hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-23 19:32:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,686 Branches 158 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
89dac23969 remove 3 FP sources from use-of-returnless-function 2019-11-26 10:16:18 +01:00
semmle-qlci
fb44aa18bd Merge pull request #2428 from erik-krogh/useOfReturnlessFunctionSuperCalls 
Approved by max-schaefer
 2019-11-26 09:14:08 +00:00
semmle-qlci
cf92022c89 Merge pull request #2420 from erik-krogh/safeStringSink 
Approved by asgerf
 2019-11-26 08:09:05 +00:00
Robert Marsh
60b384a6e5 C++/C#: use line numbers for instruction IDs 
This should reduce the number of merge conflicts in the IR tests resulting
from instruction ID changes due to inserting or removing instructions
 2019-11-25 18:27:59 -05:00
yo-h
1a07f215ad Merge pull request #2436 from felicitymay/1.23/SD-4095-finalize-change-notes-java 
1.23: SD-4095 finalize change notes for Java
 2019-11-25 18:19:25 -05:00
Calum Grant
113df4ea1d Merge pull request #2278 from hvitved/csharp/autobuilder/shared-compilation 
C#: Only set `UseSharedCompilation=false` in autobuilder when needed
 2019-11-25 18:37:09 +00:00
Dave Bartolomeo
7d48220a76 C++/C#: Make QLDoc conform to style guide 2019-11-25 11:26:45 -07:00
Dave Bartolomeo
44c1c5a7ab C++: Update points_to.ql test to use new bit offset format 2019-11-25 11:13:02 -07:00
Dave Bartolomeo
521fbb125e C++/C#: Fix formatting 2019-11-25 11:12:23 -07:00
Felicity Chapman
775ed381e1 Update to clarify status of one new query 2019-11-25 17:35:01 +00:00
Asger F
e3e15a6015 JS: Rephrase change note 2019-11-25 17:20:42 +00:00
Asger F
df97ab2cb8 TS: Add INDEX prefix to env variables 2019-11-25 17:10:00 +00:00
Asger F
2508da7971 JS: Add change note 2019-11-25 17:01:32 +00:00
Asger F
7e515aeb72 TS: Verify yarn installation 2019-11-25 16:22:21 +00:00
Cornelius Riemenschneider
37f162106a Fix formatting of file. 2019-11-25 17:04:38 +01:00
Tom Hvitved
fede9aed04 Merge pull request #2355 from cldrn/AspNetMaxRequestLength 
CodeQL query to check for insecure MaxLengthRequest values in ASP.NET applications
 2019-11-25 17:02:22 +01:00
Felicity Chapman
87fca1fde6 Remove backticks from 'struct' 2019-11-25 15:56:29 +00:00
Tom Hvitved
07e18c88a8 C#: Address review comments 2019-11-25 16:51:09 +01:00
Felicity Chapman
49bdf7ed1c Fix table sort order 2019-11-25 15:36:58 +00:00
Felicity Chapman
f75b61e2f0 Minor text changes 2019-11-25 15:36:37 +00:00
semmle-qlci
d58a6b02bf Merge pull request #2396 from hvitved/dataflow/erased-type-class 
Approved by aschackmull, jbj
 2019-11-25 15:22:13 +00:00
Felicity Chapman
f5bf877671 Fix table sort order 2019-11-25 15:18:30 +00:00
Felicity Chapman
dc258f13e3 Minor text changes 2019-11-25 15:17:02 +00:00
Geoffrey White
1d26d4c5e4 Merge pull request #2404 from jbj/signed-overflow-macro 
C++: Fix SignedOverflowCheck.ql performance
 2019-11-25 15:15:57 +00:00
Asger F
e5ba80b18c JS: Add test 2019-11-25 15:05:33 +00:00
Asger F
82b35a116c JS: Handle .js import of .ts file 2019-11-25 14:58:12 +00:00
Asger F
b306eeeb6e TS: Option to install dependencies 2019-11-25 14:42:17 +00:00
Dave Bartolomeo
4a21123107 Merge pull request #2427 from jbj/comparison-with-wider-type-notc 
C++: Stricter loop-variant check
 2019-11-25 07:38:02 -07:00
Taus Brock-Nannestad
036e0f75c8 Python: Account for non-evaluation of annotations in cyclic imports. 
Should fix #2426.

Essentially, we disregard expressions used inside annotations, if these
annotations occur in a file that has `from __future__ import annotations`, as
this prevents the annotations from being evaluated.
 2019-11-25 15:32:52 +01:00
Felicity Chapman
419c1c6311 Fix table sort order 2019-11-25 14:29:13 +00:00
Cornelius Riemenschneider
3368169df8 Address review. 2019-11-25 14:54:50 +01:00
Erik Krogh Kristensen
9bd6363521 Merge remote-tracking branch 'upstream/master' into promiseAll 2019-11-25 14:34:58 +01:00
Tom Hvitved
795959ef8d C#: Update expected test output 2019-11-25 13:41:12 +01:00
Tom Hvitved
71fd5379c9 C#: Remove tabs from qhelp file 2019-11-25 13:40:44 +01:00
Felicity Chapman
b5a88586ab Minor text changes to C# notes 2019-11-25 12:39:54 +00:00
shati-patel
9b5437c91e Merge pull request #2318 from rdmarsh2/rdmarsh/docs/cpp/taint-tracking-sanitizer-example 
C++/Docs: add example based on NtohlArrayNoBound
 2019-11-25 12:24:01 +00:00
Rasmus Wriedt Larsen
0f91139055 Merge pull request #2419 from tausbn/python-fix-use-of-input-fp 
Python: Fix false positive for `py/use-of-input`.
 2019-11-25 12:08:39 +01:00
Erik Krogh Kristensen
4efc71b7a2 remove FP in use-of-returnless-function FP related to calls to super() 2019-11-25 11:48:16 +01:00
Tom Hvitved
a26efdf4c1 Java/C++/C#: Rename DataFlowErasedType back to DataFlowType 2019-11-25 11:43:58 +01:00
Jonas Jensen
5ee19c5a66 C++: Stricter loop-variant check 
The `loopVariant` predicate in `ComparisonWithWiderType.ql` is intended
to identify loop counters, but it was too much of a stretch to apply it
to any subexpression of the small side of the comparison.

This change fixes two false positives on arvidn/libtorrent and many
others seen in the wild (on Linux, CoreCLR, ffmpeg, ...).
 2019-11-25 11:31:41 +01:00
Erik Krogh Kristensen
c7235bb372 add sources and sinks for typeahead.js 2019-11-25 10:46:54 +01:00
Jonas Jensen
8f3998915b Merge pull request #2376 from geoffw0/qhelpms2 
CPP: Recommendations and examples for TlsSettingsMisconfiguration.qhelp and UseOfDeprecatedHardCodedProtocol.qhelp
 2019-11-25 08:17:32 +01:00
Rebecca Valentine
a8204385c3 Adds fix for __init_subclass__ bug. (#2390) 
* Adds fix for __init_subclass__ bug.

* Adds test case.

* Move test on name.

I think it makes more sense here, alongside the other "special" method names.
 2019-11-24 12:18:17 +01:00
Dave Bartolomeo
eda47bfc51 C++: Add SSA sanity tests to IR tests 2019-11-22 16:10:51 -07:00
Dave Bartolomeo
bd78f68975 C++/C#: Fix formatting 2019-11-22 16:08:49 -07:00
Raul Garcia (MSFT)
908d789f1b Merge branch 'master' of https://github.com/semmle/ql 2019-11-22 13:25:22 -08:00
Dave Bartolomeo
df21835759 C++/C#: Refactor some integer constant code 
Make `bitsToBytesAndBits` omit the leftover bits if zero.
 2019-11-22 13:23:00 -07:00
Dave Bartolomeo
51ff262cbc C++/C#: Add IR SSA sanity tests 2019-11-22 13:16:05 -07:00
Dave Bartolomeo
bc48c25690 C++/C#: Make IRVariable and its derived classes non-abstract 2019-11-22 12:13:39 -07:00
Dave Bartolomeo
12daa76b70 C++: Make duplicateOperand query report function name 2019-11-22 11:00:01 -07:00