hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-29 23:26:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,651 Commits 1,673 Branches 157 Tags
codeql-cli/v2.5.2
Commit Graph

21651 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CodeQL CI
c193d9f375 Merge pull request #4823 from erik-krogh/furtherReDoS 
Approved by esbena
 2021-01-07 05:24:07 -08:00
luchua-bc
19ff00bad4 Enhance the additional step flow and update qldoc 2021-01-07 13:15:30 +00:00
Erik Krogh Kristensen
7eab08511b add source code examples to blocksCharInAccess 2021-01-07 13:58:26 +01:00
Erik Krogh Kristensen
8b03ab0c01 update docstring for getAShellChar 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-01-07 13:58:26 +01:00
Erik Krogh Kristensen
2aa59a3f8b support sanitizers that sanitize individual chars in js/shell-command-constructed-from-input 2021-01-07 13:58:25 +01:00
Mathias Vorreiter Pedersen
13a67c906e Merge pull request #4810 from geoffw0/multtoalloc 
C++: Query for multiplications used in allocations.
 2021-01-07 13:48:58 +01:00
luchua-bc
b54e5b1c49 Revamp the library module 2021-01-07 12:44:59 +00:00
ihsinme
2d6dafc6be Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-07 15:44:50 +03:00
ihsinme
f378c14659 Update MemoryLeakOnFailedCallToRealloc.expected 2021-01-07 15:43:58 +03:00
ihsinme
592cd284e8 Update test.c 2021-01-07 15:41:31 +03:00
CodeQL CI
7db5a999e9 Merge pull request #4919 from erik-krogh/revertSum 
Approved by esbena
 2021-01-07 03:55:14 -08:00
Tamás Vajk
6cbff13778 Merge pull request #4905 from tamasvajk/fix/attribute-argument-extraction 
C#: Fix attribute argument extraction
 2021-01-07 12:28:43 +01:00
Erik Krogh Kristensen
7e21081b70 add comment about regexp detected by js/polynomial-redos 2021-01-07 12:06:12 +01:00
Alexander Eyers-Taylor
4100973d17 Merge pull request #4914 from alexet/fix-spec-bugs 
QL Language specification. Fix multiple spec bugs.
 2021-01-07 10:56:53 +00:00
Mathias Vorreiter Pedersen
7b003678a9 Merge branch 'main' into mathiasvp/reverse-read-take-3 2021-01-07 11:56:18 +01:00
Tamas Vajk
e00db46d60 Minor code quality improvements 2021-01-07 09:19:13 +01:00
Tom Hvitved
2c09f9a8f2 Merge pull request #4903 from hvitved/csharp/ssa-fast-tc 
C#: Port SSA performance improvements from Java
 2021-01-07 09:17:21 +01:00
Erik Krogh Kristensen
bfd8d1b1e9 Merge branch 'main' into revertSum 2021-01-06 23:04:08 +01:00
ihsinme
abdeaabd77 Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-06 22:46:03 +03:00
ihsinme
2b8227e04d Update cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-01-06 22:23:46 +03:00
ihsinme
f7eb328f76 Update cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-01-06 22:18:14 +03:00
ihsinme
d7f31ca1a0 Update cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-01-06 22:17:26 +03:00
CodeQL CI
9d4cd0aa85 Merge pull request #4862 from erik-krogh/shellSanitizer 
Approved by esbena
 2021-01-06 11:16:12 -08:00
Geoffrey White
b5bcbd303e C++: Cleaner solution. 2021-01-06 18:22:31 +00:00
Geoffrey White
f69ceb3dbb Merge pull request #4904 from MathiasVP/conflated-dataflow-testcases 
C++: Add dataflow testcases that need flow through conflated memory
 2021-01-06 17:48:18 +00:00
Francis Alexander
435502e070 missing new lines 2021-01-06 23:05:09 +05:30
luchua-bc
ce2db21f15 Query to detect hash without salt 2021-01-06 17:30:04 +00:00
Francis Alexander
1f5a466e46 Playframework test cases & review fixes 2021-01-06 22:57:14 +05:30
luchua-bc
f13b8814f5 Update class/method names in the module 2021-01-06 16:49:35 +00:00
luchua-bc
5690bf49f4 Optimize the query 2021-01-06 16:21:26 +00:00
Alexander Eyers-Taylor
2686335531 Merge pull request #1 from shati-patel/fix-spec-bugs-edits 
Editorial review for QL language updates
 2021-01-06 14:48:26 +00:00
Erik Krogh Kristensen
f1cee70e82 add class-field flowstep to js/shell-command-constructed-from-input 2021-01-06 14:37:00 +01:00
Tamas Vajk
04074c425b C#: Fix named attribute argument extraction 2021-01-06 14:27:36 +01:00
Tamas Vajk
44372f4db7 C#: Fix attribute argument extraction when default argument value is present 2021-01-06 14:27:36 +01:00
Tamas Vajk
6d95ad3282 C#: Add file instead of generated location for extraction errors when possible 2021-01-06 14:27:31 +01:00
luchua-bc
3d26e5b8a4 Update qldoc 2021-01-06 12:41:00 +00:00
Shati Patel
bc6b1e8ed7 Fix typos and small formatting bugs 2021-01-06 12:11:16 +00:00
Geoffrey White
81205f37c5 C++: Fix test annotation. 2021-01-06 11:45:17 +00:00
Tom Hvitved
74622cf6f3 C#: Fix join-order following stats update 2021-01-06 12:16:19 +01:00
Shati Patel
203d74f255 Remove links to QLDoc spec 2021-01-06 11:04:58 +00:00
Shati Patel
b230868893 Merge pull request #4874 from shati-patel/docs-highlighting 
Docs: Tweak syntax highlighting
 2021-01-06 10:51:01 +00:00
Jonas Jensen
2483b09e44 Merge pull request #4913 from MathiasVP/pre-hook-autoformat-check 
Add pre-commit hook to scripts folder and document it
 2021-01-06 11:26:39 +01:00
Erik Krogh Kristensen
28cffa1e07 add comment in isFork about /(a*)*/ regular expressions 2021-01-06 10:44:13 +01:00
Erik Krogh Kristensen
c58f67b189 reintroduce performance improvement - but sound this time 2021-01-06 10:44:13 +01:00
Erik Krogh Kristensen
4392f0270c autoformat 2021-01-06 10:37:36 +01:00
Erik Krogh Kristensen
3d98732136 support nested stars in js/ReDoS 2021-01-06 10:37:35 +01:00
Erik Krogh Kristensen
77967c3e63 undo unsound optimization in js/ReDoS 2021-01-06 10:36:21 +01:00
Erik Krogh Kristensen
b42aac17d5 add more tests for js/ReDoS 2021-01-06 10:34:06 +01:00
luchua-bc
f1763ae354 Use the sensitive info sink 2021-01-06 01:48:19 +00:00
Shati Patel
ad07072478 clarify highlight_language conf option 2021-01-05 19:13:28 +00:00