Pinned
4,677 contributions in the last year
Activity overview
Contributed to
github/codeql,
github/vscode-codeql-starter,
github/codeql-go
and 10 other
repositories
Contribution activity
April 2023
Created 81 commits in 1 repository
Created 1 repository
Created a pull request in github/codeql that received 14 comments
C++: Use the new dataflow library in cpp/missing-check-scanf
This PR rewrites the cpp/missing-check-scanf query to use the new use-use based dataflow library.
When we introduced the query #10163 it was deemed…
+100
−132
•
14
comments
Opened 15 other pull requests in 2 repositories
github/codeql
3
open
10
merged
1
closed
- C++: IR translation for static local initializers
- C++: Reduce dataflow duplication
- C++: Add some use-after-free FP tests
- C++: Ignore a few more instructions in dataflow
-
C++: Fix bad self-join in
cpp/use-after-free - C++: IR translation for non-runtime-initialized static local variables.
-
C++: Promote
cpp/redundant-null-check-simpleto Code Scanning - Swift: Dataflow for keypaths
-
C++: Fix joins in
cpp/constant-array-overflow -
C++: Fix FN in
cpp/tainted-arithmetic -
C++: Deprecate single-parameter
getFieldExprandgetElementExpr - C++: IR generation for repeated initializers
- C++: Promote IR-based range-analysis library out of experimental
- C++: Fix global flow without an SSA definition
github/codeql-coding-standards
1
merged
Reviewed 24 pull requests in 3 repositories
github/codeql
22 pull requests
- C++: Add some use-after-free FP tests
- C++: AST-based wrapper for new range analysis
- Swift: Improve ExtensionDecl.toString
- Swift: Dataflow for keypaths
- Swift: Closure Capture Helper APIs
- Swift: Add some sink models
- C++: add overflow detection to new range analysis
- CPP: Add query for CVE-2022-37454: Integer addition may overflow inside if statement
-
Swift: add QLdoc for generated
RawandSynthmodules - C++: Implement use-after-free and double-free queries using the new IR use-use dataflow
- Swift: Add CryptoSwift sinks in swift/weak-sensitive-data-hashing
- Swift: Add CSV extension points to the encryption queries.
- Swift: Extract structured keypath components.
-
C++: Refactor
ProductFlowto have aDataFlow::ConfigSig-like interface - C++: Fix number of join order problems in memory corruption queries
- Swift: Modernize the encryption queries
- Swift: Add missing import to ExternalFlow.qll.
-
Swift: Update final two queries to use
DataFlow::ConfigSig -
Swift: Rewrite more queries to use
DataFlow::ConfigSig - C++: IR generation for repeated initializers
- C++: Promote IR-based range-analysis library out of experimental
-
C++: Drop the bit size restriction in
typeBound
andersfugmann/codeql
1 pull request
github/codeql-coding-standards
1 pull request
Answered 1 discussion in 1 repository
github/codeql
github/codeql
-
CodeQl Java to detect flows from some input to a Class member
This contribution was made on Apr 3
213
contributions
in private repositories
Apr 2 – Apr 21