File tree
1,113 files changed
+253167
-44674
lines changed- .github/workflows
- cpp
- autobuilder
- Semmle.Autobuild.Cpp.Tests
- Semmle.Autobuild.Cpp
- downgrades
- 2cd420191e5f782589b4e4efb70127de265390dd
- initial
- ql
- lib
- change-notes
- released
- semmle/code/cpp
- commons/unix
- dataflow/internal
- ir
- dataflow/internal
- implementation/raw/internal
- models/implementations
- upgrades
- 018f430097e80bcf4b2786c989dae94b7d82b819
- initial
- src
- Likely Bugs/Memory Management
- Security/CWE
- CWE-311
- CWE-732
- change-notes
- released
- experimental/Best Practices
- external
- test
- TestUtilities
- library-tests/ir/ir
- query-tests
- Best Practices/Hiding/DeclarationHidesVariable
- Security/CWE
- CWE-311/semmle/tests
- CWE-732
- csharp
- autobuilder
- Semmle.Autobuild.CSharp.Tests
- Semmle.Autobuild.CSharp
- downgrades
- 4b9c288ece4218779b6113b17af42795f4bbbee1
- a696c8bae067f69ab3208e98ce35f4fdf7efb68b
- ab09ac8287516082b7a7367f8fda1862b1be47c5
- ba2201248071b2bf0bb52909b35014091d2e18a6
- extractor
- Semmle.Extraction.CIL.Driver
- Semmle.Extraction.CIL
- Semmle.Extraction.CSharp.Driver
- Semmle.Extraction.CSharp.Standalone
- Semmle.Extraction.CSharp
- Entities
- Expressions
- Patterns
- Populators
- Semmle.Extraction.Tests
- Semmle.Extraction
- Semmle.Util.Tests
- Semmle.Util
- ql
- campaigns/Solorigate
- lib
- change-notes/released
- src
- change-notes/released
- test
- consistency-queries
- lib
- change-notes
- released
- semmle/code/csharp
- controlflow
- internal
- dataflow
- internal
- exprs
- upgrades
- 4b9c288ece4218779b6113b17af42795f4bbbee1
- 58a680081d22ec56c376539b7cca9521dc38fdbb
- ab09ac8287516082b7a7367f8fda1862b1be47c5
- ba2201248071b2bf0bb52909b35014091d2e18a6
- initial
- src
- Security Features/CWE-798
- Stubs
- change-notes
- released
- test
- TestUtilities
- library-tests
- arguments
- assemblies
- attributes
- cil
- attributes
- consistency
- dataflow
- enums
- functionPointers
- init-only-prop
- typeAnnotations
- commons/TargetFramework
- controlflow/graph
- conversion
- boxing
- reftype
- csharp10
- csharp9
- dataflow
- patterns
- tuples
- definitions
- dispatch
- query-tests
- Nullness
- Stubs/Minimal
- resources/stubs
- Antlr3.Runtime/3.5.1
- Dapper/2.0.90
- Iesi.Collections/4.0.4
- Microsoft.Extensions.Primitives/6.0.0
- Microsoft.NETCore.Platforms/3.1.0
- Microsoft.Win32.Registry/4.7.0
- NHibernate/5.3.8
- Newtonsoft.Json/13.0.1
- Remotion.Linq.EagerFetching/2.2.0
- Remotion.Linq/2.2.0
- ServiceStack.Client/5.11.0
- ServiceStack.Common/5.11.0
- ServiceStack.Interfaces/5.11.0
- ServiceStack.OrmLite.SqlServer/5.11.0
- ServiceStack.OrmLite/5.11.0
- ServiceStack.Redis/5.11.0
- ServiceStack.Text/5.11.0
- ServiceStack/5.11.0
- System.Configuration.ConfigurationManager/4.4.1
- System.Data.SqlClient
- 4.8.2
- 4.8.3
- System.Drawing.Common/4.7.0
- System.Security.AccessControl/4.7.0
- System.Security.Principal.Windows/4.7.0
- _frameworks
- Microsoft.AspNetCore.App
- Microsoft.NETCore.App
- runtime.native.System.Data.SqlClient.sni/4.7.0
- runtime.win-arm64.runtime.native.System.Data.SqlClient.sni/4.4.0
- runtime.win-x64.runtime.native.System.Data.SqlClient.sni/4.4.0
- runtime.win-x86.runtime.native.System.Data.SqlClient.sni/4.4.0
- docs
- codeql
- codeql-cli
- ql-language-reference
- support/reusables
- writing-codeql-queries
- ql-libraries/dataflow
- javascript/ql
- experimental/adaptivethreatmodeling
- lib/experimental/adaptivethreatmodeling
- modelbuilding
- evaluation
- extraction
- test
- endpoint_large_scale
- autogenerated
- NosqlAndSqlInjection
- typed
- untyped
- TaintedPath
- Xss
- DomBasedXss
- ExceptionXss
- ReflectedXss
- pages/api
- StoredXss
- UnsafeHtmlConstruction
- UnsafeJQueryPlugin
- XssThroughDom
- endpoint_unit_tests
- applications/examples/static/epydoc
- function_body_feature
- modeled_apis
- lib
- change-notes
- released
- external
- semmle/javascript
- dataflow
- frameworks
- security
- dataflow
- performance
- upgrades/initial
- src
- Security
- CWE-094
- examples
- CWE-347
- examples
- CWE-367
- examples
- CWE-754/examples
- change-notes
- released
- experimental/Security/CWE-347
- test
- library-tests/frameworks
- Cheerio
- SQL
- Templating
- UriLibraries
- query-tests
- Performance/ReDoS
- lib
- Security
- CWE-022/ZipSlip
- CWE-078
- lib
- CWE-089/untyped
- CWE-094/CodeInjection
- lib
- CWE-347
- CWE-367
- CWE-506
- CWE-754
- java
- documentation/library-coverage
- ql
- lib
- change-notes
- released
- semmle/code/java
- dataflow
- internal
- frameworks
- android
- javaee/ejb
- struts
- security
- upgrades/initial
- src
- Metrics/Summaries
- Security/CWE
- CWE-113
- CWE-200
- CWE-312
- Telemetry
- change-notes
- released
- experimental
- Security/CWE
- CWE-073
- CWE-297
- semmle/code/java
- utils/model-generator
- test
- TestUtilities
- experimental/query-tests/security
- CWE-073
- CWE-297
- library-tests/types
- local-classes
- numeric-types
- record-classes
- sealed-classes
- query-tests/security
- CWE-200/semmle/tests
- CWE-312
- stubs
- google-android-9.0.0/android
- annotation
- database
- sqlite
- webkit
- jfinal-4.9.15/com/jfinal
- core
- kit
- upload
- misc
- scripts
- suite-helpers
- python
- downgrades
- 503c0516fba2e5da9570f00eb34ef43025ecb8fb
- initial
- ql
- consistency-queries
- lib
- change-notes
- released
- semmle/python
- dataflow/new/internal
- frameworks
- objects
- security
- dataflow
- flow
- injection
- performance
- strings
- types
- web
- bottle
- cherrypy
- client
- django
- falcon
- flask
- pyramid
- stdlib
- tornado
- turbogears
- twisted
- webob
- upgrades/initial
- src
- Security
- CWE-022
- CWE-090
- examples
- change-notes
- released
- experimental
- Security
- CWE-074
- CWE-090
- CWE-091
- CWE-338
- examples
- CWE-943
- semmle/python
- security
- injection
- templates
- test
- 2/library-tests/locations/general
- 3/library-tests/locations/general
- TestUtilities
- experimental
- dataflow/coverage
- query-tests/Security
- CWE-090
- CWE-338
- CWE-943
- semmle/python/templates
- library-tests
- security
- command-execution
- sensitive
- web
- bottle
- cherrypy
- client
- requests
- six
- stdlib
- django
- falcon
- flask
- pyramid
- stdlib
- tornado
- turbogears
- twisted
- query-tests/Security
- CWE-022-PathInjection
- CWE-090-LdapInjection
- tools
- ql
- extractor/src
- generator/src
- node-types/src
- ql
- consistency-queries
- examples
- src
- codeql_ql/ast/internal
- queries/style
- test
- ruby
- actions/create-extractor-pack
- doc
- downgrades
- 24d81950f3ab7e67e14553e1a5111a04e8ae8445
- 9fdd1d40fd3c3f8f9db8fabf5a353580d14c663a
- fabe9e179ed1e3d0e45ccfab6ce94b4bab02dee5
- initial
- extractor
- src
- generator
- src
- ql
- consistency-queries
- lib
- change-notes/released
- codeql/ruby
- ast
- internal
- controlflow
- internal
- dataflow
- internal
- frameworks
- http_clients
- security
- performance
- typetracking
- upgrades
- 24d81950f3ab7e67e14553e1a5111a04e8ae8445
- f765176af8e0a5128d2adb1ae9c5a6b1c8e7b20b
- fabe9e179ed1e3d0e45ccfab6ce94b4bab02dee5
- src
- change-notes
- released
- test
- TestUtilities
- library-tests
- ast
- calls
- control
- literals
- params
- controlflow/graph
- dataflow
- api-graphs
- array-flow
- frameworks
- app
- config
- controllers
- users
- files
- http_clients
- query-tests/security/cwe-601
- scripts
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
1,113 files changed
+253167
-44674
lines changedLines changed: 2 additions & 2 deletions
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
4 | 4 |
| |
5 | 5 |
| |
6 | 6 |
| |
| 7 | + | |
7 | 8 |
| |
8 | 9 |
| |
| 10 | + | |
9 | 11 |
| |
10 | 12 |
| |
11 | 13 |
| |
12 | 14 |
| |
13 | 15 |
| |
14 | 16 |
| |
15 | 17 |
| |
16 |
| - | |
17 |
| - | |
18 | 18 |
| |
19 | 19 |
| |
20 | 20 |
| |
|
Lines changed: 12 additions & 1 deletion
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
50 | 50 |
| |
51 | 51 |
| |
52 | 52 |
| |
53 |
| - | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + |
Lines changed: 3 additions & 0 deletions
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
6 | 6 |
| |
7 | 7 |
| |
8 | 8 |
| |
| 9 | + | |
| 10 | + | |
9 | 11 |
| |
10 | 12 |
| |
| 13 | + | |
11 | 14 |
| |
12 | 15 |
| |
13 | 16 |
| |
|
Lines changed: 6 additions & 1 deletion
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
27 | 27 |
| |
28 | 28 |
| |
29 | 29 |
| |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
30 | 35 |
| |
31 | 36 |
| |
32 | 37 |
| |
| |||
51 | 56 |
| |
52 | 57 |
| |
53 | 58 |
| |
54 |
| - | |
| 59 | + | |
55 | 60 |
| |
56 | 61 |
| |
57 | 62 |
|
Lines changed: 43 additions & 0 deletions
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + |
Lines changed: 67 additions & 0 deletions
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
| 67 | + |
Lines changed: 103 additions & 0 deletions
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
| 67 | + | |
| 68 | + | |
| 69 | + | |
| 70 | + | |
| 71 | + | |
| 72 | + | |
| 73 | + | |
| 74 | + | |
| 75 | + | |
| 76 | + | |
| 77 | + | |
| 78 | + | |
| 79 | + | |
| 80 | + | |
| 81 | + | |
| 82 | + | |
| 83 | + | |
| 84 | + | |
| 85 | + | |
| 86 | + | |
| 87 | + | |
| 88 | + | |
| 89 | + | |
| 90 | + | |
| 91 | + | |
| 92 | + | |
| 93 | + | |
| 94 | + | |
| 95 | + | |
| 96 | + | |
| 97 | + | |
| 98 | + | |
| 99 | + | |
| 100 | + | |
| 101 | + | |
| 102 | + | |
| 103 | + |
Lines changed: 62 additions & 0 deletions
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + |
Lines changed: 9 additions & 2 deletions
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
31 | 31 |
| |
32 | 32 |
| |
33 | 33 |
| |
34 |
| - | |
| 34 | + | |
35 | 35 |
| |
36 | 36 |
| |
37 | 37 |
| |
38 | 38 |
| |
39 | 39 |
| |
40 |
| - | |
| 40 | + | |
41 | 41 |
| |
42 | 42 |
| |
43 | 43 |
| |
| |||
189 | 189 |
| |
190 | 190 |
| |
191 | 191 |
| |
| 192 | + | |
| 193 | + | |
| 194 | + | |
| 195 | + | |
| 196 | + | |
| 197 | + | |
| 198 | + | |
192 | 199 |
|
Lines changed: 2 additions & 2 deletions
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
17 | 17 |
| |
18 | 18 |
| |
19 | 19 |
| |
20 |
| - | |
| 20 | + | |
21 | 21 |
| |
22 | 22 |
| |
23 | 23 |
| |
| |||
35 | 35 |
| |
36 | 36 |
| |
37 | 37 |
| |
38 |
| - | |
| 38 | + | |
39 | 39 |
| |
40 | 40 |
| |
41 | 41 |
| |
|
0 commit comments