hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 03:31:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,755 Commits 1,691 Branches 160 Tags
codeql-cli/v2.9.0
Commit Graph

34755 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ihsinme
7832e8572b Update cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.cpp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-11-15 21:08:20 +03:00
ihsinme
0359c381e1 Update cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.cpp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-11-15 21:08:11 +03:00
Tony Torralba
d97b130bdd Merge pull request #7092 from atorralba/atorralba/android-asynctask-jumpstep 
Java: Add AsyncTask additional value step
 2021-11-15 16:59:56 +01:00
Benjamin Muskalla
fd9199c0c0 Simplify handling of tainting fields 2021-11-15 16:40:09 +01:00
Benjamin Muskalla
d7ed325b3f Refactor content flow into predicate 2021-11-15 16:30:55 +01:00
Benjamin Muskalla
f4310898b3 Capture sources flowing into parameters 2021-11-15 16:28:28 +01:00
Tom Hvitved
03ae58830a Ruby: Add missing CFG entry for ForwardParameter 2021-11-15 16:28:17 +01:00
Tom Hvitved
3ce41015bb Ruby: Add CFG test for forward parameters 2021-11-15 16:25:06 +01:00
Tony Torralba
87ebcea913 Add AsyncTask value step 2021-11-15 16:13:36 +01:00
Anders Schack-Mulligen
a40a393b38 Merge pull request #7134 from aschackmull/java/additionalvaluestep 
Java: Add support for adding additional value steps.
 2021-11-15 16:07:30 +01:00
Anders Schack-Mulligen
1cd42ea668 Java: Fix test and some references. 2021-11-15 16:03:04 +01:00
Rasmus Wriedt Larsen
6b7abacc5f Merge pull request #7135 from RasmusWL/b32hexencode 
Python: Model `b32hexencode`/`b32hexdecode`
 2021-11-15 15:51:46 +01:00
Benjamin Muskalla
8040d9cfcf Only consider true return statements as sinks 2021-11-15 15:29:01 +01:00
Rasmus Wriedt Larsen
95dbe1383b Merge pull request #7133 from RasmusWL/minor-3.10-fix 
Python: Minor additions for 3.10
 2021-11-15 15:25:34 +01:00
Rasmus Wriedt Larsen
39927fa613 Python: Model b32hexencode/b32hexdecode 
New in Python 3.10

See
- https://devdocs.io/python~3.10/library/base64#base64.b32hexencode
- https://devdocs.io/python~3.10/library/base64#base64.b32hexdecode
 2021-11-15 15:23:49 +01:00
Benjamin Muskalla
e6e52a3b32 190 2021-11-15 15:18:03 +01:00
Anders Schack-Mulligen
2fe6880d70 Java: Add support for adding additional value steps. 2021-11-15 15:05:48 +01:00
Rasmus Wriedt Larsen
cfdfcaa3e8 Python: Support Path.hardlink_to (new in 3.10) 
See https://docs.python.org/3.10/library/pathlib.html#pathlib.Path.hardlink_to
 2021-11-15 14:57:59 +01:00
Rasmus Wriedt Larsen
5d60975f65 Python: Support aiter and anext (new in 3.10) 
See
- https://docs.python.org/3/whatsnew/3.10.html#other-language-changes
- https://docs.python.org/3.10/library/functions.html#aiter
- https://docs.python.org/3.10/library/functions.html#anext
 2021-11-15 14:55:34 +01:00
Mathias Vorreiter Pedersen
3f0bfe1d75 C++: Remove the implicit assumption about the existence of a lower bound implying the existence of an upper bound (and vice veraa). 2021-11-15 13:39:15 +00:00
Mathias Vorreiter Pedersen
63f50a9eb7 C++: Cleanup the case for possibly-negative unsigned values. 2021-11-15 13:31:51 +00:00
ihsinme
c916bed853 Update test1.cpp 2021-11-15 16:29:51 +03:00
Mathias Vorreiter Pedersen
9a9f7943aa C++: Fix bug for exact powers of 10 and accept test changes. 2021-11-15 13:20:45 +00:00
Mathias Vorreiter Pedersen
53884915a5 C++: Add more tests (which demonstrate a couple of bugs in the implementation). 2021-11-15 13:18:30 +00:00
Anders Schack-Mulligen
c616f5784d Java: Fix overrides to not be transitive. 2021-11-15 13:54:53 +01:00
Rasmus Wriedt Larsen
7c3b68b7f8 Merge pull request #7091 from RasmusWL/port-request-without-validation 
Python: Port `py/request-without-cert-validation` to use API graphs
 2021-11-15 13:51:57 +01:00
Erik Krogh Kristensen
0023b885f5 update expected output 2021-11-15 13:50:12 +01:00
Erik Krogh Kristensen
2163648b39 fix location off-by-ones with regexp parsing 2021-11-15 13:43:39 +01:00
Rasmus Wriedt Larsen
9e097f5430 Python: Improve PoorMansFunctionResolution 2021-11-15 13:40:19 +01:00
Rasmus Wriedt Larsen
0d4cb1e6ce Python: Add test of PoorMansFunctionResolution 2021-11-15 13:34:39 +01:00
Rasmus Wriedt Larsen
6eb4525ab2 Python: Model wsgiref.simple_server applications 2021-11-15 13:34:39 +01:00
Rasmus Wriedt Larsen
e812029c03 Python: Add test for wsgiref.simple_server 2021-11-15 13:34:38 +01:00
Tom Hvitved
4bbfa514c9 Merge pull request #6535 from hvitved/csharp/consistency-queries 
C#: Add consistency queries
 2021-11-15 13:15:58 +01:00
CodeQL CI
c8b8a2874f Merge pull request #7119 from github/max-schaefer/api-graphs-property-copies 
Approved by asgerf
 2021-11-15 04:09:16 -08:00
Benjamin Muskalla
dc022430ee Remove superflous instanceof 2021-11-15 13:07:02 +01:00
Benjamin Muskalla
412bd32f45 Move more predicates into configuration 2021-11-15 13:04:23 +01:00
Benjamin Muskalla
b84c03672d Prefer types to TargetAPI 2021-11-15 12:43:46 +01:00
Benjamin Muskalla
bca6cecd1c Remove basic support for lambda flow 2021-11-15 12:38:30 +01:00
Taus
c17560f948 Merge pull request #7096 from tausbn/python-fix-more-bad-joins 
Python: Fix a bunch of performance issues
 2021-11-15 12:10:27 +01:00
Benjamin Muskalla
78e3906ea7 Exclude more JDK internals 2021-11-15 11:58:10 +01:00
Tom Hvitved
723ac818d9 Shared CFG: Update breakInvariant4 consistency test 2021-11-15 11:43:49 +01:00
Mathias Vorreiter Pedersen
c2e057def9 Merge pull request #7094 from geoffw0/non-https-url 
C++: New query 'Failure to use HTTPS URLs'
 2021-11-15 10:00:19 +00:00
Tom Hvitved
d323b3b17d Merge pull request #7123 from hvitved/ruby/definitions-perf 
Ruby: Fix performance problem in `Definitions.ql`
 2021-11-15 10:58:03 +01:00
Benjamin Muskalla
cce3780481 Restrict param2return value features 2021-11-15 09:57:23 +01:00
ihsinme
f102fa1d33 Update IncorrectPrivilegeAssignment.ql 2021-11-14 12:17:01 +03:00
ihsinme
e383e44d36 Update IncorrectPrivilegeAssignment.ql 2021-11-14 11:57:40 +03:00
ihsinme
ea1d18ed60 Update IncorrectPrivilegeAssignment.cpp 2021-11-14 11:36:06 +03:00
ihsinme
99740876cb Add files via upload 2021-11-14 11:28:27 +03:00
Erik Krogh Kristensen
f0c5a80d1a apply the explicit this patch to new code 2021-11-13 21:03:54 +01:00
Erik Krogh Kristensen
0ff36cd083 Merge branch 'main' into explicit-this 2021-11-13 21:01:25 +01:00