Timo Müller
|
1fd2be3879
|
Added more clear reference
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
|
2021-05-04 13:57:19 +02:00 |
|
Timo Müller
|
7026d82a72
|
Fixed typo
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
|
2021-05-04 13:53:14 +02:00 |
|
Timo Müller
|
f28e994121
|
Update java/ql/src/experimental/Security/CWE/CWE-665/InsecureRmiJmxEnvironmentConfiguration.qhelp
More descriptive (and PC) description.
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
|
2021-05-04 13:52:47 +02:00 |
|
Nick Rolfe
|
647c108c0b
|
Merge remote-tracking branch 'origin/main' into type_tracking
|
2021-05-04 12:38:16 +01:00 |
|
Arthur Baars
|
1a94fb47b6
|
Merge pull request #172 from github/update-testoutput
Update expected test output
|
2021-05-04 13:37:37 +02:00 |
|
CodeQL CI
|
b160badbf6
|
Merge pull request #5768 from erik-krogh/cacheMore
Approved by esbena
|
2021-05-04 04:16:15 -07:00 |
|
Tony Torralba
|
6e94dc5b85
|
Autoformatting
|
2021-05-04 13:15:20 +02:00 |
|
Felicity Chapman
|
616a57d6d4
|
Update article with code scanning example
|
2021-05-04 12:11:18 +01:00 |
|
Tamás Vajk
|
05c045070e
|
Merge pull request #5810 from tamasvajk/feature/culture
C#: Use invariant culture in the extractor
|
2021-05-04 13:09:38 +02:00 |
|
Mathias Vorreiter Pedersen
|
568724bffd
|
C#: Fix getInstructionOpcode to make sure IRConstruction.qll compiles for C#.
|
2021-05-04 13:00:40 +02:00 |
|
Arthur Baars
|
27538cb11d
|
Update expected test output
|
2021-05-04 12:43:43 +02:00 |
|
Marcono1234
|
ab90fe18fd
|
Docs: Use GitHub links for guides, improve formatting
|
2021-05-04 12:35:23 +02:00 |
|
Nick Rolfe
|
53deede8ab
|
Remove unnecessary local flow inside type-tracking store step
|
2021-05-04 11:32:57 +01:00 |
|
Nick Rolfe
|
35ee62c689
|
Use splitting-aware nodes for type-tracking store/load steps
|
2021-05-04 11:31:03 +01:00 |
|
Mathias Vorreiter Pedersen
|
ded377bcd2
|
C++: Reorder getInstructionOpcode to produce better RA.
|
2021-05-04 12:13:34 +02:00 |
|
Tony Torralba
|
f79d2e06f9
|
Fix failing checks
|
2021-05-04 11:29:09 +02:00 |
|
Tamas Vajk
|
c547907784
|
C#: Use invariant culture in the extractor
|
2021-05-04 11:17:33 +02:00 |
|
Anders Schack-Mulligen
|
5bcf810a7c
|
Merge pull request #5821 from JarLob/patch-1
Update UncaughtServletException.qhelp
|
2021-05-04 10:39:02 +02:00 |
|
Anders Schack-Mulligen
|
9ee9186a1a
|
Merge pull request #5825 from github/yo-h/java-diagnostic-queries
Java: split extractor diagnostics query into two
|
2021-05-04 10:12:32 +02:00 |
|
Erik Krogh Kristensen
|
aaf754ebf5
|
recognize more library input
|
2021-05-04 10:06:14 +02:00 |
|
Tony Torralba
|
6b79ca6403
|
Fix warning
|
2021-05-04 09:32:03 +02:00 |
|
CodeQL CI
|
6931d9a6f7
|
Merge pull request #5785 from edvraa/httponlyjs
Approved by esbena
|
2021-05-03 23:14:26 -07:00 |
|
luchua-bc
|
703fbf139a
|
Add more methods and update the library name
|
2021-05-04 02:54:49 +00:00 |
|
yo-h
|
edf1a90161
|
Java: split extractor diagnostics query into two
|
2021-05-03 20:27:07 -04:00 |
|
edvraa
|
6fa2f1e653
|
update test message
|
2021-05-04 00:32:01 +03:00 |
|
Jonathan Leitschuh
|
dfad1fc740
|
[Java] Add support for com.google.common.base.MoreObjects#firstNonNull
|
2021-05-03 12:58:00 -04:00 |
|
Taus
|
483199878d
|
Merge pull request #5793 from RasmusWL/fix-qldoc
Python: Minor fix to Django RawSQL QLDoc
|
2021-05-03 18:18:02 +02:00 |
|
Tony Torralba
|
e68c6e66a5
|
Remove qlref file
|
2021-05-03 17:53:37 +02:00 |
|
Tony Torralba
|
745a6f6fb4
|
Getters called on parameters propagate taint
|
2021-05-03 17:43:33 +02:00 |
|
Mathias Vorreiter Pedersen
|
2912c2e7f5
|
C++: Add more CWE tags to queries in the code scanning suite.
|
2021-05-03 16:58:47 +02:00 |
|
Edwin
|
27c680e28b
|
Apply suggestions from code review
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
|
2021-05-03 16:41:09 +03:00 |
|
Jaroslav Lobačevski
|
38bce39baa
|
Update UncaughtServletException.qhelp
There is no single word in https://cwe.mitre.org/data/definitions/600.html about possible DoS or unexpected state.
|
2021-05-03 15:06:57 +03:00 |
|
Tony Torralba
|
4d5ec87de9
|
Use InlineTest
|
2021-05-03 13:27:24 +02:00 |
|
Tony Torralba
|
4bfd34b1fe
|
Moved from experimental
|
2021-05-03 13:15:24 +02:00 |
|
Arthur Baars
|
6adff6f195
|
Merge pull request #171 from github/self_nodes
Create synthetic `self` nodes for calls without explicit receivers
|
2021-05-03 12:59:11 +02:00 |
|
edvraa
|
cef845ac47
|
Support string expressions
|
2021-05-03 13:46:56 +03:00 |
|
Tony Torralba
|
38e052482c
|
More csv sinks and sources
|
2021-05-03 12:44:53 +02:00 |
|
edvraa
|
ea38f0d3bd
|
a new test for simple flow
|
2021-05-03 12:19:05 +03:00 |
|
edvraa
|
000826af11
|
typo
|
2021-05-03 12:18:43 +03:00 |
|
Tom Hvitved
|
182b2d0457
|
C#: Improve CFG for constructors when there are multiple implementations
|
2021-05-03 10:46:36 +02:00 |
|
Tom Hvitved
|
633f228dc2
|
C#: Add CFG tests for partial classes
|
2021-05-03 10:23:29 +02:00 |
|
Tom Hvitved
|
bb1cb73675
|
Merge pull request #5795 from hvitved/csharp/implicit-constructor-inits
C#: Extract implicit constructor initializer calls
|
2021-05-03 10:21:04 +02:00 |
|
Tom Hvitved
|
b77b3da8d6
|
C#: Add change note
|
2021-05-03 09:40:13 +02:00 |
|
Jonas Jensen
|
c05ef1225c
|
Merge pull request #5803 from MathiasVP/no-magic-in-getUnspecifiedType
C++: Add nomagic to getUnspecifiedType
|
2021-05-03 09:03:58 +02:00 |
|
edvraa
|
65183cde80
|
Move to experimental
|
2021-05-03 09:59:52 +03:00 |
|
edvraa
|
bd99114cd6
|
Comments added
|
2021-05-03 09:55:04 +03:00 |
|
luchua-bc
|
4709e8139d
|
JPython code injection
|
2021-05-03 01:43:56 +00:00 |
|
edvraa
|
a24c1c8114
|
fix comment
|
2021-05-03 00:36:38 +03:00 |
|
edvraa
|
fa94fedfc3
|
simple dataflow for sensitive name
|
2021-05-03 00:36:26 +03:00 |
|
edvraa
|
97bc7e38d2
|
check for sensitive property name
|
2021-05-03 00:31:29 +03:00 |
|