hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-15 23:44:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,680 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
6d2bffef72 add fs.open/openSync as ZipSlip sinks 2020-05-14 20:31:13 +02:00
Erik Krogh Kristensen
2d675262b2 use the generalized fs module in more places 2020-05-14 20:31:00 +02:00
Geoffrey White
6579c71866 C++: Change note. 2020-05-14 18:44:06 +01:00
Geoffrey White
df5e16c45d C++: Add a 1.25 change note file (didn't we used to have templates for these?). 2020-05-14 18:41:14 +01:00
Geoffrey White
4a6021fb61 C++: Allow equality checking to block taint flow. 2020-05-14 18:32:38 +01:00
Erik Krogh Kristensen
5132e61ce7 add tests 2020-05-14 18:55:49 +02:00
Erik Krogh Kristensen
e98f794dab implement precise data-flow steps for Promise.all 2020-05-14 18:55:44 +02:00
Henning Makholm
69ba22a3c2 QL handbook: bring library path documentation up to date 2020-05-14 18:41:22 +02:00
semmle-qlci
c06680a496 Merge pull request #3470 from asger-semmle/js/cache-module-import 
Approved by esbena
 2020-05-14 17:20:04 +01:00
Mathias Vorreiter Pedersen
fe682556bf Merge pull request #3475 from jbj/field-conflation-memcpy 
C++: Test field conflation with array in struct
 2020-05-14 17:53:32 +02:00
Dave Bartolomeo
efa133f0db Merge pull request #3463 from MathiasVP/fix-field-flow-annotation 
C++: Annotate field flow tests
 2020-05-14 10:49:27 -04:00
Jonas Jensen
49ebb3197a Merge pull request #3472 from geoffw0/paramstring 
C++: Improve getParameterString().
 2020-05-14 16:48:07 +02:00
Jonas Jensen
a380dc113f C++: Test field conflation with array in struct 2020-05-14 16:29:39 +02:00
Dave Bartolomeo
9de597db25 C++: Refactor Operand to prepare for cross-phase IPA sharing 2020-05-14 10:29:08 -04:00
Geoffrey White
754d7f0be8 C++: More test cases for TaintedAllocationSize. 2020-05-14 15:23:31 +01:00
Anders Schack-Mulligen
1838a7455a Java: Add taint steps for String.formatted. 2020-05-14 16:17:03 +02:00
Rasmus Lerchedahl Petersen
21d1ea5d96 Merge branch 'boolDefault' of github.com:yoff/codeql into boolDefault 2020-05-14 16:06:58 +02:00
Tom Hvitved
2c243ad1cd C#: Add data-flow test 2020-05-14 15:58:50 +02:00
Tom Hvitved
2d7470fc3a C++: Follow-up changes 2020-05-14 15:58:50 +02:00
Tom Hvitved
e608c53c3f Java: Follow-up changes 2020-05-14 15:58:50 +02:00
Tom Hvitved
aa83cc1472 Data flow: Sync files 2020-05-14 15:58:50 +02:00
Tom Hvitved
a0d100485b Data flow: Rename Content variables from f to c 2020-05-14 15:58:50 +02:00
Tom Hvitved
f1cd53507d Data flow: Track precise types during field flow 2020-05-14 15:58:50 +02:00
Jonas Jensen
3cd377e299 C++: Fixup forgotten test annotation 
This should have been removed in 038bea2f52.
 2020-05-14 15:57:47 +02:00
Rasmus Lerchedahl Petersen
1817d2af2b Make test for wrong bool type pass 2020-05-14 15:56:57 +02:00
Rasmus Lerchedahl Petersen
7b004c3746 Python: Add test for wrong exception type 2020-05-14 15:42:52 +02:00
Anders Schack-Mulligen
0aad24e6db Java: Extend library support for switch expressions. 2020-05-14 15:40:26 +02:00
Mathias Vorreiter Pedersen
1c2b8563ae C++: Remove 'flow' value from testcases 2020-05-14 15:33:02 +02:00
Geoffrey White
6583012e6d C++: Use concat in getParameterString(). 2020-05-14 14:21:46 +01:00
Geoffrey White
da83f826b9 C++: Solve duplication in getParameterString(). 2020-05-14 14:21:06 +01:00
Geoffrey White
ca0d23fd72 C++: Add a test case. 2020-05-14 14:20:02 +01:00
Mathias Vorreiter Pedersen
5f9b96cde9 C++: Fix off-by-one in test annotation 2020-05-14 15:12:00 +02:00
semmle-qlci
23532ae49a Merge pull request #3467 from erik-krogh/tarSlip 
Approved by esbena
 2020-05-14 14:06:42 +01:00
semmle-qlci
57f44c5a81 Merge pull request #2886 from asger-semmle/js/call-graph-exploration 
Approved by erik-krogh, esbena
 2020-05-14 14:01:23 +01:00
semmle-qlci
384df88df1 Merge pull request #3359 from erik-krogh/MayHavePropName 
Approved by esbena
 2020-05-14 13:52:45 +01:00
Asger Feldthaus
e491431f4e JS: Autoformat 2020-05-14 13:29:33 +01:00
Bt2018
819a599e2c Correct the name tag and change the placeholders in the query 2020-05-14 08:13:21 -04:00
Geoffrey White
78f098f37a C++: Test Function.getParameterString(). 2020-05-14 13:05:39 +01:00
Mathias Vorreiter Pedersen
f414b277ba C++: Modify complex.cpp test to account for longer access paths in the dataflow library 2020-05-14 13:58:04 +02:00
Pavel Avgustinov
3cc13db3a0 NodeJSLib: Restore backwards-compatibility. 2020-05-14 12:51:09 +01:00
Geoffrey White
53a53fb633 C++: Modernize the Functions test. 2020-05-14 12:50:57 +01:00
Bt2018
9a7ab4ee32 Correct comment of the HostVerificationMethodAccess method access 2020-05-14 07:43:17 -04:00
Shati Patel
3af98aaf44 Merge pull request #3469 from shati-patel/delete-spec 
CodeQL docs migration: Delete `ql-spec` Sphinx project
 2020-05-14 11:12:19 +01:00
Asger Feldthaus
1cdb51741f JS: Dont use deprecated API in test case 2020-05-14 11:08:31 +01:00
Anders Schack-Mulligen
5c9fb2312e Merge pull request #3090 from luchua-bc/java-insert-sensitive-info-into-log 
Java: CWE-532 sensitive info logging
 2020-05-14 11:43:47 +02:00
Shati Patel
cb2f7c4b15 CodeQL docs migration: Delete ql-spec Sphinx project 2020-05-14 10:32:01 +01:00
Mathias Vorreiter Pedersen
f5f3405ec3 C++: Modify IR field flow tests to use InlineExpectationsTest.qll 2020-05-14 11:11:21 +02:00
Pavel Avgustinov
ab2d059ed4 JavaScript: Model extra sinks in vm module 2020-05-14 10:01:40 +01:00
Erik Krogh Kristensen
b12e21edcc add test for new zipslip sanitizer 2020-05-14 10:11:37 +02:00
Erik Krogh Kristensen
422ade16db Apply suggestions from code review 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-05-14 10:05:59 +02:00