hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,874 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.5
Commit Graph

13958 Commits

Author SHA1 Message Date
Grzegorz Golawski
aff0e0eb25 Cleanup according to review comments. 2020-06-27 18:30:36 +02:00
Artem Smotrakov
f5f30ce25e Java: Simplified the query for disabled certificate revocation checking 
Removed a dataflow cofiguration for setting a revocation checker.
Instead, the query just checks if addCertPathChecker() or setCertPathCheckers()
methods are called.
 2020-06-27 11:37:20 +03:00
Artem Smotrakov
a2fa03e4f5 Java: Improved the query for disabled certificate revocation checking 
- Added a taint propagation step for List.of() methods
- Added a testcase with one of the List.of() method
- Simplified conditions
- Fixed typos
 2020-06-27 11:37:20 +03:00
Artem Smotrakov
06e3f101ce Java: Added a query for disabled certificate revocation checking 
- Added experimental/Security/CWE/CWE-299/DisabledRevocationChecking.ql
  The query looks for PKIXParameters.setRevocationEnabled(false) calls.
- Added RevocationCheckingLib.qll
- Added a qhelp file with examples
- Added tests in java/ql/test/experimental/Security/CWE/CWE-299
 2020-06-27 11:37:20 +03:00
luchua-bc
65e76ab18f Add remote source of Android intent extra 2020-06-25 20:20:18 +00:00
Anders Schack-Mulligen
6c679c328d Dataflow: Refactor dispatch with call context. 2020-06-25 14:28:35 +02:00
luchua-bc
0779aab28f Clean up the QL code 2020-06-24 15:02:16 +00:00
Anders Schack-Mulligen
791f31fa65 Merge pull request #3595 from luchua-bc/j2ee-server-directory-listing 
Java: Add check for J2EE server directory listing
 2020-06-24 16:45:34 +02:00
Anders Schack-Mulligen
941177ee25 Merge pull request #3762 from hvitved/dataflow/clear-contents 
Data flow: Model field clearing
 2020-06-24 10:19:50 +02:00
Anders Schack-Mulligen
3b62bd254c Merge pull request #3723 from JLLeitschuh/fix/JLL/gitignore_vs_code_generated_files 
Add .gitignore for VS Code Generated maven project files
 2020-06-24 09:35:01 +02:00
Tom Hvitved
a3e7fd60f2 Data flow: Enable syntax highlighting in QLDoc snippets 2020-06-23 16:54:34 +02:00
Bt2018
fffc88ea5b Metadata update 2020-06-23 10:34:28 -04:00
luchua-bc
f8c494716f Fix ending line error 2020-06-23 12:48:07 +00:00
luchua-bc
89260d6f8a Fix ending line error 2020-06-23 12:36:07 +00:00
luchua-bc
deabfe6e5c Adjust id tag and fix ending line error 2020-06-23 12:24:03 +00:00
luchua-bc
7642b43990 Adjust id tag and fix ending line error 2020-06-23 12:10:07 +00:00
Tom Hvitved
ff751ac0f8 Data flow: Sync files 2020-06-23 10:55:12 +02:00
Tom Hvitved
c01f570d9e Java: Implement clearsContent() 2020-06-23 10:55:12 +02:00
Tom Hvitved
c057e82efa Data flow: Sync files 2020-06-23 10:55:11 +02:00
Tom Hvitved
e578827626 Java: Add more field-flow tests 2020-06-23 10:55:11 +02:00
semmle-qlci
e06a54c33d Merge pull request #3494 from hvitved/dataflow/partial-flow-access-path-limit 
Approved by aschackmull
 2020-06-22 12:09:00 +01:00
Anders Schack-Mulligen
71665a02fa Merge pull request #3737 from Marcono1234/patch-1 
Simplify NoAssignInBooleanExprs.ql
 2020-06-22 10:46:00 +02:00
Tom Hvitved
72e6c9c2b1 Data flow: Use accessPathLimit() in partial flow as well 2020-06-22 10:08:51 +02:00
Anders Schack-Mulligen
8107fbadc2 Merge pull request #3456 from hvitved/dataflow/precise-field-types 
Data flow: Track precise types during field flow
 2020-06-19 11:50:10 +02:00
Marcono1234
161ba92123 Simplify NoAssignInBooleanExprs.ql 2020-06-18 15:16:09 +02:00
Anders Schack-Mulligen
74eab3cbc0 Dataflow: Fix qltest. 2020-06-17 17:23:35 +02:00
Anders Schack-Mulligen
cedfaf6aaf Dataflow: autoformat 2020-06-17 17:09:55 +02:00
Anders Schack-Mulligen
543ab71dfe Dataflow: minor review fixes. 2020-06-17 17:03:22 +02:00
Anders Schack-Mulligen
d28b5ace63 Dataflow: Sync. 2020-06-17 15:40:48 +02:00
Anders Schack-Mulligen
10b64fc47a Dataflow: Record content type for stores. 2020-06-17 15:40:42 +02:00
luchua-bc
f40e27a3c5 Hardcoded AWS credentials 2020-06-17 02:46:02 +00:00
lcartey@github.com
2978af34cd Java: Add RestTemplate as flow source. 2020-06-16 09:50:37 +01:00
lcartey@github.com
f2edc53144 Java: Add Spring RestTemplate return values to untrusted data types 
- Also improve unwrapping of lists/arrays/maps etc.
 2020-06-16 09:50:37 +01:00
lcartey@github.com
9625e82afd Java: Model Spring WebClients/RestTemplates. 2020-06-16 09:50:37 +01:00
lcartey@github.com
cd6339f5cd Java: Add Spring flow out of HttpEntity and HttpHeader 2020-06-16 09:50:36 +01:00
lcartey@github.com
93c28d4c03 Java: Add taint step to flow through Spring tainted user data class 
getters.
 2020-06-16 09:50:36 +01:00
lcartey@github.com
8678d5fc6f Java: Model untrusted user data types 
Model the datatypes that may be populated on demand from request
parameters.
 2020-06-16 09:50:36 +01:00
lcartey@github.com
8bd5f748b4 Java: SpringController - handle non-string literal produces values. 2020-06-16 09:50:36 +01:00
lcartey@github.com
0db7cead31 Java: Model taint flow through ResponseEntity. 2020-06-16 09:50:35 +01:00
lcartey@github.com
f6b2accabd Java: Model ResponseEntity.BodyBuilder 2020-06-16 09:50:35 +01:00
lcartey@github.com
e2cec582be Java: XSS - ignore Spring sinks when content-type is safe. 
Methods annotated with a produces field which indicates a safe
content-type should not be considered XSS sinks. For example:

@RequestMapping(..., produces = "application/json")
 2020-06-16 09:50:35 +01:00
lcartey@github.com
f6a99cb42e Java: Model produces parameter to RequestMapping attribute. 2020-06-16 09:50:34 +01:00
lcartey@github.com
8057dff368 Java: Add Spring XSS sinks 
Look for Spring request methods which return a String value which may be
coerced into a text/html output.
 2020-06-16 09:50:34 +01:00
lcartey@github.com
c59042f9c3 Java: Taint tracking through String.replace(all)? 2020-06-16 09:50:34 +01:00
lcartey@github.com
7d555a7467 Java: Track flow through HttpEntity and ResponseEntity 
- Only track if the body is a String type, as that is the only type at
   risk of XSS.
 2020-06-16 09:50:33 +01:00
lcartey@github.com
1d1234093f Java: Model Spring @ResponseBody methods. 2020-06-16 09:50:33 +01:00
lcartey@github.com
fd2cd6025d Java: Modelling of the Spring HTTP classes. 2020-06-16 09:50:33 +01:00
lcartey@github.com
bfcc06dd0b Java: Improve Spring controller modelling 
- Identify ModelMaps correctly
 - Add extra not tainted param types (Pageable)
 - Identify ModelAttributes
 2020-06-16 09:50:33 +01:00
lcartey@github.com
7c4251deac Java: Add flow out of Map and List 2020-06-16 09:50:32 +01:00
lcartey@github.com
6de2b93f3a Java: Add SpringWebRequest to RemoteTaintedMethod 2020-06-16 09:50:32 +01:00