hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-11 05:30:24 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,679 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
7ea6c1bcbe CPP: Add a test of AV Rule 186.ql. 2019-04-10 18:08:10 +01:00
Ziemowit Laski
dc7497835e [CPP-340] Make the query more strict (again). 2019-04-10 09:55:37 -07:00
Max Schaefer
301dab0e40 JavaScript: Improve AMD support in type inference. 
Now leverages the recently introduced logic for resolving AMD imports
based on unique matching paths.
 2019-04-10 09:47:54 -07:00
Max Schaefer
20312fc3bf JavaScript: Improve socket.io model. 
Recognise `io` imports and use type-tracking to better track handlers.
 2019-04-10 08:02:40 -07:00
Asger F
bfa6208a58 TS: Fix test output 2019-04-10 15:44:37 +01:00
Asger F
ef7bde472b TS: Fix javadoc 2019-04-10 15:33:39 +01:00
Max Schaefer
6ac72bd469 Update javascript/ql/src/semmle/javascript/TypeScript.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-04-10 15:33:22 +01:00
Asger F
91f4916d07 TS: update supported compiler versions 2019-04-10 14:13:45 +01:00
Asger F
78b00e16d7 TS: change note 2019-04-10 14:11:11 +01:00
Asger F
4b4e7eb5ff TS: update trap test output 2019-04-10 13:17:15 +01:00
Asger F
d28597ffbb TS: DB upgrade script and stats 2019-04-10 13:13:46 +01:00
Esben Sparre Andreasen
b86f43be98 JS: reformulate CallToObjectDefineProperty::getAPropertyAttribute 2019-04-10 14:03:28 +02:00
Asger F
c1c7ebfc48 TS: Support const type assertions 2019-04-10 12:54:42 +01:00
Asger F
d5ae69d40a TS: Support readonly type expressions 2019-04-10 12:26:46 +01:00
Asger F
11f460c6a3 JS: Generalize KeyofTypeExpr to UnaryTypeExpr 2019-04-10 12:21:28 +01:00
Tom Hvitved
813dfc6417 C++: Generalize data-flow library in preparation for C# adoption 2019-04-10 13:05:39 +02:00
Tom Hvitved
18ced249ab Java: Generalize data-flow library in preparation for C# adoption 2019-04-10 13:05:31 +02:00
Asger F
8304ce1e16 TS: Update test output with new toString value 2019-04-10 11:34:27 +01:00
Asger F
65d863f8fb TS: update to TypeScript 3.4 2019-04-10 11:18:23 +01:00
Geoffrey White
5101a5bc3d Merge pull request #1056 from jbj/SimpleRangeAnalysis-use-after-cast 
C++: Fix use-after-cast bug in SimpleRangeAnalysis
 2019-04-10 11:04:20 +01:00
Jonas Jensen
01fc721497 C++: Fixup test annotation 2019-04-10 09:28:06 +02:00
Robert Marsh
75ab311c3a Merge pull request #1223 from geoffw0/commentedoutcode 
CPP: Detect commented out preprocessor logic
 2019-04-09 16:16:19 -04:00
Robert Marsh
c9fbbfe7d8 Merge pull request #984 from rdmarsh2/rdmarsh/cpp/ir-stmtexpr 
C++: add support for GNU StmtExpr in IR
 2019-04-09 12:54:35 -04:00
Tom Hvitved
006692524b C#: Improve CFG for (potential) dynamic accessor calls 2019-04-09 15:26:42 +02:00
Tom Hvitved
fcad129135 C#: Add CFG tests for (potential) dynamic accessor calls 2019-04-09 15:26:36 +02:00
Esben Sparre Andreasen
e70413922b Update javascript/ql/src/semmle/javascript/frameworks/Cheerio.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-04-09 14:25:33 +01:00
Esben Sparre Andreasen
2113e6e4d3 Update javascript/ql/src/semmle/javascript/frameworks/Cheerio.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-04-09 14:25:19 +01:00
Esben Sparre Andreasen
ad119dae21 Update javascript/ql/src/semmle/javascript/frameworks/jQuery.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-04-09 14:25:11 +01:00
Esben Sparre Andreasen
b72c678b2c Update javascript/ql/src/semmle/javascript/frameworks/jQuery.qll 
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com>
 2019-04-09 14:25:01 +01:00
Mark Shannon
97a9954e72 Merge pull request #1222 from taus-semmle/python-unify-old-and-new-query-suites 
Python: Make old query suites point to new query suites.
 2019-04-09 14:04:21 +01:00
Geoffrey White
13ed50f049 CPP: Improve the regexp. 2019-04-09 13:08:31 +01:00
Geoffrey White
d70e7ceafe CPP: Additional test cases. 2019-04-09 13:04:32 +01:00
Jonas Jensen
ca71ac7c36 C++: Accept improved test output 2019-04-09 13:38:52 +02:00
Geoffrey White
ddb1b0ac1c CPP: Declaration -> definition. 2019-04-09 12:35:20 +01:00
Asger F
39bafa354e JS: Add change note 2019-04-09 12:22:20 +01:00
Asger F
bd1d9ed810 JS: Add test 2019-04-09 12:21:54 +01:00
Asger F
0fcdf91d4a JS: Add model of cheerio 2019-04-09 12:21:54 +01:00
Jonas Jensen
fd4967e6f1 C++: Fix SnprintfOverflow issues 
Requiring strict inclusion between types turned out to cause false
positives in `SnprintfOverflow`, which relied indirectly on
`RangeAnalysisUtils::linearAccessImpl` to identify acceptable bounds
checks. This query was particularly affected because `snprintf` returns
`int` (signed) but takes `size_t` (unsigned), so conversions are bound
to happen.
 2019-04-09 11:05:14 +02:00
Esben Sparre Andreasen
e7adb62288 Merge pull request #1221 from asger-semmle/contextual-typing 
TS: Extract contextual type for object/array literals
 2019-04-09 10:43:01 +02:00
Esben Sparre Andreasen
9d1f511ca0 JS: fixup missing space 2019-04-09 10:39:26 +02:00
Esben Sparre Andreasen
89596052cf JS: autoformat TypeTracking.qll 2019-04-09 10:39:26 +02:00
Taus
adf8cdcde5 Merge pull request #1203 from markshannon/python-taint-tracking-configuration-2 
Python: Use taint tracking configuration for queries.
 2019-04-09 10:01:35 +02:00
Tom Hvitved
3f403b8f0d Merge pull request #1208 from felicity-semmle/support/SD-3189-move 
Documentation: move support information into a version-neutral location
 2019-04-09 10:01:14 +02:00
semmle-qlci
92acd322fc Merge pull request #1218 from esben-semmle/js/whitelist-typeconfusion-lt1-checks 
Approved by asger-semmle
 2019-04-09 01:11:34 +01:00
Robert Marsh
fd7512c447 C++: accept test change in SignAnalysis 2019-04-08 14:10:37 -04:00
Geoffrey White
5bd5b1b6ce CPP: Change note. 2019-04-08 18:19:30 +01:00
Geoffrey White
48fff334da CPP: Detect commented preprocessor code. 2019-04-08 18:17:23 +01:00
Geoffrey White
4d67bd32dd CPP: Move comments explaining implementation details into the body of 'looksLikeCode'. 2019-04-08 18:14:54 +01:00
Rebecca Valentine
c120cca9d3 better explanation of null sensitive contexts 2019-04-08 10:12:04 -07:00
Geoffrey White
f432f1a03a CPP: Autoformat CommentedOutCode.qll. 2019-04-08 18:00:49 +01:00