hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-24 19:03:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,692 Branches 161 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamás Vajk
3ece8c3a01 Merge pull request #4835 from tamasvajk/feature/cil-fnptr 
C#: Extract function pointer types from CIL
 2021-01-26 11:28:02 +01:00
Asger Feldthaus
e6d9cd1905 JS: Add clause to getReturn/getInstance 2021-01-26 10:14:12 +00:00
CodeQL CI
c1726ed868 Merge pull request #5014 from RasmusWL/typetracking-test-track-self 
Approved by tausbn
 2021-01-26 02:10:52 -08:00
Asger Feldthaus
d59ccb7687 JS: Remove unhelpful mat-table load step 2021-01-26 09:27:48 +00:00
Asger Feldthaus
89225e222c JS: Remove confusing comment 2021-01-26 09:25:12 +00:00
Tom Hvitved
71d25c1f8b C#: Fix join-orders in ControlFlowTree::last() 2021-01-26 09:58:01 +01:00
Rasmus Lerchedahl Petersen
7b9ca7171a Python: update test expectations 2021-01-26 09:47:48 +01:00
Rasmus Lerchedahl Petersen
dacc21d0b5 Python: update test expectation 2021-01-26 09:45:41 +01:00
Tom Hvitved
cd8155c201 C#: Teach CFG about ExceptionDispatchInfo::Throw 2021-01-26 09:16:53 +01:00
Tom Hvitved
07a96c3596 C#: Add CFG tests for ExceptionDispatchInfo::Throw 2021-01-26 09:01:06 +01:00
luchua-bc
fee0b94cd4 Use isRequestGetParamMethod as the source 2021-01-26 04:41:44 +00:00
Robert Marsh
44bc6d7fdb C++/C#: add NonPhiMemoryOperand union type 
This fixes a performance issue where the whole MemoryOperand table was
scanned in some predicates that used only NonPhiMemoryOperand
 2021-01-25 17:03:19 -08:00
yoff
09bb3001d6 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-01-25 21:58:20 +01:00
yoff
7ba0939239 Merge pull request #4995 from RasmusWL/tornado-model-http-sinks 
Python: model HTTP sink in Tornado
 2021-01-25 21:53:44 +01:00
Francis Alexander
985d3d469a PR feedback integration 2021-01-25 23:26:36 +05:30
Tom Hvitved
d19053deda Merge pull request #105 from github/hvitved/vcall 2021-01-25 18:41:36 +01:00
Rasmus Wriedt Larsen
91caa13f48 Merge pull request #5004 from github/erik-krogh/ignore-venv 
add .venv/ to .gitignore
 2021-01-25 18:06:28 +01:00
Joe Farebrother
d69ecde5c1 Java: Add additional flow steps for guava collection methods and more unit tests 2021-01-25 16:37:40 +00:00
Joe Farebrother
7e11d8ed07 Java: Add modelling for guava Sets 2021-01-25 16:37:40 +00:00
Joe Farebrother
d1427fcd93 Java: Add modelling for Guava's collection classes 2021-01-25 16:37:40 +00:00
Rasmus Lerchedahl Petersen
96b7f75905 Python: add postupdate nodes for kwargs 
drops remaining reverse read failures on saltstack.
 2021-01-25 17:34:49 +01:00
Rasmus Wriedt Larsen
a8186be2fa Python: Add test of type-tracking self in methods 2021-01-25 17:20:11 +01:00
Rasmus Lerchedahl Petersen
ad39bfb2ff Python: Add postupdate nodes for subscripts. 
This drops reverse read inconsistencies on saltstack from 14909 to 1353.
 2021-01-25 17:01:25 +01:00
Rasmus Lerchedahl Petersen
361bee851a Python: Tests inspired by reverse read check 2021-01-25 17:01:25 +01:00
Rasmus Lerchedahl Petersen
4ff2c6d85a Python: fix test expectation 
probably a copy-paste error..
 2021-01-25 16:49:51 +01:00
Tom Hvitved
2c6b9eceda Move vcall into internal/Variable.qll 2021-01-25 16:26:11 +01:00
Tom Hvitved
ce74208317 Merge pull request #97 from github/hvitved/var-access-categorization 
Categorize variable accesses into reads and (implicit or explicit) writes
 2021-01-25 16:25:35 +01:00
Tom Hvitved
979da623ed Merge pull request #103 from github/hvitved/cfg/params 
CFG: Replace special parameters with their identifiers
 2021-01-25 16:24:10 +01:00
Tom Hvitved
7c9a6064cf C#: Get rid of ReadKind 2021-01-25 16:20:14 +01:00
CodeQL CI
4601eb9c7c Merge pull request #4706 from max-schaefer/issue-247 
Approved by asgerf
 2021-01-25 07:11:35 -08:00
Tom Hvitved
6ffeaf8c2a C#: Adjust flow into phi nodes 2021-01-25 15:44:37 +01:00
Tom Hvitved
38b0f743cb C#: Add test that illustrates problem with flow through phi nodes 2021-01-25 14:20:27 +01:00
Artem Smotrakov
8d701e604a Simplified JexlInjectionLib.qll 
- Merged multiple method definitions to DirectJexlEvaluationMethod
- Don't use TaintPropagatingJexlMethodCall field in JexlInjectionConfig
- Better variable names in JexlEvaluationSink
 2021-01-25 14:17:51 +01:00
Tom Hvitved
36ad6b3432 Merge pull request #5001 from hvitved/csharp/ssa/read-kind 
C#: Remove `ReadKind` from the shared SSA library
 2021-01-25 14:11:54 +01:00
Tom Hvitved
221aebc833 C#: Fix bug in AssignOperationWithExpandedAssignment::last 2021-01-25 14:01:31 +01:00
alexet
355edcb136 Csharp: Reduce BDD usage. 2021-01-25 13:52:17 +01:00
Tom Hvitved
0543e34812 C#: Address review comment 2021-01-25 13:52:17 +01:00
Tom Hvitved
e0c7f32282 C#: Add relational pattern CFG test 2021-01-25 13:52:17 +01:00
Tom Hvitved
063733ad52 C#: Implement CFG for not patterns 2021-01-25 13:52:17 +01:00
Tom Hvitved
ab85b2c2d2 C#: Add is not null guards test 2021-01-25 13:52:17 +01:00
Tom Hvitved
0080357153 C#: Add unary pattern CFG tests 2021-01-25 13:52:17 +01:00
Erik Krogh Kristensen
0ba610f7db Merge pull request #5013 from erik-krogh/asmWhitespace 
JS: remove benign result for js/whitespace-contradicts-precedence related to " | 0" expressions
 2021-01-25 13:29:07 +01:00
haby0
42f55e1ebe Merge pull request #1 from smowton/smowton/admin/rewrite-xquery 
Rewrite XQuery injection to use an additional taint step instead of multiple configurations
 2021-01-25 19:49:20 +08:00
Chris Smowton
d34233b44f Rewrite XQuery injection to use an additional taint step instead of multiple configurations. 
Also remove a needless barrier -- the method in question doesn't conduct taint by default, so excluding particular instances of that call is not necessary.
 2021-01-25 11:18:45 +00:00
haby0
16308fe557 Update java/ql/src/Security/CWE/CWE-652/XQueryInjectionLib.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-01-25 19:16:18 +08:00
haby0
14a23eed4f Update java/ql/src/Security/CWE/CWE-652/XQueryInjectionLib.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-01-25 19:15:59 +08:00
Tom Hvitved
e7b43e50b6 C#: Remove ReadKind from the shared SSA library 2021-01-25 12:09:34 +01:00
Tamas Vajk
eac69c1674 Add DB upgrade folder for CIL fnptr support 2021-01-25 11:34:47 +01:00
Tamas Vajk
b434a0f395 Add change notes 2021-01-25 11:27:13 +01:00
Tom Hvitved
1c84455a6d Merge pull request #5003 from hvitved/csharp/remove-getaqlclass 
C#: Remove uses of `getAQlClass()`
 2021-01-25 10:57:04 +01:00