hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-15 15:34:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,680 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Marsh
1fa1bd5e36 C#: fix compilation error in IR 2020-05-22 16:08:11 -07:00
Robert Marsh
b4a947ddf1 C++: add getIRVariable for this temp variables 2020-05-22 15:43:34 -07:00
Robert Marsh
8a53dc882d C++: treat this as a parameter in IR 2020-05-22 15:35:34 -07:00
Dave Bartolomeo
df834ac031 C++: Fix duplicate result types 
In a couple of cases, we use `glval<unknown>` as the result type of an instruction because we can't come up with anything better. Two examples are the result of `VariableAddress[#ellipsis]`, and the address of the temp variable that holds the lvalue result of the conditional operator in `(a ? b : c) = y`. In both cases, we call `getTypeForGLValue(any(UnknownType t))`, but that would have multiple results because `result.hasType(any(UnknownType t), true)` also holds for `CppFunctionGLValueType`. I tightened the result type to ensure we get the right one.
 2020-05-22 16:20:33 -04:00
Shati Patel
e990f1b53d Merge pull request #3546 from aschackmull/java/tutorial-bug-fix 
Java: Fix bug in tutorial.
 2020-05-22 17:23:58 +01:00
Alvaro Muñoz
0b20785cce add support for java.io.StringWriter 2020-05-22 18:13:28 +02:00
semmle-qlci
b9ecf1a304 Merge pull request #3447 from erik-krogh/LibCmdInjection 
Approved by asgerf, mchammer01
 2020-05-22 17:10:57 +01:00
Anders Schack-Mulligen
6228e7670b Java: Fix bug in tutorial. 2020-05-22 14:44:24 +02:00
Esben Sparre Andreasen
e172d55ecb Update javascript/ql/test/query-tests/Security/CWE-020/IncompleteUrlSchemeCheck.js 
Co-authored-by: Asger F <asgerf@github.com>
 2020-05-22 13:33:34 +02:00
Asger Feldthaus
823ed3bbdf JS: Wrap node --version call in retry loop 2020-05-22 10:40:16 +01:00
Asger Feldthaus
6f0356b229 Revert "JS: Remove timeout for node --version check" 
This reverts commit ec7c9489dc.
 2020-05-22 10:40:07 +01:00
James Fletcher
9259dca40d Merge pull request #3540 from github/jf205-patch-2 
Link README.md to CodeQL for Go repo
 2020-05-22 10:29:55 +01:00
Shati Patel
cf13992552 Merge pull request #3544 from shati-patel/code-typo 
CodeQL docs: Fix error in code snippet [cherry-pick]
 2020-05-22 08:42:41 +01:00
syang-ng
ca8c3dabda fix an error in the code snippet of the documentation about global-data-flow-java 2020-05-22 08:00:52 +01:00
Shati Patel
8c1e4d49ca Merge pull request #3537 from syang-ng/master 
fix an error in the code snippet of the documentation about global-data-flow-java
 2020-05-21 19:43:51 +01:00
James Fletcher
49d4c76f2f Update README.md 2020-05-21 16:37:44 +01:00
Asger Feldthaus
75be3b7ecb JS: Add test case for missed captured flow 2020-05-21 16:14:13 +01:00
Shati Patel
c021dcd1e8 Ql language: Clarify use of query modules 2020-05-21 15:30:40 +01:00
syang-ng
184209d1eb fix an error in the code snippet of the documentation about global-data-flow-java 2020-05-21 22:00:15 +08:00
Geoffrey White
0f4723aee4 Merge pull request #3520 from dbartol/github/codeql-c-analysis-team/79 
C++: Mark deprecated overrides as deprecated
 2020-05-21 14:55:39 +01:00
Erik Krogh Kristensen
b79b25ef87 correct cwe-78 to cwe-078 2020-05-21 12:38:44 +00:00
Erik Krogh Kristensen
b297837969 Apply suggestions from doc review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2020-05-21 14:32:02 +02:00
Esben Sparre Andreasen
b31f83a5af JS: fixup expected output 2020-05-21 13:47:16 +02:00
Esben Sparre Andreasen
e588e59f9b JS: fixup 2020-05-21 13:42:28 +02:00
Esben Sparre Andreasen
c400b45cd6 JS: make the Fastify model support isUserControlledObject 2020-05-21 13:42:28 +02:00
Esben Sparre Andreasen
894033df8a JS: de-boilerplate the fastify model: address expr/dataflow comments 2020-05-21 13:42:28 +02:00
Esben Sparre Andreasen
74fc33e2a8 JS: make the qldoc check happy 2020-05-21 13:42:27 +02:00
Esben Sparre Andreasen
a76c70d2d7 JS: model fastify 2020-05-21 13:42:27 +02:00
James Fletcher
e0e9535f08 Merge pull request #3530 from jf205/sd-109 
CodeQL docs: refine two article titles
 2020-05-21 08:55:10 +01:00
Mathias Vorreiter Pedersen
617ef32464 C++: Remove [FALSE POSITIVE] annotations 2020-05-21 02:22:57 +02:00
Dave Bartolomeo
5641b2c140 C++: Remove deprecated predicate from File 2020-05-20 14:14:49 -04:00
Dave Bartolomeo
ff1e70efce C++: Undo changes to shared XML.qll 2020-05-20 14:14:31 -04:00
Mathias Vorreiter Pedersen
3c167125e5 C++: Accept test output 2020-05-20 18:18:34 +02:00
Mathias Vorreiter Pedersen
218a3cf93d C++: Remove field conflation 2020-05-20 18:18:26 +02:00
Asger Feldthaus
ec7c9489dc JS: Remove timeout for node --version check 2020-05-20 17:12:24 +01:00
semmle-qlci
8df7b7c42a Merge pull request #3525 from erik-krogh/ZipTaint 
Approved by asgerf
 2020-05-20 16:45:02 +01:00
james
edc5d36274 docs: refine some article titles 2020-05-20 16:16:14 +01:00
Bt2018
74ab6981eb Fix HTML tag issue 2020-05-20 10:23:40 -04:00
semmle-qlci
079021a3e9 Merge pull request #3453 from RasmusWL/python-flask-routed-params 
Approved by tausbn
 2020-05-20 14:47:53 +01:00
Erik Krogh Kristensen
a23cde1354 autoformat 2020-05-20 15:36:46 +02:00
Tom Hvitved
011a95dcfa C#: Fix extracted type for nested object initializers 2020-05-20 14:20:41 +02:00
Tom Hvitved
70d47b76b1 C#: Add test for the type of an object initializer 2020-05-20 14:18:16 +02:00
Geoffrey White
9babd5dc10 C++: Another positive effect of the change. 2020-05-20 12:49:01 +01:00
Erik Krogh Kristensen
5a3eec87c0 rename isTaintedPathStep to isPosixPathStep 2020-05-20 13:44:14 +02:00
Erik Krogh Kristensen
97c199e10d update docstring 
Co-authored-by: Asger F <asgerf@github.com>
 2020-05-20 13:40:12 +02:00
Geoffrey White
f2436ff713 C++: Autoformat. 2020-05-20 12:39:54 +01:00
Rasmus Wriedt Larsen
712d4bd150 Python: Fix typo in docs 
Co-authored-by: Taus <tausbn@gmail.com>
 2020-05-20 13:06:24 +02:00
semmle-qlci
c15d22d9f8 Merge pull request #3516 from asger-semmle/js/typescript-3.9.2 
Approved by erik-krogh
 2020-05-20 11:31:57 +01:00
semmle-qlci
2bbc1c2af0 Merge pull request #3478 from erik-krogh/PromiseAll 
Approved by asgerf, esbena
 2020-05-20 11:03:05 +01:00
Tom Hvitved
7a54a90e61 C#: Fix CFG for C# 6 initializers 2020-05-20 12:01:22 +02:00