hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-22 18:03:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,693 Branches 161 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
296297915c Python: add test for __traceback__ 2021-03-07 17:50:28 +01:00
ihsinme
2b1b94835e Update LateCheckOfFunctionArgument.ql 2021-03-07 16:10:32 +03:00
Rasmus Lerchedahl Petersen
aaaf90902f Python: File for dataflow section 
Initilally a copy of the one from C#
 2021-03-07 14:02:55 +01:00
Rasmus Lerchedahl Petersen
24e406d21a Documentation: Fix typo 
in dataflow documentation for C#
 2021-03-07 09:48:20 +01:00
luchua-bc
0ef3eee4ed Revamp the source and the sink of the query 2021-03-06 22:41:54 +00:00
Artem Smotrakov
891b975899 Use correct file names in SpringExporterUnsafeDeserialization.qhelp 2021-03-06 22:07:43 +01:00
Artem Smotrakov
bda223771b Added another example for SpringExporterUnsafeDeserialization.ql 2021-03-06 22:05:00 +01:00
Artem Smotrakov
82cb4a8d68 Renamed SpringHttpInvokerUnsafeDeserialization.ql 2021-03-06 21:48:35 +01:00
Artem Smotrakov
dcabce679a Cover beans from XML configs in SpringHttpInvokerUnsafeDeserialization.ql 2021-03-06 21:40:35 +01:00
p0wn4j
6841f5f7c4 Java: Add NashornScriptEngine detection in ScriptEngine query 
Java: Add NashornScriptEngine detection in ScriptEngine query

Java: Add NashornScriptEngine detection in ScriptEngine query

Java: Add NashornScriptEngine detection in ScriptEngine query
 2021-03-06 16:19:07 +04:00
Jaroslav Lobačevski
673e64909a github actions queries 2021-03-06 10:27:11 +02:00
luchua-bc
31eaa80f5b Revamp the source 2021-03-06 00:56:15 +00:00
Dave Bartolomeo
863497c695 C++: Update naming of queries and paths to use "summary" instead of "metrics" 2021-03-05 14:36:26 -05:00
Shati Patel
c53ce00944 Merge pull request #5342 from shati-patel/docs-delete-unused-script 
Docs: Remove unused script and workflow
lgtm/v1.27.0 codeql-cli/v2.4.6 v1.27.0 		2021-03-05 18:02:50 +00:00
Rasmus Wriedt Larsen
99c1b2039c Pyhton: Extract vulnerable hostnames into own predicate 
Which makes the code a bit cleaner (and made testing out back-tracking easier).
 2021-03-05 17:14:32 +01:00
Rasmus Wriedt Larsen
4804a0a9f8 Python: Minor refactor addressArg 2021-03-05 17:12:45 +01:00
Rasmus Wriedt Larsen
024a586a7d Python: Remove tags for old query copy 
Co-authored-by: Taus <tausbn@github.com>
 2021-03-05 17:08:55 +01:00
Rasmus Wriedt Larsen
66c9cfad85 Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-03-05 17:08:37 +01:00
Rasmus Wriedt Larsen
83539928e6 Python: Fix grammar 
Co-authored-by: Taus <tausbn@github.com>
 2021-03-05 17:08:20 +01:00
Shati Patel
85205a21de Docs: Remove query help script 2021-03-05 16:02:53 +00:00
Tom Hvitved
63686b5c4e C#: Use is [not] null throughout in the extractor 2021-03-05 16:28:12 +01:00
Tamás Vajk
23d994a4b4 Merge pull request #5197 from tamasvajk/feature/refactor-4 
C#: Enable nullability in Extraction.CSharp
 2021-03-05 16:24:19 +01:00
Anders Schack-Mulligen
cf4f55d9ab Merge pull request #5223 from smowton/smowton/feature/backward-dataflow-for-modelled-fluent-methods 
Java: Add backward dataflow edges through modelled function invocations
 2021-03-05 15:11:43 +01:00
Tom Hvitved
6e5af1a9f8 Data flow: Sync files 2021-03-05 14:56:40 +01:00
Tom Hvitved
d496503d5d Data flow: Restrict the size of getApNil() 2021-03-05 14:54:54 +01:00
Tom Hvitved
492add1f7a Data flow: Force join-order for Node::getEnclosingCallable() 2021-03-05 14:54:54 +01:00
Chris Smowton
012058a866 Apply review suggestions: use ArgumentNode.argumentOf, and change more uses of ValuePreservingCallable -> ValuePreservingMethod 2021-03-05 13:34:13 +00:00
Chris Smowton
eed357dc93 ValuePreservingCallable -> ValuePreservingMethod 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-03-05 13:28:35 +00:00
Chris Smowton
a37b98ca27 Value-preserving methods: handle generics in DataFlowUtil.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-03-05 13:15:06 +00:00
Chris Smowton
ca86925a45 Update java/ql/src/semmle/code/java/dataflow/FlowSteps.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-03-05 13:02:19 +00:00
Chris Smowton
45f3365d06 Apply suggestions from code review 
Note value-preserving functions can't be constructors

Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-03-05 12:52:38 +00:00
Jonas Jensen
32f1da7455 Merge pull request #5327 from MathiasVP/less-field-to-obj-flow 
C++: Remove more field-to-object flow
 2021-03-05 13:16:21 +01:00
Tamas Vajk
c6b47647e1 Move the nullable disable warning region to the Type instead of the base CachedSymbol entity 2021-03-05 13:14:07 +01:00
Chris Smowton
e3cf5c235e Add support for Commons-Lang's RandomUtils 
This is realised by somewhat generalising our interfaces for modelling RNGs. We also add tests for randomness-related queries that didn't have any, and addtest cases checking the Apache random-number generators are interchangeable with the stdlib ones.
 2021-03-05 12:09:33 +00:00
Jonas Jensen
767d3141ad Merge pull request #5336 from MathiasVP/fix-join-order-in-memset-may-be-deleted 
C++: Fix performance in cpp/memset-may-be-deleted.
 2021-03-05 13:08:10 +01:00
Tamas Vajk
df9d54c994 Fix code review findings 2021-03-05 13:00:04 +01:00
Chris Smowton
990bdc20b0 Move value-preserving callable class into FlowSteps 2021-03-05 11:55:53 +00:00
Joe Farebrother
3f3640fcbd Model ByteArrayDataOutput 2021-03-05 11:19:55 +00:00
Joe Farebrother
470a2ca336 Add CopyTo 2021-03-05 11:19:55 +00:00
Joe Farebrother
61dcf3a275 Apply suggestions from code review 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-03-05 11:19:55 +00:00
Joe Farebrother
f5564b1c3b Remove unnecassary import 2021-03-05 11:19:54 +00:00
Joe Farebrother
5278cc9e9e Fix change note file extension 2021-03-05 11:19:54 +00:00
Joe Farebrother
e916e04fe1 Add change note 2021-03-05 11:19:54 +00:00
Joe Farebrother
d30d1a2ab2 Add unit tests and fix issues 2021-03-05 11:19:52 +00:00
Joe Farebrother
c12f8035c4 Add stubs for unit tests 2021-03-05 11:19:25 +00:00
Joe Farebrother
56e611faaa Switch existing test cases to inline expectations 2021-03-05 11:19:25 +00:00
Joe Farebrother
d67de88d34 Model Guava IO package 2021-03-05 11:19:25 +00:00
CodeQL CI
a55246c9f4 Merge pull request #5330 from RasmusWL/fix-flask-taint-prop-to-methods 
Approved by yoff
 2021-03-05 03:17:41 -08:00
Mathias Vorreiter Pedersen
2d7f15cc8a C++: Fix join-order in cpp/memset-may-be-deleted. 2021-03-05 11:38:15 +01:00
Anders Schack-Mulligen
0d7f6ced8f Merge pull request #5334 from Marcono1234/marcono1234/improve-constant-loop-condition 
Java: Improve constant-loop-condition
 2021-03-05 11:36:25 +01:00