hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,252 Commits 1,672 Branches 157 Tags
revert-4653-feature/csharp9-relational-pattern
Commit Graph

1429 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
8f055f56b8 Dataflow: Adaptive field flow precision. 2020-10-16 12:51:17 +02:00
Anders Schack-Mulligen
b0f0f89dbc Dataflow: Minor pruning improvements. 2020-10-16 12:51:17 +02:00
Joe Farebrother
8cd00cf05f Java: Add change note for Guava 2020-10-16 11:08:45 +01:00
Joe Farebrother
4b160b9aaf Java: Merge Guava definitions for string utilities into one file 2020-10-16 10:46:27 +01:00
Joe Farebrother
adad75bd86 Java: Update Guava modelling to use new refactor 2020-10-16 10:39:18 +01:00
Joe Farebrother
8834a8fed6 Java: Make tests less noisy 2020-10-16 10:22:41 +01:00
Joe
f58ebad756 Java: Fix QLDoc 2020-10-16 10:22:41 +01:00
Joe
fc4d7c3161 Java: Make Guava stuff private 2020-10-16 10:22:41 +01:00
Joe
28647b20e2 Java: Add tests 2020-10-16 10:22:41 +01:00
Joe
e196c75b4e Java: Add modelling for Guava Strings, Splitter, and Joiner 2020-10-16 10:22:30 +01:00
Tom Hvitved
5f01fda1ef Data flow: Sync files 2020-10-16 09:05:02 +02:00
Anders Schack-Mulligen
94f110f739 Sync. 2020-10-16 09:05:01 +02:00
Anders Schack-Mulligen
b4ecfaeda3 Dataflow: Remove inconsistent AccessPath.getType(). 2020-10-16 09:05:01 +02:00
Anders Schack-Mulligen
d88c551f64 Dataflow: qldoc fix 2020-10-16 09:05:01 +02:00
Anders Schack-Mulligen
98f10b29b8 Dataflow: Simplify SCC: remove some apa params. 2020-10-16 09:05:01 +02:00
Anders Schack-Mulligen
4e2f786040 Dataflow: Precalculate AccessPath to avoid massive recursion. 2020-10-16 09:05:01 +02:00
Tom Hvitved
d608138c0c Data flow: Sync files 2020-10-16 09:03:13 +02:00
Joe Farebrother
388f60f818 Merge pull request #4430 from joefarebrother/tainttrackingutils-refactor 
Java: Refactor part of TaintTrackingUtil.qll
 2020-10-15 16:05:38 +01:00
luchua-bc
b359802dd4 Replace non-ASCII apostrophe in Java stub classes 2020-10-15 14:53:32 +01:00
luchua-bc
6f6ec9d51a Change the source class type and simplify the data-flow step 2020-10-15 14:53:32 +01:00
luchua-bc
f5e9690594 Update the doc comments 2020-10-15 14:53:32 +01:00
luchua-bc
c7750fd8c2 Fine tune the query 2020-10-15 14:53:32 +01:00
luchua-bc
5338332648 Enhance the query and add more test cases 2020-10-15 14:53:31 +01:00
luchua-bc
55af37312b Text changes to the help file 2020-10-15 14:53:31 +01:00
luchua-bc
ebc2bd9a58 Text changes to the help file 2020-10-15 14:53:31 +01:00
luchua-bc
bd0c577ffd Unsafe resource loading in Android webview 2020-10-15 14:53:30 +01:00
Jonathan Leitschuh
a9c5551284 Fix formatting in Lang.qll 2020-10-15 08:52:02 -04:00
Tom Hvitved
2af7e1c213 C#: Use CFG nodes instead of AST nodes in sign/modulus analysis 2020-10-14 13:39:44 +02:00
Jonathan Leitschuh
fc71ca747d Java: Track taint through java.io.File::toPath & java.nio.file.Path::toFile 2020-10-13 21:15:09 -04:00
Joe Farebrother
b2a2412f1d Java: Clean up the constructor flow steps 2020-10-13 11:30:02 +01:00
Jonathan Leitschuh
48f4b6c058 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-10-12 11:16:21 -04:00
Jonathan Leitschuh
895f4d0ea6 JHipster Vuln: Add GOOD/BAD & release note links 2020-10-12 11:00:05 -04:00
Joe Farebrother
aa8bacb724 Java: Update test output 2020-10-12 15:50:47 +01:00
Joe Farebrother
3416911ac6 Java: Refector out StringBuilder and Number taint preserving callables 2020-10-12 15:50:47 +01:00
Joe Farebrother
eafde05a55 Java: Expand flow step refactoring to Callables 
Also add some missing flow steps for StringBuilder
 2020-10-12 15:50:47 +01:00
Joe Farebrother
7e2c49fadd Java: Fix a couple of flow step issues 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-10-12 15:50:47 +01:00
Joe Farebrother
4a8b7f64e8 Java: Rename returnsTaint to returnsTaintFrom 2020-10-12 15:50:47 +01:00
Joe Farebrother
ca9038350c Java: Add this. and fix mistake 2020-10-12 15:50:46 +01:00
Joe Farebrother
5d487b97da Java: Merge TaintPreservingMethod with TaintTransferringMethod 2020-10-12 15:50:46 +01:00
Joe Farebrother
a510f58865 Java: Implement code review changes 2020-10-12 15:50:46 +01:00
Joe Farebrother
91ce02aad4 Java: Fix bug involving varadic parameters 2020-10-12 15:50:46 +01:00
Joe Farebrother
79209af9c0 Java: Refactor out flow steps for more frameworks. 2020-10-12 15:50:41 +01:00
Joe Farebrother
92fd8c4128 Java: Move new definitions to new file 2020-10-12 15:48:43 +01:00
Joe Farebrother
60a7666105 Java: Refactor Android SQLite flow steps 2020-10-12 15:48:43 +01:00
Joe Farebrother
ca60f2cc18 Java: Fix failing tests 2020-10-12 15:48:43 +01:00
Joe Farebrother
ff6c5c219c Java: Start TaintTrackingUtils refactor 2020-10-12 15:48:43 +01:00
Joe Farebrother
551d86c6ea Java: Define classes for taint propagation methods 2020-10-12 15:48:43 +01:00
Arthur Baars
fc4a3426ac Merge pull request #4457 from daniel-beck/file-taint 
Java: Track taint through java.io.File constructor and #toURI; URI#toURL
 2020-10-12 16:42:11 +02:00
Anders Schack-Mulligen
725194a3b8 Merge pull request #4447 from aschackmull/dataflow/postupdate-flow-consistency 
Dataflow: Introduce consistency check for flow targeting PostUpdateNodes
 2020-10-12 08:56:19 +02:00
Daniel Beck
0c70be145f Track taint through java.io.File constructor and #toURI; URI#toURL 2020-10-10 20:54:55 +02:00