hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-29 15:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,651 Commits 1,673 Branches 157 Tags
codeql-cli/v2.5.2
Commit Graph

21651 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
1a0a8c931f C++: Fix name clash in data flow imports 
The AST-based data flow libraries and the IR-based ones both define
modules `DataFlow`, `DataFlow2`, etc. This caused
`ImportAdditionalLibraries.ql` to fail in compilation.
 2018-12-13 09:53:20 +00:00
Geoffrey White
e443eb8889 CPP: Fix type logic. 2018-12-13 09:49:32 +00:00
Max Schaefer
e194021c3b Merge pull request #629 from esben-semmle/js/persistent-read-taint 
JS: add persistent storage taint steps
 2018-12-13 08:24:42 +00:00
Max Schaefer
969fe6e4f1 Merge pull request #657 from esben-semmle/js/classify-more-files 
JS: classify additional files
 2018-12-13 08:20:33 +00:00
Max Schaefer
e8c8360ad1 Merge pull request #659 from esben-semmle/js/more-constant-string-usage 
JS: replace StringLiteral with ConstantString in two queries
 2018-12-13 08:19:22 +00:00
Max Schaefer
f1dcec8369 Merge pull request #667 from asger-semmle/ts-binding-pattern-with-defaults 
TS: fix extraction of binding pattern with default
 2018-12-13 08:18:22 +00:00
Max Schaefer
54bb9d185f Merge pull request #632 from asger-semmle/pseudo-random-bytes 
JS: add crypto.pseudoRandomBytes as source in InsecureRandomness.ql
 2018-12-13 08:14:40 +00:00
Max Schaefer
df42707050 Merge pull request #675 from asger-semmle/window.name 
JS: Add window.name as remote flow source
 2018-12-13 08:13:15 +00:00
Max Schaefer
3f185364f9 Merge pull request #669 from adityasharad/merge/master-next-111218 
Merge master into next.
 2018-12-13 07:58:58 +00:00
Geoffrey White
c904a338f7 CPP: Add test cases. 2018-12-12 23:47:48 +00:00
Tom Hvitved
b155a0f5fb C#: Avoid computing CIL strings and non-PDB locations in data flow library 
Computing strings and locations for CIL instructions can be quite time consuming.
The CIL `toString()`s are not very helpful in path explanations, and their locations
are only useful when a PDB source file exists. Therefore, produce a simple constant
`toString()`, and restrict locations to those in PDB files.
 2018-12-12 21:58:16 +01:00
Tom Hvitved
344466a8c1 C#: Cache DataFlow::Node::getEnclosingCallable() 2018-12-12 21:49:21 +01:00
semmle-qlci
1470f9fb70 Merge pull request #677 from aschackmull/java/change-note-cfg-cast 
Approved by felicity-semmle
 2018-12-12 18:24:45 +00:00
Aditya Sharad
f92456fcad Merge master into next. 
Conflict in `cpp/ql/test/library-tests/sideEffects/functions/sideEffects.expected`,
resolved by accepting test output (combining changes).
 2018-12-12 17:26:18 +00:00
Aditya Sharad
41a48078f7 Merge pull request #673 from calumgrant/cs/sync-files 
C#: Sync samples and qltest cases
 2018-12-12 17:10:00 +00:00
calumgrant
8e546a30b0 Merge pull request #637 from hvitved/csharp/cfg/throwing-callable 
C#: Fix a bug in `ThrowingCallable`
 2018-12-12 16:58:28 +00:00
calum
2bbd55519b C#: Add tests for C# 7.3 features. 2018-12-12 16:44:55 +00:00
Asger F
635a3cb1ec JS: add FunctionNode.getThisParameter 2018-12-12 16:26:02 +00:00
calum
5596bc8827 C#: Add change note. 2018-12-12 16:16:07 +00:00
Anders Schack-Mulligen
2150af9732 Java: Add change note about CFG cast deprecation. 2018-12-12 15:04:19 +00:00
Anders Schack-Mulligen
12bc1fc656 Merge pull request #581 from jf205/metadata-guide 
Query metadata style guide: add to ql/docs
 2018-12-12 12:55:20 +00:00
Asger F
a96c53f9b8 JS: restrict when a variable reference is considered a source 2018-12-12 12:28:26 +00:00
Asger F
14621760bb JS: add window.name as DOM-based remote flow source 2018-12-12 12:22:39 +00:00
Tom Hvitved
74167e478a C#: Cache NamedElement::getLabel() 2018-12-12 13:16:28 +01:00
Tom Hvitved
6918dad1db C#: Refactor localFlowStep() 
Using the `forceCachingInSameStage()` trick, we can get rid of the non-cached version
of local flow, while still computing it in the same stage.
 2018-12-12 13:14:22 +01:00
Tom Hvitved
1366638f06 C#: Fix whitespaces 2018-12-12 13:13:13 +01:00
Geoffrey White
5e39e0ed65 CPP: Change note. 2018-12-12 11:39:20 +00:00
Geoffrey White
2f3a874c7d CPP: Fix false positives when a member variable is released via the target of a function pointer. 2018-12-12 11:38:44 +00:00
Geoffrey White
370387a9ca CPP: Fix false positives when member variable is released via an ExprCall. 2018-12-12 11:38:44 +00:00
Geoffrey White
e408f18766 CPP: Fix false positives when member variable is released via capture inside lambda expression. 2018-12-12 11:38:44 +00:00
Geoffrey White
6efd481118 CPP: Make references to the 'kind' of an alloc/delete consistent (this used to be called the 'release' or 'releaseName'). 2018-12-12 11:38:44 +00:00
Geoffrey White
8e2459a6b7 CPP: Add similar test cases with function pointers. 2018-12-12 11:38:44 +00:00
Geoffrey White
77c1ad47f9 CPP: Add test cases with lambdas. 2018-12-12 11:38:44 +00:00
calum
3037b2b197 C#: Sync the -Good and -Bad files in the qltest to match the sample. 2018-12-12 11:36:00 +00:00
calum
1df1b0c28e C#: Refactor ArrayCreations to allow stackalloc arrays to have initializers (C# 7.3). 2018-12-12 11:05:34 +00:00
Asger F
aa04e9c77f TS: fix extraction of binding pattern with default 2018-12-12 10:36:30 +00:00
Max Schaefer
faaca21996 JavaScript: Avoid more unhelpful magic. 2018-12-12 08:40:21 +00:00
Max Schaefer
4fc27aaa51 Merge branch 'master' into pseudo-random-bytes 2018-12-12 08:19:57 +00:00
semmle-qlci
06dd5f3616 Merge pull request #656 from xiemaisi/js/unused-local-underscore 
Approved by esben-semmle
 2018-12-12 08:11:37 +00:00
semmle-qlci
9df5d4b0c2 Merge pull request #660 from esben-semmle/js/angularjs-alert-locations 
Approved by xiemaisi
 2018-12-12 08:05:19 +00:00
Dave Bartolomeo
be5ac2f2ff Merge pull request #648 from dave-bartolomeo/dave/UnreachableIR 
C++: Remove unreachable IR
 2018-12-11 20:58:49 -08:00
yh-semmle
14488cb62e Merge pull request #652 from aschackmull/java/constant-loop-cond-alert-pos 
Java: Change alert location for ConstantLoopCondition.
 2018-12-11 21:26:14 -05:00
Dave Bartolomeo
0140cd23d0 C++: Accept correct test output 2018-12-11 17:11:51 -08:00
Dave Bartolomeo
283c1d43c3 C++: Restore previous test expectations 2018-12-11 17:07:25 -08:00
Robert Marsh
59c0e5d39e C++: update test expectations 2018-12-11 15:07:09 -08:00
Esben Sparre Andreasen
fac638ffab JS: improve alert location of js/angular/unused-dependency 2018-12-11 21:47:08 +01:00
Esben Sparre Andreasen
b5bbf990b0 JS: improve alert location of js/angular/repeated-dependency-injection 2018-12-11 21:47:08 +01:00
Esben Sparre Andreasen
5acd1ca26d JS: improve alert location of js/angular/duplicate-dependency 2018-12-11 21:47:08 +01:00
Robert Marsh
98005edd9d Merge pull request #641 from geoffw0/exprnoeffect2 
CPP: More tests of isSideEffectFree() / ExprHasNoEffect.ql
 2018-12-11 12:17:30 -08:00
Tom Hvitved
7422947e78 C#: Improve performance of cs/useless-upcast 2018-12-11 17:48:04 +01:00