hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

1995 Commits

Author SHA1 Message Date
Alvaro Muñoz
99044fc6ab remove experimental query forr bean validation 2020-10-27 15:55:19 +01:00
Alvaro Muñoz
40a2007497 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-10-27 15:52:25 +01:00
Alvaro Muñoz
8b5aed2fe1 move md links to <a> 2020-10-27 15:52:25 +01:00
Alvaro Muñoz
8904411fe6 address review comments 2020-10-27 15:52:24 +01:00
Alvaro Muñoz
debfc686d1 Insecure Bean Validation query 2020-10-27 15:52:24 +01:00
Alvaro Muñoz
7d7933a054 move query out of experimental 2020-10-27 15:52:20 +01:00
Alvaro Muñoz
d990f7a470 move md links to <a> 2020-10-27 15:51:40 +01:00
Alvaro Muñoz
65d01f5c9e address review comments 2020-10-27 15:51:36 +01:00
Alvaro Muñoz
f85778e9c7 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
6ca28a8bc6 move md links to <a> 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
27bd9044e7 address review comments 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
73fc9fda77 Insecure Bean Validation query 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
a36970f306 Add beanValidation remote source 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
3dcd8acf97 add expected results 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
671ea2f6c6 add test and stubs 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
a274a1516a move source to FlowSources.qll 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
2bab9d22e9 move query out of experimental 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
df4164f2c0 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
c1decf4d0d move md links to <a> 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
0bf3895327 address review comments 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
3b23cd5be3 Insecure Bean Validation query 2020-10-27 15:47:54 +01:00
Alvaro Muñoz
a4a91eb1d2 new deserialization sink 2020-10-27 14:24:17 +01:00
Chris Smowton
3f298f3dc8 Add basic tests for Android intents as flow sources 2020-10-27 12:03:05 +00:00
Chris Smowton
54c1480fd6 Replace explicit extra step with TaintPreservingCallable 2020-10-27 12:02:29 +00:00
Chris Smowton
60e8910330 Follow taint across getExtras without qualifier 2020-10-27 12:01:30 +00:00
Joe Farebrother
2050f82553 Merge pull request #4383 from joefarebrother/guava-strings 
Java: Add modelling for Guava
 2020-10-26 10:16:55 +00:00
Tom Hvitved
492b1141ef Merge pull request #4445 from hvitved/csharp/sign-analysis-cfg 
C#: Use CFG nodes instead of AST nodes in sign/modulus analysis
 2020-10-26 09:45:38 +01:00
luchua-bc
07830aae05 Fix typo 2020-10-25 22:34:15 +00:00
luchua-bc
d9c140dc6c Enhance the query to use sanitizer and null/empty array flow 2020-10-25 15:33:09 +00:00
luchua-bc
9ae5689af6 Use AndroidIntentInput source 2020-10-24 11:55:00 +00:00
Francis Alexander
27c554c164 feedback integration - Move all files to Play.qll, improvements to add methods to remotetainted method for play 2020-10-24 11:56:06 +05:30
luchua-bc
f5f7259937 Revamp the query to implement AdditionalTaintStep 2020-10-23 12:00:36 +01:00
luchua-bc
3c5c8494b1 Refine the query to check intents coming from outside only 2020-10-23 11:58:16 +01:00
luchua-bc
f86413a9b5 text changes 2020-10-23 11:58:12 +01:00
Bt2018
2ddeb0b169 Add method access qualifier as source 2020-10-23 11:57:02 +01:00
luchua-bc
f5ca459795 Add remote source of Android intent extra 2020-10-23 11:57:01 +01:00
Francis Alexander
5d5b84974b Play remote source update to return functionaccessexpr 2020-10-22 22:29:43 +05:30
Francis Alexander
d216dcdee0 updates & conflict marker removal 2020-10-22 22:25:36 +05:30
Francis Alexander
518de822e1 updates 2020-10-22 20:47:11 +05:30
Francis Alexander
5c256dadc8 Feedback incorporation and documentation updates 2020-10-22 20:27:38 +05:30
Francis Alexander
f7d63f8666 Feedback incorporation and documentation updates 2020-10-22 20:21:47 +05:30
Francis Alexander
33f7d52a46 Naming Fixes 2020-10-22 20:20:52 +05:30
Francis Alexander
ddc544aa07 Initial support for Play Framework > 2.6.x 2020-10-22 20:20:49 +05:30
luchua-bc
478771ccc5 Fix issues with method signature check 2020-10-21 02:49:53 +00:00
luchua-bc
2c2aab6ffc Sensitive broadcast 2020-10-19 16:16:13 +00:00
Chris Smowton
4fa2a79b41 Fix test data for WebView experimental query 2020-10-19 14:57:18 +01:00
Joe Farebrother
980fdd8dea Java: Update Guava version in test stubs and change note 2020-10-19 11:56:28 +01:00
Joe Farebrother
227092e2ae Java: Minor corrections to comments 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2020-10-19 11:16:33 +01:00
Chris Smowton
3e03db178f Merge pull request #4483 from smowton/smowton/admin/droid-webview-pr-rebase 
Rebase of #3706
 2020-10-19 09:29:04 +01:00
Chris Smowton
5a480bfb13 Give query an id and PathGraph query predicates 2020-10-16 16:19:58 +01:00