hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-29 23:26:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,651 Commits 1,673 Branches 157 Tags
codeql-cli/v2.5.2
Commit Graph

21651 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Marsh
89148a9ec7 C++: respond to further PR comments 2019-01-08 09:34:26 -08:00
Robert Marsh
ae4ffd9166 C++: respond to PR comments, add some TODOs 2019-01-08 09:34:25 -08:00
Robert Marsh
fe32aea31f C++: fix/add comments 2019-01-08 09:34:25 -08:00
Robert Marsh
ed68f9150a C++: Initial implementation of new range analysis 2019-01-08 09:34:23 -08:00
Robert Marsh
a06a20dbab C++: move SimpleRangeAnalysis tests 2019-01-08 09:34:23 -08:00
Jonas Jensen
1be91b5df5 C++: Use IPA for Pos and Spec 
This is cleaner than extending `int` and working with magic numbers.
Performance appears to be unaffected.
 2019-01-08 16:23:11 +01:00
Anders Schack-Mulligen
0a9222b772 Java: Add change note. 2019-01-08 15:50:14 +01:00
Anders Schack-Mulligen
51f5198404 Java: Remove old dataflow library. 2019-01-08 13:52:24 +01:00
Asger F
45a5d0ee3a JS: autoformat 2019-01-08 12:30:07 +00:00
Asger F
6816f33a3d JS: Handle case-insensitive lodash imports 2019-01-08 12:29:28 +00:00
Jonas Jensen
dba3351d2c C++: Update comments based on PR feedback 2019-01-08 13:29:03 +01:00
Anders Schack-Mulligen
ab44e5603c Java: Reduce precision of java/user-controlled-bypass. 2019-01-08 13:07:34 +01:00
Anders Schack-Mulligen
06e48ca19f Java: Update test. 2019-01-08 11:57:54 +01:00
Max Schaefer
8951eaead3 JavaScript: Improve caching of getACallee and related predicates. 2019-01-08 09:42:44 +00:00
Max Schaefer
627583fffa JavaScript: Refactor UselessConditional for performance. 2019-01-08 09:40:49 +00:00
Anders Schack-Mulligen
9530eb6cdb Java: Switch to built-in gcd. 2019-01-08 10:07:51 +01:00
Max Schaefer
de429752d1 JavaScript: Restructure implementation of DataFlow::SourceNode. 
It now uses a facade pattern similar to `InvokeNode`: the range of the class is defined by an abstract class `DataFlow::SourceNode::Range`, while the actual behaviour is defined by the (no longer abstract) `SourceNode` class itself.

Clients that want to add new source nodes need to extend `DataFlow::SourceNode::Range`, those that want to refine the behaviour of existing source nodes should extend `DataFlow::SourceNode` itself.

While this is technically a breaking API change, I think separating the two aspects in this way is cleaner and makes it easier to use, and improves performance as well.
 2019-01-08 08:01:20 +00:00
semmle-qlci
8b8b352439 Merge pull request #715 from xiemaisi/js/autoformat 
Approved by asger-semmle
 2019-01-07 22:09:05 +00:00
Raul Garcia
18bb6696e0 Fixing conditional only issue. 
I changed  to detect any logical operation usage (i.e. !, ==), but I kept usage in a conditional directly as a separate detection condition. I found no false positives on the projects you shared with me previously.
 2019-01-07 10:44:11 -08:00
yh-semmle
0b19f41093 Merge pull request #728 from aschackmull/java/qltest-qlpath 
Java: Add .qlpath to the test dir.
 2019-01-07 11:34:45 -05:00
Taus Brock-Nannestad
f9c6b0eedc Add change note for 1.20 2019-01-07 15:35:19 +01:00
Taus Brock-Nannestad
9ac50186f6 Add a few more insecure versions 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
1af503ab84 Address documentation comments. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
46973f4305 Support from ssl import PROTOCOL_.... 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
e8a41f719c Add documentation. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
dfe3fc6d5c Pass pyOpenSSL method as parameter instead of keyword argument. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
d604f5c9c9 Fix insecure_version_name comments. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
a893dca06e Add support for ssl.SSLContext. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
0a839f8468 Python: Check for insecure versions of SSL and TLS. 2019-01-07 15:24:15 +01:00
Anders Schack-Mulligen
203c9fb9d8 Java: Restrict attention to integral types in IntMultToLong. 2019-01-07 14:27:52 +01:00
Anders Schack-Mulligen
e0d3be7dbc Java: Add .qlpath to the test dir. 2019-01-07 13:25:20 +01:00
Calum Grant
6f827140d7 Merge pull request #710 from hvitved/csharp/extractor/standalone-runtimes 
C#: Improve logic for looking up .NET runtime in standalone mode
 2019-01-07 10:22:17 +00:00
Max Schaefer
31bb39a810 JavaScript: Autoformat all QL files. 2019-01-07 10:15:45 +00:00
Max Schaefer
aa6b89dc34 Merge pull request #723 from Semmle/qlucie/master 
Master-to-next merge
 2019-01-07 07:59:54 +00:00
Raul Garcia
880306c621 Removing duplicated results 2019-01-04 10:45:43 -08:00
Pavel Avgustinov
42cf76027a Merge branch 'cs/assembly-labels' of https://github.com/calumgrant/ql into HEAD 2019-01-04 18:23:49 +00:00
Tom Hvitved
6fccfa3b0a C#: Fix CFG for foreach statements with tuple declarations 2019-01-04 18:51:55 +01:00
Tom Hvitved
72b3514970 C#: Add CFG tests for foreach statements with multipe variable declarations 2019-01-04 18:17:48 +01:00
calum
651d207d0d C#: Fix assembly labels. 2019-01-04 16:19:43 +00:00
Jonas Jensen
26f32f0d6d C++: Initial version of CFG.qll 
This implements calculation of the control-flow graph in QL. The new
code is not enabled yet as we'll need more extractor changes first.

The `SyntheticDestructorCalls.qll` file is a temporary solution that can
be removed when the extractor produces this information directly.
 2019-01-04 13:34:36 +01:00
Max Schaefer
b4f400fb23 Merge remote-tracking branch 'upstream/next' into qlucie/master 2019-01-04 10:35:57 +00:00
Tom Hvitved
c962f55cd0 C#: Address review comments 2019-01-04 11:32:23 +01:00
Jonas Jensen
a47faa2272 C++: Add ConditionDeclExpr convenience predicates 
Also expand the QLDoc.
 2019-01-04 10:24:08 +01:00
Jonas Jensen
ca0517b3d6 C++: LocalVariable docs 2019-01-04 10:24:08 +01:00
Jonas Jensen
8f9849b30b C++: Add BuiltInIntAddr class for __INTADDR__ 2019-01-04 10:24:08 +01:00
semmle-qlci
6b27dcabc5 Merge pull request #704 from asger-semmle/ts-binary-exprs 
Approved by esben-semmle
 2019-01-04 08:37:41 +00:00
Jonas Jensen
79e246f961 Merge pull request #722 from geoffw0/doc-macroinv 
CPP: Improve qldoc for MacroAccess and MacroInvocation.
 2019-01-04 08:40:37 +01:00
Jonas Jensen
8b06b311a0 Merge pull request #668 from ian-semmle/condexpr 
C++: Follow changes in how conditional expressions are represented in the database
 2019-01-04 07:20:49 +01:00
Ian Lynagh
187fdf67b0 C++: Rename twoOperand to isTwoOperand 2019-01-03 21:09:49 +00:00
Ian Lynagh
98e8858dc6 C++: Accept test changes 2019-01-03 21:09:49 +00:00