hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 14:46:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,357 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.6
Commit Graph

20357 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ihsinme
f94a7fc2f0 Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-28 15:47:38 +03:00
Mathias Vorreiter Pedersen
5a420f2bae C++: Use the new predicates for uniform treatment of parameters and qualifiers in model dataflow. 2021-01-28 13:33:08 +01:00
ihsinme
8ed28157e1 Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-788/semmle/tests/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.expected to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-788/semmle/tests/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.expected 2021-01-28 15:28:52 +03:00
ihsinme
f65ec97ac2 Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-788/semmle/tests/test.c to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-788/semmle/tests/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen/test.c 2021-01-28 15:28:34 +03:00
ihsinme
8880b38b1f Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-788/semmle/tests/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.qlref to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-788/semmle/tests/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.qlref 2021-01-28 15:28:15 +03:00
Rasmus Wriedt Larsen
b6007cf324 Merge pull request #5023 from yoff/python-unify-synthetic-post-update-nodes 
Python: Only generate one post-update node, even if there are multiple reasons for doing so.
 2021-01-28 13:11:50 +01:00
Rasmus Wriedt Larsen
173012578e Python: Add missing type-tracking step for django.views 
Easy to overlook, and will onyl be caught by tests if they use `import
parent.thing` and not `from parent import thing`
 2021-01-28 12:10:42 +01:00
Rasmus Wriedt Larsen
54725ccbb9 Python: Support full-path import of Django View class 
requestHandler still MISSING :(
 2021-01-28 12:10:40 +01:00
Rasmus Wriedt Larsen
61d69f2cc8 Python: Add test for full-path import of Django View class 2021-01-28 12:10:39 +01:00
ihsinme
2b4296feb1 Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-28 13:38:26 +03:00
ihsinme
cf565970e3 Merge pull request #1 from github/main 
update fork
 2021-01-28 13:26:11 +03:00
yoff
1068edeb28 Merge pull request #5038 from RasmusWL/import-fix 
Python: Fix too many results from DataFlow::importNode
 2021-01-28 11:25:17 +01:00
Mathias Vorreiter Pedersen
2c70106d2d Merge pull request #5009 from ihsinme/ihsinme-patch-219 
CPP: add query for CWE-788 Access of memory location after the end of a buffer using strncat.
 2021-01-28 11:10:30 +01:00
Anders Schack-Mulligen
bbdd7c9b57 Merge pull request #4963 from joefarebrother/guava-collections 
Java: Add flow steps for Guava collection utilities
 2021-01-28 11:01:03 +01:00
Mathias Vorreiter Pedersen
7affbfc6cb C++: Add tests. 2021-01-28 10:57:39 +01:00
Mathias Vorreiter Pedersen
6255662114 C++: Add two new model implementation classes. 2021-01-28 10:57:30 +01:00
Tom Hvitved
e6f81bcf0b C#: Update expected test output 2021-01-28 10:34:50 +01:00
Tom Hvitved
6ee5cdf2b2 C#: Simpler data-flow modelling of parameters 2021-01-28 10:34:47 +01:00
Jonas Jensen
69ce24d4b8 Merge pull request #5035 from MathiasVP/implied-deref-flow 
C++: Implied dataflow models
 2021-01-28 09:35:58 +01:00
Tom Hvitved
65ea01e145 Merge pull request #4999 from hvitved/csharp/dataflow/phi-input 
C#: Adjust flow into phi nodes
 2021-01-28 09:07:01 +01:00
luchua-bc
ab7d257569 Add more cases and change EC to 256 bits 2021-01-28 04:06:27 +00:00
luchua-bc
2ac7b4bab4 Update qldoc 2021-01-28 04:06:27 +00:00
luchua-bc
058f3af4b2 Refactor the hasShortSymmetricKey method 2021-01-28 04:06:27 +00:00
luchua-bc
cbaee937d0 Optimize the query 2021-01-28 04:06:27 +00:00
luchua-bc
cfc950f803 Query for weak encryption: Insufficient key size 2021-01-28 03:25:15 +00:00
luchua-bc
6a93099b64 Simplify the query and update qldoc 2021-01-28 03:02:53 +00:00
Rasmus Lerchedahl Petersen
0e0b18c214 Python: Adjust comment based on review. 2021-01-28 01:09:03 +01:00
Robert Marsh
0addce5be4 Merge pull request #5036 from MathiasVP/memcpy-models 
C++: Model aliasing of memcpy-like functions and include more functions
 2021-01-27 14:38:08 -08:00
Rasmus Lerchedahl Petersen
ae2c122159 Python: Small refactor 
- align synthetic pre-update nodes with synthetic post -update nodes
- move the classes into the modules
- rename modules after the new main class (eliding "needs")
 2021-01-27 23:15:50 +01:00
Mathias Vorreiter Pedersen
24f76f9a17 C++: Accept test changes. 2021-01-27 21:57:12 +01:00
Rasmus Lerchedahl Petersen
2120868939 Python: format 2021-01-27 19:48:01 +01:00
yoff
2c5da85e3b Update python/ql/src/semmle/python/dataflow/new/internal/DataFlowPrivate.qll 
Co-authored-by: Taus <tausbn@github.com>
 2021-01-27 19:43:40 +01:00
Rasmus Wriedt Larsen
5646af56dd Python: Fix too many results from DataFlow::importNode 2021-01-27 19:11:55 +01:00
Rasmus Wriedt Larsen
0d42e546a0 Python: Add deep import chain to import-helper tests 2021-01-27 19:09:09 +01:00
Rasmus Wriedt Larsen
44bb41e84b Python: Add extra type-tracking test for "long" import chain 
While trying to debug an other problem related to full import of django view, I
stumbled upon this oddity. (yikes)
 2021-01-27 19:06:51 +01:00
Mathias Vorreiter Pedersen
c90dc62cc4 C++: Autoformat. 2021-01-27 18:57:09 +01:00
Mathias Vorreiter Pedersen
aec18e7123 C++: Add mempcpy to MemcpyFunction model class. 2021-01-27 18:12:32 +01:00
Mathias Vorreiter Pedersen
5aff5c3254 C++: Add AliasFunction model to MemcpyFunction. 2021-01-27 18:12:02 +01:00
Mathias Vorreiter Pedersen
066f83630d C++: bcopy can never be in the std namespace. 2021-01-27 18:07:14 +01:00
Ian Lynagh
3880b48736 C++: Add an upgrade script 2021-01-27 16:31:56 +00:00
Tamas Vajk
ca5e3b4489 Add new .stats file 2021-01-27 17:18:50 +01:00
Ian Lynagh
307bef0ec3 C++: decltypes may have multiple expressions 2021-01-27 16:06:42 +00:00
Mathias Vorreiter Pedersen
52e2a69db9 C++: Accept test changes. 2021-01-27 16:56:37 +01:00
Mathias Vorreiter Pedersen
32b5c7fe06 C++: Model implied dataflow 2021-01-27 16:53:21 +01:00
Tamas Vajk
034d0a7b10 Add DB upgrade folder for binary patterns 2021-01-27 16:47:15 +01:00
Tamas Vajk
552e11de19 Fix change note date 2021-01-27 16:42:03 +01:00
Tamas Vajk
669e207600 Fix sign analysis expected file 2021-01-27 16:40:56 +01:00
Geoffrey White
a4d7bfbb2b Merge pull request #5031 from MathiasVP/remove-linear-scan-of-functions-2 
C++: Remove more linear scans
 2021-01-27 14:29:27 +00:00
Tamas Vajk
d1cc2cc999 Remove code duplication 2021-01-27 13:52:12 +01:00
Tamas Vajk
5157236999 Fix doc comments 2021-01-27 13:49:13 +01:00