hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,392 Commits 1,671 Branches 157 Tags
aeisenberg/update-comment
Commit Graph

4012 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
344f7bca5b Merge pull request #7187 from aschackmull/java/dont-clear-in-summary-store 
Java: Don't clear content in store steps in summaries.
 2021-11-19 16:12:37 +01:00
Anders Schack-Mulligen
fc43220864 Java: bugfix 2021-11-19 15:01:29 +01:00
Anders Schack-Mulligen
2b1f34ed9b Java: Don't clear content in store steps in summaries. 2021-11-19 14:22:28 +01:00
Anders Schack-Mulligen
1f3f7e9ccc Merge pull request #7169 from erik-krogh/useMatches 
use matches instead of regexpMatch/prefix/suffix
 2021-11-19 11:42:47 +01:00
Erik Krogh Kristensen
011fc20963 use matches instead of regexpMatch 2021-11-18 15:41:25 +01:00
Anders Schack-Mulligen
6815a13a00 Merge pull request #6931 from hvitved/dataflow/restrict-derived-summaries 
Data flow: Restrict derived flow summaries
 2021-11-18 15:31:55 +01:00
github-actions[bot]
ecdaeb0c10 Add changed framework coverage reports 2021-11-18 00:09:24 +00:00
Anders Schack-Mulligen
22ebe68b1b Merge pull request #7132 from aschackmull/java/overrides 
Java: Fix overrides to not be transitive.
 2021-11-17 15:38:11 +01:00
Anders Schack-Mulligen
1645fcf79c Merge pull request #7088 from aschackmull/java/parameterized-subtyping 
Java: Improve algorithm for subtyping of parameterized types.
 2021-11-17 15:28:28 +01:00
Benjamin Muskalla
3c3a65243f Merge pull request #6664 from bmuskalla/bmuskalla/modelGenerator 
Java: Initial CSV model generator
 2021-11-17 12:30:45 +01:00
Tom Hvitved
6d58dd2823 Java: Update expected test output 2021-11-17 10:49:51 +01:00
Tom Hvitved
ac41451798 Data flow: Sync files 2021-11-17 10:39:12 +01:00
Anders Schack-Mulligen
69671ce90d Java: cache overrides 2021-11-17 09:16:58 +01:00
Benjamin Muskalla
b4eadefb92 Fix test 2021-11-16 17:28:01 +01:00
Benjamin Muskalla
3dbaa087d4 Remove class file 2021-11-16 16:36:27 +01:00
Chris Smowton
188915e597 Fix typos 2021-11-16 15:30:00 +00:00
Anders Schack-Mulligen
76606b5995 Java: Add more comments. 2021-11-16 16:11:14 +01:00
Anders Schack-Mulligen
c70d384d28 Merge pull request #7045 from aschackmull/dataflow/hidden-ret-subpaths 
Data flow: Support hidden return nodes in subpaths predicate
 2021-11-16 15:04:51 +01:00
Anders Schack-Mulligen
d408105fad Java: Fix bad join-order. 2021-11-16 14:25:19 +01:00
Benjamin Muskalla
0e6bb28016 Only consider store steps 2021-11-16 10:46:24 +01:00
Benjamin Muskalla
fd9199c0c0 Simplify handling of tainting fields 2021-11-15 16:40:09 +01:00
Benjamin Muskalla
d7ed325b3f Refactor content flow into predicate 2021-11-15 16:30:55 +01:00
Benjamin Muskalla
f4310898b3 Capture sources flowing into parameters 2021-11-15 16:28:28 +01:00
Tony Torralba
87ebcea913 Add AsyncTask value step 2021-11-15 16:13:36 +01:00
Anders Schack-Mulligen
1cd42ea668 Java: Fix test and some references. 2021-11-15 16:03:04 +01:00
Benjamin Muskalla
8040d9cfcf Only consider true return statements as sinks 2021-11-15 15:29:01 +01:00
Benjamin Muskalla
e6e52a3b32 190 2021-11-15 15:18:03 +01:00
Anders Schack-Mulligen
2fe6880d70 Java: Add support for adding additional value steps. 2021-11-15 15:05:48 +01:00
Anders Schack-Mulligen
c616f5784d Java: Fix overrides to not be transitive. 2021-11-15 13:54:53 +01:00
Benjamin Muskalla
dc022430ee Remove superflous instanceof 2021-11-15 13:07:02 +01:00
Benjamin Muskalla
412bd32f45 Move more predicates into configuration 2021-11-15 13:04:23 +01:00
Benjamin Muskalla
b84c03672d Prefer types to TargetAPI 2021-11-15 12:43:46 +01:00
Benjamin Muskalla
bca6cecd1c Remove basic support for lambda flow 2021-11-15 12:38:30 +01:00
Benjamin Muskalla
78e3906ea7 Exclude more JDK internals 2021-11-15 11:58:10 +01:00
Benjamin Muskalla
cce3780481 Restrict param2return value features 2021-11-15 09:57:23 +01:00
Benjamin Muskalla
a0b7f267ff Only capture taint from own fields 
Also exclude `Charset` as relevant taint-carrying type. This is generally
what we want to lets us avoid tracking arguments that lead to FP.
 2021-11-12 10:15:15 +01:00
Benjamin Muskalla
0234e77d2f Let sink node be pluggable in any call context 2021-11-12 09:43:05 +01:00
Benjamin Muskalla
b8809a20d8 Support propagating taint of inner object 2021-11-12 09:39:59 +01:00
Anders Schack-Mulligen
7ffd9b4f9e Dataflow: Include read/store steps when finding non-hidden return. 2021-11-11 11:26:21 +01:00
Benjamin Muskalla
2d4176bec0 Ignore Number-derived types 2021-11-10 16:30:27 +01:00
Benjamin Muskalla
dbd393b77a Support flow into field of referenced objects 2021-11-10 16:30:27 +01:00
Benjamin Muskalla
974c7b0898 Avoid cross-class flow for field writes 2021-11-10 16:30:26 +01:00
Benjamin Muskalla
74ac234f1c Restrict field access to same type 2021-11-10 16:30:26 +01:00
Benjamin Muskalla
8740e879b4 Fix docs 2021-11-10 16:30:26 +01:00
Benjamin Muskalla
a546b38ee0 Restrict field access to corresponding type 2021-11-10 16:30:26 +01:00
Benjamin Muskalla
6960a7b97e Remove extraneous last column 2021-11-10 16:30:25 +01:00
Benjamin Muskalla
ef972159a6 Fix bug when generating output in a subfolder 2021-11-10 16:30:25 +01:00
Benjamin Muskalla
4cfd978bfe Support generating in respective folders 2021-11-10 16:30:25 +01:00
Benjamin Muskalla
b92758883b Auto-format generated qll files 2021-11-10 16:30:25 +01:00
Benjamin Muskalla
e2bd792fc2 Consider bulk-like data for argument accessors 2021-11-10 16:30:25 +01:00