codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00

Author	SHA1	Message	Date
Tony Torralba	6096080156	Use all possible packages for Fragment classes Also fix stub	2022-01-19 16:23:11 +01:00
Tony Torralba	211cb9370f	Add the Intent parameter of onActivityResult as a source	2022-01-19 16:08:25 +01:00
Tony Torralba	520d8f5ec5	Add stubs	2022-01-19 16:06:23 +01:00
Chris Smowton	84097468cc	Merge pull request #7286 from luchua-bc/java/unsafe-url-forward-dispatch Java: CWE-552 Query to detect unsafe request dispatcher usage	2022-01-18 18:19:20 +00:00
Tony Torralba	f103d45340	Merge branch 'main' into atorralba/android-implicit-pending-intents	2022-01-18 10:50:49 +01:00
Tony Torralba	e967b8a9be	Merge pull request #6576 from atorralba/atorralba/android-cleartext-storage-filesystem Java: Create new query Cleartext storage of sensitive information in Android filesystem	2022-01-17 14:02:38 +01:00
Tony Torralba	227929508f	Merge pull request #6923 from atorralba/atorralba/android-fragment-injection Java: CWE-470 - Queries to detect Fragment Injection in Android applications	2022-01-17 14:02:15 +01:00
Tony Torralba	c1ac09a063	Added query for Cleartext Storage in Android Filesystem	2022-01-17 11:11:00 +01:00
Tony Torralba	a59a4024a5	Update stubs	2022-01-14 10:32:36 +01:00
Anders Schack-Mulligen	69973dadb3	Merge pull request #7548 from zbazztian/spring-taint-summaries Java: Add Spring and Apache Common Langs taint flow steps	2022-01-13 13:00:41 +01:00
Sebastian Bauersfeld	69f329ffec	Java: Add test cases for AbstractMessageSource.getMessage() methods	2022-01-13 14:13:27 +07:00
Sebastian Bauersfeld	39b6678b7d	Java: Add test case for StringEscapeUtils.escapeJson() taint step.	2022-01-13 11:18:37 +07:00
Tony Torralba	0e738622df	Merge branch 'main' into atorralba/promote-log-injection	2022-01-10 17:24:25 +01:00
Tony Torralba	6f2d91a8ad	Sinks for CloseableThreadContext	2021-12-17 09:17:04 +01:00
Tony Torralba	2e0ca6ce2b	Add stubs	2021-12-16 13:44:01 +01:00
Tony Torralba	65b6c16254	Fix stub after merge	2021-12-15 16:53:47 +01:00
Tony Torralba	efb471687c	Add stubs	2021-12-15 16:53:42 +01:00
Chris Smowton	753d886b0d	Merge pull request #6319 from haby0/java/MyBatisSqlInjection [Java] CWE-089 MyBatis Mapper Sql Injection	2021-12-09 19:57:18 +00:00
Tony Torralba	3a3c7fc59e	Fix stub	2021-12-09 13:34:41 +01:00
Tony Torralba	f63ffb0630	Add models for Notification builders	2021-12-09 13:33:17 +01:00
Tony Torralba	8ffa195538	Merge branch 'main' into atorralba/android_slice_models	2021-12-03 16:59:33 +01:00
luchua-bc	8bcffc2886	Query to detect unsafe request dispatcher usage	2021-12-02 04:00:29 +00:00
haby0	db04a0dadf	New model: SQL injection in MyBatis annotations	2021-11-28 14:43:57 +08:00
Jonathan Leitschuh	1ddf5fb133	Java: Ratpack HTTP Framework Additional Modeling Adds models for `ratpack.func.Pair`, and `ratpack.exec.Result`. Improve moels for `ratpack.exec.Promise`. Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>	2021-11-25 12:55:32 -05:00
haby0	69690a2509	Modify sinks	2021-11-25 15:47:30 +08:00
haby0	4438f8c58c	Add MyBatis Mapper Sql Injection	2021-11-25 15:47:29 +08:00
Chris Smowton	3c8f6e3c07	Merge pull request #6717 from luchua-bc/java/thread-resource-abuse Java: CWE-400 - Query to detect uncontrolled thread resource consumption	2021-11-24 18:59:41 +00:00
luchua-bc	e56737e007	Use value step to optimize the taint step and add a test case for Apache file upload listener	2021-11-23 17:15:28 +00:00
Tony Torralba	f4704f1325	Merge pull request #6397 from atorralba/atorralba/android-intent-redirect-query Java: Create new Android Intent Redirection query	2021-11-04 10:42:59 +01:00
Tony Torralba	f1df542345	Add stubs & tests Fix mistakes detected by the tests	2021-11-03 17:26:13 +01:00
Tony Torralba	7d88f80fb9	Add tests for summaries	2021-11-03 10:35:38 +01:00
Jonathan Leitschuh	21aeee6378	Actually remove the last non-ascii quote from Promise Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>	2021-10-26 08:28:44 -04:00
Jonathan Leitschuh	ebe2c26f4d	Remove the last non-ascii quote from Promise Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>	2021-10-25 11:30:12 -04:00
Jonathan Leitschuh	5eb28398f0	Remove non-ASCII characters from Promise.java Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>	2021-10-22 10:52:46 -04:00
Jonathan Leitschuh	cce3aad62e	Remove non-ASCII characters from Handler.java Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>	2021-10-20 11:34:59 -04:00
Jonathan Leitschuh	23e60e2c52	Add full integration test for Ratpack example Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>	2021-10-18 12:21:11 -04:00
Jonathan Leitschuh	6562ac3680	Ratpack conversion to new lambda model Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>	2021-10-18 12:21:10 -04:00
Jonathan Leitschuh	901631ceb8	Ratpack Promise add support for `apply` method	2021-10-18 12:21:10 -04:00
Jonathan Leitschuh	b9dc3d0cfe	Ratpack: Better support for Promise API	2021-10-18 12:21:09 -04:00
Jonathan Leitschuh	cdfdcc66bd	Ratpack fix formatting and non-ascii characters	2021-10-18 12:21:09 -04:00
Jonathan Leitschuh	a3b1736a73	Ratpack improve support for parsing types	2021-10-18 12:21:09 -04:00
Jonathan Leitschuh	b2e3df29b3	Add support for Promise.value and Promise::flatMap	2021-10-18 12:21:08 -04:00
Jonathan Leitschuh	170657b9a4	Add additional Ratpack test and improve Promise based dataflow tracking	2021-10-18 12:21:08 -04:00
Jonathan Leitschuh	dabf00e8b4	Add Tests to Ratpack Framework Support	2021-10-18 12:21:08 -04:00
Tony Torralba	a5749a5eb1	Add ComponentName tests to existing Intent tests	2021-10-18 15:23:52 +02:00
Tony Torralba	d1d2d61d7e	Add more sinks Also, fix things after rebase	2021-10-18 12:00:07 +02:00
Tony Torralba	031fa2199c	Fix stubs and tests	2021-10-18 11:06:06 +02:00
Tony Torralba	ef30ca211a	Fix stubs	2021-10-18 11:03:13 +02:00
Tony Torralba	8c400d9b1b	Added tests and stubs	2021-10-18 11:02:10 +02:00
Tony Torralba	9d50511ea4	Fix stubs	2021-10-18 09:27:53 +02:00

... 2 3 4 5 6 ...

510 Commits