hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,874 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.5
Commit Graph

5917 Commits

Author SHA1 Message Date
Benjamin Muskalla
7a7ec06819 Simplify sink configuration 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
1a4fd7bc7d Allow camelcase names 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
2b2ac82fb7 Fix bug in sink detection 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
c616eb1473 Fix finding more sources 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
38579ef25b Add proper metadata to queries 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
a80d50cbc0 Simplify field flow 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
a1d8dfb524 Initial support for source models 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
c844f5382f Add script to generate flow models 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
f9fea15a52 Initial support for capturing sink models 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
364de55b8d Support parameter->parameter flow 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
cd11ef3bf6 Support outgoing taint flow from fields 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
c3462be2c9 Capture argument->return value flows 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
ec772fb6b2 Add support for qualifier flow 2021-11-10 16:30:17 +01:00
Benjamin Muskalla
32ef40c77b Add scaffolding for summary model generator 2021-11-10 16:30:17 +01:00
Anders Schack-Mulligen
1e0eb2f6e4 Merge pull request #7072 from aschackmull/java/nomagic-synchsetunsynchget 
Java: Fix bad magic in SynchSetUnsynchGet.
 2021-11-08 13:48:22 +01:00
Anders Schack-Mulligen
92fb7f555c Java: Fix bad magic in SynchSetUnsynchGet. 2021-11-08 11:42:20 +01:00
Anders Schack-Mulligen
85fdbda16f Merge pull request #7002 from aschackmull/java/field-node 
Java: Add FieldValueNode to break up cartesian step relation.
 2021-11-08 09:31:42 +01:00
Tony Torralba
f4704f1325 Merge pull request #6397 from atorralba/atorralba/android-intent-redirect-query 
Java: Create new Android Intent Redirection query
 2021-11-04 10:42:59 +01:00
Tony Torralba
fd92c4e435 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-11-04 10:08:53 +01:00
Tony Torralba
6613a98e02 Fix references to logging library 2021-11-04 09:15:57 +01:00
Tony Torralba
474bf576a7 Minor corrections in QLDoc, qhelp and example code 2021-11-04 08:46:23 +01:00
Anders Schack-Mulligen
e6145f04d2 Merge pull request #6966 from atorralba/atorralba/android-explicit-intent-sanitizer 
Android: Add ExplicitIntentSanitizer and allowIntentExtrasImplicitRead
 2021-11-03 10:20:09 +01:00
CodeQL CI
5d62aa5b29 Merge pull request #6994 from erik-krogh/redundant-cast 
Approved by RasmusWL, aschackmull, esbena, geoffw0, hvitved, nickrolfe
 2021-11-02 03:45:48 -07:00
Tony Torralba
3ea1af3819 Refactor into separate libraries 2021-10-29 17:36:02 +02:00
Marcono1234
bfb9577d15 Java: Deprecate StringLiteral.getRepresentedString() 2021-10-29 14:50:15 +02:00
Erik Krogh Kristensen
d36c66cfca remove redundant inline casts in arguments where the type is inferred by the call target 2021-10-29 14:37:56 +02:00
Anders Schack-Mulligen
35b6cbe549 Java: Fix compilation error. 2021-10-29 14:26:36 +02:00
Tony Torralba
7f15177498 Move from experimental 2021-10-29 10:19:05 +02:00
Erik Krogh Kristensen
15c90adec5 remove redundant cast where the type is enforced by an equality comparison 2021-10-28 18:08:20 +02:00
Erik Krogh Kristensen
e75448ebb0 remove redundant inline casts 2021-10-28 16:35:53 +02:00
Tony Torralba
6f7d0b62d7 Add ExplicitIntentSanitizer and allowIntentExtrasImplicitRead 2021-10-26 17:11:27 +02:00
Joe Farebrother
02b440b0ed Merge pull request #6599 from joefarebrother/android-sensitive-communication 
Java: Promote android sensitive broadcast query
 2021-10-26 13:48:58 +01:00
Anders Schack-Mulligen
ba95d46ec3 Apply suggestions from code review 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2021-10-26 14:04:13 +02:00
Erik Krogh Kristensen
a3c55c2aec use set literal instead of big disjunction of literals 2021-10-26 12:55:25 +02:00
Joe Farebrother
6dac86b9be Fix unneeded import and spelling mistake 2021-10-25 14:11:00 +01:00
Joe Farebrother
0c1af2411b Write intent in lowercase consistently 
Co-authored-by: hubwriter <hubwriter@github.com>
 2021-10-25 12:22:49 +01:00
Joe Farebrother
c89178c0e8 Apply suggestions from code review 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2021-10-22 10:54:57 +01:00
Joe Farebrother
a9dde419d2 Fix up test 2021-10-21 16:46:07 +01:00
Joe Farebrother
3e3503a763 Fix failing checks 2021-10-20 17:25:38 +01:00
Joe Farebrother
b6c584cb70 Update docs 2021-10-20 17:09:59 +01:00
Joe Farebrother
447e06d92a Rename from SensitiveBroadcast to SensitiveCommmunication 2021-10-20 17:09:59 +01:00
Joe Farebrother
174ac3d6c3 Move to correct directory 2021-10-20 17:09:59 +01:00
Joe Farebrother
c3d1165c5f Revert change to argument handling 2021-10-20 17:09:58 +01:00
Joe Farebrother
6a2346ec33 Clean up sink definition 2021-10-20 17:09:58 +01:00
Joe Farebrother
52ca6b93e3 Make things private where possible 2021-10-20 17:09:58 +01:00
Joe Farebrother
351e67c639 Fix qhelp 2021-10-20 17:09:58 +01:00
Joe Farebrother
b112189530 Update docs 2021-10-20 17:09:58 +01:00
Joe Farebrother
224d679722 Add Sticky broadcast sinks 2021-10-20 17:09:57 +01:00
Joe Farebrother
ef7125e21a Simplify sink definitions using local flow 2021-10-20 17:09:57 +01:00
Joe Farebrother
4012866c6f Allow arbitrary read steps at the sink 2021-10-20 17:09:57 +01:00