codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
For type-tracking, we currently have a simple summarization of functions in two cases: - Induce a local step when a parameter is returned, and - Induce a load step when...
Here is an interesting example where we lose use-use flow. I could not minimize the example any further, that is: removing the try-finally blocks made things work again, and converting...
Does two things: - Loosens the restriction for when to track objects with methods. Previously the object had to be an allocation site, now it can be any `SourceNode` other...
- `ModuleValue.attr` and `ClassValue.lookup` are approximated by `Function.getName` - `ClassValue.getName` is apprximated by `Class.getName` - `Module::named` is approximated by `Module.getName` - `Value::named` is approximated by `Builtins::likelyBuiltin` - `FunctionValue.getNamedArgumentForCall` is approximated...
This makes two changes to the fieldFlowBranchLimit interpretation: * The count is adjusted to properly count virtual dispatch instead of nodes. This will block less flow and hence result in...
Previously, we would not get `subpaths` computed for hidden wrappers, such as when flow passes through a callback passed into a library method with a flow summary: ```rb a =...
WIP, but adds source and summary models related to file (streams) in `System.IO`.
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.34 to 0.4.35. Release notes Sourced from chrono's releases. v0.4.35 Most of our efforts have shifted to improving the API for a 0.5 release, for which cleanups...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
What is new? JsonPickle library Code execution sinks Pytorch library Code execution sinks Pexpect library Command Execution and Secondary server cmd injection AsyncSsh library Secondary server cmd injection Netmiko library...
