hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-08 11:11:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,691 Branches 160 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
b0805f8e79 CPP: Adjust ArithmeticTainted.ql so that it can work on non-VariableAccesses. 2019-01-28 17:36:56 +00:00
Robert Marsh
54fdf9f29d C++/Docs: respond to doc comments on PR 2019-01-28 09:34:45 -08:00
Geoffrey White
f1dc538796 CPP: Add a test using strtoul in a taint query. 2019-01-28 16:59:02 +00:00
Taus
15643d1bb6 Merge pull request #814 from markshannon/python-fix-tornado-request-path 
Python: Fix tornado and twisted request attribute tracking.
 2019-01-28 17:38:34 +01:00
Calum Grant
c86e6bd6ff Merge pull request #826 from hvitved/csharp/autobuild/dotnet-install-script-cleanup 
C#: Cleanup dotnet install script after installation in autobuilder
 2019-01-28 16:33:55 +00:00
Calum Grant
eef1abfa69 Merge pull request #743 from hvitved/csharp/dataflow-splitting 
C#: Teach data flow library about CFG splitting
 2019-01-28 16:31:24 +00:00
Asger F
5815aa1e8b JS: add test case to PropWrite tests 2019-01-28 15:43:52 +00:00
Asger F
383cadb25b JS: add PropWrite for instance fields with initializer 2019-01-28 15:40:30 +00:00
Asger F
7a4af4af6d JS: add PropWrite instance for parameter fields 2019-01-28 15:40:30 +00:00
Asger F
dacde5da12 JS: restrict ClassMemberAsPropWrite to static members 2019-01-28 15:40:25 +00:00
Taus
c503ec4608 Merge pull request #806 from markshannon/python-points-to-remove-some-negation 
Python: Remove some negation from points-to, in preparation for ADT Objects.
 2019-01-28 16:25:18 +01:00
Taus
f61e7b66cc Merge pull request #835 from markshannon/python-compare-is-enum 
Python: Fix 'comparison using is' query to account for enum members.
 2019-01-28 16:22:57 +01:00
Mark Shannon
39705cf733 Python: Clarify predicate a bit. 2019-01-28 14:33:39 +00:00
Mark Shannon
6d553ae2be Python: Check os.open as well as os.chmod for weak file permissions. 2019-01-28 14:26:16 +00:00
Anders Schack-Mulligen
a29f615da0 Java: Add additional taint steps through collections. 2019-01-28 14:34:09 +01:00
Tom Hvitved
86721ff800 C#: Add more documentation to SuccSplits module 2019-01-28 14:12:17 +01:00
Asger F
5d4192ce0a JS: change note 2019-01-28 13:04:28 +00:00
Taus
e891ab7a54 Merge pull request #834 from markshannon/python-move-test-to-internal 
Python: Remove AST test (it will be added to the extractor tests).
 2019-01-28 14:03:33 +01:00
Asger F
3245142203 JS: Dont flag empty string as hardcoded username 2019-01-28 13:01:52 +00:00
Mark Shannon
4e5d4e265c Add change note. 2019-01-28 13:01:04 +00:00
Mark Shannon
3992346add Python: Fix up mutating-descriptor query to only flag mutation when they occur during descriptor protocol. 2019-01-28 12:57:18 +00:00
Mark Shannon
53fbf51ee8 Python: Fix handling of enum members in python/ql/src/Expressions/IsComparisons.qll. 2019-01-28 12:20:31 +00:00
Mark Shannon
5da209f876 Python: add failing test for comparison using 'is' and enum members. 2019-01-28 12:19:54 +00:00
Mark Shannon
1bec219048 Python: Remove AST test (it will be added to the extractor tests). 2019-01-28 11:41:12 +00:00
Mark Shannon
b841ecbb7c Python: Fix tornado and twisted request attribute tracking; 'path' attribute can be trusted, but 'uri' and 'arguments' cannot. 2019-01-28 11:26:00 +00:00
Jonas Jensen
ccfb1c229a Merge pull request #831 from geoffw0/query-tags-5 
CPP: Tweak tags for consistency
 2019-01-28 10:55:09 +01:00
Geoffrey White
bf7cdad736 CPP: Change note. 2019-01-28 09:31:06 +00:00
Esben Sparre Andreasen
239fe6e419 fixup! JS: sharpen the js/trivial-conditional whitelist 2019-01-28 10:18:03 +01:00
semmle-qlci
962416ffc2 Merge pull request #805 from asger-semmle/callback-taint-source 
Approved by xiemaisi
 2019-01-28 08:45:37 +00:00
semmle-qlci
8b029a2d9f Merge pull request #827 from xiemaisi/js/duplicate-toplevel-percent 
Approved by esben-semmle
 2019-01-28 08:40:23 +00:00
Jonas Jensen
4d441a3bdb Merge pull request #824 from geoffw0/fread 
CPP: Add 'fread' to BufferAccess.qll
 2019-01-28 09:07:22 +01:00
Jonas Jensen
0dad04bd7e Merge pull request #829 from geoffw0/deprecate-fpv 
CPP: Deprecate FunctionPointerVariable and FunctionPointerMemberVariable
 2019-01-28 08:47:49 +01:00
semmle-qlci
65b64c7c05 Merge pull request #645 from sb-semmle/configuration-file-library 
Approved by yh-semmle
 2019-01-26 02:06:16 +00:00
Robert Marsh
9decbd9c9f C++: new irreducible CFG test for range analysis 2019-01-25 13:12:40 -08:00
Esben Sparre Andreasen
ef3b107cc1 JS: sharpen the js/trivial-conditional whitelist 2019-01-25 18:19:45 +01:00
Geoffrey White
1328cb8013 CPP: Tweak tags for consistency across near duplicate queries. 2019-01-25 16:50:05 +00:00
Mark Shannon
3850f87879 Make qhelp for 'Incomplete URL substring sanitization' consistent across languages. 2019-01-25 16:47:23 +00:00
Geoffrey White
98ba308207 CPP: Use memberMayBeVarSize. 2019-01-25 16:40:11 +00:00
Geoffrey White
c527f9c90c CPP: Upgrade precision to high. 2019-01-25 16:38:25 +00:00
Jonas Jensen
c90d4bb24c Merge pull request #822 from geoffw0/query-tags-4 
CPP: Query tags 4
 2019-01-25 17:08:56 +01:00
semmle-qlci
d8947a71a5 Merge pull request #735 from asger-semmle/string-ops 
Approved by xiemaisi
 2019-01-25 15:15:19 +00:00
Taus
fc00e0a64a Merge pull request #796 from markshannon/python-import-used-in-doctest 
Python: Fix 'unused import' for doctests and typehints.
 2019-01-25 16:14:08 +01:00
Asger F
ccbfaa7c9e JS: explain return step more thoroughly 2019-01-25 15:12:24 +00:00
Geoffrey White
7bc734aa50 CPP: Deprecate FunctionPointerVariable and FunctionPointerMemberVariable. 2019-01-25 14:57:37 +00:00
Max Schaefer
254fafc6ce JavaScript: Round down percentage in DuplicateToplevel.ql. 
All the other duplication queries already do this.
 2019-01-25 22:44:07 +08:00
Max Schaefer
39191ed6f1 JavaScript: Add more statements to test cases for DuplicateToplevel. 
Now both `a.js` and `b.js` have ten (non-block) statements, which allows for more interesting tests.
 2019-01-25 22:42:51 +08:00
Geoffrey White
704a220a29 CPP: Add query ID to change note. 2019-01-25 14:42:44 +00:00
Geoffrey White
f98abd6bf8 CPP: Add query ID to change note. 2019-01-25 14:41:12 +00:00
Jonas Jensen
ba8bf94d7b C++: Account for chi nodes in back-edge detection 2019-01-25 15:32:19 +01:00
Jonas Jensen
560dbdf984 C++: Test demonstrating chi node back edge bug 
This test shows that the back-edge detection does not properly account
for chi nodes in the translation to aliased SSA.
 2019-01-25 15:28:53 +01:00