hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-27 05:13:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,689 Branches 159 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
04868e5b97 JS: format qhelp examples 2019-06-03 17:05:19 +02:00
Mark Shannon
fc2ac891f8 Python taint-tracking: Don't track strings through json.decode(). 2019-06-03 15:53:36 +01:00
Esben Sparre Andreasen
9e0a97e82f JS: address qhelp review comments 2019-06-03 16:39:39 +02:00
Tom Hvitved
2d0554a7ee C#: Address review comments 2019-06-03 16:00:22 +02:00
Tom Hvitved
f95dd6bb35 Guard tests 2019-06-03 16:00:22 +02:00
Tom Hvitved
25cb01ffea C#: Handle discard variable declarations in switch expressions 2019-06-03 15:50:41 +02:00
Tom Hvitved
8c1cab2d03 C#: Simplify extraction of is expressions and case statements 2019-06-03 15:50:41 +02:00
Esben Sparre Andreasen
bf51c54338 JS: add RegExpPatternSource::getAParse to hide the subclasses 2019-06-03 14:23:22 +02:00
Esben Sparre Andreasen
7b652214c5 JS: address docstring comments 2019-06-03 13:59:39 +02:00
Mark Shannon
6a79e0aaa7 Python points-to: Prevent bad magic on 'refersTo' member predicates. 2019-06-03 12:22:22 +01:00
Mark Shannon
8d4a8a6c6b Python: Reduce the number of strings and ints identified and possible hard-coded credentials. 2019-06-03 12:22:15 +01:00
semmle-qlci
bd1920c948 Merge pull request #1390 from xiemaisi/js/shrink-configurations 
Approved by esben-semmle
 2019-06-03 12:05:09 +01:00
Jonas Jensen
ab6221d48e Merge pull request #1388 from Semmle/xiemaisi-patch-1 
CPP: Fix name of example file in qhelp.
 2019-06-03 13:00:25 +02:00
Calum Grant
032a6b1c7c Merge pull request #1375 from hvitved/csharp/switch-expr-guard 
C#: Switch expression guards
 2019-06-03 11:15:10 +01:00
Max Schaefer
d8a101df6d JavaScript: Shrink Configurations.qll some more. 2019-06-03 10:32:25 +01:00
Max Schaefer
5f32e1f637 CPP: Fix name of example file in qhelp. 
This seems to have been missed in https://github.com/Semmle/ql/pull/1315.
 2019-06-03 08:54:54 +01:00
Esben Sparre Andreasen
14644270ac JS: fix comment typo 2019-06-03 08:32:35 +02:00
Esben Sparre Andreasen
7018a38691 JS: improve tests and regexp for js/regex/missing-regexp-anchor 2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen
3289c629f7 JS: address minor review comments 2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen
0fa73b8331 JS: add query js/regex/missing-regexp-anchor 2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen
69db54a03a JS: add anchors to js/incomplete-hostname-regexp examples 2019-06-03 08:27:49 +02:00
Esben Sparre Andreasen
3358e49698 JS: refactor the predicate RegExp::regexp to three classes. 
This preserves the ad hoc message formatting in IncompleteHostnameRegExp.ql
 2019-06-03 08:27:49 +02:00
Esben Sparre Andreasen
98ae2597bb JS: refactor IncompleteHostnameRegExp::regexp to RegExp.qll 2019-06-03 08:27:49 +02:00
semmle-qlci
79406f8387 Merge pull request #987 from rdmarsh2/rdmarsh/cpp/ir-asm-stmt 
Approved by dave-bartolomeo
 2019-06-03 07:03:28 +01:00
Jonas Jensen
c9a0eed6e8 Merge pull request #1379 from geoffw0/ctime-repair 
CPP: Add DangerousFunctionOverflow.ql to the security suite.
 2019-06-02 09:56:01 +02:00
Robert Marsh
4371d02a1f C++: accept SignAnalysis.expected 2019-05-31 13:35:05 -07:00
Robert Marsh
5dd8c9cd4e C++: revert InlineAsm subclassing SideEffectOpcode 2019-05-31 13:28:26 -07:00
Robert Marsh
2770b2a9b9 C++: respond to PR comments 2019-05-31 13:19:40 -07:00
Robert Marsh
98d6f5919f C++: Treat asmStmt operands as input/output in IR 2019-05-31 12:51:44 -07:00
Robert Marsh
66d1efdb97 C++: respond to PR comments 2019-05-31 12:42:04 -07:00
Dave Bartolomeo
0bfc559cb1 Apply suggestions from code review 
Co-Authored-By: rdmarsh2 <rdmarsh2@gmail.com>
 2019-05-31 12:29:23 -07:00
Robert Marsh
23560436a7 C++: add minimal AsmStmt support to IR 2019-05-31 12:29:19 -07:00
semmle-qlci
3851261230 Merge pull request #1378 from jbj/hasQualifiedName-inline-namespace 
Approved by dave-bartolomeo
 2019-05-31 19:39:42 +01:00
semmle-qlci
c0440cf7f5 Merge pull request #1386 from asger-semmle/prototype-change-note 
Approved by xiemaisi
 2019-05-31 19:30:30 +01:00
semmle-qlci
d741e0b20c Merge pull request #1382 from jbj/redundant-null-check-gvn 
Approved by dave-bartolomeo
 2019-05-31 16:28:01 +01:00
Mark Shannon
66ba1079f3 Python points-to: Cache objects. 2019-05-31 16:26:43 +01:00
Mark Shannon
f6cc0be4a4 Python points-to. Move extension to prevent points-to being recomputed. 2019-05-31 16:26:43 +01:00
Mark Shannon
f311c2013e Python points-to: Cache a few key predicates. 2019-05-31 16:26:43 +01:00
Mark Shannon
1de0dc9282 Python taint-tracking: Fix performance of pathalogically slow predicate. 2019-05-31 16:26:43 +01:00
Mark Shannon
b182abd119 Python points-to: Fix up a number of overly slow predicates. 2019-05-31 16:26:43 +01:00
Mark Shannon
8e2d6c4fc6 Python points-to: Simplify logic w.r.t. comparisons. 2019-05-31 15:58:35 +01:00
Max Schaefer
c560096b17 JavaScript: Make Script and CodeInAttribute concrete. 2019-05-31 12:04:14 +01:00
Asger F
a4a9e951d5 JS: Add query ID to change note 2019-05-31 11:44:06 +01:00
Asger F
ffb3265b26 JS: Mention results are shown on LGTM 2019-05-31 11:35:35 +01:00
Asger F
5170fa2ded JS: Add change note for prototype pollution 2019-05-31 10:58:56 +01:00
semmle-qlci
653c8b8496 Merge pull request #1358 from AlexTereshenkov/master 
Approved by taus-semmle
 2019-05-31 10:16:44 +01:00
Max Schaefer
74688bb600 Merge pull request #1341 from esben-semmle/js/sync-suites 
JS: Add queries to the manual suite for LGTM constistency
 2019-05-31 08:18:08 +01:00
Jonas Jensen
fff6c386c9 Merge pull request #1381 from dave-bartolomeo/dave/CopyCtor 
C++: Make `constructor-used-as-copy-constructor` warning/low
 2019-05-31 09:15:37 +02:00
Max Schaefer
3097037a6f Merge pull request #1290 from esben-semmle/js/semver-lib 
JS: add SemVer library
 2019-05-31 08:09:24 +01:00
Calum Grant
5b8c6d4789 Merge pull request #1377 from hvitved/csharp/useless-upcast 
C#: Teach `cs/useless-upcast` about disambiguating constructor calls
 2019-05-31 06:51:39 +01:00