hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-15 15:34:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,680 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yo-h
c2de08ca51 Merge pull request #3499 from aschackmull/java/instanceof-pattern-cfg 
Java: Add CFG edges for Java 14 pattern-matching instanceof.
 2020-05-28 20:24:39 -04:00
Robert Marsh
a638a08bc5 C++: autoformat 2020-05-28 17:06:14 -07:00
Robert Marsh
f82c97b84a C++: fix IR control flow for cast in placement new 2020-05-28 16:53:21 -07:00
Robert Marsh
56d0762380 C++: add test for placement new with cast 2020-05-28 16:36:26 -07:00
Robert Marsh
732da9cc4c Merge pull request #3586 from MathiasVP/qldoc-for-remaining-controlflow 
C++: QLDoc for the remaining elements in the controlflow directory
 2020-05-28 15:59:19 -07:00
Robert Marsh
a897caec76 C++: outbound dataflow via this indirections 2020-05-28 15:30:41 -07:00
Robert Marsh
7dc30e3fdc C++: add output indirections for this 2020-05-28 15:30:41 -07:00
Dave Bartolomeo
476f27e427 Merge from master 2020-05-28 17:27:08 -04:00
Dave Bartolomeo
01ef8795bf C++: Updated fixed test expectation 2020-05-28 17:24:38 -04:00
Robert Marsh
0d8472bd9e Merge pull request #3571 from rdmarsh2/ir-this-parameter 
Treat `this` as a parameter in IR generation
 2020-05-28 14:16:12 -07:00
Calum Grant
2b90b50587 Merge pull request #3528 from hvitved/csharp/cfg/cs6-initializers 
C#: Fix CFG for C# 6 initializers
 2020-05-28 21:40:52 +01:00
Calum Grant
499e349bff Merge pull request #3529 from hvitved/csharp/cs6-nested-initializer-type 
C#: Fix extracted type for nested object initializers
 2020-05-28 21:25:57 +01:00
Jonas Jensen
8b8c00de75 Merge pull request #3584 from jbj/devcontainer 
Codespaces: initial configuration
 2020-05-28 19:06:02 +02:00
Robert Marsh
d8b5d3bce8 C++: accept test fixes 2020-05-28 08:45:01 -07:00
Robert Marsh
693789c2cc Merge branch 'master' into ir-this-parameter 
Bring in new tests so their output can be fixed
 2020-05-28 08:32:10 -07:00
Mathias Vorreiter Pedersen
7b2c9c5aed C++: Add quotes to improve readability. 2020-05-28 16:48:48 +02:00
Mathias Vorreiter Pedersen
5fb79cde9a C++: Sync identical files 2020-05-28 16:45:52 +02:00
Mathias Vorreiter Pedersen
0671586aac C++: QLDoc for the remaining elements in the controlflow directory 2020-05-28 16:35:46 +02:00
Geoffrey White
6fcfd0310f C++: Autoformat. 2020-05-28 15:23:48 +01:00
Geoffrey White
c9e1ccf320 Merge branch 'master' into strftime 2020-05-28 15:22:16 +01:00
Jonas Jensen
19d4011b8a Codespaces: initial configuration 
This was adapted from https://github.com/github/vscode-codeql-starter.
 2020-05-28 14:01:36 +02:00
Jonas Jensen
688f540843 Merge pull request #3582 from MathiasVP/qldoc-for-controlflow 
C++: QLDoc for BasicBlock, ControlFlowGraph and Dataflow
 2020-05-28 13:52:43 +02:00
Philip Ginsbach
63a6422dbf incorporated Henning's example for type unions into the handbook 2020-05-28 12:32:31 +01:00
Erik Krogh Kristensen
5bb308dc8f sanitize variables used in an HTML escaping switch-case 2020-05-28 12:37:41 +02:00
Mathias Vorreiter Pedersen
1ef0643b60 C++: QLDoc for Constants 2020-05-28 12:24:23 +02:00
Calum Grant
725a8f55ca Merge pull request #3574 from hvitved/csharp/unification-performance 
C#: Fix performance issue in unification library
 2020-05-28 10:39:02 +01:00
Mathias Vorreiter Pedersen
52da5755b3 C++: Respond to review comments. 2020-05-28 11:20:13 +02:00
Jonas Jensen
1b23f3ec90 C++: Accept two more changed tests 2020-05-28 11:18:14 +02:00
Erik Krogh Kristensen
1a2db10a90 recognize barrier guard where the result is stored in a variable 2020-05-28 10:24:42 +02:00
Erik Krogh Kristensen
562a38cdd5 add ContainsHTMLGuard 2020-05-28 10:24:42 +02:00
Mathias Vorreiter Pedersen
3d27b6bbde C++: QLDoc for BasicBlock, ControlFlowGraph and Dataflow 2020-05-28 10:10:26 +02:00
Jonas Jensen
9153f568be C++: Accept test results with location fixes 2020-05-28 09:42:49 +02:00
Jonas Jensen
6eaf64c896 Merge remote-tracking branch 'upstream/master' into Expr-location-workaround 2020-05-28 09:37:15 +02:00
luchua-bc
104f1c3197 Add validation query for SSL Engine/Socket and com.rabbitmq.client.ConnectionFactory 2020-05-28 03:34:29 +00:00
Robert Marsh
54ed5d647a C++:autoformat 2020-05-27 19:30:02 -07:00
Robert Marsh
58673c449a C++: switch to TranslatedThisParameter 2020-05-27 19:29:29 -07:00
Porcupiney Hairs
8c5a97170d Python : Add Xpath injection query 
This PR adds support for detecting XPATH injection in Python.
I have included the ql files as well as the tests with this.
 2020-05-28 03:15:12 +05:30
Robert Marsh
593d4c0f32 Merge pull request #3567 from MathiasVP/ir-partial-definition 
Implement `asPartialDefinition` for IR dataflow nodes
 2020-05-27 13:51:41 -07:00
semmle-qlci
083b8ef8e5 Merge pull request #3568 from asger-semmle/js/avoid-accidental-string-coercion 
Approved by erik-krogh
 2020-05-27 20:46:54 +01:00
Robert Marsh
be74616b2b C++: accept consistency test fixes 2020-05-27 12:39:54 -07:00
Jonas Jensen
c7fa11229c Merge pull request #3532 from MathiasVP/remove-field-conflation-from-ir-fieldflow 
C++: Remove field conflation caused by IR field flow
 2020-05-27 21:17:32 +02:00
Erik Krogh Kristensen
df3fb842c5 remove duplicates from change-note 2020-05-27 20:36:23 +02:00
Dave Bartolomeo
533eeff7e8 C++: Fix MemoryLocation with multiple VirtualVariables 
While investigating a bug with `TInstruction` sharing, I discovered that we had a case where alias analysis could create two `VirtualVariable`s for the same `Allocation`. For an indirect parameter allocation, we were using the type of the pointer variable as the type of the indirect allocation, instead of just `Unknown`. If the `IRType` of the pointer variable was the same type as the type of at least one access to the indirect allocation, we'd create both an `EntireAllocationVirtualVariable` and a `VariableVirtualVariable` for the allocation.

I added a new consistency test to guard against this in the future. This also turned out to be the root cause of the one existing known consistency failure in the IR tests.
 2020-05-27 14:06:59 -04:00
Mathias Vorreiter Pedersen
bd97fe627c Merge branch 'master' into remove-field-conflation-from-ir-fieldflow 2020-05-27 17:08:19 +02:00
Rasmus Wriedt Larsen
21d531f81e Python: Add QLDoc for FunctionValue.getQualifiedName 
Matching the one for Function.getQualifiedName
 2020-05-27 16:59:18 +02:00
semmle-qlci
674c184a97 Merge pull request #3566 from erik-krogh/XssAttributeSanitizer 
Approved by asgerf
 2020-05-27 15:45:41 +01:00
Tom Hvitved
1c5da67cd8 C#: Fix performance issue in unification library 2020-05-27 15:26:03 +02:00
Erik Krogh Kristensen
33da82d884 Merge branch 'master' of https://github.com/github/codeql into pr/erik-krogh/3566 2020-05-27 12:21:14 +00:00
semmle-qlci
3cfc1e553c Merge pull request #3560 from erik-krogh/OptionalSanitizer 
Approved by asgerf
 2020-05-27 13:15:41 +01:00
Erik Krogh Kristensen
d05a61c745 Merge branch 'master' of https://github.com/github/codeql into pr/erik-krogh/3566 2020-05-27 12:12:08 +00:00