github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
5 807 коммитов 1 542 Ветки 132 Теги 495 MiB
Граф коммитов

5807 Коммитов

Автор SHA1 Сообщение Дата
Robert Marsh 10172af401
Merge pull request #1557 from jbj/hiding-range-based-for 
C++: Fix DeclarationHidesVariable FP for nested range-based for loops
 2019-07-05 14:56:02 -07:00
Jonas Jensen 8d3cb78a9d C++: Fix DeclarationHidesVariable FP 
We don't want alerts about the compiler-generated variables that appear
in the desugaring of range-based `for`.
 2019-07-05 20:39:43 +02:00
Jonas Jensen 443a8fbc07 C++: Test for DeclarationHidesVariable FP 2019-07-05 20:34:30 +02:00
Taus Brock-Nannestad 4ddebb9349 Better names for helper predicates. 2019-07-05 16:38:39 +02:00
Taus Brock-Nannestad 703139142a More performance fixes. 2019-07-05 14:44:56 +02:00
Robin Neatherway 204a28df94 Java: Add `isNotEmpty` to NullGuards 2019-07-05 12:41:46 +01:00
Jonas Jensen 4b4e7caf9f C++ IR: Support __builtin_addressof 2019-07-05 11:05:00 +02:00
Jonas Jensen 6fe9945c04 C++: Placeholder translation of delete expressions 
Before this change, `delete` and `delete[]` expressions had no control
flow after them, which caused the reachability analysis to remove all
code after a delete expression. This commit adds placeholder support for
delete expression by translating them to `NoOp` instructions so their
presence doesn't cause large chunks of the program to be removed.
 2019-07-05 10:54:35 +02:00
semmle-qlci 50e8034b0b
Merge pull request #1544 from esben-semmle/js/additional-configuration-splitting 
Approved by xiemaisi
 2019-07-05 09:10:22 +01:00
Ellen Arteca 39c37f519d JavaScript: Use type tracking to identify more portal entry/exit nodes. 2019-07-05 09:03:37 +01:00
Arthur Baars 9bf0a3f2cd
Merge pull request #1547 from Semmle/rc/1.21 
Merge rc/1.21 into master
 2019-07-05 07:20:28 +02:00
Esben Sparre Andreasen fca815f96d JS: make use of the recent Configuration split 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 6d5b84fa88 JS: split XmlBomb.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 5163ccfd39 JS: split InsufficientPasswordHash.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 8664908f78 JS: split PrototypePollution.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 289c29828f JS: split UnvalidatedDynamicMethodCall.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 9e675d9973 JS: split TaintedFormatString.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 26c29cbde5 JS: split TypeConfusionThroughParameterTampering.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 8225d9923c JS: split ClientSideUrlRedirect.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen c3973c061e JS: split ZipSlip.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 29e69b32b0 JS: split XpathInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 48b655f1c7 JS: split CommandInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen ccc171ce18 JS: split RemotePropertyInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 063abb5af9 JS: split PostMessageStar.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 3ad46cd5bf JS: split HardcodedCredentials.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen ec6d233180 JS: split CleartextLogging.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 813253e0ac JS: split BrokenCryptoAlgorithm.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 27d0caed3e JS: split RegExpInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen c8a60f74f0 JS: split StackTraceExposure.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen f2b3fa57eb JS: split RequestForgery.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 6f6887993c JS: split Xxe.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 9d670f7d39 JS: split CleartextStorage.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 013f471cf6 JS: split TaintedPath.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 2bb702ceea JS: split SqlInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 2972c28e58 JS: split NosqlInjection.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 057b18c316 JS: split ServerSideUrlRedirect.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen a89a073623 JS: split FileAccessToHttp.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen efe7ba4f3d JS: split InsecureRandomness.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen b85d3756b0 JS: split DifferentKindsComparisonBypass.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 56172317ed JS: split HardCodedDataInterpretedAsCode.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen d786f36120 JS: split CorsMisconfigurationForCredentials.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen 1f54f3269d JS: split HttpToFileAccess.qll 2019-07-04 22:42:55 +02:00
Esben Sparre Andreasen ee6003655a JS: split UnsafeDynamicMethodAccess.qll 2019-07-04 22:42:55 +02:00
Jonas Jensen 2f8787379a
Merge pull request #1535 from geoffw0/nospacezero 
CPP: Fix false positives from NoSpaceForZeroTerminator.ql
 2019-07-04 22:36:04 +02:00
Jonas Jensen 8c733fd58d
Merge pull request #1537 from geoffw0/add-tests 
CPP: Add some tests
 2019-07-04 21:20:55 +02:00
Jonas Jensen b51c78a92a
Merge pull request #1546 from geoffw0/eraperf 
CPP: Speed up LeapYear.qll 'ChecksForLeapYearFunctionCall'.
 2019-07-04 21:19:34 +02:00
semmle-qlci 0290c79c54
Merge pull request #1486 from hvitved/csharp/inherited-completions 
Approved by calumgrant
 2019-07-04 19:45:25 +01:00
Geoffrey White 1fd08f4e47 CPP: Change note. 2019-07-04 17:27:40 +01:00
Geoffrey White 73c7bc1db9 CPP: Generalize a little. 2019-07-04 17:27:40 +01:00
Geoffrey White 7fc31f263a CPP: Basic fix. 2019-07-04 17:27:40 +01:00