codeql

mirror of https://github.com/github/codeql.git synced 2026-01-21 10:24:47 +01:00

Author	SHA1	Message	Date
Calum Grant	86fa7e5c38	C#: Analysis change notes	2020-01-20 14:37:28 +00:00
Calum Grant	9d7c9e0ba4	C#: Default parameter values are maybe null C#: Update test output	2020-01-20 14:37:20 +00:00
Geoffrey White	952b9e1581	CPP: Use hasGlobalName where appropriate.	2020-01-20 14:24:38 +00:00
Erik Krogh Kristensen	6494649125	fix a number of FPs in js/exception-xss	2020-01-20 15:11:57 +01:00
Erik Krogh Kristensen	5c6134db99	a bit of self-review and an auto-format	2020-01-20 14:55:49 +01:00
Erik Krogh Kristensen	ad813ef86c	add flowsTo to the use of isAdditionalLoadStep	2020-01-20 14:16:29 +01:00
Mathias Vorreiter Pedersen	13fc8741d4	C++: Include malloc example in qlhelp	2020-01-20 13:28:00 +01:00
Geoffrey White	79811fcccd	Merge pull request #2642 from jbj/TaintTracking-indirection C++: Indirection for security.TaintTracking impl	2020-01-20 12:25:51 +00:00
Geoffrey White	5a20e85598	Merge pull request #2638 from jbj/ir-dispatch C++ IR: Support for global virtual dispatch	2020-01-20 12:04:09 +00:00
Calum Grant	631b4248b5	C#: Add a nullness test	2020-01-20 11:13:31 +00:00
Mathias Vorreiter Pedersen	a43131a987	C++: Fix formatting	2020-01-20 11:39:48 +01:00
Jonas Jensen	391b80eac4	C++: Show virtual inheritance problem in vdispatch	2020-01-20 11:17:44 +01:00
Jonas Jensen	2a0fc31b68	C++: Comment and rename getSrc -> getDispatchValue Better clarity was requested in the PR review.	2020-01-20 11:03:03 +01:00
Erik Krogh Kristensen	ffbd0f6632	update expected test output	2020-01-20 09:56:40 +01:00
Erik Krogh Kristensen	b3b132c66d	Merge remote-tracking branch 'upstream/master' into ExceptionalPromise	2020-01-20 09:20:09 +01:00
Jonas Jensen	742bd1c6ad	Merge pull request #2648 from rdmarsh2/getMemoryOperandDefinition-perf C++: Performance fix for getMemoryOperandDefinition	2020-01-20 08:49:55 +01:00
Grzegorz Golawski	00ee3d2549	Query to detect LDAP injections in Java Cleanup	2020-01-18 20:21:38 +01:00
Grzegorz Golawski	95723b08e1	Query to detect LDAP injections in Java Add help	2020-01-18 19:01:35 +01:00
Grzegorz Golawski	8cec46342f	Query to detect LDAP injections in Java Refactoring	2020-01-18 17:14:22 +01:00
Jonas Jensen	d3a1856793	Merge pull request #2646 from geoffw0/modelinet CPP: Fix a mistake in Inet.qll.	2020-01-17 22:53:43 +01:00
Geoffrey White	97c346285e	CPP: Change note.	2020-01-17 18:56:21 +00:00
Geoffrey White	fcea3693f9	CPP: Remove now redundant special cases.	2020-01-17 18:56:21 +00:00
Geoffrey White	200545d88c	CPP: Add detail to the model.	2020-01-17 18:56:21 +00:00
Geoffrey White	77a3778eef	CPP: Add some strlen variants to the PureStrFunction model.	2020-01-17 18:56:21 +00:00
Jonas Jensen	3632d51abc	Merge pull request #2635 from geoffw0/modelstrdup CPP: Model strdup	2020-01-17 19:26:26 +01:00
Geoffrey White	803da339a1	CPP: Fix a mistake in Inet.qll.	2020-01-17 17:44:42 +00:00
Geoffrey White	e4139fe427	Apply suggestions from code review Additional corrections. Co-Authored-By: Dave Bartolomeo <dbartol@github.com>	2020-01-17 17:20:37 +00:00
Geoffrey White	7dbda22a29	CPP: Update change note.	2020-01-17 16:19:39 +00:00
Geoffrey White	839fd8f848	CPP: Fix typo.	2020-01-17 16:10:41 +00:00
Robert Marsh	bd98427c5a	C++: sync files	2020-01-17 08:05:40 -08:00
Robert Marsh	bbf191e857	C++: fix join order in hasMemoryOperandDefinition	2020-01-17 08:05:40 -08:00
Robert Marsh	d91bc4ba72	C++: pull out hasMemoryOperandDefinition (slow)	2020-01-17 08:05:26 -08:00
Dave Bartolomeo	c7e62b4a35	Merge pull request #2613 from rdmarsh2/getPhiOperandDefinition-perf-2 C++: performance fixes for getPhiOperandDefinition	2020-01-17 09:01:33 -07:00
Mathias Vorreiter Pedersen	cd644ca5f2	Merge branch 'implicit-function-declaration' of github.com:MathiasVP/ql into implicit-function-declaration	2020-01-17 14:52:23 +01:00
Mathias Vorreiter Pedersen	303c6aa5b7	C++: Added query to suites and change-notes	2020-01-17 14:51:40 +01:00
Mathias Vorreiter Pedersen	4fc325f794	C++: Raise query to warning-high	2020-01-17 13:59:25 +01:00
Mathias Vorreiter Pedersen	aaf2679bf7	Remove incorrect html tag Co-Authored-By: Jonas Jensen <jbj@github.com>	2020-01-17 13:52:38 +01:00
Mathias Vorreiter Pedersen	e79c0820ef	Fix reference Co-Authored-By: Jonas Jensen <jbj@github.com>	2020-01-17 13:51:14 +01:00
Erik Krogh Kristensen	a25c5d7090	outlining a predicate to give hints about join ordering	2020-01-17 13:42:08 +01:00
Jonas Jensen	53e10e4c7f	Merge pull request #2634 from MathiasVP/overrideable-taint-sources C++: Overrideable taint sources in DefaultTaintTracking	2020-01-17 13:01:03 +01:00
Mathias Vorreiter Pedersen	9e71e7f2ef	C++: Added .qlhelp file	2020-01-17 12:58:10 +01:00
Erik Krogh Kristensen	6ad62e32e0	copyPropertyStep works interprocedurally	2020-01-17 12:24:29 +01:00
Jonas Jensen	d19c77d473	C++: Indirection for security.TaintTracking impl This change should make it easier to switch to the IR-based `DefaultTaintTracking` code without getting a large and conflict-prone diff.	2020-01-17 12:04:53 +01:00
Marc Waldman	dbe51e070f	Merge pull request #2 from marcrepo/patch-2 Documentation update for Issue #2623	2020-01-17 04:55:34 -05:00
Marc Waldman	a9b6b2c4cd	Merge pull request #1 from marcrepo/patch-1 Removed word "file" from description (see Issue 2623)	2020-01-17 04:55:06 -05:00
Marc Waldman	0d409b2d69	Documentation update for Issue #2623 Changes based on Issue #2623 - DescriptorNeverClosed.ql identifies only sockets (not file handles)	2020-01-17 04:46:10 -05:00
Marc Waldman	140051cc9a	Removed word "file" from description (see Issue 2623) This pull request is in reference to Issue #2623 - "DescriptorNeverClosed.ql identifies only sockets (not file handles)"	2020-01-17 04:38:15 -05:00
Anders Schack-Mulligen	2dca188288	Java: Document two FPs with unit tests.	2020-01-17 09:57:11 +01:00
Jonas Jensen	5d08a0e338	Merge pull request #2558 from MathiasVP/ast-classes-should-not-be-abstract C++: Ast classes should not be abstract	2020-01-17 08:47:55 +01:00
Mathias Vorreiter Pedersen	e4def730fd	C++: Fix alert message	2020-01-16 21:30:14 +01:00

... 201 202 203 204 205 ...

19777 Commits