Jonathan Leitschuh
|
c8e0d7f847
|
Summary model for File should include overriden methods
|
2022-04-29 14:51:26 -04:00 |
|
Jorge
|
37b051a851
|
Apply suggestions from code review
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
|
2022-04-29 14:44:17 +02:00 |
|
Tony Torralba
|
12320aa5d2
|
Fix Intent Redirection sanitizer
|
2022-04-29 12:19:49 +02:00 |
|
jorgectf
|
548721a8cf
|
Fix MyBatisInjectionSink
|
2022-04-28 23:36:51 +02:00 |
|
Jorge
|
193ea1a86e
|
Merge branch 'main' into mybatis-new-sinks
|
2022-04-28 22:26:38 +02:00 |
|
Jorge
|
50e95b5aad
|
Apply suggestions from code review
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
|
2022-04-28 21:56:20 +02:00 |
|
Jorge
|
834f2e845d
|
Delete MyBatisAbstractSql and inline MyBatisAbstractSqlMethodsStep
|
2022-04-28 21:55:15 +02:00 |
|
Chuan-kai Lin
|
d6f0bbb816
|
Fix syntax errors in QL comments
|
2022-04-28 11:53:36 -07:00 |
|
Anders Schack-Mulligen
|
9d2f386032
|
Merge pull request #8878 from aschackmull/java/validationmethod-joinorder
Java: Fix join-order.
|
2022-04-28 14:35:20 +02:00 |
|
Jeroen Ketema
|
4a648f3c89
|
Fix change note items
|
2022-04-28 14:14:19 +02:00 |
|
github-actions[bot]
|
8e4cf190e9
|
Release preparation for version 2.9.1
|
2022-04-28 11:59:05 +00:00 |
|
Tony Torralba
|
604a5fc71f
|
Merge pull request #8639 from atorralba/atorralba/spring-beans-improvements
Java: Improve Spring models
|
2022-04-28 11:59:51 +02:00 |
|
luchua-bc
|
590b9d8519
|
Standardize the query and update qldoc
|
2022-04-27 22:17:17 +00:00 |
|
Chris Smowton
|
bb049bffbd
|
Merge pull request #8765 from artem-smotrakov/cover-jms
Java: Add flow sources and steps for RabbitMQ and JMS
|
2022-04-27 21:27:05 +01:00 |
|
Tony Torralba
|
e99cee4913
|
Merge branch 'main' into java/unsafe-get-resource
|
2022-04-27 16:45:42 +02:00 |
|
Chris Smowton
|
db90bf9900
|
Move change note
|
2022-04-27 15:00:26 +01:00 |
|
Jonathan Leitschuh
|
2565cdb964
|
Add additional File taint value flow models
Adds
- File::getAbsoluteFile
- File::getCanonicalFile
- File::getAbsolutePath
- File::getCanonicalPath
|
2022-04-26 10:42:53 -04:00 |
|
Chris Smowton
|
d01c847839
|
Make import private
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
|
2022-04-26 13:34:24 +01:00 |
|
Chris Smowton
|
c0c50147b3
|
Replace singleton set
|
2022-04-26 13:34:24 +01:00 |
|
Artem Smotrakov
|
03d86306b2
|
Use doc-comment in JMS.qll
|
2022-04-26 13:34:24 +01:00 |
|
Artem Smotrakov
|
3369ffc3c2
|
Removed RabbitMQ import in FlowSteps.qll
|
2022-04-26 13:34:23 +01:00 |
|
Artem Smotrakov
|
d7ad13b8de
|
Fixed typos in JMS.qll
|
2022-04-26 13:34:23 +01:00 |
|
Artem Smotrakov
|
b6bd4f92d1
|
Added sources and steps for JMS API
|
2022-04-26 13:34:21 +01:00 |
|
Artem Smotrakov
|
5c6aa15fe5
|
Fixed model for DataInput
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
|
2022-04-26 13:34:05 +01:00 |
|
Artem Smotrakov
|
269143a19f
|
Java: Added sources and flow steps for RabbitMQ
|
2022-04-26 13:34:04 +01:00 |
|
Artem Smotrakov
|
fb39e0f577
|
Java: Added flow steps for DataInput and ObjectInput
|
2022-04-26 13:32:48 +01:00 |
|
Tony Torralba
|
75b7234a77
|
Add missing QLDoc
|
2022-04-26 14:07:07 +02:00 |
|
Tony Torralba
|
b69d81ce24
|
Make all imports of ExternalFlow private
|
2022-04-26 13:48:44 +02:00 |
|
Anders Schack-Mulligen
|
ff1c6ca4d6
|
Java: Fix join-order.
|
2022-04-26 13:43:41 +02:00 |
|
Tony Torralba
|
2ee83e2ba2
|
Add Editable.toString flow step
|
2022-04-26 13:34:16 +02:00 |
|
Anders Schack-Mulligen
|
7002f49abc
|
Java: Remove some useless imports.
|
2022-04-26 12:37:03 +02:00 |
|
Anders Schack-Mulligen
|
59aedc2872
|
Merge pull request #8853 from aschackmull/dataflow/fix-join
Dataflow: Fix join-on-config producing a CP.
|
2022-04-26 09:52:50 +02:00 |
|
Mathias Vorreiter Pedersen
|
aca4c8727f
|
Merge pull request #8802 from github/post-release-prep/codeql-cli-2.9.0
Post-release preparation for codeql-cli-2.9.0
|
2022-04-25 22:52:55 +01:00 |
|
Tony Torralba
|
85d5b122f7
|
Merge pull request #8817 from atorralba/atorralba/cleartext-storage-sharedprefs-improvs
Java: Add value-preserving flow steps for Android's SharedPreferences
|
2022-04-25 16:16:46 +02:00 |
|
Anders Schack-Mulligen
|
c06efa1f42
|
Dataflow: Sync.
|
2022-04-25 13:11:04 +02:00 |
|
Anders Schack-Mulligen
|
f4d93f089a
|
Dataflow: Fix join-on-config producing a CP.
|
2022-04-25 13:10:31 +02:00 |
|
Tony Torralba
|
f1e5e57d76
|
Update java/ql/lib/semmle/code/java/frameworks/android/SharedPreferences.qll
|
2022-04-25 12:39:01 +02:00 |
|
Anders Schack-Mulligen
|
40a16325a9
|
Minor clean-up in AccessPathSyntax.
|
2022-04-25 12:27:48 +02:00 |
|
Anders Schack-Mulligen
|
cbdd4927ce
|
Merge pull request #8582 from Marcono1234/marcono1234/JumpStmt-superclass
Java: Make `JumpStmt` a proper superclass
|
2022-04-25 12:22:20 +02:00 |
|
Anders Schack-Mulligen
|
b21f077e8e
|
Update java/ql/lib/semmle/code/java/Statement.qll
|
2022-04-25 11:02:23 +02:00 |
|
Tom Hvitved
|
2466288656
|
Data flow: Simplify revFlowStore
|
2022-04-25 10:11:54 +02:00 |
|
Tom Hvitved
|
cf0a1e748a
|
Add change notes
|
2022-04-25 09:17:40 +02:00 |
|
Tony Torralba
|
d982aeaf6f
|
Add change note
|
2022-04-22 17:50:47 +02:00 |
|
Tony Torralba
|
f1c08bc492
|
Add value-preserving steps for SharedPreferences
|
2022-04-22 17:44:59 +02:00 |
|
Tom Hvitved
|
bc6ee10583
|
Data flow: Sync files
|
2022-04-22 15:10:00 +02:00 |
|
Tom Hvitved
|
b033f107df
|
Merge remote-tracking branch 'upstream/main' into dataflow/interpret-read-store
|
2022-04-22 14:35:02 +02:00 |
|
Erik Krogh Kristensen
|
dca74a1f45
|
get tainttracking3/TaintTrackingImpl.qll in sync
|
2022-04-22 10:37:31 +02:00 |
|
Chris Smowton
|
d309e15072
|
Merge pull request #8748 from smowton/smowton/admin/dependent-dataflow-configs
Java: Avoid higher-numbered dataflow configs that depend on lower-numbered ones
|
2022-04-22 08:56:00 +01:00 |
|
github-actions[bot]
|
1aecfc67c2
|
Post-release preparation for codeql-cli-2.9.0
|
2022-04-21 19:22:19 +00:00 |
|
Dave Bartolomeo
|
b2fe530f1c
|
Fix formatting in change log
|
2022-04-21 11:02:31 -04:00 |
|