hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-19 09:24:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,679 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rebecca Valentine
7930037bb6 Python: Move AdvancedFormatting dependents over to suffixed API 2020-03-02 16:39:02 -08:00
Rebecca Valentine
48bcde8e0f Python: Move objectapi code to suffixed name 2020-03-02 16:31:06 -08:00
Rebecca Valentine
de6ea63fae Python: Adds preliminary modernization. 2020-03-02 15:43:57 -08:00
Erik Krogh Kristensen
d2d5af42bf add IndirectInclusionTest and IndirectEndsWith 2020-03-02 21:42:08 +01:00
Taus
f3b62e106d Merge pull request #2840 from BekaValentine/python-objectapi-to-valueapi-useofapply 
Python: ObjectAPI to ValueAPI: UseofApply
 2020-03-02 21:40:35 +01:00
Erik Krogh Kristensen
97c16929ca implement getPolarity and forward to inner StartsWith 2020-03-02 21:38:22 +01:00
Erik Krogh Kristensen
53d1cd33f6 support sanitizers that remove all forward slashes 2020-03-02 21:34:40 +01:00
Robert Marsh
0b74d56ed1 Merge pull request #2959 from jbj/getCanonicalQLClass-Variable 
C++: Add getCanonicalQLClass overrides in Variable
 2020-03-02 12:16:48 -08:00
Erik Krogh Kristensen
46a645c47b Merge pull request #2956 from asger-semmle/js/autoformat-again 
JS: Really autoformat everything
 2020-03-02 21:16:07 +01:00
Erik Krogh Kristensen
68fb8c52e9 check the type of the this-type, instead of the AST-node 2020-03-02 16:35:16 +01:00
Alistair Christie
e7b58571b6 Make review comment changes 2020-03-02 15:32:03 +00:00
Erik Krogh Kristensen
e0fcc4af6a handle this parameters when finding unreachable overloads 2020-03-02 16:26:00 +01:00
Mathias Vorreiter Pedersen
0b082a4089 C++: Only do argument check for 2020-03-02 16:22:05 +01:00
Alistair Christie
daf5a96935 Make review comment changes 2020-03-02 15:07:30 +00:00
Felicity Chapman
7a2bb120ec Update introductions for feedback 2020-03-02 15:06:18 +00:00
Jonas Jensen
76066afe6a C++: Add getCanonicalQLClass overrides in Variable 2020-03-02 13:49:12 +01:00
Erik Krogh Kristensen
019266e537 change name of Useless cat 2020-03-02 13:06:08 +01:00
Erik Krogh Kristensen
26fd17bf39 recognize utility functions implementing a StartsWith check 2020-03-02 13:00:58 +01:00
Mathias Vorreiter Pedersen
9df7a7a87e Merge branch 'master' into inexact-is-chi-for-all-aliased-memory 2020-03-02 12:34:24 +01:00
Erik Krogh Kristensen
391b6a833c add link to The Useless Use of Cat Award 2020-03-02 12:28:51 +01:00
Alistair Christie
fe9f974353 Merge branch 'master' into alistairs-docs-preparation-1 2020-03-02 11:17:42 +00:00
Mathias Vorreiter Pedersen
20529b4436 C++/C#: Sync identical files 2020-03-02 12:15:54 +01:00
Mathias Vorreiter Pedersen
14d836ba59 C++: should only match those functions that has the same number of parameters as the call has arguments. 2020-03-02 12:15:28 +01:00
Asger Feldthaus
e405a9769c JS: Really autoformat everything 2020-03-02 10:48:33 +00:00
semmle-qlci
228bd73bd2 Merge pull request #2944 from erik-krogh/YetAnotherPrefix 
Approved by esbena
 2020-03-02 10:07:47 +00:00
Mathias Vorreiter Pedersen
3a3aa75121 Merge pull request #2935 from jbj/MissingEnumCaseInSwitch-perf 
C++: Optimize EnumSwitch.getAMissingCase
 2020-03-02 10:32:44 +01:00
Erik Krogh Kristensen
c14a485ca7 recognize more HttpResponseSink by restricting the hasNonHtmlHeader check 2020-03-02 10:10:34 +01:00
Anders Schack-Mulligen
b210009eec Merge pull request #2923 from yo-h/java-customizations 
Java: add `Customizations.qll`
 2020-03-02 09:58:34 +01:00
Jonas Jensen
dab6691eb0 Merge pull request #2900 from dbartol/dbartol/void-buffer 
C++: Better fix for `void` type on buffer access
 2020-03-02 09:00:15 +01:00
Jonas Jensen
ec85f9f1a1 Merge pull request #2797 from rdmarsh2/rdmarsh/cpp/malloc-alias-locations 
C++: Support dynamic memory allocations in IR alias analysis
 2020-03-02 08:49:59 +01:00
Jonas Jensen
30b5db3b7f C++: autoformat fixup 2020-03-02 08:48:54 +01:00
Jonas Jensen
bbc57878dd C++: Performance fix for large basic blocks 
The code is now quadratic in the number of statements in a basic block,
whereas before it was quadratic in the number of _control-flow nodes_ in
a basic block.
 2020-03-02 08:46:58 +01:00
Robert Marsh
28ee756c6a Merge pull request #2934 from geoffw0/add_tests 
C++: Test and typos.
 2020-02-28 15:12:32 -08:00
Rebecca Valentine
d5f689e041 Adds preliminary modernization 2020-02-28 10:42:27 -08:00
Geoffrey White
c6b0d4bbda C#: Sync identical files. 2020-02-28 17:55:59 +00:00
Geoffrey White
82191102d9 Merge pull request #2930 from jbj/getUnconverted 
C++: Add Expr.getUnconverted predicate
 2020-02-28 14:25:36 +00:00
Erik Krogh Kristensen
71ff32e930 recognize another prefix check for js/path-injection 2020-02-28 14:55:41 +01:00
Rasmus Wriedt Larsen
ee4190e0d9 Python: Add example if urlsplit(url).path: => missing points-to 
I wanted to highlight that it's not the call to `urlsplit` that is a problem, so
that's why I inserted a `check` in-between.
 2020-02-28 13:43:10 +01:00
Rasmus Wriedt Larsen
8dd19ca6cd Python: Add example of re.compile missing points-to 2020-02-28 13:41:26 +01:00
Taus Brock-Nannestad
10bacfe8fd Python: Use subscriptUnknown instead of instance check. 
Also adds a test for decomposing the unknown value of `a`.
 2020-02-28 13:38:54 +01:00
Esben Sparre Andreasen
a589061bee JS: add type-tracking to the fs-module and model the original-fs 2020-02-28 12:54:59 +01:00
Esben Sparre Andreasen
5a3a1c480d JS: add tests for the fs-module and friends 2020-02-28 12:21:10 +01:00
Rasmus Wriedt Larsen
2e7807718f Python: Add a bit of regex docs 
and use the canonical way of specifying a ModuleValue
 2020-02-28 11:45:39 +01:00
Jonas Jensen
dfe1a7e2f0 C++: Avoid iDominates* in Overflow.qll 
The `iDominates` relation is directly on control-flow nodes, and its
transitive closure is far too large. It got compiled into a recursion
rather than `fastTC`, and I've observed that recursion to take about an
hour on a medium-size customer snapshot.

The fix is to check for dominance at the basic-block level.
 2020-02-28 10:48:23 +01:00
Geoffrey White
4ca57db553 Merge pull request #2929 from Semmle/rc/1.23 
Merge rc/1.23 into master
 2020-02-28 09:30:20 +00:00
Erik Krogh Kristensen
5e0ae7b4d0 add end </p> tag 2020-02-28 10:23:03 +01:00
Jonas Jensen
0be13e45f2 Merge remote-tracking branch 'upstream/master' into MissingEnumCaseInSwitch-perf 2020-02-28 09:57:29 +01:00
Erik Krogh Kristensen
ce9cd53bf1 Merge remote-tracking branch 'upstream/master' into UselessCat 2020-02-28 09:56:23 +01:00
Erik Krogh Kristensen
d8a96dd771 change name to suggestion from previous code review 2020-02-28 09:55:15 +01:00
Erik Krogh Kristensen
922779e049 remove double a/an and adjust line lenghts 2020-02-28 09:48:07 +01:00