hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-13 14:34:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,680 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
ecbbcc2f61 Merge pull request #4066 from Marcono1234/marcono1234/simplify-VarAccess-isLValue 
[Java] Simplify VarAccess.isLValue()
 2020-08-13 16:40:28 +02:00
Geoffrey White
7349333006 C++: Taint through char append. 2020-08-13 15:13:47 +01:00
Geoffrey White
3c0e7a709f C++: Add a test of append with CharT. 2020-08-13 14:52:34 +01:00
Geoffrey White
732a8fa4c9 C++: Add another member function. 2020-08-13 14:52:34 +01:00
Jonas Jensen
36373fce9b C++: Deprecate DataFlow::definitionByReferenceNode 
This predicate name was only used in IR data flow, not in AST data flow.
 2020-08-13 15:27:35 +02:00
Jonas Jensen
3f383784cd C++: QLDoc formatting fixup 2020-08-13 15:27:35 +02:00
Jonas Jensen
f70a17b858 C++: clearer wording in asExpr doc 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2020-08-13 15:27:35 +02:00
Jonas Jensen
5ae8b02bde C++: Clarify the docs on DataFlow::Node::asExpr 
For IR data flow I also added a `definitionByReferenceNodeFromArgument`
predicate to improve compatibility with AST data flow.
 2020-08-13 15:27:35 +02:00
CodeQL CI
6c60589dbd Merge pull request #4063 from erik-krogh/noJsMsg 
Approved by esbena
 2020-08-13 14:02:18 +01:00
Anders Schack-Mulligen
3469ad7ca6 Merge pull request #3600 from luchua-bc/java-sensitive-log4j2-logging 
Add Log4J 2 and a new search string secret
 2020-08-13 13:35:52 +02:00
Tom Hvitved
46f10fc032 C#: Restrict DataFlowType to types belonging to Nodes 2020-08-13 13:16:10 +02:00
Marcono1234
cca2d9d825 Simplify VarAccess.isLValue() 2020-08-13 13:12:57 +02:00
Tom Hvitved
dcccdee227 C#: Speed up Implements.qll and Unification.qll 
Restrict constructed GVN types to those that are complete, and reduce
intermediate string construction in `toString()` computations.
 2020-08-13 13:11:04 +02:00
Shati Patel
b1be3672e7 Merge pull request #4058 from shati-patel/metadata 
Docs: Add metadata option missing from reference table
 2020-08-13 11:31:52 +01:00
Erik Krogh Kristensen
15a74493e0 more permissive path elements in js/incomplete-url-substring-sanitization 2020-08-13 11:46:13 +02:00
Erik Krogh Kristensen
3fb9c28806 adjust comment about slash position 2020-08-13 11:46:13 +02:00
Erik Krogh Kristensen
dc6943b739 Update change-notes/1.26/analysis-javascript.md 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-08-13 11:34:53 +02:00
Erik Krogh Kristensen
2c7bb8c51f adjust error message when files have been found while extracting 2020-08-13 11:18:27 +02:00
Taus Brock-Nannestad
a1a1218f95 Python: Ignore from foo import * when foo is absent. 2020-08-13 10:50:28 +02:00
Taus Brock-Nannestad
dc5c0f8e7a Python: Add test case for missing modules 2020-08-13 10:49:11 +02:00
Geoffrey White
f5abf74e0f Update cpp/ql/src/Microsoft/SAL.qll 
Co-authored-by: Robert Marsh <rdmarsh2@gmail.com>
 2020-08-13 09:05:22 +01:00
Anders Schack-Mulligen
8891ae70b6 Merge pull request #3938 from lcartey/java/untrusted-data-to-external-api 
Java: Untrusted data used in external APIs
 2020-08-13 09:53:57 +02:00
Erik Krogh Kristensen
d35d3f4271 add test for catch with type unknown 2020-08-13 09:37:55 +02:00
Erik Krogh Kristensen
d95d427c5b better support for the &&=, ||=, and ??= operators 2020-08-13 09:22:32 +02:00
Jonas Jensen
5e5a112c36 C++: Change note 2020-08-13 08:37:13 +02:00
Rasmus Lerchedahl Petersen
3f2fcbf0ae Python: Remove most noise in the query output 
Just a quick change, the query should probably be rewritten
 2020-08-13 08:23:12 +02:00
Rasmus Lerchedahl Petersen
2cc7712d40 Python: Annotate test cases 2020-08-13 08:02:42 +02:00
james
5fed92b2d0 remove new line 2020-08-12 20:30:24 +01:00
Shati Patel
78948139fd Add metadata option missing from reference table 2020-08-12 17:25:54 +01:00
Geoffrey White
2655616a0a C++: Autoformat. 2020-08-12 16:59:15 +01:00
Geoffrey White
9719da8643 C++: Move a class that looks like it's intended to be public (and is used outside of the library) above the 'Implementation details' threshold. 2020-08-12 16:58:50 +01:00
Geoffrey White
d444778535 C++: Make a few things in SAL.qll private where it looks like that was intended (and they're not used outside the file). 2020-08-12 16:57:43 +01:00
Geoffrey White
aa6cb51bba C++: QLDoc SAL.qll. 2020-08-12 16:55:26 +01:00
Rasmus Lerchedahl Petersen
6dfa2ea9d5 Python: update test expectation 2020-08-12 16:59:06 +02:00
Erik Krogh Kristensen
fd9eb1d40b use Identifier instead of just a plain string when getting tuple-element-names 2020-08-12 16:55:55 +02:00
Rasmus Lerchedahl Petersen
20ffb3fd4c Python: tests for argument routing 
Needs annotations
 2020-08-12 15:43:07 +02:00
Tamas Vajk
def1d888c6 C#: Add body of partial methods 2020-08-12 15:22:14 +02:00
lcartey@github.com
6f83c55ebd Java: Switch to low as a precision 
Code Scanning doesn't support "very-low"
 2020-08-12 13:48:59 +01:00
CodeQL CI
66541f260b Merge pull request #4012 from erik-krogh/getId 
Approved by asgerf, esbena
 2020-08-12 13:28:18 +01:00
Erik Krogh Kristensen
dc55ce2bf0 add change note 2020-08-12 14:27:33 +02:00
Erik Krogh Kristensen
1d111c3e1f expand what urls are detected by js/incomplete-url-substring-sanitization 2020-08-12 14:25:35 +02:00
Luke Cartey
56ff8cf084 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-08-12 13:12:06 +01:00
CodeQL CI
aa9dfa0d6f Merge pull request #4039 from intrigus-lgtm/patch-3 
Approved by erik-krogh
 2020-08-12 13:07:22 +01:00
Geoffrey White
b99ca60154 C++: Address review comments. 2020-08-12 12:56:28 +01:00
Erik Krogh Kristensen
a7a016c5df update expected output 2020-08-12 13:29:43 +02:00
Jonas Jensen
b4679cb8cf C++: Autoformat fixup 2020-08-12 13:09:23 +02:00
Jonas Jensen
93d8d8eb1d C++: Demonstrate range analysis MulExpr bugs 
Unless these issues can be reproduced in far less contrived code, I
don't think they will cause problems in practice.
 2020-08-12 12:10:23 +02:00
Erik Krogh Kristensen
0e33eae960 add dbscheme upgrade script 2020-08-12 11:50:32 +02:00
james
bc02348a83 fix up table and remove another extra space 2020-08-12 09:54:42 +01:00
James Fletcher
f9f5a69a9f Apply suggestions from @hubwriter's code review 
Co-authored-by: Alistair Christie <54933897+hubwriter@users.noreply.github.com>
 2020-08-12 09:53:12 +01:00