github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
5 487 коммитов 1 541 ветка 132 Теги 497 MiB
Граф коммитов

5487 Коммитов

Автор SHA1 Сообщение Дата
Taus 61a196d2d4
Merge pull request #1523 from markshannon/python-speed-up-get-a-child 
Python speed up calculation of ControlFlowNode.getAChild()
 2019-06-28 15:23:08 +02:00
Calum Grant 8130342062
Merge pull request #1520 from hvitved/csharp/mono-tracing 
C#: Generalize `mono` pattern in tracer config
 2019-06-28 14:21:35 +01:00
Calum Grant a5543699b2
Merge pull request #1460 from hvitved/csharp/cfg-last 
C#: Refactor `last` predicate
 2019-06-28 14:13:43 +01:00
Taus fbe7615258
Merge pull request #1512 from markshannon/python-better-handling-decorators 
Python: Add opaque 'decorated object' object.
 2019-06-28 14:10:49 +02:00
Mark Shannon 8570b4117f Python: Add opaque 'decorated function' for complex decorated functions. Allows finding calls in taint-tracking without contaminating points-to results. 2019-06-28 12:14:10 +01:00
Tom Hvitved 3d4316da1c C#: Address review comments 2019-06-28 13:00:18 +02:00
Taus 8251553771
Merge pull request #1494 from markshannon/python-better-handling-calls-on-edge-of-context 
Python: better handling calls on edge of context
 2019-06-28 12:39:09 +02:00
Mark Shannon 775214e467 Python speed up calculation of ControlFlowNode.getAChild() 2019-06-28 11:19:25 +01:00
Taus 1b98f248e5
Merge branch 'master' into python-better-handling-calls-on-edge-of-context 2019-06-28 11:27:42 +02:00
Taus fad37bd6c9
Merge pull request #1487 from markshannon/python-tuple-assignment-points-to 
Python ESSA dataflow: better handling of tuple unpacking.
 2019-06-28 11:05:03 +02:00
Tom Hvitved 051ec83ae0 C#: Generalize `mono` pattern in tracer config 2019-06-28 09:16:38 +02:00
yh-semmle 0d4ff2d7fe
Merge pull request #1513 from aschackmull/java/whitelist-sha512 
Java: Add SHA512 to the crypto whitelist.
 2019-06-27 19:48:13 -04:00
yh-semmle 0bbc0d966e
Merge pull request #1516 from aschackmull/java/http-response-splitting-fp-fix 
Java: Add simple sanitizer for java/http-response-splitting.
 2019-06-27 19:47:48 -04:00
Pavel Avgustinov da7591d1f6
Merge pull request #1519 from geoffw0/depkind 
CPP: Deprecate Expr.getKind() and Stmt.getKind().
 2019-06-27 19:22:57 +01:00
Jonas Jensen c29ef904e0
Merge pull request #1498 from rdmarsh2/rdmarsh/exprHasNoEffect-defaulted-functions 
C++: fix FP with ExprHasNoEffect in defaulted func
 2019-06-27 20:10:37 +02:00
Taus 2576884667
Merge pull request #1499 from markshannon/python-fix-regex-parsing 
Python regex: Fix handling of character sets.
 2019-06-27 17:49:21 +02:00
Geoffrey White 65bf778b3a CPP: Deprecate Expr.getKind() and Stmt.getKind(). 2019-06-27 16:15:22 +01:00
Mark Shannon 9c2b506f2d Python points-to: Add clarifying comment on internal object predicate. 2019-06-27 16:13:33 +01:00
semmle-qlci 7ff6d8262d
Merge pull request #1514 from hvitved/cil/consistency 
Approved by calumgrant
 2019-06-27 15:15:43 +01:00
Taus c0ff67beb7
Merge pull request #1496 from markshannon/python-uninitial-local-fix 
Python: Don't report uninitialized locals in unreachable code.
 2019-06-27 16:00:07 +02:00
semmle-qlci c4cb75eff5
Merge pull request #1508 from xiemaisi/js/fix-MessageEvent-externs 
Approved by asger-semmle
 2019-06-27 14:32:21 +01:00
Anders Schack-Mulligen 85eac80be9 Java: Add simple sanitizer for java/http-response-splitting. 2019-06-27 14:03:48 +02:00
Tom Hvitved 481bf77d5f CIL: Speedup consistency tests 
- Make `InstructionViolation` abstract to avoid computing `getInstructionsUpTo()`
  for all instructions in the database.
- Enable `consistency.ql`, which reports all consistency violations, and remove
  all other specialized tests.
 2019-06-27 13:40:07 +02:00
Anders Schack-Mulligen 93646974a6 Java: Add SHA512 to the crypto whitelist. 2019-06-27 13:38:04 +02:00
semmle-qlci 44bd540c44
Merge pull request #1495 from asger-semmle/array-taint-step 
Approved by xiemaisi
 2019-06-27 12:16:17 +01:00
Jonas Jensen d45b4175cb
Merge pull request #1497 from geoffw0/dates-5 
CPP: General clean up for the new dates queries
 2019-06-27 10:20:30 +02:00
semmledocs-ac 31614fd4f4
Merge pull request #1500 from jbj/alistair-codeowners 
Add Alistair as code owner for *.qhelp within cpp
 2019-06-27 08:32:01 +01:00
semmle-qlci 1c25e17812
Merge pull request #1505 from hvitved/csharp/autoformat 
Approved by calumgrant
 2019-06-27 08:03:58 +01:00
semmle-qlci f58c7cc79c
Merge pull request #1446 from hvitved/csharp/cached-stages 
Approved by calumgrant
 2019-06-27 08:03:24 +01:00
Max Schaefer 7565eb263e JavaScript: Update externs for `MessageEvent`. 2019-06-26 19:12:05 -07:00
Tom Hvitved bd03e7a590 C#: Auto format 2019-06-26 19:32:08 +02:00
semmle-qlci 1a9f3624c2
Merge pull request #1504 from xiemaisi/js/shift-bigint 
Approved by asger-semmle
 2019-06-26 18:30:48 +01:00
Max Schaefer e35fde322b JavaScript: Teach `ShiftOutOfRange` about BigInt. 2019-06-26 09:16:34 -07:00
Robert Marsh 8994a5acf1 C++: fix FP with ExprHasNoEffect in defaulted func 
This is a workaround for an extractor issue where expressions in a
defaulted function are not always marked as generated. I haven't yet been
able to reproduce the issue in a test case.
 2019-06-26 09:11:23 -07:00
Mark Shannon 208d313b3f Python: Add comment. 2019-06-26 12:54:43 +01:00
Jonas Jensen 473d4d44a3 Add Alistair as code owner for *.qhelp within cpp 2019-06-26 12:10:22 +02:00
Mark Shannon 347e3f3bd0 Python regex: Fix handling of character sets where first character in set is '['. 2019-06-26 10:55:47 +01:00
Taus 76f8da8986
Merge pull request #1484 from markshannon/python-aggressive-pruning 
Python: Use aggressive dead-code elimination when pruning.
 2019-06-25 19:17:44 +02:00
Geoffrey White ac5b62ccff CPP: Update comment in qhelp sample for accuracy and consistency. 2019-06-25 17:26:46 +01:00
Geoffrey White fe315a9a1c CPP: Make things private. 2019-06-25 17:08:35 +01:00
Geoffrey White cb80aa3772 CPP: Rename the classes for time structs. 2019-06-25 16:49:25 +01:00
Geoffrey White 2e31f48a7a CPP: Clean up StructFieldAccess. 2019-06-25 16:43:24 +01:00
Asger F 57dac1d0d5 JS: Update test output to reflect new edge relation 2019-06-25 16:41:29 +01:00
Geoffrey White 66dffdde05 CPP: Correct overuse of 'toString'. 2019-06-25 16:38:16 +01:00
Mark Shannon 6f1399be9b Python: Better handle calls on edge of context. 2019-06-25 16:15:39 +01:00
Tom Hvitved 51d093add0 C#: Address review comments 2019-06-25 17:01:48 +02:00
Mark Shannon 7bbe39ef01 Python: Don't report uninitialized locals in unreachable code. 2019-06-25 15:52:48 +01:00
Geoffrey White bc5fb24371 CPP: Correct overuse of 'matches'. 2019-06-25 15:13:38 +01:00
Geoffrey White ab543aa0eb CPP: QLDoc pass. 2019-06-25 15:12:27 +01:00
Geoffrey White 627fba81ce CPP: Improve wording of UnsafeArrayForDAysOfYear.ql. 2019-06-25 14:42:18 +01:00