hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,680 Commits 1,671 Branches 157 Tags
aibaars/drop-duplicate-query
Commit Graph

2555 Commits

Author SHA1 Message Date
Tom Hvitved
d0b6808299 Java: Move common CSV logic for sources and sinks into shared library 2021-06-03 13:54:51 +02:00
Tony Torralba
56a429a5f9 Merge branch 'main' into promote-jexl-injection 2021-06-03 11:10:56 +02:00
Tony Torralba
607dcd4a27 Don't use CSV models for private flow configs 2021-06-03 11:05:13 +02:00
Tony Torralba
00836c4bac Fix QLDocs 2021-06-03 10:52:52 +02:00
Tony Torralba
2833f8daa4 Change predicate isUnsafeEngine -> isSafeEngine to improve performance 2021-06-03 10:42:41 +02:00
Anders Schack-Mulligen
e86c534c48 Revert "Java: Update coverage." 
This reverts commit 1c081eeaed.
 2021-06-03 09:02:49 +02:00
Anders Schack-Mulligen
acca26f1d6 Merge pull request #5992 from hvitved/java/is-unreachable-perf 
Java: Improve performance of `isUnreachableInCall()`
 2021-06-03 08:49:51 +02:00
Tom Hvitved
daf2cc3d53 Java: Improve performance of isUnreachableInCall() 2021-06-02 20:39:05 +02:00
Anders Schack-Mulligen
8e6dd51f50 Merge pull request #5868 from Marcono1234/marcono1234/ignore-not-closing-char-array-closeable 
Java: Ignore char array based closeables for CloseReader.ql and CloseWriter.ql
 2021-06-02 15:00:59 +02:00
Chris Smowton
7382b349c2 Merge pull request #5987 from aschackmull/java/query-metadata 
Java: Add missing metadata.
 2021-06-02 12:40:34 +01:00
Anders Schack-Mulligen
8a20395857 Merge pull request #5940 from pwntester/main 
Remove XSS sink for Java
 2021-06-02 12:30:20 +02:00
Anders Schack-Mulligen
c0e562de21 Merge pull request #5979 from hvitved/java/shared-external-summaries 
Java: Move some CSV flow summary code into shared library
 2021-06-02 12:28:45 +02:00
Alvaro Muñoz
a3a215afea HTTP -> Http 2021-06-02 11:12:39 +02:00
Anders Schack-Mulligen
5e96e28792 Java: Add missing metadata. 2021-06-02 10:24:46 +02:00
Alvaro Muñoz
9aba92397d lift XssSink check to InformationLeakSink 2021-06-01 17:16:41 +02:00
Anders Schack-Mulligen
650c4f19d2 Java: More qldoc. 2021-06-01 16:09:17 +02:00
Alvaro Muñoz
970b4e7d6a update java library coverage documentation 2021-06-01 14:54:31 +02:00
Anders Schack-Mulligen
922b421a45 Java: Add change note. 2021-06-01 14:33:52 +02:00
Anders Schack-Mulligen
1c081eeaed Java: Update coverage. 2021-06-01 14:00:05 +02:00
Alvaro Muñoz
0fb692400c fix failing test 2021-06-01 13:57:13 +02:00
Tom Hvitved
14f9a5c280 Java: Move some CSV flow summary code into shared library 2021-06-01 13:22:14 +02:00
Anders Schack-Mulligen
fc913e744e Java: Minor model fix. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
dbe352f3ff Java: Remove deprecated tests. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
901996f9fd Java: Add collection flow test. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
43d1b0ab27 Java: Update qltests. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
a40880af70 Java: Add read-as-taint and config-dependent store-as-taint. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
2f087e17cb Java: Allow <> in types for now. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
3f538e7fac Java: Update some models. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
9e313d0cf6 Java: Remove container taint steps. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
3b6cef4f74 Java: Add container flow models. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
ffd52bb673 Java: Fix bug in matching generic signatures. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
1001dd84e6 Java: Switch array steps and one containerstep. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
ce509eb7e1 Merge pull request #5927 from aschackmull/dataflow/flowthrough-dispatch-perf 
Dataflow: Improve performance in flow-through pruning
 2021-06-01 11:46:22 +02:00
Anders Schack-Mulligen
a4661e1aca Merge pull request #5704 from edvraa/regexj 
Java: Regex injection
 2021-06-01 11:45:59 +02:00
Artem Smotrakov
8dc1451d42 Better recommendation in UnsafeDeserializationRmi.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-06-01 12:16:09 +03:00
Anders Schack-Mulligen
5d21c64247 Dataflow: qldoc fix. 2021-06-01 10:49:47 +02:00
Anders Schack-Mulligen
4f9a6c151b Dataflow: Code review fixes. 2021-06-01 10:29:17 +02:00
Anders Schack-Mulligen
683f853fa5 Dataflow: Fix another bad join order. 2021-05-31 15:14:13 +02:00
haby0
d6782767b7 Fix typos 2021-05-31 11:12:22 +08:00
Alvaro Muñoz
41d034d5a0 Attempt to use information-leak sink category 2021-05-30 00:22:40 +02:00
Artem Smotrakov
b28d639166 Fixed errors in UnsafeDeserializationRmi.qhelp 2021-05-29 09:32:08 +02:00
Artem Smotrakov
62c6bee5f8 Simplified UnsafeDeserializationRmi.ql 2021-05-29 09:21:20 +02:00
Alvaro Muñoz
f60df3b26a Update java/change-notes/2021-05-28-remove-senderror-xss-sink.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-05-28 15:13:19 +02:00
Alvaro Muñoz
5a894ac7f7 update java library coverage documentation 2021-05-28 15:13:19 +02:00
Alvaro Muñoz
db2f05ac24 Updated Java change notes 2021-05-28 15:13:18 +02:00
Alvaro Muñoz
735e4e4b7b update failing tests 2021-05-28 15:13:18 +02:00
Alvaro Muñoz
706874491b Remove XSS sink for Java 2021-05-28 15:13:18 +02:00
Erik Krogh Kristensen
79989cc3f4 CPP/Java: Fix getAPrimaryQlClass implementations 2021-05-27 21:36:27 +02:00
Tamás Vajk
1997f500c2 Merge pull request #5832 from tamasvajk/feature/csv-coverage-report 
Java: github action for CSV coverage report
 2021-05-25 14:51:19 +02:00
Anders Schack-Mulligen
d05f524759 Merge pull request #5941 from aschackmull/java/virt-disp-perf 
Java: Improve performance of virtual dispatch calculation.
 2021-05-25 14:44:51 +02:00