Граф коммитов

182 Коммитов

Автор SHA1 Сообщение Дата
semmle-qlci fd2e8486e4
Merge pull request #1862 from asger-semmle/prototype-pollution-angular-merge
Approved by esben-semmle
2019-09-05 12:50:58 +01:00
Esben Sparre Andreasen a9665f53b8 JS: whitelist quote stripping for js/incomplete-sanitization 2019-09-05 09:47:49 +01:00
Jonas Jensen 114c2fe0d4 Merge remote-tracking branch 'upstream/master' into ast-field-flow-defbyref 2019-09-05 09:33:45 +02:00
Robert Marsh a3290503ec
Merge pull request #1806 from jbj/localExprFlow
C++: Add localExprFlow and localExprTaint
2019-09-04 10:38:46 -07:00
Asger F 93a3f571ec JS: Add change note 2019-09-04 16:14:51 +01:00
Jonas Jensen cdcc716675
Merge pull request #1867 from geoffw0/erafix9
CPP: Add date to JapaneseEraDate.ql
2019-09-04 13:16:04 +02:00
Jonas Jensen 3ba650911c
Merge pull request #1847 from geoffw0/erafix8
CPP: Deal with two very similar Japanese era queries
2019-09-04 09:57:10 +02:00
Geoffrey White 84112d3630 CPP: Change note. 2019-09-03 18:30:24 +01:00
semmle-qlci 6778f28424
Merge pull request #1854 from asger-semmle/prototype-pollution-precision
Approved by esben-semmle, xiemaisi
2019-09-03 10:50:24 +01:00
Jonas Jensen d7681bf122 C++: Don't use definitionByReference for data flow
The data flow library conflates pointers and objects enough for the
`definitionByReference` predicate to be too strict in some cases. It was
too permissive in other cases that are now (or will be) handled better
by field flow.

See also the change note entry.
2019-09-03 11:49:01 +02:00
Tom Hvitved 4b32ee77e6 C#: Add change note 2019-09-03 09:35:58 +02:00
Asger F c71a66a045 JS: Add change note 2019-09-02 11:05:07 +01:00
Max Schaefer 91e46cd6fd JavaScript: Fix parsing of asynchronous generator methods. 2019-09-02 09:56:42 +01:00
semmle-qlci 6d55d1f7c0
Merge pull request #1707 from asger-semmle/canonical-name-call-graph
Approved by xiemaisi
2019-09-02 09:45:24 +01:00
Max Schaefer 742c9708a9
Merge pull request #1828 from asger-semmle/jsdoc-relation
JS: Make getDocumentation handle chain assignments
2019-09-02 08:43:40 +01:00
Jonas Jensen 63311739a5 C++: Add localExprFlow and localExprTaint
This is for ODASA-8053.
2019-09-02 09:29:10 +02:00
yh-semmle f54545522e
Merge pull request #1759 from aschackmull/java/flow-exploration
Java/C++/C#: Add support for dataflow exploration by partial paths.
2019-08-30 17:00:17 -04:00
Asger F 45941869ad JS: Change note 2019-08-30 18:25:39 +01:00
Asger F 9533ca0926 JS: Change note 2019-08-30 18:19:49 +01:00
Asger F 3186942906 JS: Add change note 2019-08-30 16:05:13 +01:00
semmle-qlci a97aefe0c3
Merge pull request #1835 from xiemaisi/js/dom-fixes
Approved by asger-semmle
2019-08-30 14:45:06 +01:00
Taus a2841b4245
Merge pull request #1763 from markshannon/python-cwe-312
Python: Two new queries for CWE-312.
2019-08-30 15:28:56 +02:00
Anders Schack-Mulligen 455bb6cd15 Java/C++/C#: Add change notes. 2019-08-30 14:35:21 +02:00
Anders Schack-Mulligen 6749f7a1b7
Merge pull request #1843 from lukecartey/java/add-missing-sql-apis
Java: Add missing SQL query APIs.
2019-08-30 14:27:40 +02:00
Luke Cartey e118f9a5f9 Add change note. 2019-08-30 10:48:37 +01:00
Mark Shannon 811815aa4e Merge branch 'master' into python-cwe-312 2019-08-30 10:39:04 +01:00
Tom Hvitved ae5fb7f330 C#: Introduce `BarrierGuard`s 2019-08-30 09:37:16 +02:00
Geoffrey White b254e1f48e CPP: Change note. 2019-08-29 18:24:29 +01:00
Calum Grant 424ab3ed6a C#: Analysis change notes. 2019-08-29 18:12:58 +01:00
Mark Shannon 4f172bd075 Python: Add change note for CWE-312 queries. 2019-08-29 16:05:11 +01:00
Jonas Jensen c8a9ec465e C++: New change-notes file for 1.23 2019-08-28 13:36:57 +02:00
Max Schaefer 78ce290de3 JavaScript: Fix `DomMethodCallExpr.interpretsArgumentsAsHTML`. 2019-08-28 11:22:03 +01:00