hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

5752 Commits

Author SHA1 Message Date
Ed Minnix
c1ee2dce61 Refactor CWE-078/ExecTaintedLocal 2023-03-20 12:26:54 -04:00
Edward Minnix III
ac58299d9e Merge pull request #12541 from egregius313/egregius313/refactor-queries-to-new-dataflow-api 
Java: Refactor more queries to the new DataFlow module API
 2023-03-20 12:24:26 -04:00
Michael Nebel
17b3383043 Merge pull request #12556 from michaelnebel/java/argumentthis 
Java: Argument[-1] -> Argument[this]
 2023-03-20 15:59:59 +01:00
Ed Minnix
83b0d073f0 Fix typo in QLDoc 2023-03-20 08:11:01 -04:00
Ed Minnix
84fd5f7ee0 Fix naming of ZipSlip configuration 2023-03-20 07:55:23 -04:00
Ed Minnix
60a4a79537 Make the Config module of public Flow modules public 
This is to make things easier for the CodeML/ATM team once these
configurations are moved from `src/` to `lib/`.
 2023-03-20 07:47:55 -04:00
Michael Nebel
e86f1e4961 Java: Replace Argument[-1] with Argument[this]. 2023-03-20 10:14:20 +01:00
Michael Nebel
9a3c2d3fbe Java: Update summary parsing to use this instead of -1 and adjust the model generator. 2023-03-20 09:38:40 +01:00
Ed Minnix
2d5944fb0e Refactor DataFlow configurations to use "Config" naming convention 2023-03-19 17:44:07 -04:00
Ed Minnix
7eb3fd2ff7 Conform queries to Config naming convention 2023-03-17 15:17:18 -04:00
Ed Minnix
310af99843 Refactor Security.CWE.CWE-807.TaintedPermissionsCheck 2023-03-17 15:17:18 -04:00
Ed Minnix
a9561a97c3 Refactor Security.CWE.CWE-643.XPathInjection 2023-03-17 15:17:18 -04:00
Ed Minnix
271d50ba99 Refactor Security.CWE.CWE-611 Xxe queries 2023-03-17 15:17:18 -04:00
Ed Minnix
80012b190d Refactor Security.CWE.CWE-601.UrlRedirect 2023-03-17 15:17:18 -04:00
Ed Minnix
481d1f9b15 Refactor Security.CWE.CWE-297.UnsafeHostnameVerification 2023-03-17 15:17:18 -04:00
Ed Minnix
7bd7ecd9e6 Refactor Security.CWE.CWE-190 Arithmetic queries 2023-03-17 15:17:18 -04:00
Ed Minnix
4a202b430f Security.CWE.CWE-200.AndroidWebViewSettingsAllowsContentAccess 2023-03-17 15:17:18 -04:00
Ed Minnix
d34dbbc96f Refactor Security.CWE.CWE-134.ExternallyControlledFormatString 2023-03-17 15:17:18 -04:00
Ed Minnix
ac223ea57f Refactor Security.CWE.CWE-094.InsecureBeanValidation 2023-03-17 15:17:18 -04:00
Ed Minnix
7aecefc4aa Refactor Security.CWE.CWE-090.LdapInjectionLib 2023-03-17 15:17:18 -04:00
Ed Minnix
07fdcf2d04 Refactor Security.CWE.CWE-022.ZipSlip 2023-03-17 15:17:18 -04:00
Ed Minnix
e60e1a2ba9 Refactor Security.CWE.CWE-022.TaintedPathLocal 2023-03-17 15:17:18 -04:00
github-actions[bot]
981e171525 Post-release preparation for codeql-cli-2.12.5 2023-03-17 13:27:00 +00:00
github-actions[bot]
fe4d27e8cc Release preparation for version 2.12.5 2023-03-16 12:58:50 +00:00
Anders Schack-Mulligen
6408d7cbbe Java: Refactor RsaWithoutOaep. 2023-03-15 10:37:54 +01:00
Anders Schack-Mulligen
b3b5c2c767 Java: Refactor UnsafeContentUriResolution. 2023-03-15 10:32:58 +01:00
Anders Schack-Mulligen
4b814ec71c Java: Refactor SensitiveCommunication.ql. 2023-03-15 10:32:35 +01:00
Anders Schack-Mulligen
ca8e013618 Java: Refactor FragmentInjection. 2023-03-15 10:23:21 +01:00
Anders Schack-Mulligen
5bd530f570 Java: Refactor IntentUriPermissionManipulation. 2023-03-15 10:13:28 +01:00
Anders Schack-Mulligen
b14b95cd79 Java: Refactor LogInjection 2023-03-15 10:10:02 +01:00
Anders Schack-Mulligen
e8a7139020 Merge pull request #12476 from aschackmull/java/refactor-dataflow-queries-2 
Java: Refactor more dataflow queries to the new API
 2023-03-15 09:40:32 +01:00
Edward Minnix III
de1ecf943e Merge pull request #11915 from egregius313/egregius313/arbitrary-apk-installation 
Java: Arbitrary APK installation
 2023-03-14 06:23:51 -04:00
Anders Schack-Mulligen
7c0e89ffdd Java: Refactor ArithmeticTainted.ql, TempDirLocalInformationDisclosure.ql 2023-03-13 11:27:14 +01:00
Anders Schack-Mulligen
da273269cb Java: Refactor PolynomialReDoS.ql 2023-03-13 11:27:14 +01:00
Ed Minnix
b6eeac5bc8 Update names to new naming convention 2023-03-10 15:13:58 -05:00
Edward Minnix III
e2acc26419 Apply docs review suggestions 
- Punctuation
- Rewording

Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-03-10 09:47:47 -05:00
Anders Schack-Mulligen
64dd8b9488 Merge branch 'main' into java/refactor-dataflow-queries-1 2023-03-10 12:38:06 +01:00
Anders Schack-Mulligen
730eae9521 Java: Autoformat 2023-03-10 09:39:41 +01:00
Edward Minnix III
e8f1f364c5 Refactor to module api for PathNodes 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-09 10:45:55 -05:00
Ed Minnix
da43a61506 Convert dataflow configuration to using new module-configuration 2023-03-08 19:19:00 -05:00
Ed Minnix
882e909862 Renamed ArbitraryAPKInstallation to ArbitraryApkInstallation 2023-03-08 12:16:46 -05:00
Ed Minnix
3ea167cadf Split ArbitraryApkInstallation file into 3 files 2023-03-08 12:12:11 -05:00
Edward Minnix III
2d1088e923 Change severity level to error 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-08 12:12:11 -05:00
Ed Minnix
0eaad4136e Add RemoteFlowSource as a valid source 2023-03-08 12:12:11 -05:00
Ed Minnix
4d51e4fed0 Change description wording 2023-03-08 12:12:11 -05:00
Ed Minnix
10cd6328dc Add missing QLDocs 2023-03-08 12:12:11 -05:00
Edward Minnix III
8ec5b5b7fa Apply suggestions from code review 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-03-08 12:12:10 -05:00
Ed Minnix
fa416564c7 Documentation and examples 2023-03-08 12:12:10 -05:00
Ed Minnix
d3d712fbff Remove Url#parse as a source 2023-03-08 12:12:10 -05:00
Ed Minnix
5f4e8e3e6a Add test cases relating to intents with the ACTION_INSTALL_PACKAGE action 2023-03-08 12:12:10 -05:00