hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,876 Commits 1,671 Branches 157 Tags
dave/InsecureMemset
Commit Graph

428 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
046d4a01de Java: Add taint step for String::concat. 2019-07-25 11:38:34 +02:00
Anders Schack-Mulligen
3d340d4fba Java: Delete deprecated dependency DataFlowImplDepr. 2019-07-25 11:18:01 +02:00
Anders Schack-Mulligen
e8aae19556 Java: Add toString override for SwitchExpr. 2019-07-25 10:53:16 +02:00
yh-semmle
a42d9b1f96 Merge pull request #1616 from aschackmull/java/dataflow-prunetype-bugfix 
Java: Bugfix for flow through methods with taint step and upcast.
 2019-07-24 22:28:05 -04:00
Anders Schack-Mulligen
a8c10e218c Java: Delete old deprecated code. 2019-07-23 10:09:51 +02:00
Anders Schack-Mulligen
cd8d16183c Java/CPP/C#: Sync dataflow. 2019-07-22 15:41:37 +02:00
Anders Schack-Mulligen
3024b5cb9e Java: Bugfix for flow through methods with taintstep and upcast. 2019-07-22 15:39:30 +02:00
yh-semmle
12c906c9de Merge pull request #1503 from aschackmull/java/object-tostring-dispatch 
Java: Restrict Object.toString() dispatch based on a more closed-world assumption.
 2019-07-19 09:23:21 -04:00
Anders Schack-Mulligen
3588066ba1 Java: Add qldoc and change note. 2019-07-18 17:53:40 +02:00
Anders Schack-Mulligen
eeb7bdba95 Merge pull request #1553 from rneatherway/java/add-null-guard 
Java: Add `isNotEmpty` to NullGuards
 2019-07-09 11:25:21 +02:00
Robin Neatherway
204a28df94 Java: Add isNotEmpty to NullGuards 2019-07-05 12:41:46 +01:00
Jonas Jensen
5ea69601c3 Merge pull request #1525 from aibaars/drop-import-additional-libraries 
Drop ImportAdditionalLibraries.ql
 2019-07-02 11:26:31 +02:00
Arthur Baars
9197c186e1 Drop: ImportAdditionalLibraries.ql 2019-06-28 15:53:07 +02:00
Anders Schack-Mulligen
a93ecae1ae Java: Don't report lambdas (or other anon classes) as dead. 2019-06-28 12:59:54 +02:00
yh-semmle
0d4ff2d7fe Merge pull request #1513 from aschackmull/java/whitelist-sha512 
Java: Add SHA512 to the crypto whitelist.
 2019-06-27 19:48:13 -04:00
Anders Schack-Mulligen
85eac80be9 Java: Add simple sanitizer for java/http-response-splitting. 2019-06-27 14:03:48 +02:00
Anders Schack-Mulligen
93646974a6 Java: Add SHA512 to the crypto whitelist. 2019-06-27 13:38:04 +02:00
Anders Schack-Mulligen
a583f000c1 Java: Fix tests. 2019-06-27 13:20:03 +02:00
Anders Schack-Mulligen
ff45387ead Java: Minor TypeFlow precision improvement and refactor. 2019-06-27 12:42:46 +02:00
Anders Schack-Mulligen
2af3598223 Java: Restrict Object.toString dispatch based on a more closed-world assumption. 2019-06-26 17:42:40 +02:00
yh-semmle
32f48f4351 Java: add db stats for compilation/diagnostic relations 2019-06-12 17:21:35 -04:00
yh-semmle
ca7a5b3926 Java: add compilation/diagnostic relations to dbscheme 2019-06-12 17:21:34 -04:00
yh-semmle
547bd584a0 Merge pull request #1447 from aschackmull/java/equals-type-test 
Java: Improve precision of java/unchecked-cast-in-equals
 2019-06-12 09:49:18 -04:00
Anders Schack-Mulligen
c199f2e8fe Java: Improve precision of MissingInstanceofInEquals.ql 2019-06-12 14:05:42 +02:00
Esben Sparre Andreasen
3f11ae7eaa Merge remote-tracking branch 'rc/1.21' into master 2019-06-12 12:57:55 +02:00
yh-semmle
8e6b62a301 Java: add QL library for modeling Android components 2019-06-10 13:00:03 -04:00
yh-semmle
0fb323b5ff Java: add QL library for modeling AndroidManifest.xml files 2019-06-10 12:59:47 -04:00
Anders Schack-Mulligen
5fed6c78fe Java: Include two more base cases in TypeFlow to improve virtual dispatch. 2019-06-06 14:45:23 +02:00
Anders Schack-Mulligen
98c5dc194b Java: Rename to selector as per review comment. 2019-06-05 09:16:12 +02:00
Anders Schack-Mulligen
0e12df0a15 Java: Add SwitchExpr support in Guards.qll 2019-06-04 16:03:23 +02:00
yh-semmle
87cbc7e199 Merge pull request #1344 from aschackmull/java/validatedvariable 
Java: Replace ValidatedVariable with guarded accesses.
 2019-05-24 11:23:18 -04:00
yh-semmle
64aa111b65 Merge pull request #1342 from aschackmull/java/field-annotation-cu 
Java: Check compilation unit of the same element in both disjuncts.
 2019-05-22 16:36:24 -04:00
Anders Schack-Mulligen
3e5bbd96b1 Java: Account for non-source annotation on second field in multi-field declarations. 2019-05-22 11:33:10 +02:00
yh-semmle
29ae7b5c3c Merge pull request #1322 from aschackmull/java/deprecate-remoteuserinput 
Java: Deprecate RemoteUserInput
 2019-05-20 12:56:51 -04:00
Anders Schack-Mulligen
48b19f1fea Java: Replace ValidatedVariable with guarded accesses. 2019-05-20 16:46:11 +02:00
Anders Schack-Mulligen
d0de0254e1 Java: Check compilation unit of the same element in both disjuncts. 2019-05-20 16:41:08 +02:00
yh-semmle
5466ae619d Merge pull request #1317 from aschackmull/java/domedge 
Java: Refactor Guard.controls in terms of dominating edges.
 2019-05-20 10:40:10 -04:00
Anders Schack-Mulligen
9ebeac25ad Merge pull request #1329 from hvitved/dataflow/performance 
Data flow: performance improvements
 2019-05-20 14:27:03 +02:00
Tom Hvitved
bc00877ff2 Data flow: Add nomagic to storeCand() 2019-05-20 12:05:20 +02:00
Tom Hvitved
360c7a1ac5 Address review comments 2019-05-20 09:59:17 +02:00
yh-semmle
6468721f76 Merge pull request #1324 from aschackmull/java/switchexpr-nullness 
Java: Add SwitchExpr to Nullness::dereference.
 2019-05-19 22:24:27 -04:00
yh-semmle
e5f4d475d0 Merge pull request #1320 from aschackmull/java/guardslogic-perf 
Java: Fix join-order for GuardsLogic::conditionalAssign.
 2019-05-19 22:23:18 -04:00
Tom Hvitved
02ca09aa43 Data flow: performance improvements 2019-05-16 07:35:10 +02:00
Anders Schack-Mulligen
531d30f048 Java: Add SwitchExpr to Nullness::dereference. 2019-05-15 13:20:55 +02:00
Anders Schack-Mulligen
3eb3cd345d Java: Update qldoc and add callsImpl convenience wrapper. 2019-05-14 16:31:56 +02:00
Anders Schack-Mulligen
f9e4512f32 Java: Update polyCalls to use virtual dispatch. 2019-05-14 15:36:12 +02:00
Anders Schack-Mulligen
b71acd2ff9 Java: Deprecate RemoteUserInput 2019-05-14 12:33:36 +02:00
Anders Schack-Mulligen
14cad57960 Java: Improve joinorder for GuardsLogic::conditionalAssign. 2019-05-14 11:28:18 +02:00
Anders Schack-Mulligen
ebb63c8141 Java: Refactor Guard.controls in terms of dominating edges. 2019-05-13 16:35:30 +02:00
Max Schaefer
79e01a2de5 Merge pull request #1305 from aschackmull/java/abstract-flowsources 
Java: Introduce an abstract class RemoteFlowSource to ease customization.
 2019-05-10 11:42:15 +01:00