github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
8 634 коммитов 1 544 Ветки 131 Тег 485 MiB
Граф коммитов

8634 Коммитов

Автор SHA1 Сообщение Дата
Jonas Jensen fbf2ef8625 C++: Don't check if a Field is static 
A `Field` in the C++ QL libraries can't be static, but I'd for some
reason written two checks for `Field`s being static in the data-flow
library.
 2019-11-19 13:20:21 +01:00
James Fletcher 351cb46bb9
Merge pull request #2349 from shati-patel/docs/readme 
Docs: Update readme in docs folder
 2019-11-15 16:52:52 +00:00
shati-patel 37931f2bcf
Docs: Update readme in docs folder 2019-11-15 16:26:43 +00:00
yh-semmle de65f023d6
Merge pull request #2167 from aschackmull/java/dataflow-out-of-arg-refactor 
Java/C++/C#: Refactor dataflow to simplify return flow.
 2019-11-15 11:10:06 -05:00
yh-semmle 810a046428
Merge pull request #2346 from aschackmull/java/rangeanalysis-integral-fix2 
Java: Fix range analysis bug where int was assumed.
 2019-11-15 09:54:48 -05:00
Calum Grant f5598db070
Merge pull request #2343 from hvitved/csharp/dataflow/assignment-flow 
C#: Add missing assignment data flow steps
 2019-11-15 14:21:13 +00:00
Anders Schack-Mulligen 81a90943c0 Java: Fix range analysis bug where int was assumed. 2019-11-15 15:08:14 +01:00
Taus 78109db243
Merge pull request #2181 from RasmusWL/python-modernise-pyramid-library 
Python: modernise pyramid library
 2019-11-15 15:05:44 +01:00
Taus cb94e7db72
Merge pull request #2140 from RasmusWL/python-fix-flask 
Python: Modernise flask + correctly handle flask.make_response
 2019-11-15 14:55:27 +01:00
Erik Krogh Kristensen f813e06680
Merge pull request #2345 from Semmle/esbena-patch-3 
Update FlowSteps.qll
 2019-11-15 14:04:14 +01:00
semmle-qlci 2f63b89941
Merge pull request #2338 from esbena/js/model-get-them-args 
Approved by max-schaefer
 2019-11-15 11:50:45 +00:00
Max Schaefer 217eda374d
Merge pull request #2252 from asger-semmle/regexp 
JS: Parse regular expressions from string literals
 2019-11-15 11:47:33 +00:00
Esben Sparre Andreasen a3deb7d4e0
Update FlowSteps.qll 2019-11-15 12:44:04 +01:00
Tom Hvitved f9bff172d4 C#: Add missing assignment data flow steps 2019-11-15 11:36:05 +01:00
Tom Hvitved f8791c884f C#: Add more data flow tests for assignments 2019-11-15 11:30:40 +01:00
Esben Sparre Andreasen a6dbf5fbad
Update change-notes/1.23/analysis-javascript.md 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-11-15 10:43:04 +01:00
Esben Sparre Andreasen c3fdfdecab JS: rename DefaultParsedCommandLineArgumentsAsSource 2019-11-15 10:40:15 +01:00
Asger F 7a489afdda JS: Add change note 2019-11-15 09:27:21 +00:00
Asger F 66db38266b JS: Add qldoc to HostnameRegexpShared 2019-11-15 09:27:21 +00:00
Asger F 6809eed543 JS: Stats and upgrade script 2019-11-15 09:27:21 +00:00
Asger F 607aed37ee Update javascript/ql/src/semmle/javascript/Expr.qll 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-11-15 09:27:21 +00:00
Asger F 77e5305b9b Update javascript/ql/src/Security/CWE-020/IncompleteHostnameRegExp.ql 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-11-15 09:27:21 +00:00
Asger F 37aa85fe81 JS: Fix parsing of non-BMP chars before a quantifier 2019-11-15 09:27:21 +00:00
Asger F 8fcf7a265a JS: Remove unused OffsetTranslationBuilder class 2019-11-15 09:27:21 +00:00
Asger F 4d1f7836f2 JS: Check for [^.] 2019-11-15 09:27:21 +00:00
Asger F a7a90b4b7e JS: Disregard capture groups in lookaround assertions 2019-11-15 09:27:20 +00:00
Asger F 2242df920f JS: More qldoc 2019-11-15 09:27:20 +00:00
Asger F dc6c15cbb9 Update javascript/ql/src/semmle/javascript/Regexp.qll 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-11-15 09:27:20 +00:00
Asger F dd9274e42c JS: Docs regarding regexp terms in string literals 2019-11-15 09:27:20 +00:00
Asger F c2e0c8cb39 JS: Do not extract string literal types as regexps 2019-11-15 09:27:20 +00:00
Asger F 57a9cad721 JS: Fix offsets of octal and unicode escape 2019-11-15 09:27:20 +00:00
Asger F 4680e3a89a JS: Simplify charpred of Match 2019-11-15 09:27:20 +00:00
Asger F c01005a610 JS: Remove outdated comment 2019-11-15 09:27:20 +00:00
Asger F e01a9846d8 JS: Update test annotations 2019-11-15 09:27:20 +00:00
Asger F 153d34638b JS: Fix a FP 2019-11-15 09:27:20 +00:00
Asger F 8c5b9b9195 JS: Add missing post-anchor case to MissingRegExpAnchor 2019-11-15 09:27:20 +00:00
Asger F 17ad97812e JS: Fix FPs from TLDs without a domain name 2019-11-15 09:27:20 +00:00
Asger F 20fb7717d8 JS: Use type inference to refine regexp string tracking 2019-11-15 09:27:20 +00:00
Asger F e45c361d64 JS: Port IncompleteHostnameRegExp 2019-11-15 09:27:20 +00:00
Asger F 9ecab1b5d5 JS: Port unanchored RegExp query but for hostnames only 2019-11-15 09:27:20 +00:00
Asger F e5f2f9e43e JS: Do not flag semi-anchored regexps in .replace() 2019-11-15 09:27:20 +00:00
Asger F cae09a447b JS: Update test case 2019-11-15 09:27:20 +00:00
Asger F 3e37950170 JS: Whitelist one more FP case 2019-11-15 09:27:20 +00:00
Asger F 2b151cd587 JS: Include anchor direction in message 2019-11-15 09:27:20 +00:00
Asger F 3e952cf564 JS: Restrict semi-anchored regex query more 2019-11-15 09:27:19 +00:00
Asger F 0726bd8cac JS: Add double semi-anchored test case 2019-11-15 09:27:19 +00:00
Asger F 9fa9729470 JS: Shift line numbers in SemiAnchoredRegExp testcase 2019-11-15 09:27:19 +00:00
Asger F 8bc89ee254 JS: Update semi-anchored regex query 2019-11-15 09:27:19 +00:00
Asger F c21d095d38 JS: Restrict RegExp queries to actual regular expressions 2019-11-15 09:27:19 +00:00
Asger F b8711fc642 JS: Extend RegExpTerm in ReDoS 2019-11-15 09:27:19 +00:00