hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-30 07:36:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,350 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.5
Commit Graph

20350 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
alexet
2bda26b3df QLSpec: Make qldoc part of the language. 
We have treated it this way for a while internally and it corrects for some minor deviations from the spec.
 2021-01-05 12:52:42 +00:00
Mathias Vorreiter Pedersen
229ab7623e - Add pre-commit hook script to misc/scripts 
- Refer to it in CONTRIBUTING.md
- Add setup note in docs folder
 2021-01-05 13:47:30 +01:00
Chris Smowton
e87fd86e63 Merge pull request #4814 from luchua-bc/java/password-in-configuration 
Java: Password in Java EE configuration files
 2021-01-05 11:42:27 +00:00
Geoffrey White
18890c4a77 C++: Use isAdditionalBarrier in the SqlTainted query. 2021-01-05 11:33:39 +00:00
Geoffrey White
69efe7a72a C++: Add isAdditionalBarrier to DefaultTaintTracking. 2021-01-05 11:32:43 +00:00
CodeQL CI
a5e28ac6d6 Merge pull request #4847 from erik-krogh/afterReDoS 
Approved by esbena
 2021-01-05 01:51:27 -08:00
Anders Schack-Mulligen
26a9ba4aa0 Merge pull request #4898 from JLLeitschuh/feat/JLL/system_get_property 
Add MethodAccessSystemGetProperty predicate
 2021-01-05 10:46:22 +01:00
Jonathan Leitschuh
ba4a562c9a Update PrintAst.actual with new test output 2021-01-04 23:37:58 -05:00
luchua-bc
195755d687 Revamp the query to be more selective 2021-01-05 00:04:08 +00:00
luchua-bc
496db4b42f Factor isGetServletMethod into the servlet library 2021-01-04 16:14:13 +00:00
Rasmus Lerchedahl Petersen
8ceb33d3f7 Python: Also restrict StepSumary::step 2021-01-04 16:42:11 +01:00
Geoffrey White
01b204ea30 C++: Add a test case with a tainted integer. 2021-01-04 15:35:18 +00:00
Geoffrey White
7a3f9c7895 C++: Add a test (cleaned up) that was previously in the internal repo. 2021-01-04 15:35:18 +00:00
Jonathan Leitschuh
028e4756bb Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-01-04 10:13:52 -05:00
luchua-bc
c069a5b4c6 Factor private host regex into the networking library and enhance the query 2021-01-04 14:51:32 +00:00
Erik Krogh Kristensen
368603eefa add change note 2021-01-04 15:23:52 +01:00
Tom Hvitved
7f25efd43f Merge pull request #4858 from hvitved/csharp/merge-format-queries 
C#: Merge queries `FormatInvalid.ql`, `FormatMissingArgument.ql`, and `FormatUnusedArgument.ql`
 2021-01-04 14:53:34 +01:00
Tom Hvitved
1237e566d0 C#: Fix typo 2021-01-04 12:59:45 +01:00
Erik Krogh Kristensen
ce8cc2368b improve precision of intersect 2021-01-04 11:55:51 +01:00
Mathias Vorreiter Pedersen
bb158f1857 C++: Add dataflow testcases that need flow through conflated memory. 2021-01-04 11:43:23 +01:00
Tom Hvitved
c1f822c83f C#: Port SSA performance improvements from Java 2021-01-04 10:18:17 +01:00
Jonas Jensen
86194226e2 Merge pull request #4891 from MathiasVP/get-an-overload-perf-fix 
C++: Fix join order in getAnOverload
 2021-01-04 10:02:59 +01:00
Tom Hvitved
6d973d0103 Merge pull request #4857 from hvitved/csharp/expr-has-value 
C#: Move `Expr::hasValue()` to `DotNet::Expr`
 2021-01-04 10:02:45 +01:00
Mathias Vorreiter Pedersen
134982c5a9 C++: Respond to review comments. 2021-01-04 09:06:58 +01:00
Jonathan Leitschuh
54950c2f42 Add MethodAccessSystemGetProperty predicate 2021-01-01 20:07:45 -05:00
Mathias Vorreiter Pedersen
258d04178f C++: Replace SkippableInstruction with local flow steps. 2020-12-30 13:39:24 +01:00
Mathias Vorreiter Pedersen
454605b7b1 C++: Fix join order in getAnOverload. 2020-12-30 10:34:26 +01:00
neal1991
380d15eabe fix for the dead link, #4885 2020-12-28 10:28:50 +08:00
ihsinme
0c7381a3b0 Add files via upload 2020-12-26 20:45:11 +03:00
ihsinme
cd7c47ea39 Add files via upload 2020-12-26 20:43:25 +03:00
luchua-bc
ffe9d4a310 Sensitive GET Query 2020-12-26 16:51:30 +00:00
Shati Patel
8c7245113d Change ordering of sidebar TOC to match index file 2020-12-23 17:16:56 +00:00
Shati Patel
050b15103e Convert remaining notes to pull-quote directives 2020-12-23 17:13:24 +00:00
Shati Patel
dc528767f6 Don't turn arrow into ▶ emoji 2020-12-23 16:47:37 +00:00
Shati Patel
ff8e9e6adf Fix code block in other CodeQL docs 2020-12-23 12:41:46 +00:00
madneal
583395d862 fix LineComment and BlockComment level 2020-12-23 19:49:30 +08:00
neal1991
623de3df41 the level of HTMLHtmlCommentStart and HtmlCommentEnd should be same 2020-12-23 19:18:13 +08:00
Shati Patel
f1d8d9414f Fix code blocks in QL language reference 2020-12-23 10:49:23 +00:00
Shati Patel
a14f53c02f Set default highlighting language to "none" globally 
Otherwise Python is the default
 2020-12-23 10:29:10 +00:00
Shati Patel
c2fdb47abe Docs: Fix CSS for "pull-quotes" 2020-12-23 07:30:11 +00:00
Mathias Vorreiter Pedersen
6545d0b53a C++: Move conflation check into each disjunct. 2020-12-22 16:56:30 +01:00
Mathias Vorreiter Pedersen
d2d8377e88 Update cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-12-22 16:34:53 +01:00
Erik Krogh Kristensen
44571ffeea use the full ascii set instead of a few chosen chars 2020-12-22 16:00:23 +01:00
Mathias Vorreiter Pedersen
b95cf94824 Update cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-12-22 15:57:34 +01:00
Erik Krogh Kristensen
303408b774 remove duplicate char 2020-12-22 15:48:24 +01:00
Erik Krogh Kristensen
354954c80c changes based on review 2020-12-22 15:41:06 +01:00
Mathias Vorreiter Pedersen
ec35e0d518 C++: Respond to review comments. 2020-12-22 15:22:33 +01:00
Rasmus Wriedt Larsen
3094aedf14 Python: Fix regression in ConceptTests 
I accidentially deleted that line :D
 2020-12-22 14:42:53 +01:00
Erik Krogh Kristensen
530a4aea35 Merge branch 'main' into shellSanitizer 2020-12-22 13:57:15 +01:00
Erik Krogh Kristensen
f7f88689c4 use strings in isTypeofGard 2020-12-22 13:55:32 +01:00