hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-08 03:01:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,691 Branches 160 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tony Torralba
7f15177498 Move from experimental 2021-10-29 10:19:05 +02:00
Mathias Vorreiter Pedersen
e94b2b6113 Merge pull request #6915 from geoffw0/nullterm2 
C++: Fix the two null termination queries and re-enable them.
 2021-10-29 08:20:08 +01:00
ihsinme
635a668670 Update IncorrectChangingWorkingDirectory.ql 2021-10-29 10:08:41 +03:00
ihsinme
c8a4a8b965 Update InsecureTemporaryFile.ql 2021-10-29 09:44:43 +03:00
Ethan P
5f73fb21b8 Add new article to ref page 2021-10-28 10:55:44 -07:00
jorgectf
066b40098c Add lxml.etree.XMLParser missing resolve_entities dangerous case 2021-10-28 19:34:15 +02:00
Rasmus Lerchedahl Petersen
0f2f68bcbb Python: rename file 2021-10-28 19:14:02 +02:00
yoff
8f9741ae72 Update python/ql/lib/semmle/python/internal/Awaited.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-10-28 19:13:08 +02:00
Mathias Vorreiter Pedersen
490156d7db C++: Remove the 'isIndirection' predicate on 'SourceVariable' and move the rootdef of 'getIRVariable' into the two subclasses. 2021-10-28 17:26:28 +01:00
Erik Krogh Kristensen
cfc5629435 apply all doc fixes 
Co-authored-by: hubwriter <hubwriter@github.com>
 2021-10-28 18:19:37 +02:00
Mathias Vorreiter Pedersen
05900cda87 C++: Rename 'Ssa' to 'SsaInternals' and move definitions from 'SSaImplSpecific' to 'SsaInternals'. Now we can avoid cyclic imports. 2021-10-28 17:10:48 +01:00
Erik Krogh Kristensen
15c90adec5 remove redundant cast where the type is enforced by an equality comparison 2021-10-28 18:08:20 +02:00
hubwriter
2096c0aab1 Merge pull request #6856 from github/hubwriter/typo-fix 
Docs: Fix one-word typo
 2021-10-28 17:05:17 +01:00
jorgectf
47b14f1adc Polish Concepts.qll qldocs 2021-10-28 17:55:34 +02:00
jorgectf
b3ec82cd36 Merge branch 'jorgectf/python/jwt-queries' of https://github.com/jorgectf/codeql into jorgectf/python/jwt-queries 2021-10-28 17:40:33 +02:00
jorgectf
a6c285ad32 Apply getItem(_) and extend verifiesSignature readability 2021-10-28 17:40:27 +02:00
Jorge
f4d63cc5e7 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-10-28 17:34:11 +02:00
jorgectf
ef4a27ff8c Apply code review suggestions 2021-10-28 17:31:52 +02:00
Erik Krogh Kristensen
e75448ebb0 remove redundant inline casts 2021-10-28 16:35:53 +02:00
Ian Lynagh
d425b3782e Merge pull request #6992 from igfoo/igfoo/patterns 
Java: instanceof pattern matching is no longer a preview feature
 2021-10-28 15:05:53 +01:00
Erik Krogh Kristensen
c34b089bc5 autoformat 2021-10-28 16:02:36 +02:00
Mathias Vorreiter Pedersen
675e284c0e C++: A 'LoadInstruction' in a store chain always sets 'certain = false'. 2021-10-28 14:52:57 +01:00
Ian Lynagh
246a515175 Java: instanceof pattern matching is no longer a preview feature 2021-10-28 14:19:30 +01:00
Mathias Vorreiter Pedersen
ee2541c3bc C++: Fix QLDoc on 'getDestinationAddress'. 2021-10-28 14:12:22 +01:00
Mathias Vorreiter Pedersen
cde80ccf83 Replace 'hasLocationInfo' with 'getLocation'. 2021-10-28 14:09:26 +01:00
Mathias Vorreiter Pedersen
387c96d1e2 Rename 'SourceVariable.getVariable' to 'SourceVariable.getIRVariable' and replace 'Def.getVariable' to 'Def.getSourceVariable'. 2021-10-28 14:00:50 +01:00
Rasmus Lerchedahl Petersen
8c72cc0cdd Python: update change note 2021-10-28 14:53:46 +02:00
Rasmus Lerchedahl Petersen
7201b3e116 Python: add changenote 2021-10-28 14:48:48 +02:00
Rasmus Lerchedahl Petersen
8536f5f5a2 Python: remember to update refs... 2021-10-28 14:32:53 +02:00
Erik Krogh Kristensen
4f6e5c903b filter out writes to number indexes 2021-10-28 14:27:07 +02:00
yoff
beb0902db5 Merge pull request #6989 from RasmusWL/flask-file-sending-fixup 
Python: Small fixup for `flask.send_from_directory`
 2021-10-28 14:24:29 +02:00
Rasmus Lerchedahl Petersen
c92249525b Python: update test expectations 2021-10-28 14:03:09 +02:00
Rasmus Wriedt Larsen
a33a8fd518 Python: Support flask.blueprints.Blueprint 
Thanks to @haby0 who originally proposed this as part of
https://github.com/github/codeql/pull/6977
 2021-10-28 14:02:03 +02:00
Nick Rolfe
f3977ea3d7 Merge pull request #6987 from github/nickrolfe/cleanup-ruby-docs 
Ruby: clean up docs
 2021-10-28 13:00:02 +01:00
Rasmus Lerchedahl Petersen
3abe3e43d0 Python: autoformat 2021-10-28 13:58:01 +02:00
Rasmus Wriedt Larsen
0acf6aaec8 Python: Add change-note 2021-10-28 13:45:34 +02:00
Rasmus Wriedt Larsen
8c3349f40f Python: Properly model flask.send_from_directory 
To not include `filename` as path-injection sink.
 2021-10-28 13:41:39 +02:00
Mathias Vorreiter Pedersen
12e0185b0d C++: Sync identical files. 2021-10-28 12:36:36 +01:00
Mathias Vorreiter Pedersen
7197216185 Add a copy of SsaImplCommon to the identical-files script. 2021-10-28 12:36:36 +01:00
Mathias Vorreiter Pedersen
fc3ff41d65 Merge branch 'main' into use-shared-ssa-in-ir-dataflow 2021-10-28 12:36:36 +01:00
Mathias Vorreiter Pedersen
2cd23e5ee0 Accept test changes. 2021-10-28 12:36:36 +01:00
Mathias Vorreiter Pedersen
8135dcefdd Merge branch 'main' into use-shared-ssa-in-ir-dataflow 2021-10-28 12:36:25 +01:00
Rasmus Wriedt Larsen
228e9e973a Python: Minor flask refactor 2021-10-28 13:36:03 +02:00
Mathias Vorreiter Pedersen
521d863429 C++: Autoformat. 2021-10-28 12:35:01 +01:00
Mathias Vorreiter Pedersen
2547a8d746 C++: Fix join orders in 'DataFlowDispatch.qll' and Ssa.qll. 2021-10-28 12:35:01 +01:00
Mathias Vorreiter Pedersen
21a1ee7758 C++: Add annoying case in SSA.qll related to 'NewExpr' and accept test changes. 2021-10-28 12:35:01 +01:00
Mathias Vorreiter Pedersen
3efe60fdd2 C++: Accept test changes. 2021-10-28 12:35:01 +01:00
Mathias Vorreiter Pedersen
5dbaea8b52 C++: Add a special dataflow step from InitializeIndirection instructions. 2021-10-28 12:35:01 +01:00
Mathias Vorreiter Pedersen
b1ea00fa85 C++: Remove the taintflow edges that gives performance problems. 2021-10-28 12:35:01 +01:00
Mathias Vorreiter Pedersen
710d0cfc3d C++: Since we now no longer have flow from exact memory operands to LoadInstructions, we no longer have flow from PhiInstructions to LoadInstructions. We could allow flow in this particular case, but we might as well use the shared SSA library's phi edges. 2021-10-28 12:35:00 +01:00