hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-28 05:42:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,651 Commits 1,685 Branches 159 Tags
codeql-cli/v2.5.2
Commit Graph

21651 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
9b89602a86 C++: Make var name in qhelp match source snippet 2019-11-15 11:16:34 +01:00
Calum Grant
aac360463b C#: Tests for default interface methods. 2019-11-15 10:13:04 +00:00
Jonas Jensen
7485cc76b2 C++: Edit Recommendation section 
1. The two last examples were misleading at best. The first of those two
   recommended casting to non-negative `int`s to `unsigned int` and then
   checking if their addition would overflow, but overflow was
   impossible because their sum (on 32-bit two's complement) could be at
   most 2^32 - 2. The second example could lead to the wrong condition
   (unsigned overflow) being checked if taken literally. Instead of
   keeping that example, I reworeded the first paragraph of the
   Recommendation section.
2. The assumptions about `delta` being positive was relaxed to
   non-negative.
3. There was no need to assume that an unsigned short was non-negative.
4. Some of the suggestions were missing `i >`.
 2019-11-15 11:05:00 +01:00
Esben Sparre Andreasen
a6dbf5fbad Update change-notes/1.23/analysis-javascript.md 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-11-15 10:43:04 +01:00
Esben Sparre Andreasen
c3fdfdecab JS: rename DefaultParsedCommandLineArgumentsAsSource 2019-11-15 10:40:15 +01:00
Asger F
7a489afdda JS: Add change note 2019-11-15 09:27:21 +00:00
Asger F
66db38266b JS: Add qldoc to HostnameRegexpShared 2019-11-15 09:27:21 +00:00
Asger F
6809eed543 JS: Stats and upgrade script 2019-11-15 09:27:21 +00:00
Asger F
607aed37ee Update javascript/ql/src/semmle/javascript/Expr.qll 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-11-15 09:27:21 +00:00
Asger F
77e5305b9b Update javascript/ql/src/Security/CWE-020/IncompleteHostnameRegExp.ql 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-11-15 09:27:21 +00:00
Asger F
37aa85fe81 JS: Fix parsing of non-BMP chars before a quantifier 2019-11-15 09:27:21 +00:00
Asger F
8fcf7a265a JS: Remove unused OffsetTranslationBuilder class 2019-11-15 09:27:21 +00:00
Asger F
4d1f7836f2 JS: Check for [^.] 2019-11-15 09:27:21 +00:00
Asger F
a7a90b4b7e JS: Disregard capture groups in lookaround assertions 2019-11-15 09:27:20 +00:00
Asger F
2242df920f JS: More qldoc 2019-11-15 09:27:20 +00:00
Asger F
dc6c15cbb9 Update javascript/ql/src/semmle/javascript/Regexp.qll 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-11-15 09:27:20 +00:00
Asger F
dd9274e42c JS: Docs regarding regexp terms in string literals 2019-11-15 09:27:20 +00:00
Asger F
c2e0c8cb39 JS: Do not extract string literal types as regexps 2019-11-15 09:27:20 +00:00
Asger F
57a9cad721 JS: Fix offsets of octal and unicode escape 2019-11-15 09:27:20 +00:00
Asger F
4680e3a89a JS: Simplify charpred of Match 2019-11-15 09:27:20 +00:00
Asger F
c01005a610 JS: Remove outdated comment 2019-11-15 09:27:20 +00:00
Asger F
e01a9846d8 JS: Update test annotations 2019-11-15 09:27:20 +00:00
Asger F
153d34638b JS: Fix a FP 2019-11-15 09:27:20 +00:00
Asger F
8c5b9b9195 JS: Add missing post-anchor case to MissingRegExpAnchor 2019-11-15 09:27:20 +00:00
Asger F
17ad97812e JS: Fix FPs from TLDs without a domain name 2019-11-15 09:27:20 +00:00
Asger F
20fb7717d8 JS: Use type inference to refine regexp string tracking 2019-11-15 09:27:20 +00:00
Asger F
e45c361d64 JS: Port IncompleteHostnameRegExp 2019-11-15 09:27:20 +00:00
Asger F
9ecab1b5d5 JS: Port unanchored RegExp query but for hostnames only 2019-11-15 09:27:20 +00:00
Asger F
e5f2f9e43e JS: Do not flag semi-anchored regexps in .replace() 2019-11-15 09:27:20 +00:00
Asger F
cae09a447b JS: Update test case 2019-11-15 09:27:20 +00:00
Asger F
3e37950170 JS: Whitelist one more FP case 2019-11-15 09:27:20 +00:00
Asger F
2b151cd587 JS: Include anchor direction in message 2019-11-15 09:27:20 +00:00
Asger F
3e952cf564 JS: Restrict semi-anchored regex query more 2019-11-15 09:27:19 +00:00
Asger F
0726bd8cac JS: Add double semi-anchored test case 2019-11-15 09:27:19 +00:00
Asger F
9fa9729470 JS: Shift line numbers in SemiAnchoredRegExp testcase 2019-11-15 09:27:19 +00:00
Asger F
8bc89ee254 JS: Update semi-anchored regex query 2019-11-15 09:27:19 +00:00
Asger F
c21d095d38 JS: Restrict RegExp queries to actual regular expressions 2019-11-15 09:27:19 +00:00
Asger F
b8711fc642 JS: Extend RegExpTerm in ReDoS 2019-11-15 09:27:19 +00:00
Asger F
b6c1c174a9 JS: Deabstractify RegExpTerm classes 2019-11-15 09:27:19 +00:00
Asger F
e0bdc777b9 JS: Make ReDoS check string-based regexes 2019-11-15 09:27:19 +00:00
Asger F
97e5da1046 JS: Update ReDoS query 2019-11-15 09:27:19 +00:00
Asger F
57de6382cd JS: Update QL API 2019-11-15 09:27:19 +00:00
Asger F
d3302c39c0 JS: Fix offsets in regexes parsed from strings with escapes 2019-11-15 09:27:19 +00:00
Asger F
2901b5e8bd JS: Add OffsetTranslation table (preserving behavior) 2019-11-15 09:27:19 +00:00
Asger F
c327ee5d4f JS: Update TRAP 2019-11-15 09:27:19 +00:00
Asger F
591fffc5cc JS: Add test case for wide constants in char class 2019-11-15 09:27:19 +00:00
Asger F
68d23bcf8c JS: Extract surrogate pairs as one constant node 2019-11-15 09:27:19 +00:00
Asger F
6e1c995f2f JS: Merge consecutive constants in RegExps 2019-11-15 09:27:19 +00:00
Asger F
0e1246c0e5 JS: Extract RegExp ASTs from string literals 2019-11-15 09:27:18 +00:00
Asger F
0cf191f70d JS: Bump extractor version string 2019-11-15 09:27:18 +00:00