hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-31 08:06:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
353505ec6c Python: Handle content of Django redirects correctly 2020-11-04 12:10:58 +01:00
Taus
180373c41d Merge pull request #4597 from yoff/python-fix-ql-doc 
Python: Fix ql doc
 2020-11-04 11:37:32 +01:00
Rasmus Wriedt Larsen
92dc7dc2f3 Python: Use mimetype instead of content-type in django modeling 
This enables the XSS query to actually find results from django responses.
 2020-11-04 11:34:20 +01:00
Alvaro Muñoz
aa7b87aa33 Update java/change-notes/2020-11-04-commonslang-unsafe-deserialization-sinks.md 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-11-04 10:58:27 +01:00
Alvaro Muñoz
b284141a16 Merge branch 'new_deser_sink' of https://github.com/pwntester/ql into new_deser_sink 2020-11-04 10:51:07 +01:00
Alvaro Muñoz
436563d914 ChangeNote for new unsafe deserialization sinks 2020-11-04 10:50:50 +01:00
Anders Schack-Mulligen
22b4df0f3c Merge pull request #4512 from luchua-bc/sensitive-broadcast 
Java: Sensitive broadcast
 2020-11-04 10:47:48 +01:00
Alvaro Muñoz
6f78b725e6 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-11-04 10:43:37 +01:00
Anders Schack-Mulligen
14c4d8d565 Java: Add change note for #3812. 2020-11-04 10:15:08 +01:00
Anders Schack-Mulligen
26495225e0 Update java/ql/src/experimental/Security/CWE/CWE-927/SensitiveBroadcast.qhelp 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2020-11-04 10:05:55 +01:00
luchua-bc
3f0cdb6a1a Update qldoc and comments 2020-11-03 19:40:28 +00:00
Tom Hvitved
c5abf29dfc C#: Update flow-summary test 2020-11-03 20:28:42 +01:00
Dave Bartolomeo
4cc9110dbd Fix test expectation 2020-11-03 13:39:33 -05:00
Calum Grant
4259c81061 Merge pull request #4599 from github/calumgrant/catchup-1.26 
Catchup 1.26
 2020-11-03 17:16:05 +00:00
Dave Bartolomeo
f0b9794907 Merge remote-tracking branch 'upstream/main' into work 2020-11-03 11:33:44 -05:00
luchua-bc
fa54c23a83 Handle the edge case that an exception is rethrown in a catch clause 2020-11-03 16:31:12 +00:00
Anders Schack-Mulligen
92494441a7 Merge pull request #4554 from aschackmull/dataflow/reverse-partial 
Dataflow: Add support reverse partial flow exploration.
 2020-11-03 15:34:30 +01:00
Tom Hvitved
438b8dd273 C#: Fix typos 2020-11-03 14:57:07 +01:00
Erik Krogh Kristensen
b02004430c prune results that end with newline, where the input cannot contain newlines 2020-11-03 14:48:39 +01:00
Erik Krogh Kristensen
120faf9d1a add a code injection sink for JSDOM when "runScripts" is set to "dangerously" 2020-11-03 14:29:00 +01:00
Tom Hvitved
f4d1d73bcd C#: Shared interface/implementation for flow summaries 2020-11-03 13:47:28 +01:00
luchua-bc
f8fd2ea821 Add qldoc and autoformat query 2020-11-03 12:23:40 +00:00
Rasmus Lerchedahl Petersen
1023b239e4 Python: Simplify doc 2020-11-03 12:10:00 +01:00
yoff
d6a33a1253 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-11-03 12:04:43 +01:00
yoff
104ff5d217 Merge pull request #4596 from RasmusWL/python-import-customizations 
Python: Import Customizations into python
 2020-11-03 11:49:51 +01:00
Rasmus Lerchedahl Petersen
b71ea40dbd Python: QL doc for Werkzeug 2020-11-03 11:44:48 +01:00
Rasmus Lerchedahl Petersen
1773cc3a38 Python: QL doc for MySQLdb 2020-11-03 11:39:28 +01:00
Rasmus Lerchedahl Petersen
01783acca6 Python: QL doc for RemoteFlowSources 2020-11-03 11:37:34 +01:00
Rasmus Lerchedahl Petersen
f44cbf4b6c Python: QL doc for TypeTracker 2020-11-03 11:32:57 +01:00
Rasmus Lerchedahl Petersen
50eb51b6fe Python: QL doc for StepSummary 2020-11-03 11:30:52 +01:00
Rasmus Lerchedahl Petersen
6103dbcfff Python: QL doc for Node 2020-11-03 11:13:58 +01:00
Rasmus Lerchedahl Petersen
2bb1917733 Python: QlDoc for content 2020-11-03 11:10:33 +01:00
Rasmus Wriedt Larsen
c04e96453d Update ::Range part of CodeQL design patterns 
Co-authored-by: Pavel Avgustinov <54942558+p0@users.noreply.github.com>
 2020-11-03 11:07:11 +01:00
Jonas Jensen
76fd710946 Merge pull request #4571 from MathiasVP/better-syntax-for-false-positives-and-negatives-inline-expectation 
C++/Python: Better syntax for false positives and negatives in inline expectations
 2020-11-03 11:05:21 +01:00
Rasmus Wriedt Larsen
cac336d053 Python: Import Customizations into python 
Using the pattern from JS and Java to make this the _first_ import in `<lang>.qll`
 2020-11-03 10:23:05 +01:00
Jonas Jensen
5680b2df13 Merge remote-tracking branch 'upstream/main' into better-syntax-for-false-positives-and-negatives-inline-expectation 
Required fixing up semantic conflicts in tests.

Conflicts:
	python/ql/test/experimental/library-tests/frameworks/stdlib/Decoding.py
 2020-11-03 09:47:26 +01:00
Anders Schack-Mulligen
89361a3b75 Merge pull request #3812 from luchua-bc/java-android-remote-source 
Java: Add remote source of Android intent extra
 2020-11-03 09:35:40 +01:00
Anders Schack-Mulligen
2971784f9c Dataflow: Add missing qldoc and sync. 2020-11-03 09:21:48 +01:00
Anders Schack-Mulligen
7eb64aa998 Dataflow: Code review fixes. 2020-11-03 09:16:20 +01:00
Anders Schack-Mulligen
1ae76a80aa Dataflow: Fix qldoc. 2020-11-03 09:16:20 +01:00
Anders Schack-Mulligen
d5be4d7b92 Dataflow: Add support reverse partial flow exploration. 2020-11-03 09:16:19 +01:00
Dave Bartolomeo
0d1fbd1bdc Fix annotations 2020-11-02 18:03:40 -05:00
Taus
82f37e97c8 Merge pull request #4595 from tausbn/python-promote-dataflow-libraries 
Python: Promote experimental data-flow libraries
 2020-11-02 23:55:05 +01:00
Dave Bartolomeo
e9d1f0dacf Merge remote-tracking branch 'upstream/main' into work 2020-11-02 17:31:15 -05:00
Taus Brock-Nannestad
69d2d714a2 Python: Update identical-files.json 2020-11-02 23:25:58 +01:00
Taus Brock-Nannestad
5dadb0f476 Python: Fix imports in tests 2020-11-02 23:02:29 +01:00
Taus Brock-Nannestad
8752b1af1e Python: Fix up remaining data-flow library copies 2020-11-02 23:02:04 +01:00
Robert Marsh
0e4d69709f C++/C#: autoformat 2020-11-02 14:00:53 -08:00
Robert Marsh
f917cf826f C++: accept test output 2020-11-02 13:59:23 -08:00
Taus Brock-Nannestad
b7773849d7 Python: Fix up some comments 2020-11-02 22:57:40 +01:00