hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

4531 Commits

Author SHA1 Message Date
erik-krogh
c029048306 port the Java regex/redos queries to use the shared pack 2022-11-14 21:29:41 +01:00
erik-krogh
d5b066636f use namespace in PrintAst.qll to avoid conflict with Top 2022-11-14 21:29:41 +01:00
erik-krogh
b737bdbca0 add a Java implementation of RegexTreeViewSig 2022-11-14 21:29:41 +01:00
erik-krogh
20254dfc08 move existing regex-tree into a module 2022-11-14 21:29:41 +01:00
erik-krogh
af1470de07 add codeql/regex as a dependency 2022-11-14 21:29:41 +01:00
Ed Minnix
73d6360eee Java: add setAllowFileAccess to CrossOriginAccessMethod in WebView.qll 
Local file access is enabled using the `WebSettings#setAllowFileAccess`
method.
 2022-11-14 15:07:46 -05:00
Ian Lynagh
3afd895d41 Merge pull request #11217 from igfoo/igfoo/kotlin_version_rec 
Java/Kotlin: Write Kotlin version information to the database
 2022-11-14 10:55:46 +00:00
Ed Minnix
30cd447f69 Java: Add class to represent android.webkit.WebView#addJavascriptInterface 2022-11-12 09:40:49 -05:00
Rasmus Wriedt Larsen
ddbcdcb4ba Merge pull request #11160 from RasmusWL/dataflow-consistency-read-store 
DataFlow: Add read/store stepIsLocal consistency checks
 2022-11-11 14:51:45 +01:00
Ian Lynagh
e00f87045e Java: Add up/downgrade scripts 2022-11-10 20:31:13 +00:00
Ian Lynagh
fac839f481 Java/Kotlin: Add a changenote for Compilation.getInfo 2022-11-10 20:29:04 +00:00
Ian Lynagh
a6b8f4b674 Java/Kotlin: Update stats 2022-11-10 20:29:04 +00:00
Ian Lynagh
d0dfb4926b Kotlin/Java: Add compilation_info table 2022-11-10 20:29:04 +00:00
Michael Nebel
2a26c8f340 Merge pull request #10628 from michaelnebel/java/typebasedmodels 
Java: Type based summary models.
 2022-11-10 16:34:52 +01:00
Ian Lynagh
a2c0d47e9c Merge pull request #11199 from igfoo/igfoo/kotlin_default 
Kotlin: Update docs and tests
 2022-11-10 14:53:06 +00:00
Michael Nebel
8c1de5958b Java: Make better QL docs and add some missing 'this'. 2022-11-10 13:57:43 +01:00
Michael Nebel
3b109db2d1 Java: Generalize the support perceiving functional interfaces as functions. 2022-11-10 13:57:42 +01:00
Michael Nebel
bdc569feea Java: Initial implementation of type based model generation. 2022-11-10 13:57:41 +01:00
Michael Nebel
9c6875ec0f Merge pull request #10777 from michaelnebel/csharp/generatedataextensions 
C#: Generate data extension files
 2022-11-10 13:08:31 +01:00
Ian Lynagh
72a26865b5 Kotlin: Add a changenote for enabled-by-default 2022-11-10 11:36:15 +00:00
Anders Schack-Mulligen
b3b7711149 Dataflow: Sync. 2022-11-09 14:23:15 +01:00
Anders Schack-Mulligen
ade83b3cfe Dataflow: Introduce support for src/sink grouping in path results. 2022-11-09 14:22:24 +01:00
Jami
cfbaf5e53b Merge pull request #10785 from jcogs33/insuff-key-size-globalflow-keysize 
Java: Promote insufficient key size query from experimental
 2022-11-08 18:05:01 -05:00
Jami Cogswell
13decd38d9 update sink 2022-11-08 15:29:33 -05:00
Jami Cogswell
bada986433 apply review comments 2022-11-08 15:29:33 -05:00
Jami Cogswell
b99a1d2cd9 update sink and tests 2022-11-08 15:29:33 -05:00
Jami Cogswell
695d6f0e4e move files to regexp directory 2022-11-08 15:29:33 -05:00
Jami Cogswell
5402001362 remove original sanitizer 2022-11-08 15:29:33 -05:00
Jami Cogswell
be548c13e1 switch sink to use csv models 2022-11-08 15:29:33 -05:00
Jami Cogswell
5dcd3b2c0f clean up files 2022-11-08 15:29:33 -05:00
Jami Cogswell
32f7348d30 update help file 2022-11-08 15:29:33 -05:00
Jami Cogswell
eb30e8fe9e move Pattern.quote and Pattern.LITERAL models to Regex.qll 2022-11-08 15:29:33 -05:00
Jami Cogswell
81ad10bab5 update sink names 2022-11-08 15:29:33 -05:00
Jami Cogswell
5b089bbb9c split sanitizer into three 2022-11-08 15:29:33 -05:00
Jami Cogswell
91491d9a7b refactor into more classes; add more test cases; add LITERAL sanitizer 2022-11-08 15:29:33 -05:00
Jami Cogswell
50d638d1b6 create RegexInjection.qll file 2022-11-08 15:29:33 -05:00
Jami Cogswell
f6f26fe6c5 refactor code; add change note 2022-11-08 15:29:33 -05:00
Jami Cogswell
037a05cd66 add classes for Pattern, Matcher, and RegExUtils 2022-11-08 15:29:33 -05:00
Jami Cogswell
6545cff0ef add Pattern.quote sanitizer 2022-11-08 15:29:33 -05:00
Jami Cogswell
833c5edf06 move to .qll file and switch to InlineExpectations tests 2022-11-08 15:29:32 -05:00
Rasmus Wriedt Larsen
4895daba85 DataFlow: Add read/store stepIsLocal consistency checks 2022-11-08 13:32:49 +01:00
Tony Torralba
ef967b6a21 Merge pull request #10890 from atorralba/atorralba/android-startactivities-summaries 
Java: Add flow summaries for startActivities
 2022-11-07 18:06:30 +01:00
Erik Krogh Kristensen
d67235b3c1 Merge pull request #11071 from erik-krogh/fixCanon 
ReDoS: fix canonicalization in NfaUtils
 2022-11-07 14:10:50 +01:00
Tamás Vajk
830be92f1d Merge pull request #11089 from tamasvajk/kotlin-enum-ctor-call 
Kotlin: Extract missing arguments of enum constructor calls
 2022-11-07 12:55:27 +01:00
Anders Schack-Mulligen
99ca28ea9b Merge pull request #10886 from aschackmull/dataflow/joinorders 
Dataflow: Fix a couple of join-orders.
 2022-11-07 11:05:29 +01:00
Tamas Vajk
4e8d8a4de1 Add compilerGeneratedReason for enum constructor call arguments 2022-11-07 10:07:05 +01:00
github-actions[bot]
fca754bddd Post-release preparation for codeql-cli-2.11.3 2022-11-05 14:30:48 +00:00
github-actions[bot]
508327235a Release preparation for version 2.11.3 2022-11-04 20:16:23 +00:00
Anders Schack-Mulligen
a1dba82360 Dataflow: Sync. 2022-11-04 12:41:55 +01:00
Anders Schack-Mulligen
828d187198 Dataflow: Fix a couple of join-orders. 2022-11-04 12:41:55 +01:00