19087 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Aditya Sharad	41a48078f7	Merge pull request #673 from calumgrant/cs/sync-files ... C#: Sync samples and qltest cases	2018-12-12 17:10:00 +00:00
calumgrant	8e546a30b0	Merge pull request #637 from hvitved/csharp/cfg/throwing-callable ... C#: Fix a bug in `ThrowingCallable`	2018-12-12 16:58:28 +00:00
calum	2bbd55519b	C#: Add tests for C# 7.3 features.	2018-12-12 16:44:55 +00:00
Asger F	635a3cb1ec	JS: add FunctionNode.getThisParameter	2018-12-12 16:26:02 +00:00
calum	5596bc8827	C#: Add change note.	2018-12-12 16:16:07 +00:00
Anders Schack-Mulligen	2150af9732	Java: Add change note about CFG cast deprecation.	2018-12-12 15:04:19 +00:00
Anders Schack-Mulligen	12bc1fc656	Merge pull request #581 from jf205/metadata-guide ... Query metadata style guide: add to ql/docs	2018-12-12 12:55:20 +00:00
Asger F	a96c53f9b8	JS: restrict when a variable reference is considered a source	2018-12-12 12:28:26 +00:00
Asger F	14621760bb	JS: add window.name as DOM-based remote flow source	2018-12-12 12:22:39 +00:00
Tom Hvitved	74167e478a	C#: Cache NamedElement::getLabel()	2018-12-12 13:16:28 +01:00
Tom Hvitved	6918dad1db	C#: Refactor localFlowStep() ... Using the `forceCachingInSameStage()` trick, we can get rid of the non-cached version of local flow, while still computing it in the same stage.	2018-12-12 13:14:22 +01:00
Tom Hvitved	1366638f06	C#: Fix whitespaces	2018-12-12 13:13:13 +01:00
Geoffrey White	5e39e0ed65	CPP: Change note.	2018-12-12 11:39:20 +00:00
Geoffrey White	2f3a874c7d	CPP: Fix false positives when a member variable is released via the target of a function pointer.	2018-12-12 11:38:44 +00:00
Geoffrey White	370387a9ca	CPP: Fix false positives when member variable is released via an ExprCall.	2018-12-12 11:38:44 +00:00
Geoffrey White	e408f18766	CPP: Fix false positives when member variable is released via capture inside lambda expression.	2018-12-12 11:38:44 +00:00
Geoffrey White	6efd481118	CPP: Make references to the 'kind' of an alloc/delete consistent (this used to be called the 'release' or 'releaseName').	2018-12-12 11:38:44 +00:00
Geoffrey White	8e2459a6b7	CPP: Add similar test cases with function pointers.	2018-12-12 11:38:44 +00:00
Geoffrey White	77c1ad47f9	CPP: Add test cases with lambdas.	2018-12-12 11:38:44 +00:00
calum	3037b2b197	C#: Sync the -Good and -Bad files in the qltest to match the sample.	2018-12-12 11:36:00 +00:00
calum	1df1b0c28e	C#: Refactor ArrayCreations to allow stackalloc arrays to have initializers (C# 7.3).	2018-12-12 11:05:34 +00:00
Asger F	aa04e9c77f	TS: fix extraction of binding pattern with default	2018-12-12 10:36:30 +00:00
Max Schaefer	faaca21996	JavaScript: Avoid more unhelpful magic.	2018-12-12 08:40:21 +00:00
Max Schaefer	4fc27aaa51	Merge branch 'master' into pseudo-random-bytes	2018-12-12 08:19:57 +00:00
semmle-qlci	06dd5f3616	Merge pull request #656 from xiemaisi/js/unused-local-underscore ... Approved by esben-semmle	2018-12-12 08:11:37 +00:00
semmle-qlci	9df5d4b0c2	Merge pull request #660 from esben-semmle/js/angularjs-alert-locations ... Approved by xiemaisi	2018-12-12 08:05:19 +00:00
Dave Bartolomeo	be5ac2f2ff	Merge pull request #648 from dave-bartolomeo/dave/UnreachableIR ... C++: Remove unreachable IR	2018-12-11 20:58:49 -08:00
yh-semmle	14488cb62e	Merge pull request #652 from aschackmull/java/constant-loop-cond-alert-pos ... Java: Change alert location for ConstantLoopCondition.	2018-12-11 21:26:14 -05:00
Dave Bartolomeo	0140cd23d0	C++: Accept correct test output	2018-12-11 17:11:51 -08:00
Dave Bartolomeo	283c1d43c3	C++: Restore previous test expectations	2018-12-11 17:07:25 -08:00
Robert Marsh	59c0e5d39e	C++: update test expectations	2018-12-11 15:07:09 -08:00
Esben Sparre Andreasen	fac638ffab	JS: improve alert location of js/angular/unused-dependency	2018-12-11 21:47:08 +01:00
Esben Sparre Andreasen	b5bbf990b0	JS: improve alert location of js/angular/repeated-dependency-injection	2018-12-11 21:47:08 +01:00
Esben Sparre Andreasen	5acd1ca26d	JS: improve alert location of js/angular/duplicate-dependency	2018-12-11 21:47:08 +01:00
Robert Marsh	98005edd9d	Merge pull request #641 from geoffw0/exprnoeffect2 ... CPP: More tests of isSideEffectFree() / ExprHasNoEffect.ql	2018-12-11 12:17:30 -08:00
Tom Hvitved	7422947e78	C#: Improve performance of cs/useless-upcast	2018-12-11 17:48:04 +01:00
Asger F	a01a9dc5cc	JS: add crypto.pseudoRandomBytes as source in InsecureRandomness.ql	2018-12-11 16:06:22 +00:00
Tom Hvitved	9707b34124	Merge pull request #663 from adityasharad/merge/1.19-next-111218 ... Merge rc/1.19 into next.	2018-12-11 16:06:55 +01:00
Aditya Sharad	ce905e7a0a	Merge pull request #597 from dave-bartolomeo/dave/IRDataflow ... C++: Initial IR-based dataflow implementation	2018-12-11 15:05:58 +00:00
Tom Hvitved	e80837681f	C#: Refactor LINQ logic ... Factor `ClauseCall` out into three classes to make it clear when the fields `operand` and `declaration` can be `null`.	2018-12-11 16:04:25 +01:00
Aditya Sharad	dde42a5723	Merge rc/1.19 into next.	2018-12-11 14:38:58 +00:00
Esben Sparre Andreasen	376ed7a4d2	JS: generalize js/command-line-injection to handle ConstantString	2018-12-11 13:39:15 +01:00
Esben Sparre Andreasen	a1d92bfa50	JS: generalize js/incomplete-sanitization to handle ConstantString	2018-12-11 13:39:15 +01:00
Esben Sparre Andreasen	1bc73ab592	JS: address review comments	2018-12-11 13:03:17 +01:00
calum	f0fb47cde0	C#: Update change notes.	2018-12-11 10:31:45 +00:00
calum	8d072863df	C#: Reorder for statements to ensure variables declared in the condition are declared before they are used.	2018-12-11 10:31:45 +00:00
Esben Sparre Andreasen	7cc6f2f4d8	JS: add test case	2018-12-11 10:17:25 +01:00
Esben Sparre Andreasen	36e36a414e	JS: change notes for improve file classification	2018-12-11 10:01:54 +01:00
Esben Sparre Andreasen	73aa223b08	JS: handle additional multi-license file patterns	2018-12-11 09:55:38 +01:00
Max Schaefer	4d186e0edc	JavaScript: Teach Unused{Variable,Parameter} to ignore variables with leading underscore.	2018-12-11 08:50:50 +00:00