hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-01 16:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
2a4d21a989 Python: Test method call 2020-10-02 10:02:29 +02:00
Chris Smowton
aa707e9370 Merge pull request #4381 from smowton/smowton/admin/fix-owasp-broken-links 
Fix OWASP broken links
 2020-10-02 08:51:36 +01:00
Tamas Vajk
1cf3196b61 Fix additional PR review findings 2020-10-02 09:12:13 +02:00
Tamas Vajk
01de550ef8 Make predicates private 2020-10-02 09:12:13 +02:00
Tamas Vajk
f52cf264ec Refactor specificSubExprSign 2020-10-02 09:12:13 +02:00
Tamas Vajk
f03146d12f Refactor fieldSign 2020-10-02 09:12:13 +02:00
Tamas Vajk
21ff1a0445 Address some of the PR review findings 2020-10-02 09:12:13 +02:00
Tamas Vajk
638d0399a8 Java, C#: Refactor explicitSsaDefSign in sign analysis 2020-10-02 09:09:23 +02:00
Tamas Vajk
7545fe74e3 Java, C#: Refactor implicitSsaDefSign in sign analysis 2020-10-02 09:09:23 +02:00
Tamas Vajk
37fc1d6f0f Java, C#: cleanup sign analysis 
Add missing QL doc, improve readability
 2020-10-02 09:09:23 +02:00
Gulshan Singh
f026d3a1e6 C++: Improve bitwise and range analysis 2020-10-01 23:30:51 -07:00
Gulshan Singh
78625b764d C++: Add test for bitwise and ranges 2020-10-01 23:30:48 -07:00
Jonathan Leitschuh
ab3772eaeb Update JHipster CodeQL query from code review 2020-10-01 15:38:56 -04:00
Tom Hvitved
bc68578c8b C#: Remove deprecated external queries 2020-10-01 21:11:47 +02:00
Jonas Jensen
48c6f34f91 Merge pull request #4372 from matt-gretton-dann/cpp20-constinit 
Add support for Variable.is_constinit()
 2020-10-01 20:19:56 +02:00
Aditya Sharad
f7f05476a2 Merge pull request #4375 from adityasharad/javascript/client-side-url-redirect-regexp 
JavaScript: Track taint through RegExp.prototype.exec for URL redirection
 2020-10-01 09:55:19 -07:00
Geoffrey White
ad9f306352 C++: Model taint flow only when the second component of a pair would be tainted. 2020-10-01 17:38:09 +01:00
Ian Lynagh
e555b6b2a8 Merge pull request #4380 from github/igfoo/unnamed 
C++: Accept test changes in unnamed entity naming
 2020-10-01 17:16:20 +01:00
Taus Brock-Nannestad
75f4051cb5 Python: Fix hasLocationInfo for packages 2020-10-01 17:21:53 +02:00
Joe
ca4781eb78 Java: Remove use of StringFormatMethod in TaintTrackingUtils 2020-10-01 15:58:32 +01:00
Rasmus Lerchedahl Petersen
0841e92a6b Python: Test for method call 2020-10-01 16:26:12 +02:00
Alexander Eyers-Taylor
5ce0974eb2 Fix the name of the vscode extension recommendation 
The name is case sensitive so it didn't work before.
 2020-10-01 14:40:45 +01:00
Rasmus Lerchedahl Petersen
5326125b70 Python: Handle positional construtor arguments 2020-10-01 15:28:26 +02:00
Anders Schack-Mulligen
c027f3bd2b Merge pull request #4324 from tamasvajk/feature/unsigned-sign-analysis 
Handle unsigned types in sign analysis (C# and Java)
 2020-10-01 15:11:49 +02:00
CodeQL CI
36450a8998 Merge pull request #4338 from erik-krogh/nodejs-server-request-data 
Approved by asgerf
 2020-10-01 06:00:17 -07:00
Erik Krogh Kristensen
d54a057457 Merge pull request #4377 from erik-krogh/babelCrash 
JS: prevent crash when TemplateLiteral is used in import
 2020-10-01 14:58:45 +02:00
Chris Smowton
578ea1ae43 Fix OWASP broken links 2020-10-01 13:09:52 +01:00
Erik Krogh Kristensen
18f7f2b559 autoformat 2020-10-01 13:49:31 +02:00
Erik Krogh Kristensen
4dec2171da add http request server data as a RemoteFlowSource 2020-10-01 13:21:56 +02:00
Rasmus Wriedt Larsen
3247b300ae Python: Fix problem with missing use-use flow 2020-10-01 12:55:11 +02:00
Rasmus Wriedt Larsen
9b3509f0ba Python: Highlight problem with missing use-use flow 2020-10-01 12:51:44 +02:00
Rasmus Lerchedahl Petersen
2187389da1 Python: Show constructor keyword arg problem 
Also make tests runnable
 2020-10-01 12:48:38 +02:00
CodeQL CI
0158e2ffef Merge pull request #4374 from max-schaefer/js/api-graph 
Approved by erik-krogh
 2020-10-01 03:33:45 -07:00
Rasmus Lerchedahl Petersen
db23dad6ec Python: Allow callables to connect to calls freely 2020-10-01 12:33:42 +02:00
Max Schaefer
7f075202c6 Merge pull request #4367 from erik-krogh/sql-api 
JS: Fixing an API-graph gotcha in `SQL.qll`
 2020-10-01 11:33:01 +01:00
Geoffrey White
084e6f6d9b C++: Add change note. 2020-10-01 11:04:40 +01:00
Geoffrey White
fb9a3b323d C++: Modernize MemcpyFunction. 2020-10-01 10:53:18 +01:00
Geoffrey White
ce9abe071d C++: Remove taint flow from size parameter. 2020-10-01 10:51:01 +01:00
Geoffrey White
ed5c3b321f C++: Repair callDereferences for failing test. 2020-10-01 10:38:12 +01:00
Erik Krogh Kristensen
fbd62abd64 prevent crash when TemplateLiteral is used in import 2020-10-01 11:26:49 +02:00
Erik Krogh Kristensen
75b9237b81 use Parameter instead of SimpleParameter in the AngularJS model 2020-10-01 10:44:10 +02:00
Erik Krogh Kristensen
c675d72629 use Parameter instead of SimpleParameter in remaining route-handler models 2020-10-01 10:44:10 +02:00
Erik Krogh Kristensen
f65ba11485 use Parameter instead of SimpleParameter in AMD.qll 2020-10-01 10:44:05 +02:00
Geoffrey White
ff78f50a03 Merge branch 'main' into callderef 2020-10-01 09:40:36 +01:00
Rasmus Lerchedahl Petersen
b092df48a5 Python: Location and toString for KwUnpacked 2020-10-01 10:15:19 +02:00
Aditya Sharad
e712d16e7e JavaScript: Track taint through RegExp.prototype.exec for URL redirection 
Regexp literals are currently handled, but not `RegExp` objects.
 2020-09-30 15:13:02 -07:00
Rasmus Lerchedahl Petersen
29a162bc9c Python: Proper flow **arg -> **param 2020-09-30 23:55:02 +02:00
Geoffrey White
cafd320953 C++: Add set/map constructor models. 2020-09-30 17:41:06 +01:00
Geoffrey White
6520f9d0fb C++: Add basic std::set models. 2020-09-30 17:23:56 +01:00
Geoffrey White
5bc7d3a9b2 C++: Add tests for std::set and std::unordered_set. 2020-09-30 17:23:56 +01:00