hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 22:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,357 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.6
Commit Graph

20357 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
b90dd89746 JS: move js/resource-exhaustion to experimental 2021-01-21 09:09:01 +01:00
Esben Sparre Andreasen
5a6e692807 add js/server-crash to the security suite 2021-01-21 08:43:13 +01:00
Esben Sparre Andreasen
9e3cc3b1b2 JS: add qhelp and changenotes for js/server-crash 2021-01-21 08:43:13 +01:00
Tamas Vajk
eb8a52ba8d Add new .stats file 2021-01-20 21:21:03 +01:00
Rasmus Lerchedahl Petersen
419449fb8a Python: default value for argN 2021-01-20 20:33:04 +01:00
Rasmus Lerchedahl Petersen
2409a7899b Python: Remove func tag in some situations. 
Also make ArgumentNode public
 2021-01-20 20:18:40 +01:00
Erik Krogh Kristensen
a44aefa6c9 add test for top-level closure modules - and simplify 2021-01-20 19:47:32 +01:00
Rasmus Lerchedahl Petersen
7a5d553dd2 Merge branch 'main' of github.com:github/codeql into python-dataflow-unpacking-assignment 2021-01-20 19:27:34 +01:00
Geoffrey White
d5d8b48218 C++: More accurate solution using Guards library. 2021-01-20 17:15:42 +00:00
Mathias Vorreiter Pedersen
3877f03a46 Merge pull request #4979 from geoffw0/cpp401 
C++: Improvements to experimental query cpp/memory-leak-on-failed-call-to-realloc
 2021-01-20 18:10:13 +01:00
Luke Cartey
5c6f5b7b33 Java: Track taint through Spring Java bean getters on super types 2021-01-20 16:53:03 +00:00
yoff
e072864948 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-01-20 17:38:34 +01:00
Geoffrey White
439fe41b0a C++: Add a couple more test cases. 2021-01-20 15:33:32 +00:00
yoff
3fc085ff38 Update python/ql/test/experimental/dataflow/TestUtil/RoutingTest.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-01-20 16:11:40 +01:00
yoff
d0663e5c3a Merge pull request #4971 from RasmusWL/avoid-double-route-setup-django 
Python: Avoid duplicated route-setup in django
 2021-01-20 16:10:33 +01:00
Erik Krogh Kristensen
bf518f1c90 flag less overly general functions with js/unneeded-defensive-code 2021-01-20 15:48:12 +01:00
Mathias Vorreiter Pedersen
b0e255eb16 C++: Encapsulate skipSkippableInstructions in a module. 2021-01-20 15:45:37 +01:00
Tamas Vajk
ab8dc27b26 Add missing 'bindingset' 2021-01-20 15:44:05 +01:00
Tamas Vajk
727412b26b Store by-ref type annotation in trap and add tests 2021-01-20 15:44:05 +01:00
Tamas Vajk
2804f5cba9 Add by-ref, and fix pinned CIL extraction 2021-01-20 15:44:05 +01:00
Tamas Vajk
f99bf5755c Merge parameter extraction between methods and function pointers 2021-01-20 15:44:05 +01:00
Tamas Vajk
f986c15200 Add QL classes for CIL function pointers, and add test 2021-01-20 15:44:05 +01:00
Tamas Vajk
0c213d0926 C#: Extract function pointer types from CIL 2021-01-20 15:44:05 +01:00
Mathias Vorreiter Pedersen
f12ebe88e6 Revert "C++: Replace SkippableInstruction with local flow steps." 
This reverts commit 258d04178f. This
change caused a ~20% performance regression.
 2021-01-20 15:43:24 +01:00
Tamás Vajk
5fa0dd719c Merge pull request #4619 from tamasvajk/feature/csharp9-function-pointer 
C#: Extract function pointers
 2021-01-20 15:42:58 +01:00
Rasmus Wriedt Larsen
9a397b6faf Python: Apply code-review suggestion 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-01-20 15:28:20 +01:00
Erik Krogh Kristensen
2e024c3c61 fix that type inference assumed every compound-assignment have type number 2021-01-20 15:26:39 +01:00
ihsinme
4c9de4574a Update CompilerRemovalOfCodeToClearBuffers.ql 2021-01-20 16:24:43 +03:00
CodeQL CI
2f459d9a72 Merge pull request #4977 from RasmusWL/missing-flask-class-view-handler-changenote 
Approved by yoff
 2021-01-20 02:38:30 -08:00
Rasmus Wriedt Larsen
526ccdd227 Python: Add safe example from qhelp to qltests 2021-01-20 11:35:48 +01:00
Rasmus Wriedt Larsen
37aa9b9d06 Python: Add prefix sanitizer on URL redirect query 
This doesn't cover 100% of what we want to, but matches what we used to.
 2021-01-20 11:35:47 +01:00
Rasmus Wriedt Larsen
d8bfa3565f Python: Simple port of URL redirect query 
Still have not added sanitizer, but seems like old sanitizer was a bit too broad
(also covering %-formatting)
 2021-01-20 11:35:44 +01:00
Tamas Vajk
70c302ffbe Add DB upgrade folder for function pointer 2021-01-20 11:20:55 +01:00
Shati Patel
bf0febd9d2 Merge pull request #4982 from github/update-sphix-readme 
Update reference to new CodeQL site
 2021-01-20 09:00:38 +00:00
Anders Schack-Mulligen
9b2f69ca94 Merge pull request #4978 from github/yo-h/struts-xml-change-note 
Java: add change note for `struts.xml` extraction
 2021-01-20 08:59:45 +01:00
Felicity Chapman
e96f942269 Update reference to new CodeQL site 2021-01-19 22:38:12 +00:00
Erik Krogh Kristensen
fbfbe70deb add support for unnamed/default exports in PackageExports.qll 2021-01-19 22:40:45 +01:00
Rasmus Lerchedahl Petersen
5a652ab3aa Python: Add missing test cases 2021-01-19 20:19:45 +01:00
Rasmus Lerchedahl Petersen
23d3343bfb Merge branch 'main' of github.com:github/codeql into python-dataflow-modernize-tests 2021-01-19 18:24:52 +01:00
Rasmus Lerchedahl Petersen
8e126603b3 Python: Remember that old style tests still needs 
updated expectations.
 2021-01-19 18:21:27 +01:00
Rasmus Lerchedahl Petersen
ae38bbe03b Python: Fearlessly adding another test 
in the middle of the file.
 2021-01-19 18:19:11 +01:00
Rasmus Lerchedahl Petersen
69913c053e Python: relative line numbers in 
MISSING-annotations
 2021-01-19 18:10:22 +01:00
Geoffrey White
d2dd19a293 C++: It turns out __assert_fail is special (see DefaultOptions.qll) so we don't need a body here. And the body was wrong. 2021-01-19 16:56:19 +00:00
Geoffrey White
fe4ae7e975 C++: General solution for functions that may exit. 2021-01-19 16:56:19 +00:00
Geoffrey White
8fa3ffe125 C++: Add a few more test cases that we don't recognize as OK. 2021-01-19 16:56:19 +00:00
CodeQL CI
bdfb81064d Merge pull request #4969 from asgerf/js/angular-dom-santizier-from-core 
Approved by erik-krogh
 2021-01-19 08:45:15 -08:00
Erik Krogh Kristensen
2a8a2832e2 Merge pull request #4946 from erik-krogh/libRedos 
JS: Add library input as source for `js/polynomial-redos`
 2021-01-19 17:30:20 +01:00
Tamas Vajk
d34992d36c Add .stats file 2021-01-19 17:26:31 +01:00
Tamas Vajk
35b955f694 Update change note date 2021-01-19 17:26:31 +01:00
Tamas Vajk
f7a0c98cb3 Code quality improvement 2021-01-19 17:26:31 +01:00