hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-29 07:06:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
3922082e7d CPP: Tidy and simplify AV Rule 79.ql. 2018-09-21 19:35:23 +01:00
Raul Garcia
75ef377ac1 Replace Unicode apostrophe with ANSI single quote 2018-09-21 11:34:22 -07:00
Raul Garcia
94f752c59c Merge branch 'users/raulga/HESULT' of https://github.com/raulgarciamsft/ql into users/raulga/HESULT 2018-09-21 11:14:49 -07:00
Raul Garcia
783be15a45 Fixing typos & ID. 
NOTE: There is an ongoing discussion on the proper CWE we should use
 2018-09-21 11:14:14 -07:00
Nick Rolfe
e21a5e4b4c Merge pull request #214 from jbj/mergeback-20180921_104253 
Mergeback rc/1.18 -> master
 2018-09-21 17:54:28 +01:00
semmle-qlci
d281558fb1 Merge pull request #218 from yh-semmle/java/query-severities 
Approved by aschackmull
 2018-09-21 16:59:03 +01:00
Geoffrey White
d5a48ad63e CPP: Additional test cases. 2018-09-21 15:55:29 +01:00
Asger F
4797924bea JS: review comments 2018-09-21 14:46:21 +01:00
Asger F
d2a04d32be JS: add change note 2018-09-21 13:20:02 +01:00
Asger F
5f467d2fc5 JS: recognize CSRF middleware from lusca package 2018-09-21 13:15:40 +01:00
calum
abe5d0dd72 C#: Fixes to stub generation. 2018-09-21 13:06:33 +01:00
Asger F
6f109a742f JS: add a test case for res.sendfile 2018-09-21 11:04:33 +01:00
Geoffrey White
84f9900c8c CPP: Exclude placement new. 2018-09-21 10:53:42 +01:00
Geoffrey White
c7aa5c169b CPP: Add a test of placement new for AV Rule 79.ql. 2018-09-21 10:47:00 +01:00
Jonas Jensen
e2a17e9740 Merge remote-tracking branch 'upstream/rc/1.18' into mergeback-20180921_104253 2018-09-21 10:45:54 +02:00
Esben Sparre Andreasen
8a950a587d Merge pull request #208 from aeyerstaylor/fix-qltest-change 
JavaScript: Fix expected output due to qltest change.
 2018-09-21 08:08:50 +02:00
Raul Garcia
5ccc1a32aa Merge branch 'master' into master 2018-09-20 16:30:48 -07:00
Raul Garcia
48c99fb1d1 Setting a SECURITY_DESCRIPTOR’s DACL to NULL 
Closing the gap between Semmle & PreFAST
This rule is equivalent to C6248
 2018-09-20 16:28:37 -07:00
Raul Garcia
64b8a5ba01 Merge branch 'master' into users/raulga/HESULT 2018-09-20 16:20:26 -07:00
Raul Garcia
b0ec929aad Cast between semantically different integer types: HRESULT to/from a Boolean type. 
Closing the gap between Semmle and PreFast.
Covers C6214, C6215, C6216, C6217, C6230
 2018-09-20 16:16:32 -07:00
Robert Marsh
e2d24a2743 C++: fix comment 2018-09-20 13:07:36 -07:00
Robert Marsh
9011e1381b C++: handle conversions in IR to AST translation 2018-09-20 12:56:43 -07:00
Robert Marsh
cc97cf9297 C++: add isReachableFromFunctionEntry 2018-09-20 10:06:19 -07:00
Robert Marsh
4c94144089 C++: remove abstract classes in IR 2018-09-20 10:06:18 -07:00
Robert Marsh
755e21d355 C++: improve conversion handling in IRGuards.qll 2018-09-20 10:06:18 -07:00
Robert Marsh
e40ce91e7e C++: document new IR class and predicates 2018-09-20 10:06:18 -07:00
Robert Marsh
d6cea1b203 C++: Add class and predicates to other IR stages 2018-09-20 10:06:17 -07:00
Robert Marsh
b5cd48d819 C++: comments on new classes and predicates 2018-09-20 10:06:17 -07:00
Robert Marsh
0273b20743 C++: make internal classes private 2018-09-20 10:06:17 -07:00
Robert Marsh
ad8f30d2f7 C++: accept test output and add IR guards tests 2018-09-20 10:06:17 -07:00
Robert Marsh
d7e630b3c6 C++: Add IR-based port of Guards library 
For ease of reviewing, I've checked in the .expected files from the
AST-based guards library. The next commit accepts output for these tests
and adds tests that use getAST rather than the translation layer.
 2018-09-20 10:06:16 -07:00
Robert Marsh
4e1a37cd6e C++: add isStrict to RelationalInstruction 2018-09-20 10:06:16 -07:00
Robert Marsh
27a83e65b2 C++: add RelationalOpcode and RelationalInstruction 2018-09-20 10:06:16 -07:00
Robert Marsh
69962bd06c Merge pull request #203 from dave-bartolomeo/dave/GVN 
C++: Initial attempt at IR-based value numbering
 2018-09-20 10:00:45 -07:00
Dave Bartolomeo
5a25602c28 C++: Move GVN out of "internal" directory 2018-09-20 08:21:15 -07:00
Dave Bartolomeo
27cee9bd80 C++: Handle inheritance conversions in IR GVN 2018-09-20 08:00:38 -07:00
alexet
b94df82833 JavaScript: Fix expected output due to qltest change. 2018-09-20 15:56:20 +01:00
calum
593f0a9d71 C#: Implement query and script for generating C# qltest stubs. 2018-09-20 15:01:26 +01:00
semmle-qlci
f146e34e26 Merge pull request #207 from dave-bartolomeo/dave/JSNewlines 
Approved by esben-semmle
 2018-09-20 14:49:54 +01:00
Anders Schack-Mulligen
4d46385c51 Merge pull request #206 from yh-semmle/java/codeowners 
Java: add Semmle/java team to `CODEOWNERS`
 2018-09-20 09:24:14 +02:00
Dave Bartolomeo
e06969ddb4 JavaScript: Normalize .mjs files to LF 2018-09-19 21:33:39 -07:00
Dave Bartolomeo
524c67c3fb JavaScript: Normalize .ts line endings to LF 2018-09-19 21:33:35 -07:00
Dave Bartolomeo
2b9f42b308 JavaScript: Force LF for .json and .yml 2018-09-19 21:33:32 -07:00
Dave Bartolomeo
b12c739915 JavaScript: Normalize line endings of .js and .html files 
Added .gitattributes files for the two directories where we intentionally have line endings other than LF
 2018-09-19 21:33:27 -07:00
Dave Bartolomeo
bd156757d3 C++: Remove accidental add of IR.md 2018-09-19 14:26:17 -07:00
semmle-qlci
4aca8f4fd3 Merge pull request #201 from asger-semmle/string-concatenation-squashed 
Approved by esben-semmle
 2018-09-19 21:59:17 +01:00
semmle-qlci
2f4aa647be Merge pull request #200 from esben-semmle/js/post-polish-167 
Approved by asger-semmle
 2018-09-19 21:43:17 +01:00
ian-semmle
ebc924a6f9 Merge pull request #204 from nickrolfe/std_layout 
C++: add Class::isStandardLayout()
 2018-09-19 17:32:19 +01:00
yh-semmle
7d69c84453 Java: tweak some query metadata 
The severity of four queries is reduced to `warning`.
 2018-09-19 11:04:21 -04:00
Asger F
1d793c0a7b JavaScript: fix expected output 2018-09-19 14:33:23 +01:00