hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-10 17:46:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,884 Commits 1,708 Branches 162 Tags
codeql-cli/v2.8.5
Commit Graph

33884 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
b3e53f8d0a Python: Model django.conf.urls.url (v 1.x) 2020-10-23 14:26:37 +02:00
Arthur Baars
f6292e437e Merge pull request #4 from github/shared_lib 
Add library package for shared code
 2020-10-23 14:18:42 +02:00
Taus Brock-Nannestad
6d81ca12c4 Python: Fix bad join order in adjacentUseUseSameVar 2020-10-23 14:08:45 +02:00
Nick Rolfe
849e109583 Add library package for shared code 2020-10-23 13:01:17 +01:00
Rasmus Wriedt Larsen
ed0fe29d7d Python: Fix grammar 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-23 13:53:16 +02:00
Rasmus Wriedt Larsen
be166d9c02 Python: Expand Django 2/3 routing tests with 1.x way 
Added it to the `testapp` so it's easy to run the server to SEE that it works.

Added it to `routing_test` so it's obvious this is supported by our modeling
when we _know_ it's running Django 2/3.
 2020-10-23 13:43:27 +02:00
yoff
462e839a83 Update python/ql/src/experimental/Security-new-dataflow/CWE-022/PathInjection.ql 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-23 13:35:13 +02:00
luchua-bc
f5f7259937 Revamp the query to implement AdditionalTaintStep 2020-10-23 12:00:36 +01:00
luchua-bc
3c5c8494b1 Refine the query to check intents coming from outside only 2020-10-23 11:58:16 +01:00
luchua-bc
f86413a9b5 text changes 2020-10-23 11:58:12 +01:00
Bt2018
2ddeb0b169 Add method access qualifier as source 2020-10-23 11:57:02 +01:00
luchua-bc
f5ca459795 Add remote source of Android intent extra 2020-10-23 11:57:01 +01:00
Jonas Jensen
08bf464437 Merge pull request #4540 from criemen/printast-performance 
C++: Improve PrintAST performance if only individual files are printed
 2020-10-23 12:46:34 +02:00
Rasmus Wriedt Larsen
ae60ac211b Python: Annotate django v1 routing tests 
Again need to remove trailing $, since inline-expectation tests still don't
handle $
 2020-10-23 12:05:05 +02:00
Rasmus Wriedt Larsen
78ab637b54 Python: Port django v1 tests 2020-10-23 12:00:27 +02:00
Rasmus Lerchedahl Petersen
f88cc3c98e Python: Use custom PathGraph 2020-10-23 01:10:21 +02:00
Arthur Baars
305fd566a8 Merge pull request #3 from github/aibaars/codeql-extractor-yaml 
Basic CodeQL extractor configuration and autobuild scripts
 2020-10-22 22:23:44 +02:00
Rasmus Wriedt Larsen
41ec4f8166 Python: Use FlaskModel as workaround name 
As suggested by Taus 👍
 2020-10-22 19:13:26 +02:00
Francis Alexander
5d5b84974b Play remote source update to return functionaccessexpr 2020-10-22 22:29:43 +05:30
Dave Bartolomeo
99072483b8 Fix PR feedback 2020-10-22 12:55:40 -04:00
Francis Alexander
d216dcdee0 updates & conflict marker removal 2020-10-22 22:25:36 +05:30
Dave Bartolomeo
b62bda6c3a Fix regression due to primary instructions for side effects not being computed correctly in the presence of synthetic temporary objects. 2020-10-22 12:55:30 -04:00
Arthur Baars
e16b85e511 Add codeql-extractor config 2020-10-22 18:30:57 +02:00
Francis Alexander
518de822e1 updates 2020-10-22 20:47:11 +05:30
Francis Alexander
5c256dadc8 Feedback incorporation and documentation updates 2020-10-22 20:27:38 +05:30
Francis Alexander
f7d63f8666 Feedback incorporation and documentation updates 2020-10-22 20:21:47 +05:30
Francis Alexander
33f7d52a46 Naming Fixes 2020-10-22 20:20:52 +05:30
Francis Alexander
ddc544aa07 Initial support for Play Framework > 2.6.x 2020-10-22 20:20:49 +05:30
Cornelius Riemenschneider
6b072686ab C++: Improve PrintAST performance. 
This improves the performance of the printAst.ql query by excluding a lot of string concatenations that happen in files unrelated to the one the user is interested in printing.
This is supposed to help the performance of the AST Viewer on bigger databases.
 2020-10-22 16:38:52 +02:00
Mathias Vorreiter Pedersen
a1b59e2d6c Merge pull request #4538 from geoffw0/taintbug 
C++: Add taint test for memcpy-ing into a vector
 2020-10-22 16:05:56 +02:00
Mathias Vorreiter Pedersen
90c027f291 Merge pull request #4532 from geoffw0/wrongtypeformaterr 
C++: Harden queries against ErroneousType
 2020-10-22 14:21:14 +02:00
Geoffrey White
ceea947f5e C++: Add another test case. 2020-10-22 12:41:23 +01:00
Nick Rolfe
12571dbe42 Merge pull request #1 from github/dbscheme 
Basic dbscheme generation from `node-types.json`
 2020-10-22 12:29:44 +01:00
Mathias Vorreiter Pedersen
d0dd71ba10 Apply suggestions from code review 
Co-authored-by: hubwriter <54933897+hubwriter@users.noreply.github.com>
 2020-10-22 12:53:35 +02:00
Rasmus Lerchedahl Petersen
8ce5f41366 Python: Fix source of second part of path 2020-10-22 12:20:50 +02:00
Nick Rolfe
36823d7804 Move deserialization to node_types module; propagate errors to caller 2020-10-22 11:10:05 +01:00
Rasmus Lerchedahl Petersen
8549c9cfde Python: Rewrite logic to split on nomalization 2020-10-22 11:35:55 +02:00
Rasmus Lerchedahl Petersen
391925532d Python: PathCheck StartswithCall 
Should this use `Value::named`?
 2020-10-22 11:34:07 +02:00
Rasmus Lerchedahl Petersen
6e361c7793 Python: Make PathCheck a BarrierGuard 2020-10-22 11:32:18 +02:00
Calum Grant
7544bc872a Merge pull request #3974 from owen-mc/docs/query-classification-and-display 
Docs: Query classification and display
 2020-10-22 10:01:19 +01:00
Geoffrey White
3cca8443f8 C++: Add memcpy(vector test. 2020-10-22 09:46:07 +01:00
Geoffrey White
227bf91626 C++: Correct test annotation. 2020-10-22 09:45:09 +01:00
Erik Krogh Kristensen
e89e99deaa Merge pull request #4461 from erik-krogh/pyPrint 
Python: implement printAst for Python
 2020-10-22 09:37:10 +02:00
Dave Bartolomeo
f7eeadadd9 Accept more diffs 2020-10-21 18:37:49 -04:00
Dave Bartolomeo
1de1ab65b7 Merge remote-tracking branch 'upstream/main' into work 2020-10-21 18:22:55 -04:00
Dave Bartolomeo
5259f86e32 Accept diff (needs further investigation, though) 2020-10-21 18:06:34 -04:00
Rasmus Lerchedahl Petersen
f8dba85e0f Python: PathNormalization os.path.normpath 2020-10-21 22:21:40 +02:00
Rasmus Lerchedahl Petersen
17273dd27e Python: Add FileSystemAccess open 2020-10-21 22:01:49 +02:00
Rasmus Lerchedahl Petersen
4570c29a11 Python: port query 2020-10-21 21:40:42 +02:00
Rasmus Lerchedahl Petersen
eb5ed23354 Python: Add TaintTracking2 2020-10-21 21:39:50 +02:00