Releases: trailofbits/codeql-queries
Releases · trailofbits/codeql-queries
v0.3.0
Immutable
release. Only release title and notes can be modified.
What's Changed
- Tentative query for CVE-2024-6387 by @DarkaMaul in #4
- match functions that are similar to signal by @R3x in #8
- Add CI job for running query tests by @mschwager in #5
- Go fix dataflows new by @GrosQuildu in #9
- Enhanced version of signal query by @GrosQuildu in #7
- fix signal and strings includes by @GrosQuildu in #12
- Create CODEOWNERS by @GrosQuildu in #3
- Add detection for Recursion in Java by @DarkaMaul in #14
- Fix trim misuse df by @GrosQuildu in #18
- Removed DES and Cast to reduce false positives by @fegge in #24
- Implicit conversions - polished by @GrosQuildu in #21
- Improve C++ legacy crypto algorithm query by @gsutherland-trailofbits in #22
- Try trailofbits/setup-codeql action for tests by @mschwager in #30
- fix: Updated MissingMinVersionTLS query to check go version by @Apostlex0 in #29
- Improve and extend C++ openssl crypto queries by @ex0dus-0x in #31
- Autoformat existing CodeQL queries and add CI check by @mschwager in #33
- DecOverflowWhenComparing query by @GrosQuildu in #28
- Inconsistent return value handling rule by @GrosQuildu in #10
- Explicit precedence clarifies logic in UseOfLegacyAlgorithm.ql by @gsutherland-trailofbits in #36
- Update documentation with new C++ crypto queries by @ex0dus-0x in #35
- Update all pack dependencies by @mschwager in #34
- fix ci by @GrosQuildu in #37
- Merge itergator by @GrosQuildu in #38
- Update docs and add publish workflow by @evandowning in #40
New Contributors
- @DarkaMaul made their first contribution in #4
- @R3x made their first contribution in #8
- @mschwager made their first contribution in #5
- @GrosQuildu made their first contribution in #9
- @fegge made their first contribution in #24
- @gsutherland-trailofbits made their first contribution in #22
- @Apostlex0 made their first contribution in #29
- @ex0dus-0x made their first contribution in #31
- @evandowning made their first contribution in #40
Full Changelog: v0.2.1...v0.3.0
What's Changed
- Tentative query for CVE-2024-6387 by @DarkaMaul in #4
- match functions that are similar to signal by @R3x in #8
- Add CI job for running query tests by @mschwager in #5
- Go fix dataflows new by @GrosQuildu in #9
- Enhanced version of signal query by @GrosQuildu in #7
- fix signal and strings includes by @GrosQuildu in #12
- Create CODEOWNERS by @GrosQuildu in #3
- Add detection for Recursion in Java by @DarkaMaul in #14
- Fix trim misuse df by @GrosQuildu in #18
- Removed DES and Cast to reduce false positives by @fegge in #24
- Implicit conversions - polished by @GrosQuildu in #21
- Improve C++ legacy crypto algorithm query by @gsutherland-trailofbits in #22
- Try trailofbits/setup-codeql action for tests by @mschwager in #30
- fix: Updated MissingMinVersionTLS query to check go version by @Apostlex0 in #29
- Improve and extend C++ openssl crypto queries by @ex0dus-0x in #31
- Autoformat existing CodeQL queries and add CI check by @mschwager in #33
- DecOverflowWhenComparing query by @GrosQuildu in #28
- Inconsistent return value handling rule by @GrosQuildu in #10
- Explicit precedence clarifies logic in UseOfLegacyAlgorithm.ql by @gsutherland-trailofbits in #36
- Update documentation with new C++ crypto queries by @ex0dus-0x in #35
- Update all pack dependencies by @mschwager in #34
- fix ci by @GrosQuildu in #37
- Merge itergator by @GrosQuildu in #38
- Update docs and add publish workflow by @evandowning in #40
New Contributors
- @DarkaMaul made their first contribution in #4
- @R3x made their first contribution in #8
- @mschwager made their first contribution in #5
- @GrosQuildu made their first contribution in #9
- @fegge made their first contribution in #24
- @gsutherland-trailofbits made their first contribution in #22
- @Apostlex0 made their first contribution in #29
- @ex0dus-0x made their first contribution in #31
- @evandowning made their first contribution in #40
Full Changelog: v0.2.1...v0.3.0
Contributors
fegge, mschwager, and 7 other contributors
Assets 3
v0.2.1
Features
- Updated a number of query names, making them more descriptive.
Bug fixes
- Fixed an issue where the
InvalidKeySizequery did not distinguish between pointers and arrays.