hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

601 Commits

Author SHA1 Message Date
intrigus
5b3086a93a Java: Fix capitalization of JxBrowser 2021-01-12 22:43:41 +01:00
intrigus
4fa8f5eab2 Java: Accept test changes 2021-01-12 15:29:03 +01:00
intrigus
b30872806d Java: Add tests and test stubs. 2021-01-12 14:49:12 +01:00
luchua-bc
86c04e6971 Detect the scenario of passwords concatenated with a salt to reduce FPs 2021-01-11 16:59:57 +00:00
intrigus
70b0703952 Java: Remove overlapping code 2021-01-11 13:42:07 +01:00
luchua-bc
39103af718 Remove additional taint step 2021-01-08 13:02:57 +00:00
Anders Schack-Mulligen
e5b4975450 Merge pull request #4675 from luchua-bc/cleartext-storage-shared-prefs 
Java: Query to detect cleartext storage of sensitive information using Android SharedPreferences
 2021-01-08 12:41:34 +01:00
luchua-bc
ce2db21f15 Query to detect hash without salt 2021-01-06 17:30:04 +00:00
luchua-bc
3d26e5b8a4 Update qldoc 2021-01-06 12:41:00 +00:00
luchua-bc
f1763ae354 Use the sensitive info sink 2021-01-06 01:48:19 +00:00
luchua-bc
367ff99909 Change the source to be the request variable 2021-01-05 17:30:19 +00:00
Chris Smowton
e87fd86e63 Merge pull request #4814 from luchua-bc/java/password-in-configuration 
Java: Password in Java EE configuration files
 2021-01-05 11:42:27 +00:00
luchua-bc
195755d687 Revamp the query to be more selective 2021-01-05 00:04:08 +00:00
luchua-bc
c069a5b4c6 Factor private host regex into the networking library and enhance the query 2021-01-04 14:51:32 +00:00
luchua-bc
ffe9d4a310 Sensitive GET Query 2020-12-26 16:51:30 +00:00
luchua-bc
4ec78d04f8 Insecure LDAP authentication 2020-12-21 00:15:15 +00:00
luchua-bc
b44f01a87b Enhance the check for embedded passwords 2020-12-17 03:47:38 +00:00
luchua-bc
d469e9b24e Format the code and minor text change 2020-12-13 21:15:18 +00:00
luchua-bc
e27ccd0a81 Format the code and update qldoc 2020-12-13 02:33:03 +00:00
luchua-bc
7ba237120b Password in Java EE configuration files 2020-12-12 05:15:04 +00:00
Anders Schack-Mulligen
0cc324b715 Merge pull request #3839 from luchua-bc/uncaught-servlet-exception 
Java: Uncaught servlet exception
 2020-12-02 15:12:59 +01:00
luchua-bc
ad0ac5b874 Change kind to problem 2020-11-27 16:43:57 +00:00
Anders Schack-Mulligen
028a72bcdd Merge pull request #4610 from luchua-bc/java-nfe-local-android-dos 
Java: Query to detect Local Android DoS caused by NFE
 2020-11-27 14:20:23 +01:00
luchua-bc
7ad031ca70 Move to experimental and update qldoc 2020-11-26 17:09:53 +00:00
Anders Schack-Mulligen
0450489022 Java: Review fixes. 2020-11-24 11:31:44 +01:00
luchua-bc
a311462791 Move to query-test folder and update qldoc 2020-11-19 13:12:42 +00:00
luchua-bc
85434ca410 Format the source code and update qldoc 2020-11-17 21:20:53 +00:00
luchua-bc
0bd6255c41 Query for cleartext storage using Android SharedPreferences 2020-11-16 17:23:01 +00:00
Porcupiney Hairs
2525cfd786 include suggestions from review. 2020-11-13 00:28:06 +05:30
Porcupiney Hairs
38de9b6433 add request forgery query 2020-11-10 01:19:35 +05:30
luchua-bc
bc899b6337 Move common code to a library and add more test cases 2020-11-09 14:14:54 +00:00
luchua-bc
76a0db84ee Query for detecting Local Android DoS caused by NFE 2020-11-09 14:10:00 +00:00
luchua-bc
a83f9ced96 Change the query to only catch the common exception rethrown case 2020-11-09 12:07:43 +00:00
Anders Schack-Mulligen
22b4df0f3c Merge pull request #4512 from luchua-bc/sensitive-broadcast 
Java: Sensitive broadcast
 2020-11-04 10:47:48 +01:00
luchua-bc
fa54c23a83 Handle the edge case that an exception is rethrown in a catch clause 2020-11-03 16:31:12 +00:00
luchua-bc
6a8ce37428 Add query for initCause and addSuppressed 2020-11-02 11:59:14 +00:00
luchua-bc
78d7fe2fbb Detect rethrowing unprocessed exceptions in catch clause 2020-11-01 02:13:50 +00:00
luchua-bc
c89ebeeb5e Text changes 2020-11-01 00:39:00 +00:00
luchua-bc
7ac3fb41d5 Clean up query and test files 2020-10-31 13:37:36 +00:00
luchua-bc
756db4c03a Simplify the query and add more test cases 2020-10-31 01:33:24 +00:00
luchua-bc
67af9b0f3e Add comments and update JavaDocs of GenericServlet using the source JAR 2020-10-30 17:05:53 +00:00
luchua-bc
93d1393ded Add error-page check 2020-10-30 16:45:56 +00:00
luchua-bc
5a6339c1af Remove userid from the regex 2020-10-29 15:46:05 +00:00
luchua-bc
2ee9a45e69 Use proper class inheritance 2020-10-28 22:05:30 +00:00
luchua-bc
908d659906 Minor updates 2020-10-28 20:23:22 +00:00
luchua-bc
99c79f4aa3 Enhance the dataflow sink and update test cases 2020-10-28 03:07:01 +00:00
luchua-bc
3cc3fe9d37 Switch to TaintPreservingCallable and add test cases 2020-10-28 00:33:07 +00:00
Chris Smowton
3f298f3dc8 Add basic tests for Android intents as flow sources 2020-10-27 12:03:05 +00:00
luchua-bc
d9c140dc6c Enhance the query to use sanitizer and null/empty array flow 2020-10-25 15:33:09 +00:00
luchua-bc
2c2aab6ffc Sensitive broadcast 2020-10-19 16:16:13 +00:00