hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-09 20:50:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,679 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
335a969946 JS: fix performance in ObjectDefinePropertyAsPropWrite::getRhs 2019-03-22 12:29:34 +01:00
Geoffrey White
a319356b00 CPP: Change note. 2019-03-22 11:09:52 +00:00
Geoffrey White
444259a9ad CPP: Back out support for 'SysAllocString', as PointsTo doesn't support the free(pointer-to-pointer) pattern in 'SysReAllocString' leading to unaccaptable FPs. 2019-03-22 10:59:51 +00:00
Geoffrey White
fbe584f3e1 CPP: Support more MS alloc functions. 2019-03-22 10:59:51 +00:00
Mark Shannon
57368921d2 Python: Fix Builtin.isClass() and use in ClassObject. Also fix a couple of typos. 2019-03-22 10:00:14 +00:00
semmle-qlci
4075f570e2 Merge pull request #1151 from xiemaisi/rc/1.20-merge-master 
Approved by asger-semmle, hvitved
 2019-03-22 07:34:00 +00:00
Taus
36c7a8430a Merge pull request #1112 from markshannon/python-forward-compatible-points-to-extensions 
Python: Allow points-to extensions to specify just the object.
 2019-03-21 19:20:44 +01:00
Mark Shannon
8ab4dae2fa Merge pull request #1150 from taus-semmle/python-fix-insecure-default-protocol-fp 
Python: Fix false positive for `py/insecure-default-protocol`.
 2019-03-21 18:16:05 +00:00
Mark Shannon
d056af323d Merge pull request #1140 from taus-semmle/python-rename-query-suites 
Python: Copy query suites from `python2` to `python`.
 2019-03-21 17:51:05 +00:00
Jonas Jensen
db8db8669b Merge pull request #1141 from geoffw0/newfreebug 
CPP: Fix a bug in NewFree.qll
 2019-03-21 17:22:00 +01:00
Geoffrey White
37bd4725ee Merge pull request #1149 from jbj/resource-not-released-in-destructor-Qt 
C++: Fix special-casing of Qt library in resource-not-released-in-destructor
 2019-03-21 16:13:25 +00:00
Max Schaefer
8c460ae385 Merge remote-tracking branch 'upstream/master' into rc/1.20-merge-master 
Conflict in `javascript/extractor/src/com/semmle/js/extractor/Main.java` resolved
in favour of `master`.
 2019-03-21 14:46:29 +00:00
semmle-qlci
fb499b02d5 Merge pull request #1138 from asger-semmle/ts-import-namespace-as-type 
Approved by xiemaisi
 2019-03-21 14:43:48 +00:00
semmle-qlci
313134cb8c Merge pull request #1148 from xiemaisi/js/adm-zip 
Approved by esben-semmle
 2019-03-21 14:00:30 +00:00
semmle-qlci
395089d35e Merge pull request #1147 from xiemaisi/js/show-char-code 
Approved by asger-semmle
 2019-03-21 13:59:59 +00:00
Taus Brock-Nannestad
5eb63ae048 Fix false positive and add test. 2019-03-21 14:10:05 +01:00
Taus Brock-Nannestad
9cb35a8ca9 Use correct named argument for ssl.SSLContext. 2019-03-21 14:09:25 +01:00
Jonas Jensen
552842346c C++: Fix special-casing of Qt library 
The `Expr.getType` predicate returns a pointer type since that's the
type of the `new`-expression as a whole. To find the class type, we use
`NewExpr.getAllocatedType`.

This commit reduces the number of alerts in a Qt snapshot from 229 to
51, and it removes the two false positives in
https://github.com/Subsurface-divelog/subsurface.
 2019-03-21 13:37:18 +01:00
Jonas Jensen
a59a9f6075 C++: Add test cases for Qt's QObject 
The Qt library requires client code to call `new` but not `delete`.
 2019-03-21 13:31:50 +01:00
Asger F
1a6c95c908 TS: update test expectation 2019-03-21 11:06:04 +00:00
Geoffrey White
867f357b36 CPP: Correct the test. 2019-03-21 10:57:44 +00:00
Calum Grant
f20041d41f Merge pull request #1133 from hvitved/csharp/more-performance-tweaks 
C#: More performance tweaks
 2019-03-21 10:46:07 +00:00
Max Schaefer
1835028b93 JavaScript: Show character code when reporting unexpected character. 2019-03-21 10:44:49 +00:00
Max Schaefer
4533e1f6fe JavaScript: Add model of adm-zip library for ZipSlip query. 2019-03-21 08:04:06 +00:00
Ziemowit Laski
5a092d0fed [CPP-340] Create three QL queries: (1) mismatched argument types, 
(2) too few arguments and (3) too many arguments.
    Create new 'UnderspecifiedFunction' folders for both queries and tests.
 2019-03-20 19:42:51 -07:00
Geoffrey White
5a56740ee6 Merge pull request #1124 from jbj/weak-cryptographic-algorithm-perf 
C++: Fix performance of BrokenCryptoAlgorithm.ql
 2019-03-20 18:01:58 +00:00
Taus Brock-Nannestad
391e111189 Use attr instead of getAttribute. 2019-03-20 17:41:23 +01:00
Taus Brock-Nannestad
f14f7b50ed Python: Use ModuleObject::named more consistently. 2019-03-20 17:41:23 +01:00
Taus Brock-Nannestad
c64372886c Fix typo. 2019-03-20 17:15:41 +01:00
Geoffrey White
2fdd33eecd CPP: Change note. 2019-03-20 15:48:02 +00:00
Geoffrey White
91bef02257 CPP: Add a 1.21 CPP change notes file (couldn't find the templates). 2019-03-20 15:48:00 +00:00
Geoffrey White
faeb326bf8 CPP: Use newer dataflow for the fix. 2019-03-20 15:47:48 +00:00
Geoffrey White
7d8886e30c CPP: Fix over-enthusiastic dataflow in allocExprOrIndirect. 2019-03-20 15:40:02 +00:00
Geoffrey White
ea7e8927fe CPP: Add a test similar to the false positive in arvidn/libtorrent. 2019-03-20 15:35:58 +00:00
Tom Hvitved
414b7243c2 C#: More performance tweaks 2019-03-20 15:43:38 +01:00
Taus Brock-Nannestad
a6708572c0 Python: Copy query suites from python2 to python. 2019-03-20 15:33:54 +01:00
Asger F
5768d85c7b TS: fix trap test output 2019-03-20 12:46:52 +00:00
Geoffrey White
8a693699fc Merge pull request #1139 from jbj/return-stack-allocated-typo 
C++: Fix typo in ReturnStackAllocatedMemory.ql
 2019-03-20 11:36:12 +00:00
Taus
20e2f9ee4e Remove extraneous period. 2019-03-20 11:48:02 +01:00
Jonas Jensen
401b5648be C++: Fix typo in ReturnStackAllocatedMemory.ql 2019-03-20 11:27:34 +01:00
Asger F
8201e7ea27 TS: update trap test output 2019-03-20 10:23:28 +00:00
Asger F
aaa8bfb874 TS: allow namespace imports as types 2019-03-20 10:09:18 +00:00
Ziemowit Laski
2def0ee9c1 [CPP-340] Re-work QL query; treat undeclared C functions the same way as 
()-declared functions.
 2019-03-19 16:01:35 -07:00
Ziemowit Laski
5d8b84c22a Refine QL query by requiring that a ()-declaration be present. 2019-03-19 16:00:22 -07:00
Ziemowit Laski
0c350dc504 [CPP-340] Create QL query for function call argument count mismatches. 
Update QHELP file, test and test results.
 2019-03-19 16:00:02 -07:00
zlaski-semmle
241994d1f8 Merge pull request #1107 from zlaski-semmle/cpp355 
Updated query to look for Microsoft-specific '_alloca' and '_malloca'
Merge to Semmle/ql:master.
 2019-03-19 13:40:27 -07:00
Ziemowit Laski
09e729ff59 Turns out that '__builtin_alloca' takes 'unsigned long', not 'unsigned long long'; rename some parameters to align with C11 standard. 2019-03-19 13:27:14 -07:00
Ziemowit Laski
11ed4f3312 Change __builtin_alloca declaration to use an unsigned long long parameter. 2019-03-19 13:12:29 -07:00
Ziemowit Laski
ff3430d8d0 Use '// GOOD' and '// BAD' annotations for query diagnostics. 2019-03-19 12:29:38 -07:00
Max Schaefer
b211a54181 Merge pull request #1132 from xiemaisi/mergeback-2019-03-19 
Merge rc/1.20 into master
 2019-03-19 17:28:52 +00:00