hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-26 12:52:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,686 Branches 158 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
b9fa837963 C#: Add new CFG test for try/finally 2019-09-12 11:44:04 +02:00
Tom Hvitved
3d32f3d173 C#: Restructure existing CFG tests for try/finally 2019-09-12 11:44:04 +02:00
AndreiDiaconu1
47120bc923 PR fixes 2019-09-12 10:34:00 +01:00
Calum Grant
e330d5a6c6 Merge pull request #1549 from hvitved/csharp/cfg/loop-unrolling 
C#: Loop unrolling for `foreach` statements
 2019-09-12 10:24:26 +01:00
AndreiDiaconu1
420abbf3dc C# IR: Support for ContinueStmt 
Added support for continue stmt.
Minimal refactoring of the `TranslatedSpecificJump` classes.
Added a new test file, `jumps.cs` and updated the expected output.
 2019-09-12 10:01:48 +01:00
Anders Schack-Mulligen
6299625b3d C#: Adjust qltest expected output. 2019-09-12 11:00:49 +02:00
Anders Schack-Mulligen
61e4e61087 C++: Adjust qltest expected output. 2019-09-12 11:00:49 +02:00
Anders Schack-Mulligen
2d620698d8 Java: Adjust qltest expected output. 2019-09-12 11:00:49 +02:00
Anders Schack-Mulligen
95e2f162d9 Java/C++/C#: Adjust toString of empty accesspath. 2019-09-12 11:00:49 +02:00
Anders Schack-Mulligen
0a4b15d40b Java/C++/C#: Add nodes predicate to PathGraph. 2019-09-12 11:00:49 +02:00
Erik Krogh Kristensen
2db0cdf4e2 two small qhelp fixes 2019-09-12 10:00:08 +01:00
semmle-qlci
10076a6b2b Merge pull request #1886 from jbj/ir-taint-shared 
Approved by rdmarsh2
 2019-09-12 06:48:24 +01:00
Robert Marsh
e71a39f6b6 Merge pull request #1912 from jbj/tainttracking-ir-1 
C++: Stub replacement for security.TaintTracking
 2019-09-11 13:44:39 -07:00
Tom Hvitved
8f3f9406e2 C#: Early identification of duplicate extraction 2019-09-11 20:47:20 +02:00
Geoffrey White
d1cc28e253 CPP: Address review comments. 2019-09-11 17:14:05 +01:00
Geoffrey White
ee07c705a4 CPP: More review suggestions. 2019-09-11 17:14:05 +01:00
Geoffrey White
8134d80c46 CPP: Review suggestions. 2019-09-11 17:14:05 +01:00
Geoffrey White
120b0c0c2c CPP: Modernize the TemplateVariables test and have the TemplateVariables actually included in the scope of the test. 2019-09-11 17:14:05 +01:00
Geoffrey White
68196df561 CPP: Examples Variable.qll. 2019-09-11 17:11:53 +01:00
semmle-qlci
72db219c13 Merge pull request #1910 from xiemaisi/js/unused-index-variable 
Approved by esben-semmle, shati-semmle
 2019-09-11 14:33:32 +01:00
Jonas Jensen
6912cafc54 C++: Use the RelationalOperation class 2019-09-11 15:21:49 +02:00
Jonas Jensen
0d0ab9157c C++: Address review comments 2019-09-11 15:20:36 +02:00
Taus Brock-Nannestad
1013fb7b25 Update .expected file for Python 3 tests. 2019-09-11 14:13:05 +02:00
Calum Grant
b85823bec5 Merge pull request #1857 from AndreiDiaconu1/ircsharp-forstmt 
C# IR: More support for `ForStmt`s
 2019-09-11 13:11:05 +01:00
Jonas Jensen
6021b4f04a C++: Remove local flow from additional taint step 
This case was not supposed to be there -- that was the whole point of
having the `localAdditionalTaintStep` predicate.
 2019-09-11 14:09:17 +02:00
Erik Krogh Kristensen
493a31d98d more fixes based on review 2019-09-11 12:53:59 +01:00
Jonas Jensen
ee16b239de C++: Add PointerToFieldLiteral class 
Marking these expressions as constants fixes the CFG discrepancies that
can be observed on the affected test and on snapshots of MySQL.
 2019-09-11 13:40:24 +02:00
Max Schaefer
500cde68c3 JavaScript: Add new query UnusedIndexVariable. 2019-09-11 11:36:50 +01:00
Esben Sparre Andreasen
9aa0e711b2 JS: update expected output 2019-09-11 12:33:41 +02:00
Erik Krogh Kristensen
bec522f0df small changes based on review feedback 2019-09-11 11:26:59 +01:00
shati-semmle
6924a88368 Merge pull request #1917 from jf205/recent-changes-122 
docs: port some recent changes to rc/1.22 branch
 2019-09-11 11:21:39 +01:00
Esben Sparre Andreasen
086c473c18 JS: sharpen js/http-to-file-access 2019-09-11 12:05:33 +02:00
Esben Sparre Andreasen
0e31cad027 JS: simplify this.getStringValue() to getStringValue() 2019-09-11 10:56:49 +02:00
Esben Sparre Andreasen
ee106ccff9 JS: simplify asExpr().getStringValue() calls 2019-09-11 10:56:57 +02:00
Esben Sparre Andreasen
aab17850d1 JS: eliminate redundant ConstantString casts 2019-09-11 10:56:49 +02:00
AndreiDiaconu1
195b99cf96 PR fixes 2019-09-11 09:54:01 +01:00
semmle-qlci
16c95d8c5e Merge pull request #1876 from esben-semmle/js/more-delimiter-stripping-whitelisting 
Approved by xiemaisi
 2019-09-11 09:16:57 +01:00
Esben Sparre Andreasen
f3de75ae07 JS: update a js/code-injection test 2019-09-11 09:45:54 +02:00
Esben Sparre Andreasen
e41080fb40 JS: add RemoteServerResponse as a heuristic remote flow source 2019-09-11 09:38:18 +02:00
Esben Sparre Andreasen
f7bfc472c1 JS: treat server responses as untrusted for command injections 2019-09-11 09:38:18 +02:00
Esben Sparre Andreasen
3e42b078e8 JS: minor additions to ClientRequest::getAResponseDataNode 2019-09-11 09:24:59 +02:00
Robert Marsh
6d8a4388cb Merge pull request #1883 from jbj/partial-definitions-const 
C++: Don't create partial defs for calls to const functions
 2019-09-10 12:46:39 -07:00
Erik Krogh Kristensen
72bbd4ded1 fix spelling mistake 2019-09-10 17:13:44 +01:00
Erik Krogh Kristensen
62d1f66fda avoid extending the abstract LoopStmt class 2019-09-10 17:08:00 +01:00
Erik Krogh Kristensen
6bb9781466 remove <br/> tags 2019-09-10 16:57:15 +01:00
Shati Patel
4a6ee7f4b3 QL HB: Add predicate call example [SD-3864] 
(cherry picked from commit cfa51a0e8b)
 2019-09-10 16:04:41 +01:00
Shati Patel
52583d0b86 QL HB: Explain use of cast [SD-3865] 
(cherry picked from commit f5de1dc999)
 2019-09-10 16:04:40 +01:00
Shati Patel
ab77d02f87 QL HB: Expand bindingset example [SD-3863] 
(cherry picked from commit 4f2c9fa3cb)
 2019-09-10 16:04:40 +01:00
Shati Patel
6b10ddf8fc QL HB: Fix typo [SD-3862] 
(cherry picked from commit acca48bd8f)
 2019-09-10 16:04:40 +01:00
james
3f4f9ec9e3 docs: update readme 
(cherry picked from commit 54342a6daa)
 2019-09-10 16:04:40 +01:00