Jensen
cc38abd228 C++: Ignore constant static initializers 2020-03-06 15:05:28 +01:00
Jonas Jensen
02f0b89a0d C++: Test for constant static initializer 2020-03-06 15:05:28 +01:00
Rasmus Wriedt Larsen
2416cac8f4 Python: Modernise StringKind files 2020-03-06 14:45:03 +01:00
Alistair
40e8ccc020 Merge pull request #2879 from hubwriter/alistairs-docs-preparation-csharp 
CodeQL migration: C# topics - change titles & add intros (2174)
 2020-03-06 13:07:15 +00:00
mc
2c542df576 Merge pull request #2897 from mchammer01/js-migration-work 
Code QL pre-migration tasks: update articles relating to CodeQL for JavaScript
 2020-03-06 11:31:08 +00:00
mc
3558bb8bc0 Update docs/language/learn-ql/javascript/dataflow-cheat-sheet.rst 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-03-06 10:51:13 +00:00
mc
d777c08fc2 Update docs/language/learn-ql/javascript/type-tracking.rst 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-03-06 10:50:59 +00:00
semmle-qlci
3ae1aada37 Merge pull request #2995 from tausbn/python-fix-nested-sequence-assign-cp 
Approved by RasmusWL
 2020-03-06 09:43:24 +00:00
mchammer01
0a2ca55374 Merge branch 'js-migration-work' of github.com:mchammer01/ql into js-migration-work 2020-03-06 09:24:01 +00:00
mchammer01
fbe0735a5e pre-migration tasks: address review comments 2020-03-06 09:20:40 +00:00
semmle-qlci
7891f8621e Merge pull request #2982 from esbena/js/request-model-with-chaining 
Approved by asgerf
 2020-03-06 08:57:42 +00:00
semmle-qlci
ddc2f973d1 Merge pull request #3001 from asger-semmle/js/autoformat 
Approved by erik-krogh
 2020-03-06 08:53:56 +00:00
mc
e0ceeef4dc Update docs/language/learn-ql/javascript/type-tracking.rst 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-03-06 08:18:07 +00:00
mc
0773bfc2d7 Update docs/language/learn-ql/javascript/introduce-libraries-ts.rst 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-03-06 08:17:52 +00:00
Jonas Jensen
a13f355a85 C++: autoformat fixup 2020-03-06 08:29:46 +01:00
Ted Reed
8e1a7fef30 CPP: Add query for CWE-273 that detects out-of-order setuid 2020-03-05 14:21:32 -05:00
Asger Feldthaus
2c8eae22d1 JS: Autoformat 2020-03-05 16:58:49 +00:00
Taus Brock-Nannestad
2face94fa5 Python: Mitigate CP in nested_sequence_assign. 
The problem here was that in the base case, there was no relationship between
`left_parent` and `right_parent`. These could be any two tuples or lists, even
if they were not part of an assignment statement.

To fix this, we add a bit of manual "magic", requiring that both of these
arguments must belong to the left and right-hand sides of the same assignment
statement.

(Note that this is in principle _still_ a gross overapproximation, but since
assignment statements are usually quite restricted in size, I don't expect this
to be a major problem.)
 2020-03-05 14:09:50 +01:00
Rasmus Wriedt Larsen
fb1e993c0f Merge pull request #2963 from BekaValentine/python-objectapi-to-valueapi-advancedformatting 
Python: ObjectAPI to ValueAPI: AdvancedFormatting
 2020-03-05 13:40:02 +01:00
Jonas Jensen
e29f517af2 C++: Move InstructionSanity out of Instruction.qll 
Having that module in `Instruction.qll` slowed down the parsing of that
file both humans and the compiler.

This commit moves the `InstructionSanity` module to `IRSanity.qll`
without making any changes to its contents apart from adding some
imports.
 2020-03-05 12:11:50 +01:00
mchammer01
162a683075 pre-migration task: update links 2020-03-05 10:33:39 +00:00
Felicity Chapman
62bcc1a512 Merge pull request #2986 from felicitymay/1.23/2210-replace-links-semmle.com 
1.23: Update or remove unwanted links
 2020-03-05 10:20:35 +00:00
semmle-qlci
0d76c71ed7 Merge pull request #2981 from asger-semmle/js/lower-syntax-error-severity 
Approved by max-schaefer
 2020-03-05 09:47:56 +00:00
semmle-qlci
98cee5cc1d Merge pull request #2967 from asger-semmle/js/flow-through-prop 
Approved by esbena
 2020-03-05 09:46:35 +00:00
semmle-qlci
85ee5fc988 Merge pull request #2955 from erik-krogh/BetterHeader 
Approved by asgerf
 2020-03-05 08:24:43 +00:00
Rebecca Valentine
d535246703 Python: Modernizes query 2020-03-04 17:28:44 -08:00
Rebecca Valentine
646bc29e76 Python: Modernizes query 2020-03-04 17:22:21 -08:00