hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

13974 Commits

Author SHA1 Message Date
lcartey@github.com
cd6339f5cd Java: Add Spring flow out of HttpEntity and HttpHeader 2020-06-16 09:50:36 +01:00
lcartey@github.com
93c28d4c03 Java: Add taint step to flow through Spring tainted user data class 
getters.
 2020-06-16 09:50:36 +01:00
lcartey@github.com
8678d5fc6f Java: Model untrusted user data types 
Model the datatypes that may be populated on demand from request
parameters.
 2020-06-16 09:50:36 +01:00
lcartey@github.com
8bd5f748b4 Java: SpringController - handle non-string literal produces values. 2020-06-16 09:50:36 +01:00
lcartey@github.com
0db7cead31 Java: Model taint flow through ResponseEntity. 2020-06-16 09:50:35 +01:00
lcartey@github.com
f6b2accabd Java: Model ResponseEntity.BodyBuilder 2020-06-16 09:50:35 +01:00
lcartey@github.com
e2cec582be Java: XSS - ignore Spring sinks when content-type is safe. 
Methods annotated with a produces field which indicates a safe
content-type should not be considered XSS sinks. For example:

@RequestMapping(..., produces = "application/json")
 2020-06-16 09:50:35 +01:00
lcartey@github.com
f6a99cb42e Java: Model produces parameter to RequestMapping attribute. 2020-06-16 09:50:34 +01:00
lcartey@github.com
8057dff368 Java: Add Spring XSS sinks 
Look for Spring request methods which return a String value which may be
coerced into a text/html output.
 2020-06-16 09:50:34 +01:00
lcartey@github.com
c59042f9c3 Java: Taint tracking through String.replace(all)? 2020-06-16 09:50:34 +01:00
lcartey@github.com
7d555a7467 Java: Track flow through HttpEntity and ResponseEntity 
- Only track if the body is a String type, as that is the only type at
   risk of XSS.
 2020-06-16 09:50:33 +01:00
lcartey@github.com
1d1234093f Java: Model Spring @ResponseBody methods. 2020-06-16 09:50:33 +01:00
lcartey@github.com
fd2cd6025d Java: Modelling of the Spring HTTP classes. 2020-06-16 09:50:33 +01:00
lcartey@github.com
bfcc06dd0b Java: Improve Spring controller modelling 
- Identify ModelMaps correctly
 - Add extra not tainted param types (Pageable)
 - Identify ModelAttributes
 2020-06-16 09:50:33 +01:00
lcartey@github.com
7c4251deac Java: Add flow out of Map and List 2020-06-16 09:50:32 +01:00
lcartey@github.com
6de2b93f3a Java: Add SpringWebRequest to RemoteTaintedMethod 2020-06-16 09:50:32 +01:00
lcartey@github.com
4300bc8088 Java: Update RemoteFlowSource to use improve Spring request parameter 
mapping.
 2020-06-16 09:50:31 +01:00
lcartey@github.com
f5dc0337ed Java: Improve modelling of Spring request methods 
- Recognise @<httpverb>Mapping as well as @RequestMapping.
 - Identify tainted/not tainted parameters of RequestMapping methods.
 2020-06-16 09:50:31 +01:00
Jonathan Leitschuh
c2052ed152 Add .gitignore for VS Code Generated maven project files 
When VS Code detects a Maven project, it automatically generates
a bunch of Eclipse files to describe the project.

These are now ignored in order to not pollute the repository
 2020-06-15 22:29:30 -04:00
Anders Schack-Mulligen
041af38934 Merge pull request #3697 from intrigus-lgtm/patch-1 
Fix typo
 2020-06-12 10:04:40 +02:00
Anders Schack-Mulligen
421a548e42 Update java/ql/src/semmle/code/java/Expr.qll 2020-06-12 09:24:37 +02:00
Jonas Jensen
abd05bcff1 Merge pull request #3596 from robertbrignull/more-suites 
Add more code-scanning suites
 2020-06-12 09:08:20 +02:00
intrigus-lgtm
422b059aec Fix typo 2020-06-11 22:54:13 +02:00
Anders Schack-Mulligen
c961a31789 Java: Add Expr.getAnEnclosingStmt. 2020-06-11 13:46:12 +02:00
Anders Schack-Mulligen
f23eb0432e Java: Improve qldoc for JavadocTag. 2020-06-11 11:44:50 +02:00
semmle-qlci
1b8f3c4b84 Merge pull request #3657 from hvitved/dataflow/hidden-nodes 
Approved by aschackmull, jbj
 2020-06-10 13:22:09 +01:00
semmle-qlci
22d50f009e Merge pull request #3667 from aschackmull/java/compiletimeconstant-cast-eval 
Approved by aibaars
 2020-06-10 12:05:42 +01:00
Anders Schack-Mulligen
4b3ca13f25 Merge pull request #3491 from luchua-bc/java-insecure-smtp-ssl 
Java: CWE-297 insecure JavaMail SSL configuration
 2020-06-10 11:02:50 +02:00
Anders Schack-Mulligen
c334d72f11 Java: Fix CompileTimeConstantExpr qldoc and add char cast case. 2020-06-10 10:59:10 +02:00
luchua-bc
1fd9c7fdec Add all dependent class stubs 2020-06-09 20:12:05 +00:00
Anders Schack-Mulligen
f77f486c6b Merge pull request #3438 from artem-smotrakov/unsafe-tls 
Java: Added a query for unsafe TLS versions
 2020-06-09 14:07:17 +02:00
Tom Hvitved
a371205db1 Data flow: Sync files 2020-06-09 13:55:12 +02:00
Tom Hvitved
8c9f85d04f Data flow: Allow nodes to be hidden from path explanations 2020-06-09 13:53:19 +02:00
luchua-bc
5acfc52087 Add dependent stub classes for the test case 2020-06-08 16:17:40 +00:00
luchua-bc
1e4addb20d Add dependent stub classes for the test case 2020-06-08 16:17:01 +00:00
Bt2018
99aa559ef2 Fix auto-formatting issue 2020-06-08 06:43:00 -04:00
Anders Schack-Mulligen
8513c6981c Merge pull request #3329 from artem-smotrakov/mvel-injection 
Java: Add a query for MVEL injections
 2020-06-08 11:48:00 +02:00
Anders Schack-Mulligen
ad8647f345 Merge pull request #3547 from pwntester/issue_3139 
add support for java.io.StringWriter
 2020-06-08 10:02:23 +02:00
Anders Schack-Mulligen
be862280b2 Update java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll 
Fix trailing whitespace
 2020-06-08 09:18:39 +02:00
Marcono1234
ad1146a23a Fix Java code style of MagicConstants examples 
- Use recommended ordering of modifiers
- Use recommended variable naming scheme
 2020-06-07 01:00:27 +02:00
luchua-bc
cba81eeb97 Fix string/type match and add a test case 2020-06-06 03:56:12 +00:00
Artem Smotrakov
b7c3dd666c Java: Clean up MVEL injection query 2020-06-05 17:22:45 +03:00
Artem Smotrakov
2842aeee72 Java: Simplified MvelInjectionLib 2020-06-05 17:17:43 +03:00
Artem Smotrakov
4a83fb8cc1 Java: Simplified MvelInjection test 2020-06-05 17:17:43 +03:00
Artem Smotrakov
df9d10f2ac Java: Added MVELRuntime.execute() sink for MVEL injections 2020-06-05 17:17:43 +03:00
Artem Smotrakov
fa717b2d86 Java: Added template sinks for MVEL injections 2020-06-05 17:17:43 +03:00
Artem Smotrakov
8fd72659ec Java: Added JSR 223 sinks for MVEL injections 
- Updated MvelInjectionLib.qll
- Added tests and stubs for JSR 223 API
 2020-06-05 17:17:43 +03:00
Artem Smotrakov
6a6c805048 Java: Added Accessor sink for MVEL injections 2020-06-05 17:13:24 +03:00
Artem Smotrakov
12e0234d40 Java: Added CompiledAccExpression sink for MVEL injections 2020-06-05 17:13:24 +03:00
Artem Smotrakov
32ff5ad496 Java: Added CompiledExpression sink for MVEL injections 2020-06-05 17:13:24 +03:00