hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,671 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

14042 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
2a2484ee0f Merge pull request #2800 from SpaceWhite/CWE-643 
CWE-643 XPathInjection on java
 2020-03-13 13:40:17 +01:00
Anders Schack-Mulligen
99c55b6edb Java: Add taint steps for java.util.Queue methods. 2020-03-12 15:02:06 +01:00
SpaceWhite
300aee39be nit: add dot to qhelp 2020-03-12 20:38:03 +09:00
SpaceWhite
bb1ea94c54 Nit: Fix qhelp and ql autoformat 2020-03-12 20:35:01 +09:00
SpaceWhite
822bfcd36c Nit: fix qhelp 2020-03-12 20:25:23 +09:00
Anders Schack-Mulligen
e1a0c2d846 Java: Add minor test case to typeflow qltest. 2020-03-11 13:13:19 +01:00
Anders Schack-Mulligen
a9d76cbe64 Dataflow: Add consistency checks for toString and location. 2020-03-11 10:29:48 +01:00
Tom Hvitved
bd6c23d165 Merge pull request #3020 from aschackmull/dataflow/type-pruning-bigstep 
Dataflow: Fix bug in type pruning.
 2020-03-10 14:21:21 +01:00
Anders Schack-Mulligen
e97c72cd5d Dataflow: Adjust imports. 2020-03-10 11:34:09 +01:00
Anders Schack-Mulligen
a2bbacf58d Java/C++/C#: Fix performance issue in partial paths exploration. 2020-03-09 11:30:59 +01:00
Anders Schack-Mulligen
4298a3a931 Java: Add test. 2020-03-09 11:16:59 +01:00
Anders Schack-Mulligen
f491fcd5ae Java/C++/C#: Sync. 2020-03-09 11:05:13 +01:00
Anders Schack-Mulligen
7a74634cfd Java/C++/C#: Simplify. 2020-03-09 11:04:28 +01:00
Anders Schack-Mulligen
cf84a53573 Java/C++/C#: Fix bug in type pruning. 2020-03-09 11:04:24 +01:00
SpaceWhite
5e912cbf8e Move directory to experimental 2020-03-07 11:55:32 +09:00
SpaceWhite
8cdc2bb268 Merge branch 'master' into CWE-094 2020-03-07 11:54:31 +09:00
SpaceWhite
b7af1645aa Move directory to experimental 2020-03-07 11:49:33 +09:00
SpaceWhite
2ec107bc2d Merge branch 'master' into CWE-643 2020-03-07 11:47:53 +09:00
Anders Schack-Mulligen
4601639bad Java: Document a FP in a test. 2020-03-03 13:39:26 +01:00
Anders Schack-Mulligen
b210009eec Merge pull request #2923 from yo-h/java-customizations 
Java: add `Customizations.qll`
 2020-03-02 09:58:34 +01:00
semmle-qlci
ec90627a64 Merge pull request #2909 from yo-h/experimental 
Approved by aschackmull, jbj, max-schaefer, tausbn
 2020-02-28 03:15:58 +00:00
yo-h
f8bf055fe1 Merge pull request #2927 from aschackmull/java/taintgettersetter-tests 
Java: Add some more taint-getter-setter tests.
 2020-02-27 22:12:25 -05:00
Anders Schack-Mulligen
8e2b56cfd0 Java: Include count in messages. 2020-02-27 13:10:42 +01:00
Anders Schack-Mulligen
33f6392be5 Java: Add some more taint-getter-setter tests. 2020-02-27 10:47:25 +01:00
Anders Schack-Mulligen
0c30d7cced Java: Update test output. 2020-02-27 10:28:12 +01:00
Anders Schack-Mulligen
a09e479033 Java: Change relevantNode to a class, and add two more checks. 2020-02-27 10:14:14 +01:00
yo-h
bd91bc0b29 Java: add Customizations.qll 2020-02-26 13:18:13 -05:00
Anders Schack-Mulligen
ce70b86604 Java: Add data-flow consistency checks. 2020-02-26 14:17:07 +01:00
Anders Schack-Mulligen
508b6050a8 Java: Remove some irrelevant bounds from TypeFlow. 2020-02-26 13:51:25 +01:00
Jonas Jensen
db33c360bc Merge pull request #2910 from aschackmull/dataflow/cleanup 
Java/C++: Minor dataflow cleanup.
 2020-02-25 12:47:10 +01:00
Anders Schack-Mulligen
fba8772411 Java/C++: Minor dataflow cleanup. 2020-02-25 09:40:25 +01:00
yo-h
43bcd5b26c Add guidelines for experimental CodeQL queries and libraries 2020-02-24 15:08:31 -05:00
Anders Schack-Mulligen
67b32796dd Merge pull request #853 from joshhale/tweak-cwe-078-example 
doc: remove - from command arguments
 2020-02-24 16:15:58 +01:00
Grzegorz Golawski
fda4ab155a CodeQL query to detect open Spring Boot actuator endpoints 2020-02-23 20:03:41 +01:00
Peter Stöckli
e81d3ce0b4 Add type for java.net.URL 2020-02-23 12:35:03 +01:00
Peter Stöckli
e1e03e326b Add query documentation header 2020-02-21 18:22:05 +00:00
Peter Stöckli
9de2be8eba Fix whitespace issues in OpenStream.java 2020-02-21 17:13:04 +00:00
Peter Stöckli
b622e2ae06 Java: Calling openStream on URLs created from remote source can lead to local file disclosure. 2020-02-21 17:51:15 +01:00
Anders Schack-Mulligen
771cb754c2 Merge pull request #2822 from hvitved/dataflow/node-cand-simple-call-context 
Data flow: Track simple call contexts in `nodeCand[Fwd]1`
 2020-02-21 10:02:06 +01:00
Tom Hvitved
a772b82fea Address review comments 2020-02-20 19:48:49 +01:00
Anders Schack-Mulligen
91166431d2 Java/C++/C#: s/Callable/DataFlowCallable/ 2020-02-19 17:23:01 +01:00
Anders Schack-Mulligen
c6016bb08c Java/C++/C#: Improve join-order in pathStep predicate 2020-02-19 14:47:39 +01:00
Tom Hvitved
a695b567ec Data flow: Sync files 2020-02-17 19:39:52 +01:00
semmle-qlci
ecad925101 Merge pull request #2631 from hvitved/dataflow/generalize-flow-summaries 
Approved by aschackmull
 2020-02-17 18:22:46 +00:00
Tom Hvitved
0e7838aca5 Data flow: Sync files 2020-02-17 15:08:26 +01:00
Anders Schack-Mulligen
cabe627d1e Java: Fix qldoc. 2020-02-17 14:44:12 +01:00
Tom Hvitved
28307399f8 Data flow: Sync files 2020-02-17 10:45:35 +01:00
SpaceWhite
0be6f84387 Add sample 2020-02-15 16:49:33 +09:00
SpaceWhite
1ad7bd9684 add sample code 2020-02-15 16:46:09 +09:00
SpaceWhite
a29ccd674f Initial commit 2020-02-15 16:27:03 +09:00