Jonas Jensen
|
fc764db8e1
|
Merge pull request #4643 from nickrolfe/getFileBySourceArchiveName
Replace getEncodedFile with shared getFileBySourceArchiveName predicate
|
2020-11-10 17:36:29 +01:00 |
|
Nick Rolfe
|
ac4a1f1d9b
|
Update comment to be a QLDoc comment
|
2020-11-10 14:14:27 +00:00 |
|
Nick Rolfe
|
1e1eb7ee33
|
Replace getEncodedFile with shared getFileBySourceArchiveName predicate
While also making it work with paths for databases created on Windows.
|
2020-11-10 13:55:27 +00:00 |
|
Anders Schack-Mulligen
|
89ef6ea4eb
|
C++/C#/Java/JavaScript/Python: Autoformat set literals.
|
2020-11-10 13:32:27 +01:00 |
|
Anders Schack-Mulligen
|
31ec79819e
|
Merge pull request #4631 from luchua-bc/java-nfe-library
Java: Factor NumberFormatException out into a library file
|
2020-11-09 13:50:31 +01:00 |
|
luchua-bc
|
d765c7bbb2
|
Update qldoc
|
2020-11-09 11:23:48 +00:00 |
|
luchua-bc
|
d568eb635f
|
Update qldoc
|
2020-11-06 15:33:26 +00:00 |
|
luchua-bc
|
450ff26694
|
Convert the query to a library
|
2020-11-06 13:25:00 +00:00 |
|
Anders Schack-Mulligen
|
cb77e460ae
|
Merge pull request #4600 from porcupineyhairs/urirefactor
Java : Refactor all instances of `java.net.URI` into TypeUri
|
2020-11-06 09:35:09 +01:00 |
|
Anders Schack-Mulligen
|
45d117b68e
|
Merge pull request #4603 from pwntester/new_deser_sink
New UnsafeDeserialization sink and improvements to SnakeYaml sink
|
2020-11-05 13:09:15 +01:00 |
|
Alvaro Muñoz
|
f103955f38
|
change qldoc formating according to LSP suggestion
|
2020-11-05 11:48:26 +01:00 |
|
Alvaro Muñoz
|
6fef63306e
|
add qldoc
|
2020-11-04 18:58:41 +01:00 |
|
Porcupiney Hairs
|
0a028dcb47
|
Java : Refactor all instances of java.net.URI into TypeUri
|
2020-11-04 18:23:26 +05:30 |
|
Anders Schack-Mulligen
|
22b4df0f3c
|
Merge pull request #4512 from luchua-bc/sensitive-broadcast
Java: Sensitive broadcast
|
2020-11-04 10:47:48 +01:00 |
|
Alvaro Muñoz
|
6f78b725e6
|
Apply suggestions from code review
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
|
2020-11-04 10:43:37 +01:00 |
|
Anders Schack-Mulligen
|
26495225e0
|
Update java/ql/src/experimental/Security/CWE/CWE-927/SensitiveBroadcast.qhelp
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
|
2020-11-04 10:05:55 +01:00 |
|
Anders Schack-Mulligen
|
92494441a7
|
Merge pull request #4554 from aschackmull/dataflow/reverse-partial
Dataflow: Add support reverse partial flow exploration.
|
2020-11-03 15:34:30 +01:00 |
|
luchua-bc
|
f8fd2ea821
|
Add qldoc and autoformat query
|
2020-11-03 12:23:40 +00:00 |
|
Anders Schack-Mulligen
|
89361a3b75
|
Merge pull request #3812 from luchua-bc/java-android-remote-source
Java: Add remote source of Android intent extra
|
2020-11-03 09:35:40 +01:00 |
|
Anders Schack-Mulligen
|
2971784f9c
|
Dataflow: Add missing qldoc and sync.
|
2020-11-03 09:21:48 +01:00 |
|
Anders Schack-Mulligen
|
7eb64aa998
|
Dataflow: Code review fixes.
|
2020-11-03 09:16:20 +01:00 |
|
Anders Schack-Mulligen
|
1ae76a80aa
|
Dataflow: Fix qldoc.
|
2020-11-03 09:16:20 +01:00 |
|
Anders Schack-Mulligen
|
d5be4d7b92
|
Dataflow: Add support reverse partial flow exploration.
|
2020-11-03 09:16:19 +01:00 |
|
luchua-bc
|
864411b4b9
|
Updates to Android stub classes
|
2020-11-02 14:06:44 +00:00 |
|
luchua-bc
|
8da9b9d3ea
|
Add documentation to new library method and use the singular form
|
2020-11-02 10:53:46 +00:00 |
|
luchua-bc
|
c89ebeeb5e
|
Text changes
|
2020-11-01 00:39:00 +00:00 |
|
luchua-bc
|
7ac3fb41d5
|
Clean up query and test files
|
2020-10-31 13:37:36 +00:00 |
|
luchua-bc
|
5a6339c1af
|
Remove userid from the regex
|
2020-10-29 15:46:05 +00:00 |
|
Anders Schack-Mulligen
|
0d926dcf70
|
Java: Tweak qhelp to make it markdown-compatible.
|
2020-10-29 14:39:01 +01:00 |
|
luchua-bc
|
90d11812be
|
Update the regex to be the original one
|
2020-10-29 13:04:15 +00:00 |
|
luchua-bc
|
b1d6bc5ba9
|
Use getDeclaringType() for getIntent() method call
|
2020-10-29 12:55:03 +00:00 |
|
luchua-bc
|
2ee9a45e69
|
Use proper class inheritance
|
2020-10-28 22:05:30 +00:00 |
|
luchua-bc
|
908d659906
|
Minor updates
|
2020-10-28 20:23:22 +00:00 |
|
Alvaro Muñoz
|
a57308a519
|
Fix SnakeYaml query to account for Yaml subclasses and compose methods
|
2020-10-28 14:52:14 +01:00 |
|
Alvaro Muñoz
|
c28856d3dc
|
remove wicket taintstep from TaintTrackingUtil
|
2020-10-28 14:51:44 +01:00 |
|
Anders Schack-Mulligen
|
f3e2bd0fd9
|
Merge pull request #3141 from pwntester/InsecureBeanValidation
Insecure Bean Validation query
|
2020-10-28 12:04:12 +01:00 |
|
Anders Schack-Mulligen
|
34ae6e0576
|
Apply suggestions from code review
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-28 09:15:08 +01:00 |
|
luchua-bc
|
99c79f4aa3
|
Enhance the dataflow sink and update test cases
|
2020-10-28 03:07:01 +00:00 |
|
luchua-bc
|
3cc3fe9d37
|
Switch to TaintPreservingCallable and add test cases
|
2020-10-28 00:33:07 +00:00 |
|
Alvaro Muñoz
|
77b551b693
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:12:17 +01:00 |
|
Alvaro Muñoz
|
b9c75ea462
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:12:00 +01:00 |
|
Alvaro Muñoz
|
ac116da0dc
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:11:48 +01:00 |
|
Alvaro Muñoz
|
d5b470ea0c
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:11:27 +01:00 |
|
Alvaro Muñoz
|
9785013c29
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:11:15 +01:00 |
|
Alvaro Muñoz
|
d221930c81
|
Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
|
2020-10-27 21:10:56 +01:00 |
|
Alvaro Muñoz
|
1fdf0556d2
|
more fixes to make qlhelp linter happy
|
2020-10-27 17:05:00 +01:00 |
|
Alvaro Muñoz
|
aa981caea5
|
more fixes to make qlhelp linter happy
|
2020-10-27 16:32:13 +01:00 |
|
Alvaro Muñoz
|
8974f252ac
|
fix format and qlhelp errors blocking the merge
|
2020-10-27 16:19:39 +01:00 |
|
Alvaro Muñoz
|
11e57bd2f8
|
add change note for new Insecure Bean Validation query
|
2020-10-27 16:11:51 +01:00 |
|
Alvaro Muñoz
|
3378dd526e
|
remove compiled classes from stubs
|
2020-10-27 15:56:26 +01:00 |
|