hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-03 14:29:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,700 Branches 161 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
9c1837e3b3 C++: Rename getField to getAField following review comments. 2020-09-07 16:52:04 +02:00
Jonas Jensen
3493c93d7b Merge pull request #4218 from MathiasVP/mathiasvp/fix-fp-av82 
C++: Add cases for conditional and comma operator in AV Rule 82
 2020-09-07 15:27:07 +02:00
Tom Hvitved
6c716331d9 C#: Skip foreach loop bodies in the CFG when the iteration expression is empty 2020-09-07 15:26:28 +02:00
Tom Hvitved
9e240b7397 C#: Add more CFG loop unrolling tests 2020-09-07 15:26:25 +02:00
Rasmus Wriedt Larsen
61998afc56 Python: Remove unnecessary comment 
Was introduced in 5d031d7abe when I actually fixed
the loop variable capture problem.
 2020-09-07 15:06:07 +02:00
Tom Hvitved
37f1ce3122 C#: Implement support for path transformers 2020-09-07 15:02:50 +02:00
Max Schaefer
423d87b812 JavaScript: Rename TNode to TApiNode. 
This prevents spurious recomputation of a cached stage.
 2020-09-07 14:02:37 +01:00
Rasmus Wriedt Larsen
fb37330f5e Python: Fix grammar 
Co-authored-by: Taus <tausbn@github.com>
 2020-09-07 14:59:07 +02:00
Erik Krogh Kristensen
55b79f445c recognize commands with slash and underscore 2020-09-07 14:28:28 +02:00
Jonas Jensen
3a7bf2a15a Merge pull request #3933 from MathiasVP/alternative-instruction-operand-flow 
C++: Alternate instruction -> operand flow
 2020-09-07 13:37:20 +02:00
Erik Krogh Kristensen
320879bc1e recognize colon in command-prefixes 2020-09-07 13:12:38 +02:00
Jonas Jensen
0fe5d75375 Merge pull request #4196 from MathiasVP/mathiasvp/field-to-object-taint-tests 
C++: Add field to object taint tests
 2020-09-07 13:02:22 +02:00
CodeQL CI
85f6388a19 Merge pull request #4206 from erik-krogh/consistentJquery 
Approved by esbena
 2020-09-07 11:23:23 +01:00
Tom Hvitved
68f421f9c3 Merge pull request #4205 from tamasvajk/feature/printast-accessor 
C#: Add stable order for generated accessors in printed AST
 2020-09-07 11:25:46 +02:00
Erik Krogh Kristensen
8ada928b16 Merge branch 'main' into snake_case_pr 2020-09-07 11:12:57 +02:00
Erik Krogh Kristensen
4175637631 add change note for unsafe-jquery 2020-09-07 11:08:21 +02:00
Erik Krogh Kristensen
61e2e5647c autoformat 2020-09-07 11:05:56 +02:00
CodeQL CI
b5872fe848 Merge pull request #3873 from asger-semmle/js/type-qualified-name-fallback 
Approved by erik-krogh
 2020-09-07 09:48:05 +01:00
yoff
2a70da4da6 Merge pull request #4210 from tausbn/python-remove-spurious-global-flow 
Python: Remove implicit uses from `essaFlowStep`
 2020-09-07 10:16:18 +02:00
yoff
ae9f58489d Merge pull request #4159 from RasmusWL/python-port-dataflow-tests 
Python: port dataflow tests
 2020-09-07 09:54:12 +02:00
Tom Hvitved
14567f5314 C#: Support wild-cards in file patterns 
Implements the specification at https://wiki.semmle.com/display/SDmaster/project-layout+format
by compiling file path specifications to regular expressions.
 2020-09-07 09:03:56 +02:00
Mathias Vorreiter Pedersen
b3d18ef610 C++: Add cases for conditional and comma operator in AV RUle 82 2020-09-07 08:59:08 +02:00
Mathias Vorreiter Pedersen
a5ac8ebc2f C++: Don't import internals. 2020-09-05 11:47:22 +02:00
Robert Marsh
4be138d790 C++: Improve performance of getExplicitlyConverted 2020-09-04 14:17:56 -07:00
Mathias Vorreiter Pedersen
a4890ef99c C++: Add annotations describing whether the flow is an instance of field-to-object flow 2020-09-04 18:32:28 +02:00
Mathias Vorreiter Pedersen
cfd606a4e0 Merge branch 'main' into alternative-instruction-operand-flow 2020-09-04 18:26:38 +02:00
Mathias Vorreiter Pedersen
208b85c7fc Merge branch 'main' into mathiasvp/read-step-without-memory-operands 2020-09-04 18:04:15 +02:00
Jonas Jensen
eea893483d Merge pull request #4209 from geoffw0/taintbits 
C++: Fix a few remaining holes in taint through std::string
 2020-09-04 17:52:48 +02:00
Jonas Jensen
f92139d2b0 Merge pull request #4202 from geoffw0/localhidesparam 
C++: Improve handling of template functions in cpp/declaration-hides-parameter
 2020-09-04 17:52:35 +02:00
Mathias Vorreiter Pedersen
ed7e499b02 Merge branch 'main' into mathiasvp/read-step-without-memory-operands 2020-09-04 17:25:36 +02:00
Mathias Vorreiter Pedersen
c67951682a C++: Fix two bad join orders in readStep and storeStep. And use a min aggregate to guarentee that a FieldContent's toString has at most one result. 2020-09-04 17:12:30 +02:00
Taus Brock-Nannestad
266365d0b6 Python: Update strange-essaflow test 2020-09-04 16:38:59 +02:00
Taus Brock-Nannestad
260763a748 Python: Update consistency test results 2020-09-04 16:35:49 +02:00
Taus Brock-Nannestad
df1448cfb2 Merge branch 'main' into python-remove-spurious-global-flow 2020-09-04 16:28:03 +02:00
Geoffrey White
156a174cf4 C++: Add explanation. 2020-09-04 14:55:55 +01:00
Geoffrey White
96098c5244 C++: Simplify getConstructedFrom. 2020-09-04 14:52:01 +01:00
Taus
5ffc959e32 Merge pull request #4211 from RasmusWL/python-strange-essaflow 
Python: Add example of strange DataFlow::jumpStep
 2020-09-04 15:47:22 +02:00
Geoffrey White
2472b40b31 C++: Fix test comments. 2020-09-04 14:37:23 +01:00
Geoffrey White
43d8e83258 Merge branch 'main' into taintbits 2020-09-04 14:26:42 +01:00
Rasmus Wriedt Larsen
720e8c432e Python: Update comment for validTest expectations 2020-09-04 15:08:57 +02:00
Geoffrey White
5d1c2a3689 Merge pull request #4204 from jbj/SimpleRangeAnalysis-NEExpr 
C++: Support `!= constant` in range analysis
 2020-09-04 13:47:59 +01:00
Rasmus Wriedt Larsen
cf57afd102 Python: Add example of strange DataFlow::jumpStep 
The example code is just copied from command injection tests, that is not too
important. The important part is that `jumpStep` says there is flow from the
import of `os` to `app.route()` :O
 2020-09-04 14:39:16 +02:00
Taus
59c7907ee4 Merge pull request #4207 from RasmusWL/python-typetracker-small-fixes 
Python: Small fixes for TypeTracker
 2020-09-04 14:30:10 +02:00
Taus Brock-Nannestad
98266ad5da Python: Remove implicit uses from essaFlowStep 2020-09-04 14:22:43 +02:00
Erik Krogh Kristensen
f13a4f5771 require that the plugin and sink are in the same toplevel 2020-09-04 13:59:16 +02:00
Rasmus Wriedt Larsen
6aae75799e Python: Fix import in type tracking test 
Fixes 7855576a6
 2020-09-04 13:36:25 +02:00
CodeQL CI
fd715a5b66 Merge pull request #4179 from RasmusWL/python-tainttracking-ala-go 
Approved by tausbn, yoff
 2020-09-04 12:20:12 +01:00
Erik Krogh Kristensen
d47c852767 autoformat 2020-09-04 12:44:18 +02:00
Jonas Jensen
958f89905d Merge pull request #4197 from github/aeisenberg/devcontainer-settings 
Update devcontainer memory settings
 2020-09-04 12:42:34 +02:00
Max Schaefer
cfc91cc5f1 JavaScript: Drop "feature" terminology. 
It turned out to be more confusing than helpful, so we're back with plain old API-graph "nodes".
 2020-09-04 10:57:21 +01:00