hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,307 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.2
Commit Graph

4442 Commits

Author SHA1 Message Date
Tony Torralba
6967b06dee Decouple XsltInjection.qll to reuse the taint tracking configuration 2021-09-27 11:59:51 +02:00
Tony Torralba
6d9a88d1c8 Move to lib 2021-09-27 11:43:46 +02:00
alexet
49f8f46354 Java: Cache params string computation. 2021-09-24 14:12:26 +01:00
Anders Schack-Mulligen
854f2a046a Java: Add StringLiteral.isTextBlock(). 2021-09-24 13:11:18 +02:00
Tony Torralba
b52a2cd292 Apply code review comments 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-09-23 15:48:15 +02:00
Anders Schack-Mulligen
4841c3037d Java: Add callback dispatch to more anonymous classes. 2021-09-23 14:34:56 +02:00
Joe Farebrother
0919042692 Model Bundle and Intent extra methods 2021-09-23 12:03:45 +01:00
Tony Torralba
d0b9920cac Fix encryption sanitizer 
It now discards sensitive exprs (sources) instead of sinks for better precision
 2021-09-23 10:42:30 +02:00
Tony Torralba
51d2b5225e Remove cached property from SensitiveSource::flowsTo 2021-09-23 10:42:30 +02:00
Tony Torralba
a30554e97c Refactored cleartext storage libraries 2021-09-23 10:42:30 +02:00
Chris Smowton
93daaf5b5b Merge pull request #6174 from joefarebrother/guava-collections 
Java: Model Guava collections package
 2021-09-23 09:13:24 +01:00
Joe Farebrother
522c6e01d2 Sort models by class and name 2021-09-22 15:23:01 +01:00
Joe Farebrother
6e9bee1be7 Add missing models 2021-09-21 16:32:49 +01:00
Anders Schack-Mulligen
2c41de6648 Merge pull request #6720 from aschackmull/java/isunreachableincall-joinorder 
Java: Fix join-order in isUnreachableInCall.
 2021-09-21 16:07:42 +02:00
Anders Schack-Mulligen
dd1bed02e8 Merge pull request #6721 from aschackmull/dataflow/subpaths01-joinorder 
Dataflow: Fix join-order in subpaths01
 2021-09-21 16:05:41 +02:00
Tony Torralba
a811ab3aff Add ContentProvider sources 2021-09-21 12:09:28 +02:00
Anders Schack-Mulligen
eaf05305ff Merge pull request #6709 from aschackmull/java/local-taint-collections 
Java: Add container flow to the local taint flow relation.
 2021-09-20 16:04:45 +02:00
Anders Schack-Mulligen
044623a360 Dataflow: Sync. 2021-09-20 14:58:28 +02:00
Anders Schack-Mulligen
07c05528ef Dataflow: Fix join-order in subpaths01. 2021-09-20 14:58:12 +02:00
Anders Schack-Mulligen
c72e385a47 Java: Fix join-order in isUnreachableInCall. 2021-09-20 14:09:09 +02:00
Joe Farebrother
3ef09da1df Add models for more of methods; update stubs 2021-09-17 16:57:49 +01:00
Anders Schack-Mulligen
2cbad4aed6 Merge pull request #6600 from atorralba/atorralba/fix-conditionalbypass 
Java: Fix performance of the query User-controlled bypass of sensitive method
 2021-09-17 16:07:39 +02:00
Joe Farebrother
1111afc031 Update tests for new support methods; fix bad model 2021-09-16 15:23:03 +01:00
Joe Farebrother
eb45e67784 Generate tests for modified models 2021-09-16 15:23:02 +01:00
Joe Farebrother
1eacbd88b8 Fix up some incorrect models; simplify/remove some redundand ones 2021-09-16 15:23:02 +01:00
Joe Farebrother
39349f3763 Fix failing test 2021-09-16 15:23:02 +01:00
Joe Farebrother
225e70a8d0 Fill in implementations fo getMapKey/Value 2021-09-16 15:23:01 +01:00
Joe Farebrother
338a6f2114 Fill in implementations for getElement 2021-09-16 15:23:01 +01:00
Joe Farebrother
cd7c7c3152 Implement array getters/constructors in generated tests 2021-09-16 15:23:01 +01:00
Joe Farebrother
f94a61cc8a Remove unneeded rows 2021-09-16 15:23:01 +01:00
Joe Farebrother
b51ffadd27 Improve generated tests 2021-09-16 15:23:01 +01:00
Joe Farebrother
0f2c50f1f5 Explicitly add the of and copyOf methods for ImmutableSorted variants of certain types. 2021-09-16 15:23:01 +01:00
Joe Farebrother
839c9e35c8 Simplify synthetic table fields 2021-09-16 15:23:00 +01:00
Joe Farebrother
46eec3c8eb Switch to simpler synthetic field model 2021-09-16 15:23:00 +01:00
Joe Farebrother
693d729ec6 Generate tests and fix broken specs 2021-09-16 15:23:00 +01:00
Joe Farebrother
2150c1d58e Remove <> from flow summaries 2021-09-16 15:23:00 +01:00
Joe Farebrother
a755633405 Add the remaining utility classes 2021-09-16 15:22:59 +01:00
Joe Farebrother
19579f0d9a Add more utility class models and reorder existing ones 2021-09-16 15:22:59 +01:00
Joe Farebrother
ca583bffd5 Add Lists and Collections2 utilites 2021-09-16 15:22:59 +01:00
Joe Farebrother
5fee6d2d19 Convert Sets utilities 2021-09-16 15:22:59 +01:00
Joe Farebrother
10f0f3038c Add tables, improve tests, make fixes 2021-09-16 15:22:59 +01:00
Joe Farebrother
73aba09eee Add create methods 2021-09-16 15:22:59 +01:00
Joe Farebrother
035d655e72 Update guava collection flow steps to CSV 2021-09-16 15:22:59 +01:00
Marcono1234
020aa4d94c Java: Address feedback and fix test failures 2021-09-16 14:10:48 +01:00
Marcono1234
58d2d5d14e Java: Replace incorrect usage of Literal.getLiteral() 2021-09-16 14:10:48 +01:00
Tony Torralba
f18c163408 Improve handling of the 'author' word as an exception 2021-09-16 11:57:28 +02:00
Tony Torralba
8022530f34 Merge pull request #5983 from atorralba/atorralba/promote-insecure-basic-auth 
Java: Promote Insecure Basic Authentication query from experimental
 2021-09-16 11:45:30 +02:00
Anders Schack-Mulligen
28e5dcef52 Java: Add container flow to the local taint flow relation. 2021-09-16 11:14:30 +02:00
Anders Schack-Mulligen
236ffc8972 Merge pull request #6700 from aschackmull/dataflow/subpaths-joinorder 
Dataflow: Fix bad joinorder in subpaths
 2021-09-16 08:22:59 +02:00
Tony Torralba
21079a1315 Fix conditionControlsMethod predicate 
Exceptions for throw and return statements were missing the appropriate condition
 2021-09-15 17:51:51 +02:00