Mathias Vorreiter Pedersen
|
dcbae8b22b
|
Fix code tag.
|
2021-01-15 19:47:09 +01:00 |
|
yoff
|
1edad03622
|
Apply suggestions from code review
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
|
2021-01-15 18:50:04 +01:00 |
|
Erik Krogh Kristensen
|
401e516654
|
update expected output, and update PackageExports test
|
2021-01-15 17:40:47 +01:00 |
|
intrigus
|
a4cbd7037b
|
Java: Add tests for different versions.
Adds a test for version 6.24, because that version is not vulnerable.
The other test is for versions < 6.24, because these versions are
vulnerable.
|
2021-01-15 17:20:57 +01:00 |
|
luchua-bc
|
3af8773dd6
|
Add more cases
|
2021-01-15 16:20:31 +00:00 |
|
Erik Krogh Kristensen
|
26783b6ab0
|
make getTopmostPackageJSON public again, and update PackageExports test
|
2021-01-15 16:05:49 +01:00 |
|
Tom Hvitved
|
9a9a57716c
|
C#: Improved extraction of type nullability
|
2021-01-15 16:01:14 +01:00 |
|
Asger Feldthaus
|
5fa3b17956
|
JS: Tolerate Angular-specific HTML attribute names
|
2021-01-15 14:51:10 +00:00 |
|
Asger Feldthaus
|
f33630aab6
|
JS: Reformat HTMLExtractor
|
2021-01-15 14:51:10 +00:00 |
|
yoff
|
48910d0597
|
Apply suggestions from code review
Co-authored-by: Taus <tausbn@github.com>
|
2021-01-15 14:02:27 +01:00 |
|
Erik Krogh Kristensen
|
1506ac09e5
|
limit the number of characters produced by getAThreewayIntersect
|
2021-01-15 13:54:16 +01:00 |
|
Erik Krogh Kristensen
|
0117a0fac1
|
specialize the getAValueExportedBy predicate to only topmost package.jsons
|
2021-01-15 13:54:16 +01:00 |
|
Erik Krogh Kristensen
|
0c9d46a7f9
|
changes based on review
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
|
2021-01-15 13:54:05 +01:00 |
|
luchua-bc
|
32c54628f8
|
Drop fieldName from the function for runtime evaluation
|
2021-01-15 12:33:00 +00:00 |
|
Anders Schack-Mulligen
|
545451e602
|
Merge pull request #4960 from github/yo-h/java15-change-note
Java: update documentation on supported language versions
codeql-cli/v2.4.3
codeql-cli/v2.4.2
|
2021-01-15 10:19:46 +01:00 |
|
Tamás Vajk
|
81ce29c6c8
|
Merge pull request #4656 from tamasvajk/feature/csharp9-not-pattern
C#: Extract unary patterns
|
2021-01-15 09:44:53 +01:00 |
|
luchua-bc
|
e5a703e49c
|
Revamp the query
|
2021-01-15 04:05:11 +00:00 |
|
yo-h
|
27fd16ae87
|
Java: update documentation on supported language versions
|
2021-01-14 20:29:16 -05:00 |
|
Tom Hvitved
|
d7ca065192
|
Merge pull request #4923 from hvitved/csharp/ssa/refactor
C#: SSA refactorings
|
2021-01-14 17:28:14 +01:00 |
|
Geoffrey White
|
15089c4117
|
Merge branch 'main' into modelclasses
|
2021-01-14 15:57:02 +00:00 |
|
Geoffrey White
|
7012bc05a2
|
C++: Simplification.
|
2021-01-14 15:21:26 +00:00 |
|
Geoffrey White
|
54bd36def2
|
C++: Correct QLDoc comments.
|
2021-01-14 15:20:29 +00:00 |
|
Geoffrey White
|
13d0efe96d
|
C++: Change to more natural expressions without use of weird predicates or 'any'. The classes for string objects now match instantiations directly rather than the template.
|
2021-01-14 15:02:51 +00:00 |
|
Tom Hvitved
|
6cf684f615
|
C#: Fix QL doc
|
2021-01-14 15:59:22 +01:00 |
|
ihsinme
|
805352945e
|
Update CompilerRemovalOfCodeToClearBuffers.ql
|
2021-01-14 17:27:58 +03:00 |
|
ihsinme
|
10ab1d9b54
|
Update CompilerRemovalOfCodeToClearBuffers.ql
|
2021-01-14 17:24:49 +03:00 |
|
ihsinme
|
cd0d2a5692
|
Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-01-14 17:21:19 +03:00 |
|
ihsinme
|
7f5e5fcb99
|
Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.qhelp
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-01-14 17:19:57 +03:00 |
|
ihsinme
|
3e715ff52d
|
Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.qhelp
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-01-14 17:19:23 +03:00 |
|
ihsinme
|
0d0ea0c5e1
|
Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-01-14 17:17:56 +03:00 |
|
yoff
|
b5d40e4c9a
|
Merge pull request #4944 from RasmusWL/flask-class-based-handlers
Python: Add modeling of Flask class based (HTTP) request handlers
|
2021-01-14 15:17:36 +01:00 |
|
ihsinme
|
4ba4de3d41
|
Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.c
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-01-14 17:17:08 +03:00 |
|
ihsinme
|
76b768f7e0
|
Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.c
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-01-14 17:16:53 +03:00 |
|
ihsinme
|
4631658e5e
|
Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.c
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-01-14 17:16:37 +03:00 |
|
ihsinme
|
9e3b288f33
|
Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.c
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-01-14 17:16:21 +03:00 |
|
ihsinme
|
b26a90e1e6
|
Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-01-14 17:15:58 +03:00 |
|
ihsinme
|
1c4610c722
|
Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-01-14 17:15:36 +03:00 |
|
yoff
|
de8ac6c12d
|
Merge pull request #4869 from RasmusWL/tornado-source-modeling
Python: Add Tornado source modeling
|
2021-01-14 14:40:14 +01:00 |
|
Tamas Vajk
|
4b32fd0556
|
Update change note date
|
2021-01-14 14:29:13 +01:00 |
|
Tamas Vajk
|
b7b4ed8774
|
Add DB upgrade folder
|
2021-01-14 14:26:40 +01:00 |
|
Erik Krogh Kristensen
|
c106b09d49
|
change-note
|
2021-01-14 14:17:32 +01:00 |
|
Tamas Vajk
|
66d8b0f1a0
|
Add new .stats file
|
2021-01-14 14:11:28 +01:00 |
|
Erik Krogh Kristensen
|
c5595f4cbd
|
improve alert message for js/polynomial-redos
|
2021-01-14 13:48:26 +01:00 |
|
Rasmus Wriedt Larsen
|
4cb2f2ed1e
|
Python: Proper models of flask MethodView classes
|
2021-01-14 13:42:18 +01:00 |
|
Rasmus Wriedt Larsen
|
e327fdb317
|
Python: Model flask View classes
|
2021-01-14 13:42:18 +01:00 |
|
Rasmus Wriedt Larsen
|
0b1cece523
|
Python: Add tests for class based handlers in Flask
|
2021-01-14 13:42:17 +01:00 |
|
Rasmus Wriedt Larsen
|
14bb10a361
|
Python: Use LocalSourceNode for TornadoRouteRegex
|
2021-01-14 13:39:41 +01:00 |
|
Erik Krogh Kristensen
|
86e33d9d79
|
select the shortest possible reason
|
2021-01-14 13:38:37 +01:00 |
|
Rasmus Wriedt Larsen
|
f9a29cb886
|
Python: Add change-note for tornado source modeling
|
2021-01-14 13:37:27 +01:00 |
|
Rasmus Wriedt Larsen
|
812ea5dde5
|
Python: Tornado: Model request handlers without known route
|
2021-01-14 13:37:27 +01:00 |
|