hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,207 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.5
Commit Graph

5479 Commits

Author SHA1 Message Date
Joe Farebrother
3e3503a763 Fix failing checks 2021-10-20 17:25:38 +01:00
Joe Farebrother
b6c584cb70 Update docs 2021-10-20 17:09:59 +01:00
Joe Farebrother
447e06d92a Rename from SensitiveBroadcast to SensitiveCommmunication 2021-10-20 17:09:59 +01:00
Joe Farebrother
174ac3d6c3 Move to correct directory 2021-10-20 17:09:59 +01:00
Joe Farebrother
c3d1165c5f Revert change to argument handling 2021-10-20 17:09:58 +01:00
Joe Farebrother
6a2346ec33 Clean up sink definition 2021-10-20 17:09:58 +01:00
Joe Farebrother
52ca6b93e3 Make things private where possible 2021-10-20 17:09:58 +01:00
Joe Farebrother
351e67c639 Fix qhelp 2021-10-20 17:09:58 +01:00
Joe Farebrother
b112189530 Update docs 2021-10-20 17:09:58 +01:00
Joe Farebrother
224d679722 Add Sticky broadcast sinks 2021-10-20 17:09:57 +01:00
Joe Farebrother
ef7125e21a Simplify sink definitions using local flow 2021-10-20 17:09:57 +01:00
Joe Farebrother
4012866c6f Allow arbitrary read steps at the sink 2021-10-20 17:09:57 +01:00
Joe Farebrother
bae0da8851 Remove existing get methods 2021-10-20 17:09:57 +01:00
Joe Farebrother
1e8dd7ae40 Use subclasses of context for sinks 2021-10-20 17:09:57 +01:00
Joe Farebrother
143920efca Movee query logic to a qll file 2021-10-20 17:09:57 +01:00
Joe Farebrother
c68a7077d7 Move query and tests out of experimental 2021-10-20 17:09:56 +01:00
Chris Smowton
057d0fb7e0 Rewrite query to use shared StringPrefixes library 2021-10-19 14:45:38 +01:00
Chris Smowton
8a4fa0a7e2 Copyedit 2021-10-19 12:50:17 +01:00
haby0
9d9a7abd06 Fix 2021-10-19 12:50:03 +01:00
haby0
283376eb19 Modify the model 2021-10-19 12:49:08 +01:00
haby0
679652e63a Modify Sanitizer 2021-10-19 12:49:08 +01:00
haby0
952b34a163 Eliminate FP 2021-10-19 12:49:08 +01:00
haby0
d0eec1e381 Add CWE-552-UnsafeUrlForward 2021-10-19 12:49:07 +01:00
Geoffrey White
3f3c79f48f Merge pull request #6884 from geoffw0/setliterals 
Replace or chains with set literals.
 2021-10-18 16:46:55 +01:00
Anders Schack-Mulligen
b67032d1cc Merge pull request #6891 from erik-krogh/fix-java-this 
add explicit this qualifier on all of java
 2021-10-18 17:13:37 +02:00
Ian Lynagh
54d2028920 Update java/ql/src/Likely Bugs/Resource Leaks/CloseType.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-10-18 10:12:01 +01:00
Tony Torralba
28ae4c211f Update java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp 
Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com>
 2021-10-18 11:10:23 +02:00
Tony Torralba
bc6c13be69 Refactor to actually build the full flows from src to sink 
Add more tests for edge cases
 2021-10-18 11:10:22 +02:00
Tony Torralba
4dd9e7d6a0 Remove unnecessary import 
Add comment
 2021-10-18 11:10:22 +02:00
Tony Torralba
14963103aa Add full path reconstruction from RemoteFlowSource to sink 2021-10-18 11:10:21 +02:00
Tony Torralba
445da1e71e Move files to new location 2021-10-18 11:10:21 +02:00
Tony Torralba
2ab7a55545 Improve intermediate flow to add more potential sources 2021-10-18 11:09:52 +02:00
Tony Torralba
28369d1822 Apply suggestions from code review 
Co-authored-by: Steve Guntrip <12534592+stevecat@users.noreply.github.com>
 2021-10-18 11:09:31 +02:00
Tony Torralba
aa2cdb7a53 Add intermediate dataflow 
Make sure that source intents are obtained from another intent's extras
 2021-10-18 11:09:30 +02:00
Tony Torralba
f90220436f Move sinks to security library 2021-10-18 11:09:28 +02:00
Tony Torralba
9a537f9c23 Add guard sanitizer for component name checks 2021-10-18 11:08:14 +02:00
Tony Torralba
21b70a009e Use CSV models 2021-10-18 11:07:58 +02:00
Tony Torralba
d7973592da Update java/ql/src/semmle/code/java/security/AndroidIntentRedirection.qll 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-10-18 11:07:03 +02:00
Tony Torralba
5f0ce4d232 Add suggestions from code review 2021-10-18 11:07:01 +02:00
Tony Torralba
9eb4cda1af Fix qhelp and formatting 2021-10-18 11:06:08 +02:00
Tony Torralba
7b949e8db2 QLDoc 2021-10-18 11:02:35 +02:00
Tony Torralba
fd8a128693 Renamed to AndroidIntentRedirection 
Added qhelp
 2021-10-18 11:02:34 +02:00
Tony Torralba
09d96e65b8 Added QLDoc 2021-10-18 11:02:32 +02:00
Tony Torralba
8c400d9b1b Added tests and stubs 2021-10-18 11:02:10 +02:00
Tony Torralba
d006db9d20 First version of the query 2021-10-18 10:58:09 +02:00
Ian Lynagh
e485a16993 Java: Don't use dbscheme tables in CloseType.qll 2021-10-15 18:39:42 +01:00
Erik Krogh Kristensen
caeeebf572 add explicit this qualifier on all of java 2021-10-15 15:27:37 +02:00
Geoffrey White
a82c76d2f9 Java: Set literals. 2021-10-14 14:22:40 +01:00
Anders Schack-Mulligen
169cc75c88 Merge pull request #6840 from aschackmull/java/misc-perf 
Java: Fix some performance issues.
 2021-10-13 15:53:49 +02:00
Anders Schack-Mulligen
306388a6bc Update java/ql/src/Likely Bugs/Comparison/StringComparison.ql 2021-10-13 08:57:31 +02:00