hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-29 23:26:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
a757a69f36 Python: Add example FP 2020-12-08 17:02:05 +01:00
Tamas Vajk
2257a8d47e Add change notes 2020-12-08 16:43:16 +01:00
Tamas Vajk
2d2b919651 Add DB upgrade folder 2020-12-08 16:43:16 +01:00
Tamas Vajk
52a73cb21b Add new stats containing 'cil_enum_underlying_type' 2020-12-08 16:40:29 +01:00
Tamás Vajk
6dd0234b68 Apply suggestions from code review 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2020-12-08 16:40:29 +01:00
Tamas Vajk
214cc90af5 Fix failing test 2020-12-08 16:40:29 +01:00
Tamas Vajk
44dfafc52c C#: remove 'System.Enum' from enums in QL 2020-12-08 16:40:29 +01:00
Tamas Vajk
6b3010e3e6 C#: Extract enum underlying type from IL 2020-12-08 16:40:29 +01:00
Tamas Vajk
c7d6c42851 C#: Add underlying enum type test for CIL extraction 2020-12-08 16:40:29 +01:00
Tamás Vajk
ec573b517f Merge pull request #4759 from tamasvajk/feature/cil-attribute-array 
C#: Improve array argument CIL extraction for attributes
 2020-12-08 16:38:36 +01:00
Tamás Vajk
cbcae667a8 Apply suggestions from code review 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2020-12-08 15:23:13 +01:00
yoff
3bddb946b7 Merge pull request #4773 from RasmusWL/path-injection-improvements 
Python: Path injection improvements
 2020-12-08 14:05:53 +01:00
Rasmus Wriedt Larsen
fabc6fb7d9 Python: Add change-note 2020-12-08 14:04:46 +01:00
Rasmus Wriedt Larsen
ba1ca70858 Python: Add source modeling of stdlib HTTPRequestHandlers 2020-12-08 14:04:15 +01:00
Rasmus Wriedt Larsen
34863721f0 Python: Model cgi.FieldStorage 2020-12-08 14:03:13 +01:00
Rasmus Wriedt Larsen
43688715f5 Python: Add test of stdlib HTTP server facilities 
Just a port of the old tests, except for the fact that I learned
`cgi.FieldStorage()` _should_ be tainted when not specifying any arguments. (and
moved taint-test to own function)

Also clarified how imports of all the .*HTTPRequestHandler works in Python2
 2020-12-08 14:01:55 +01:00
James Fletcher
2b5d12143c Merge pull request #4795 from github/126-mergeback 
Merge `rc/1.26` into `main`
 2020-12-08 11:21:28 +00:00
Rasmus Wriedt Larsen
976559889f Python: Reword qhelp text 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-12-08 11:34:44 +01:00
Rasmus Wriedt Larsen
fba16d24de Python: Bring back Path Injection query 
Which was accidentially removed when resolving a merge conflict.
 2020-12-08 11:26:04 +01:00
james
da16fad0f1 Merge branch 'rc/1.26' into 126-mergeback 2020-12-08 09:26:12 +00:00
James Fletcher
a165d2e559 Merge pull request #4790 from github/link-fixes 
Fix links to CodeQL library pages
v1.26.0 		2020-12-08 09:16:55 +00:00
Tom Hvitved
f8ad2ecc2c Merge pull request #4777 from hvitved/csharp/default-to-string-join 
C#: Improve join-order in `DefaultToString.qll`
 2020-12-08 08:53:58 +01:00
Geoffrey White
ef131d3951 C++: Fix StandardDeallocationFunction. 2020-12-07 18:52:35 +00:00
Geoffrey White
281b56b2ae C++: Add comments to the Allocation and Deallocation libraries indicating where the functions come from. 2020-12-07 18:52:03 +00:00
james
38085b27c3 evven more python link fixes 2020-12-07 18:14:09 +00:00
james
7f79b28a11 c++ link fixes 2020-12-07 18:09:10 +00:00
james
2c385f7121 java link fixes 2020-12-07 18:09:00 +00:00
james
915d640274 more python links 2020-12-07 18:05:21 +00:00
james
eabfeca514 fix python links 2020-12-07 18:04:51 +00:00
Rasmus Wriedt Larsen
e5e8ec6ecc Python: Add a few test-cases for barrier guards and references 
I'm not sure references is the best name, but it's the best I could come up with
jsut now
 2020-12-07 15:27:20 +01:00
Rasmus Wriedt Larsen
5aa2c2f9d4 Python: Add command injection regex restricted FP 2020-12-07 15:26:56 +01:00
Rasmus Wriedt Larsen
32b547b3f2 Python: Add example of bad command injection sanitizer 2020-12-07 15:26:55 +01:00
Rasmus Wriedt Larsen
8444654117 Python: Adjust whitespace in command injection test 2020-12-07 15:26:54 +01:00
James Fletcher
ebdb3e25aa Merge pull request #4768 from github/query-and-library-links 
Update query and library links for new locations
 2020-12-07 12:47:24 +00:00
CodeQL CI
8129d0c0ac Merge pull request #4762 from asgerf/js/template-sinks-in-code-injection 
Approved by erik-krogh, mchammer01
 2020-12-07 04:35:11 -08:00
Cornelius Riemenschneider
354adf363e Merge pull request #4787 from github/RasmusWL-patch-1 
C++: Minor test README fixes
 2020-12-07 12:42:55 +01:00
Asger Feldthaus
04f51bef5e JS: Add missing qldoc 2020-12-07 10:52:38 +00:00
Rasmus Wriedt Larsen
9e7d5b3a9c C++: Minor test README fixes 2020-12-07 11:52:18 +01:00
Asger Feldthaus
f96c425a72 JS: Deny -> block 2020-12-07 10:50:01 +00:00
Asger Feldthaus
254ac7f963 JS: Fix TypeofCheck 2020-12-07 10:46:00 +00:00
Tom Hvitved
6a55a22f18 Merge pull request #4781 from hvitved/csharp/persisten-cookie-tests 
C#: Add tests for `PersistentCookie.ql`
 2020-12-07 11:37:16 +01:00
Asger Feldthaus
0496642b0b JS: Add test for captured flow into callback 2020-12-07 10:34:27 +00:00
Asger Feldthaus
355cfaaf42 JS: Autoformat 2020-12-07 10:16:39 +00:00
Asger Feldthaus
1b0bec9143 JS: Remove magic from barrier guard predicates 2020-12-07 10:16:39 +00:00
Asger Feldthaus
fe86465a0b JS: Refactor store/load flow a bit 2020-12-07 10:16:38 +00:00
Asger Feldthaus
f132b4a279 JS: Add type confusion sink for prototype pollution checks 2020-12-07 10:16:38 +00:00
Asger Feldthaus
e10a22ec26 JS: Restrict size of some predicates 2020-12-07 10:16:38 +00:00
Asger Feldthaus
daab3c1437 JS: Add tests and fix some bugs 2020-12-07 10:16:38 +00:00
Asger Feldthaus
0a7513fdfb JS: Move and rename test cases as well 2020-12-07 10:16:38 +00:00
Asger Feldthaus
479dcf56ad JS: Update to use more inclusive language 2020-12-07 10:16:38 +00:00