hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,672 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

5944 Commits

Author SHA1 Message Date
haby0
3df23eecb6 Merge remote-tracking branch 'upstream/main' into JsonHijacking 2021-03-24 15:52:01 +08:00
Chris Smowton
fa90655dd0 Partial revert: only introduce inferred taint edges from callsite-crossing value edges if an original taint edge targets the *start* of the value edge. 
Previously we would also take a taint edge targeting a result and a value-preserving edge propagating another argument to the result to imply a taint edge targeting that argument.
 2021-03-23 14:35:03 +00:00
Anders Schack-Mulligen
27408fefe2 Merge pull request #5008 from torque59/cwe-346 
Java: Queries to detect remote source flow origins to CORS header.
 2021-03-23 13:54:00 +01:00
Anders Schack-Mulligen
9a56601dd3 Merge pull request #5164 from luchua-bc/java/insecure-ldap-endpoint 
Java: CWE-297 Query to detect insecure LDAP endpoint configuration
 2021-03-23 13:53:51 +01:00
Anders Schack-Mulligen
1e6b5391d6 Merge pull request #4994 from haby0/main 
Java: CWE-652: Improper Neutralization of Data within XQuery Expressions ('XQuery Injection')
 2021-03-23 12:05:53 +01:00
yo-h
b495e1efab Merge pull request #5411 from aschackmull/java/dataflow-lambda-dispatch 
Java: Bugfix dispatch to lambda in call context.
 2021-03-22 08:25:21 -04:00
Anders Schack-Mulligen
f681d584bd Merge pull request #5474 from Marcono1234/marcono1234/string-building-type 
Java: Add StringBuildingType
 2021-03-22 13:16:54 +01:00
haby0
fe046ec71e Merge remote-tracking branch 'upstream/main' into main 2021-03-22 17:25:37 +08:00
Marcono1234
1534b387bb Java: Improve documentation regarding minus in front of numeric literals 2021-03-22 00:54:14 +01:00
Marcono1234
cd059eb965 Java: Add StringBuildingType 2021-03-22 00:19:23 +01:00
Artem Smotrakov
6c24699403 Cover both javax.el and jakarta.el packages 2021-03-21 21:19:39 +03:00
Artem Smotrakov
adb1ed380a Added tests for Jakarta expression injection 2021-03-21 21:19:39 +03:00
Artem Smotrakov
73e940de74 Added query for Jakarta EL injections 
- Added JakartaExpressionInjection.ql
- Added a qhelp file with examples
 2021-03-21 21:19:39 +03:00
Marcono1234
fa98443bb7 Java: Add value predicates for float and double literals; improve tests 2021-03-21 18:07:55 +01:00
Tom Hvitved
09a49e4580 Merge pull request #5311 from hvitved/dataflow/lambda 
Data flow: Move C# lambda flow logic into shared library
 2021-03-19 11:44:15 +01:00
Porcuiney Hairs
a88c3682ff remove sanitiserGuards 2021-03-18 16:12:00 +05:30
Porcuiney Hairs
84c9137152 Include suggestions from review 2021-03-18 16:12:00 +05:30
porcupineyhairs
f27d2bdf6d Update java/ql/src/experimental/semmle/code/java/Logging.qll 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-03-18 16:12:00 +05:30
Porcuiney Hairs
d0c82d3756 Add flogger and android logging support 2021-03-18 16:12:00 +05:30
Porcuiney Hairs
17d7ba8049 Add Log Injection Vulnerability 2021-03-18 16:12:00 +05:30
haby0
c516d69b98 Merge remote-tracking branch 'upstream/main' into main 2021-03-17 16:42:48 +08:00
haby0
15206fd2ce JsonpInjection.ql autoformatted 2021-03-17 15:52:05 +08:00
haby0
98204a15a6 Fix the problem 2021-03-17 15:28:04 +08:00
Joe Farebrother
f5e4b87d1e Remove redundant rows and add note on collection flow 2021-03-16 14:28:24 +00:00
Joe Farebrother
980b2c1f4c Convert existing Guava models to CSV system 2021-03-16 14:24:49 +00:00
Anders Schack-Mulligen
aa360c0378 Merge pull request #5413 from smowton/smowton/feature/infer-fluent-method-taint-flow 
Add taint-preserving edges where a call also has a value-preserving edge
 2021-03-16 14:10:11 +01:00
Anders Schack-Mulligen
53c360479a Merge pull request #5329 from tamasvajk/feature/csv-taint-step 
Java: migrate taint steps to CSV
 2021-03-16 14:09:21 +01:00
Anders Schack-Mulligen
46bae88181 Merge pull request #5375 from aschackmull/dataflow/unbind 
Dataflow: Switch from unbind to pragma[only_bind_into].
 2021-03-16 14:03:54 +01:00
Tom Hvitved
b11e15154f Data flow: Sync files and add stubs 2021-03-16 13:49:32 +01:00
Tamas Vajk
d02fba8c37 Java: adjust wrapped constructor calls 2021-03-16 12:42:41 +01:00
Tamas Vajk
e3534d1635 Java: cover wrapped constructor taint flow 2021-03-16 12:10:28 +01:00
Tamas Vajk
af0dff8c6f Java: migrate constructor flow taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
f9a207dd9f Java: migrate 'arg to arg' taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
7e1534a6cd Java: migrate 'arg to return' taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
5cdbde2686 Java: migrate 'qualifier to return' taint steps to CSV 2021-03-16 12:10:28 +01:00
Tamas Vajk
40126563ef Java: migrate 'qualifier to arg' taint steps to CSV 2021-03-16 12:10:28 +01:00
Anders Schack-Mulligen
2d8d967060 Dataflow: Address review comment. 2021-03-16 11:07:33 +01:00
Chris Smowton
6d108c0fa7 Improve docstring for composedValueAndTaintModelStep 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-03-16 09:00:35 +00:00
Chris Smowton
915a19fb9d Improve naming; eliminate some harmless extra results 
Adding `src != valueSource` should have no effect as the introduced edge would already exist, but could reduce workload downstream.
 2021-03-16 08:57:14 +00:00
Chris Smowton
516122aa74 Add taint-preserving edges where a call also has a value-preserving edge 
For example, for a fluent method that returns `this`, we take a tainting edge from argX to either `this` or the return value to also taint the other.
 2021-03-16 08:45:24 +00:00
Anders Schack-Mulligen
45c9428668 Merge pull request #5337 from smowton/smowton/feature/commons-lang-random-sources 
Java: Add support for Commons-Lang's RandomUtils
 2021-03-15 16:21:01 +01:00
Anders Schack-Mulligen
662e17ff85 Java: Bugfix dispatch to lambda in call context. 2021-03-15 15:09:03 +01:00
Anders Schack-Mulligen
5aa9c2bd19 Dataflow: One more pragma. 2021-03-12 15:59:19 +01:00
Chris Smowton
92d61354d4 Remove abstract class RandomNumberGenerator 2021-03-12 13:04:31 +00:00
luchua-bc
1a2e341b7c Refactor the business logic of the query into a separate predicate 2021-03-12 12:19:37 +00:00
Anders Schack-Mulligen
a8b84e430f Merge pull request #5390 from Marcono1234/patch-2 
Java: Fix documentation mistake in Modules.qll
 2021-03-12 12:51:24 +01:00
Anders Schack-Mulligen
c9786df760 Merge pull request #5344 from smowton/smowton/feature/commons-object-utils 
Java: Add models for flow- and taint-preserving functions in Commons ObjectUtils
 2021-03-12 12:46:31 +01:00
Anders Schack-Mulligen
1d3ad0cb52 Java: Remove value steps from taint steps. 2021-03-12 11:09:53 +01:00
Marcono1234
edeb08480e Java: Fix documentation mistake in Modules.qll 2021-03-11 23:45:59 +01:00
luchua-bc
c8b1bc3a89 Enhance the query 2021-03-11 21:41:34 +00:00