hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,307 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.2
Commit Graph

5747 Commits

Author SHA1 Message Date
Ian Lynagh
0bf1370cd5 Java: Autoformat QL 2022-02-25 19:08:08 +00:00
Chris Smowton
ff303db034 Autoformat and fix qhelp 2022-02-25 17:33:08 +00:00
Chris Smowton
303927c9c9 Fix qhelp 2022-02-25 17:33:08 +00:00
Ahmed Farid
35abc3f9a3 Update and rename ComparingValueOfSensetiveHeader.java to Test.java 2022-02-25 17:33:08 +00:00
Ahmed Farid
899b8d03b2 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
308f86f66f Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
2eee6b4f69 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
7859288040 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
d83444cb18 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
e79c0eaa71 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
36cf1010f8 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
8e6f76d47a Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:07 +00:00
Ahmed Farid
fa8af6bf70 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
f96e47db09 Update ComparingValueOfSensetiveHeader.java 2022-02-25 17:33:07 +00:00
Ahmed Farid
09e054ace6 Update ComparingValueOfSensetiveHeader.java 2022-02-25 17:33:07 +00:00
Ahmed Farid
f758ed0d85 Update ComparingValueOfSensetiveHeader.java 2022-02-25 17:33:07 +00:00
ahmed532009
4a9ee5826d Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:07 +00:00
ahmed532009
6da9bc593f Rename csrfComparison.java to ComparingValueOfSensetiveHeader.java 2022-02-25 17:33:07 +00:00
ahmed532009
aa488e532f Update csrfComparison.java 2022-02-25 17:33:07 +00:00
Chris Smowton
333130b2a4 Abbreviate isSink 2022-02-25 17:33:07 +00:00
Chris Smowton
80a2b388bf Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:07 +00:00
ahmed532009
fa81f43694 Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:06 +00:00
ahmed532009
39e07cbc9c Update and rename UnsafecsrfComparison.java to csrfComparison.java 2022-02-25 17:33:06 +00:00
ahmed532009
c6c67b907b Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:06 +00:00
ahmed532009
98b06d35af Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:06 +00:00
ahmed532009
bf95e59b24 Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:06 +00:00
ahmed532009
ab6a7bb3d8 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:06 +00:00
root
49feeb1c36 Timing attacks while comparing the headers value 2022-02-25 17:33:06 +00:00
github-actions[bot]
20fe22c8c8 Release preparation for version 2.8.2 2022-02-24 14:57:08 +00:00
Chris Smowton
01db73bfc7 Merge pull request #5935 from porcupineyhairs/javaSstiNew 
Java : Add SSTI query
 2022-02-23 17:30:02 +00:00
Chris Smowton
a8fe10f353 Java template injection query: import pathgraph 2022-02-23 13:47:24 +00:00
Chris Smowton
50d9945625 Autoformat 2022-02-23 11:41:23 +00:00
Tony Torralba
f011bbc92c Merge pull request #8055 from luchua-bc/java/unsafe-url-forward-with-shared-lib 
CWE-552: Switch to the shared PathSanitizer library
 2022-02-23 11:00:23 +01:00
Porcupiney Hairs
c81d85f321 Include suggestions from review 2022-02-22 23:07:34 +05:30
Porcuiney Hairs
e536628a66 Java : Add SSTI query 2022-02-22 15:57:53 +05:30
Ian Lynagh
7ce9b160d0 Java: Performance tweaks 2022-02-21 17:05:00 +00:00
Asger Feldthaus
a121b73181 Java: update CSV rows to dot-separated syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
7f808710ec Java: update model generator 2022-02-21 08:16:54 +01:00
luchua-bc
f136ea0f6f Switch to the shared PathSanitizer library 2022-02-16 16:06:28 +00:00
Tony Torralba
111aabb707 Merge pull request #7712 from luchua-bc/java/file-path-injection 
Java: CWE-073 File path injection with the JFinal framework
 2022-02-16 12:01:34 +01:00
Arthur Baars
ebb87c4b36 Merge pull request #7975 from github/post-release-prep/codeql-cli-2.8.1 
Post-release preparation for codeql-cli-2.8.1
 2022-02-15 20:17:35 +01:00
luchua-bc
40bf093d34 Move shared code to the lib folder and update qldoc 2022-02-15 17:28:13 +00:00
luchua-bc
fd533f2ba8 Remove the same callable constraint 2022-02-15 12:44:23 +00:00
Tony Torralba
bfa14fa066 Merge pull request #7823 from JLLeitschuh/improve/JLL/combined_http_headers 
Java: Add HTTP Request Splitting to Netty Query
 2022-02-15 10:24:36 +01:00
Chris Smowton
0bf6c83ef2 Merge pull request #4388 from JLLeitschuh/feat/JLL/java/CWE-200_temp_directory_local_information_disclosure 
Java: CWE-200: Temp directory local information disclosure vulnerability
 2022-02-14 18:58:44 +00:00
Chris Smowton
fd4dc95d84 Merge pull request #6443 from artem-smotrakov/ignored-hostname-verifier 
Java: An experimental query for ignored hostname verification
 2022-02-14 18:56:27 +00:00
Chris Smowton
f2bc5849ce format 2022-02-14 17:00:14 +00:00
Jonathan Leitschuh
2048aed0a9 Review feedback and improve temp dir vulnerable/safe code sugestion 2022-02-14 11:29:16 -05:00
Chris Smowton
a62eae5a1e Remove redundant conditions from HostnameVerificationCall.isIgnored 2022-02-14 16:26:41 +00:00
Jonathan Leitschuh
76964d58f2 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-02-14 11:04:31 -05:00