hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-10 12:11:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,884 Commits 1,689 Branches 160 Tags
codeql-cli/v2.8.5
Commit Graph

33884 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Hvitved
a10bde5795 Merge pull request #6872 from hvitved/dataflow/path-into-callable0-join 
Data flow: Performance tweaks
 2021-10-18 16:25:10 +02:00
Tony Torralba
a5749a5eb1 Add ComponentName tests to existing Intent tests 2021-10-18 15:23:52 +02:00
Taus
8e68eae83d Merge pull request #5463 from jorgectf/jorgectf/python/headerInjection 
Python: Add Header Injection query
 2021-10-18 15:16:14 +02:00
Tom Hvitved
e6954292aa Address review comments 2021-10-18 14:09:44 +02:00
Anders Schack-Mulligen
91ea064980 Sync 2021-10-18 14:04:50 +02:00
Anders Schack-Mulligen
df9836cce0 Work around compiler bug. 2021-10-18 14:04:16 +02:00
Tom Hvitved
397b8345e0 Data flow: Fix bug for sugared call arguments 2021-10-18 13:48:11 +02:00
Tom Hvitved
0de27bbc7e Data flow: Add ArgumentNode test 2021-10-18 13:47:50 +02:00
Jonas Jensen
493a37ba5e Merge pull request #6903 from MathiasVP/remove-implicit-this-for-cpp 
C++: Remove uses of implicit `this`
 2021-10-18 13:41:30 +02:00
Ian Lynagh
9371737331 Merge pull request #6894 from igfoo/igfoo/exprs 
Java: Don't use dbscheme tables in CloseType.qll
 2021-10-18 12:04:11 +01:00
shati-patel
b9ede183b0 Docs: Add Ruby to query help pages 2021-10-18 11:48:24 +01:00
Nick Rolfe
51cab94cb0 Merge pull request #370 from github/shati-patel/ruby-docs 
Move queries.xml to `src`
 2021-10-18 11:35:36 +01:00
Esben Sparre Andreasen
a089e0ed3f change branch name 2021-10-18 12:31:03 +02:00
Esben Sparre Andreasen
6cc14b16ba QL: change branch name 2021-10-18 12:31:03 +02:00
Esben Sparre Andreasen
a9cef84b90 Merge pull request #131 from github/esbena/workflow-improvements 
Misc. workflow improvements
 2021-10-18 12:21:39 +02:00
Esben Sparre Andreasen
f29813b3f7 QL: Merge pull request #131 from github/esbena/workflow-improvements 
Misc. workflow improvements
 2021-10-18 12:21:39 +02:00
Tony Torralba
392e2eebeb Add intent creation from a URI as a taint step 2021-10-18 12:18:07 +02:00
shati-patel
83a1260769 Move queries.xml to src 2021-10-18 11:18:00 +01:00
Esben Sparre Andreasen
eded7b8da1 add nightly-changes workflow 2021-10-18 12:03:16 +02:00
Esben Sparre Andreasen
dc715af18b QL: add nightly-changes workflow 2021-10-18 12:03:16 +02:00
Esben Sparre Andreasen
c200ec38f5 use workflow_call in bleeding-codeql-analysis.yml 2021-10-18 12:03:16 +02:00
Esben Sparre Andreasen
7e2b00e62c QL: use workflow_call in bleeding-codeql-analysis.yml 2021-10-18 12:03:16 +02:00
Tony Torralba
d1d2d61d7e Add more sinks 
Also, fix things after rebase
 2021-10-18 12:00:07 +02:00
Ian Lynagh
54d2028920 Update java/ql/src/Likely Bugs/Resource Leaks/CloseType.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-10-18 10:12:01 +01:00
Tony Torralba
28ae4c211f Update java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp 
Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com>
 2021-10-18 11:10:23 +02:00
Tony Torralba
e7983fb269 Add test and check for another edge case 2021-10-18 11:10:23 +02:00
Tony Torralba
bc6c13be69 Refactor to actually build the full flows from src to sink 
Add more tests for edge cases
 2021-10-18 11:10:22 +02:00
Tony Torralba
4dd9e7d6a0 Remove unnecessary import 
Add comment
 2021-10-18 11:10:22 +02:00
Tony Torralba
14963103aa Add full path reconstruction from RemoteFlowSource to sink 2021-10-18 11:10:21 +02:00
Tony Torralba
445da1e71e Move files to new location 2021-10-18 11:10:21 +02:00
Tony Torralba
8263524d70 Add tests for Intent and ComponentName summaries 2021-10-18 11:10:17 +02:00
Tony Torralba
2ab7a55545 Improve intermediate flow to add more potential sources 2021-10-18 11:09:52 +02:00
Tony Torralba
28369d1822 Apply suggestions from code review 
Co-authored-by: Steve Guntrip <12534592+stevecat@users.noreply.github.com>
 2021-10-18 11:09:31 +02:00
Tony Torralba
aa2cdb7a53 Add intermediate dataflow 
Make sure that source intents are obtained from another intent's extras
 2021-10-18 11:09:30 +02:00
Tony Torralba
f90220436f Move sinks to security library 2021-10-18 11:09:28 +02:00
Tony Torralba
9a537f9c23 Add guard sanitizer for component name checks 2021-10-18 11:08:14 +02:00
Tony Torralba
21b70a009e Use CSV models 2021-10-18 11:07:58 +02:00
Tony Torralba
9604f88ae0 Undo autoformatting 2021-10-18 11:07:28 +02:00
Tony Torralba
d7973592da Update java/ql/src/semmle/code/java/security/AndroidIntentRedirection.qll 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-10-18 11:07:03 +02:00
Tony Torralba
5f0ce4d232 Add suggestions from code review 2021-10-18 11:07:01 +02:00
Tony Torralba
a6f2ebe820 Fix stubs 2021-10-18 11:06:43 +02:00
Tony Torralba
9eb4cda1af Fix qhelp and formatting 2021-10-18 11:06:08 +02:00
Tony Torralba
031fa2199c Fix stubs and tests 2021-10-18 11:06:06 +02:00
Tony Torralba
529a3d9d61 Added change note 2021-10-18 11:04:35 +02:00
Tony Torralba
5dfb0d4d64 Fix Android tests affected by changes in stubs 2021-10-18 11:04:33 +02:00
Tony Torralba
ef30ca211a Fix stubs 2021-10-18 11:03:13 +02:00
Tony Torralba
7b949e8db2 QLDoc 2021-10-18 11:02:35 +02:00
Tony Torralba
fd8a128693 Renamed to AndroidIntentRedirection 
Added qhelp
 2021-10-18 11:02:34 +02:00
Tony Torralba
09d96e65b8 Added QLDoc 2021-10-18 11:02:32 +02:00
Tony Torralba
8c400d9b1b Added tests and stubs 2021-10-18 11:02:10 +02:00