hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Add change note.

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2025-10-07 13:51:49 +02:00
parent f0bfd7053e
commit 7dadbc43fb
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/lib/change-notes/2025-10-07-array-entrypointtype.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Fields of certain objects are considered tainted if the object is tainted. This holds, for example, for objects that occur directly as sources in the active threat model (for instance, a remote flow source). This has now been amended to also include array types, such that if an array like `MyPojo[]` is a source, then fields of a tainted `MyPojo` are now also considered tainted.