codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
This library performs a value-flow analysis of pairs of values from a pair of related sources to a pair of related sinks, using two underlying `DataFlow::Configuration`s and a post-analysis on...
This adds support for exception flow. A test is included that shows some of what works and what doesn't. Currently we get spurious flow due to imprecisions in type pruning....
**Description of the false positive** "Syntax error" for top-level "for await". "normal" top-level await works as expected. https://lgtm.com/projects/g/redis/node-redis/snapshot/ae44ac1e1a95ebddbba290195fee840d57b04911/files/examples/set-scan.js?sort=name&dir=ASC&mode=heatmap#xf9cc4b8fc3a288c5:1
Add two new predicates to `MethodBase`: `isPublic` and `isProtected`. As part of this I've refactored the code around method visibility. This is easiest to review commit-by-commit.
Detects some cases where a logging call may allow a malicious user to forge new log entries. The concrete implementation is mostly identical to the JS version of this query.
If one source could flow to another with a different tracked type, we would end up duplicating the reported results for the latter source.
This demonstrates that flow summaries can be based on API graphs and all our existing tests can pass 🎉 I have trimmed down the changes needed to get to this...
To use similar naming as in other languages. Must be rebased after https://github.com/github/codeql/pull/9923 is merged.
CVE-2021-42740: TP/TN See [the example JS results](https://lgtm.com/query/6294264273456607224/) to see what this query flags. The issues found are not security related in the vast majority of cases, but they are still...
