hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 11:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,755 Commits 1,691 Branches 160 Tags
codeql-cli/v2.9.0
Commit Graph

34755 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tony Torralba
6613a98e02 Fix references to logging library 2021-11-04 09:15:57 +01:00
Tony Torralba
ea7e259cfc Add change note 2021-11-04 08:51:13 +01:00
Tony Torralba
474bf576a7 Minor corrections in QLDoc, qhelp and example code 2021-11-04 08:46:23 +01:00
Mathias Vorreiter Pedersen
ae4b6c54bc C++: Change the structure of the 'annotate_path_to_sink' tests to better test path-explanations. 2021-11-03 20:32:05 +00:00
Mathias Vorreiter Pedersen
e9b114630a Merge pull request #6948 from ihsinme/ihsinme-patch-076 
CPP: Add query for CWE-243 Creation of chroot Jail Without Changing Working Directory
 2021-11-03 18:50:13 +00:00
ihsinme
aef0275b3c Update IncorrectChangingWorkingDirectory.expected 2021-11-03 20:45:38 +03:00
Arthur Baars
7b4460edb7 Apply suggestions from code review 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-11-03 18:42:49 +01:00
Tom Hvitved
d00196f6be Merge pull request #7048 from hvitved/ruby/remove-node-predicates 
Ruby: Remove `Node::getEnclosingCallable` and `ParameterNode::isParameterOf`
 2021-11-03 17:46:16 +01:00
Tony Torralba
f1df542345 Add stubs & tests 
Fix mistakes detected by the tests
 2021-11-03 17:26:13 +01:00
Ethan P
0894e81ce4 add missing backtick 2021-11-03 09:21:24 -07:00
ihsinme
a9dd868348 Update IncorrectChangingWorkingDirectory.qhelp 2021-11-03 18:38:30 +03:00
ihsinme
c94b64cbca Update IncorrectChangingWorkingDirectory.qhelp 2021-11-03 18:28:57 +03:00
Tom Hvitved
16d96d2ad3 Ruby: Remove Node::getEnclosingCallable and ParameterNode::isParameterOf 2021-11-03 15:59:29 +01:00
Arthur Baars
b9bf597044 Address comments 2021-11-03 15:15:36 +01:00
Erik Krogh Kristensen
523c15cd72 don't include mode-of-operation into the algorithm names 2021-11-03 14:54:50 +01:00
luciaromeroML
e50938588e formatting qll file 2021-11-03 10:30:35 -03:00
Mathias Vorreiter Pedersen
4095c2012e C++: Add comments on why 'ReferenceToInstruction' is interpreted like a 'LoadInstruction' at certain places. 2021-11-03 13:27:26 +00:00
Tom Hvitved
df6962143d Shared SSA: Sync files 2021-11-03 14:21:50 +01:00
Tom Hvitved
5539b7ffed Shared SSA: Improved dominance frontier calculation 2021-11-03 14:21:39 +01:00
Erik Krogh Kristensen
3638892d35 Merge pull request #6881 from erik-krogh/add-missing-noinline 
JS: add pragma[noinline] to predicates where the qldoc mentions join-order
 2021-11-03 14:21:27 +01:00
Mathias Vorreiter Pedersen
43a4795272 C++: Remove redundant conjunct. 2021-11-03 13:19:43 +00:00
Erik Krogh Kristensen
f01ee5914b add a docstring, and rename rawString -> foldedString 2021-11-03 14:19:31 +01:00
Rasmus Wriedt Larsen
84b38b6c32 Python: Add test with custom django json response (FP) 2021-11-03 14:17:08 +01:00
Erik Krogh Kristensen
7b0ebd3f1a use the context to determine whether or not a node is an operand of a binop 2021-11-03 14:09:44 +01:00
Arthur Baars
ddc9ad3187 Merge remote-tracking branch 'upstream/rc/3.3' into main 2021-11-03 14:01:51 +01:00
Arthur Baars
1327d7c8d5 Merge pull request #7043 from aibaars/fix-ql-tests-3.3 
Ruby: Fix QL tests and Rust compilation error
 2021-11-03 13:59:29 +01:00
Asger Feldthaus
712614a03c JS: Block prototype pollution flow into this 2021-11-03 13:33:50 +01:00
Erik Krogh Kristensen
737c747dbb early exit if string becomes too big 2021-11-03 13:28:03 +01:00
Erik Krogh Kristensen
1ba6f448cd compute concatenated string and offset at the same time 2021-11-03 13:26:19 +01:00
Erik Krogh Kristensen
be46c1f679 remove unused import 2021-11-03 13:25:09 +01:00
Asger Feldthaus
08bc80ffdb JS: Block prototype pollution assignment flows through .replace() 2021-11-03 13:24:29 +01:00
Mathias Vorreiter Pedersen
1f89b4987b C++: Rename 'valueFlow' to 'conversionFlow' and add a QLDoc that explains its purpose. 2021-11-03 12:22:27 +00:00
Asger Feldthaus
76e841830f JS: Check for labeled barriers in reachableFromInput 2021-11-03 13:10:20 +01:00
Erik Krogh Kristensen
9cf34f19bb Merge branch 'main' into extractBigReg 2021-11-03 13:08:51 +01:00
Erik Krogh Kristensen
264f4ab5ab add js/session-fixation query 2021-11-03 13:04:41 +01:00
Nick Rolfe
dd17271ec8 Merge remote-tracking branch 'origin/main' into nickrolfe/regex_injection 2021-11-03 11:55:42 +00:00
Arthur Baars
aab8c64973 Ruby: fix compilation error 2021-11-03 12:32:45 +01:00
Arthur Baars
2c5d5ecdd8 Ruby: QLTest: fix pack search path for upgrades 2021-11-03 12:14:58 +01:00
Arthur Baars
32765e9bc1 Ruby: trigger jobs on workflow change 2021-11-03 12:14:58 +01:00
Mathias Vorreiter Pedersen
dfbfbe4953 Merge branch 'main' into use-shared-ssa-in-ir-dataflow 2021-11-03 10:39:22 +00:00
Mathias Vorreiter Pedersen
ad5619ff07 Revert "C++: Don't count write operations as uses." 
This reverts commit 092beb8b73.
 2021-11-03 10:37:32 +00:00
Tom Hvitved
ab37ae6613 Merge pull request #7036 from hvitved/ruby/truncate-get-value-text 
Ruby: Truncate concatenated strings in `getValueText`
 2021-11-03 10:57:43 +01:00
Rasmus Lerchedahl Petersen
05aa314ac9 Python: Add tests for non-async constructs 2021-11-03 10:54:36 +01:00
Tony Torralba
7d88f80fb9 Add tests for summaries 2021-11-03 10:35:38 +01:00
ihsinme
c175f0aa9d Update IncorrectChangingWorkingDirectory.ql 2021-11-03 12:25:30 +03:00
Tom Hvitved
51f4f57617 C#: Use cs/ prefix in all query IDs 2021-11-03 10:25:21 +01:00
Anders Schack-Mulligen
e6145f04d2 Merge pull request #6966 from atorralba/atorralba/android-explicit-intent-sanitizer 
Android: Add ExplicitIntentSanitizer and allowIntentExtrasImplicitRead
 2021-11-03 10:20:09 +01:00
Erik Krogh Kristensen
ab4780c505 Merge pull request #7032 from erik-krogh/cwe497 
JS: add CWE-497 to js/stack-trace-exposure
 2021-11-03 08:55:49 +01:00
Ethan P
b9eb278380 Add new file to index 2021-11-02 21:55:25 -07:00
Ethan P
98eb848e22 add link to new article 2021-11-02 21:35:39 -07:00