codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00

Author	SHA1	Message	Date
luchua-bc	d9c140dc6c	Enhance the query to use sanitizer and null/empty array flow	2020-10-25 15:33:09 +00:00
luchua-bc	9ae5689af6	Use AndroidIntentInput source	2020-10-24 11:55:00 +00:00
luchua-bc	f5f7259937	Revamp the query to implement AdditionalTaintStep	2020-10-23 12:00:36 +01:00
luchua-bc	3c5c8494b1	Refine the query to check intents coming from outside only	2020-10-23 11:58:16 +01:00
luchua-bc	f86413a9b5	text changes	2020-10-23 11:58:12 +01:00
Bt2018	2ddeb0b169	Add method access qualifier as source	2020-10-23 11:57:02 +01:00
luchua-bc	f5ca459795	Add remote source of Android intent extra	2020-10-23 11:57:01 +01:00
luchua-bc	478771ccc5	Fix issues with method signature check	2020-10-21 02:49:53 +00:00
luchua-bc	2c2aab6ffc	Sensitive broadcast	2020-10-19 16:16:13 +00:00
Chris Smowton	4fa2a79b41	Fix test data for WebView experimental query	2020-10-19 14:57:18 +01:00
Joe Farebrother	980fdd8dea	Java: Update Guava version in test stubs and change note	2020-10-19 11:56:28 +01:00
Joe Farebrother	227092e2ae	Java: Minor corrections to comments Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>	2020-10-19 11:16:33 +01:00
Chris Smowton	3e03db178f	Merge pull request #4483 from smowton/smowton/admin/droid-webview-pr-rebase Rebase of #3706	2020-10-19 09:29:04 +01:00
Chris Smowton	5a480bfb13	Give query an id and PathGraph query predicates	2020-10-16 16:19:58 +01:00
Anders Schack-Mulligen	a806a4f086	Merge pull request #4312 from JLLeitschuh/feat/JLL/java/jhipster_CVE-2019-16303 Java: QL Query Detector for JHipster Generated CVE-2019-16303	2020-10-16 15:47:09 +02:00
Anders Schack-Mulligen	b352605d12	Dataflow: Code review fixes.	2020-10-16 13:45:51 +02:00
Joe Farebrother	3ef9498d53	Java: Modify privateness of a couple imports for Guava	2020-10-16 12:09:39 +01:00
Anders Schack-Mulligen	664f04020f	Revert "Dataflow: Count callables instead of nodes for fieldFlowBranchLimit." This reverts commit `1501a40de8`.	2020-10-16 12:51:50 +02:00
Anders Schack-Mulligen	1501a40de8	Dataflow: Count callables instead of nodes for fieldFlowBranchLimit.	2020-10-16 12:51:17 +02:00
Anders Schack-Mulligen	6aae51fa4f	Dataflow: Sync.	2020-10-16 12:51:17 +02:00
Anders Schack-Mulligen	8f055f56b8	Dataflow: Adaptive field flow precision.	2020-10-16 12:51:17 +02:00
Anders Schack-Mulligen	b0f0f89dbc	Dataflow: Minor pruning improvements.	2020-10-16 12:51:17 +02:00
Joe Farebrother	8cd00cf05f	Java: Add change note for Guava	2020-10-16 11:08:45 +01:00
Joe Farebrother	4b160b9aaf	Java: Merge Guava definitions for string utilities into one file	2020-10-16 10:46:27 +01:00
Joe Farebrother	adad75bd86	Java: Update Guava modelling to use new refactor	2020-10-16 10:39:18 +01:00
Joe Farebrother	8834a8fed6	Java: Make tests less noisy	2020-10-16 10:22:41 +01:00
Joe	f58ebad756	Java: Fix QLDoc	2020-10-16 10:22:41 +01:00
Joe	fc4d7c3161	Java: Make Guava stuff private	2020-10-16 10:22:41 +01:00
Joe	28647b20e2	Java: Add tests	2020-10-16 10:22:41 +01:00
Joe	e196c75b4e	Java: Add modelling for Guava `Strings`, `Splitter`, and `Joiner`	2020-10-16 10:22:30 +01:00
Tom Hvitved	5f01fda1ef	Data flow: Sync files	2020-10-16 09:05:02 +02:00
Anders Schack-Mulligen	94f110f739	Sync.	2020-10-16 09:05:01 +02:00
Anders Schack-Mulligen	b4ecfaeda3	Dataflow: Remove inconsistent AccessPath.getType().	2020-10-16 09:05:01 +02:00
Anders Schack-Mulligen	d88c551f64	Dataflow: qldoc fix	2020-10-16 09:05:01 +02:00
Anders Schack-Mulligen	98f10b29b8	Dataflow: Simplify SCC: remove some apa params.	2020-10-16 09:05:01 +02:00
Anders Schack-Mulligen	4e2f786040	Dataflow: Precalculate AccessPath to avoid massive recursion.	2020-10-16 09:05:01 +02:00
Tom Hvitved	d608138c0c	Data flow: Sync files	2020-10-16 09:03:13 +02:00
Joe Farebrother	388f60f818	Merge pull request #4430 from joefarebrother/tainttrackingutils-refactor Java: Refactor part of TaintTrackingUtil.qll	2020-10-15 16:05:38 +01:00
luchua-bc	b359802dd4	Replace non-ASCII apostrophe in Java stub classes	2020-10-15 14:53:32 +01:00
luchua-bc	6f6ec9d51a	Change the source class type and simplify the data-flow step	2020-10-15 14:53:32 +01:00
luchua-bc	f5e9690594	Update the doc comments	2020-10-15 14:53:32 +01:00
luchua-bc	c7750fd8c2	Fine tune the query	2020-10-15 14:53:32 +01:00
luchua-bc	5338332648	Enhance the query and add more test cases	2020-10-15 14:53:31 +01:00
luchua-bc	55af37312b	Text changes to the help file	2020-10-15 14:53:31 +01:00
luchua-bc	ebc2bd9a58	Text changes to the help file	2020-10-15 14:53:31 +01:00
luchua-bc	bd0c577ffd	Unsafe resource loading in Android webview	2020-10-15 14:53:30 +01:00
Jonathan Leitschuh	a9c5551284	Fix formatting in Lang.qll	2020-10-15 08:52:02 -04:00
Tom Hvitved	2af7e1c213	C#: Use CFG nodes instead of AST nodes in sign/modulus analysis	2020-10-14 13:39:44 +02:00
Jonathan Leitschuh	fc71ca747d	Java: Track taint through java.io.File::toPath & java.nio.file.Path::toFile	2020-10-13 21:15:09 -04:00
Joe Farebrother	b2a2412f1d	Java: Clean up the constructor flow steps	2020-10-13 11:30:02 +01:00

1 2 3 4 5 ...

1399 Commits