hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,275 Commits 1,671 Branches 157 Tags
tausbn/python-refine-location-of-flask-request-sources
Commit Graph

13656 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
a50ea54ff6 Java: Fix tests. 2019-08-08 12:03:01 +02:00
Anders Schack-Mulligen
b3e56d5b04 Java: Fix copy-paste typo. 2019-08-08 11:44:44 +02:00
Anders Schack-Mulligen
20e6f5594f Java: Improve barriers for the CWE-190 Arithmetic* queries. 2019-08-07 15:22:23 +02:00
yh-semmle
033879f5a6 Merge pull request #1639 from aschackmull/java/in-out-barriers 
Java/C++/C# DataFlow: Add support for in/out barriers on sources and sinks.
 2019-08-07 01:07:19 -04:00
yh-semmle
9e4405f385 Merge pull request #1688 from aschackmull/java-cookbook/int-literal-value 
Java Cookbook: Slight improvement to the IntegerLiteral pattern.
 2019-08-05 20:37:58 -04:00
yh-semmle
7e90728c67 Merge pull request #1679 from aschackmull/java/reader-taint 
Java: Adjust taint steps for Reader::read.
 2019-08-05 12:46:12 -04:00
Anders Schack-Mulligen
a80cb262fc Java/C++/C#: Elaborate qldoc. 2019-08-05 16:28:25 +02:00
Anders Schack-Mulligen
9ebb83497d Java/C++/C#: Fix small mistake. 2019-08-05 15:34:12 +02:00
Anders Schack-Mulligen
2dc83c539c Java/C++/C#: Sync dataflow. 2019-08-05 12:07:32 +02:00
Anders Schack-Mulligen
f8804943ee Java: Change in/out barriers to be explicit in the configuration. 2019-08-05 12:05:12 +02:00
Anders Schack-Mulligen
15c61b57f7 Java Cookbook: Slight improvement to the IntegerLiteral pattern. 2019-08-05 11:03:30 +02:00
Jonas Jensen
73d8bf38a9 Merge pull request #1680 from aschackmull/cookbook/autoformat 
Cookbook examples: Autoformat
 2019-08-05 10:24:56 +02:00
Anders Schack-Mulligen
b1b1ede6b0 Java: Improve the precision of java/hardcoded-credential-api-call. 2019-08-02 16:50:58 +02:00
Anders Schack-Mulligen
9b74e9c4a4 Java: Autoformat cookbook examples. 2019-08-02 15:27:28 +02:00
Anders Schack-Mulligen
4ffc41277a Java: Adjust taint steps for Reader::read. 2019-08-02 14:21:06 +02:00
Anders Schack-Mulligen
1a779179e7 Merge pull request #1666 from yh-semmle/java-xxe-qhelp 
Java: update XXE qhelp with note on processing limits
 2019-08-01 10:01:53 +02:00
yh-semmle
dc45ba5627 Java: update XXE qhelp with note on processing limits 2019-07-31 15:45:28 -04:00
semmle-qlci
1d806971ed Merge pull request #1634 from aibaars/cookbook 
Approved by aschackmull, dave-bartolomeo, hvitved, markshannon, xiemaisi, yh-semmle
 2019-07-31 14:31:28 +01:00
yh-semmle
37395877a7 Merge pull request #1633 from aschackmull/java/taint-string-concat 
Java: Add taint step for String::concat.
 2019-07-30 00:21:52 -04:00
Arthur Baars
ccde7cf6cf Add @id to example queries 2019-07-26 17:47:11 +02:00
Arthur Baars
bdce7d07c1 Move 'snippet' queries to 'snippets' folders 2019-07-26 17:47:11 +02:00
Arthur Baars
30860daac4 Add cookbook queries 2019-07-26 17:47:11 +02:00
yh-semmle
a1b4d09b42 Merge pull request #1630 from aschackmull/java/switchexpr-tostring 
Java: Add toString override for SwitchExpr.
 2019-07-26 11:32:24 -04:00
Anders Schack-Mulligen
6d022aa359 Java/C++/C#: Sync dataflow. 2019-07-26 13:17:12 +02:00
Anders Schack-Mulligen
7c30c1a01c Java: Deprecate isBarrierEdge. 2019-07-26 13:16:19 +02:00
Anders Schack-Mulligen
d3c5644229 Java: Add support for in/out barriers on sources and sinks. 2019-07-26 11:52:55 +02:00
yh-semmle
9fdb964622 Merge pull request #1511 from aschackmull/java/typeflow-precision 
Java: Minor TypeFlow precision improvement and refactor.
 2019-07-25 23:06:16 -04:00
Anders Schack-Mulligen
046d4a01de Java: Add taint step for String::concat. 2019-07-25 11:38:34 +02:00
Anders Schack-Mulligen
3d340d4fba Java: Delete deprecated dependency DataFlowImplDepr. 2019-07-25 11:18:01 +02:00
Anders Schack-Mulligen
e8aae19556 Java: Add toString override for SwitchExpr. 2019-07-25 10:53:16 +02:00
yh-semmle
a42d9b1f96 Merge pull request #1616 from aschackmull/java/dataflow-prunetype-bugfix 
Java: Bugfix for flow through methods with taint step and upcast.
 2019-07-24 22:28:05 -04:00
Anders Schack-Mulligen
a8c10e218c Java: Delete old deprecated code. 2019-07-23 10:09:51 +02:00
Anders Schack-Mulligen
cd8d16183c Java/CPP/C#: Sync dataflow. 2019-07-22 15:41:37 +02:00
Anders Schack-Mulligen
3024b5cb9e Java: Bugfix for flow through methods with taintstep and upcast. 2019-07-22 15:39:30 +02:00
yh-semmle
12c906c9de Merge pull request #1503 from aschackmull/java/object-tostring-dispatch 
Java: Restrict Object.toString() dispatch based on a more closed-world assumption.
 2019-07-19 09:23:21 -04:00
Anders Schack-Mulligen
3588066ba1 Java: Add qldoc and change note. 2019-07-18 17:53:40 +02:00
Anders Schack-Mulligen
eeb7bdba95 Merge pull request #1553 from rneatherway/java/add-null-guard 
Java: Add `isNotEmpty` to NullGuards
 2019-07-09 11:25:21 +02:00
Robin Neatherway
204a28df94 Java: Add isNotEmpty to NullGuards 2019-07-05 12:41:46 +01:00
Jonas Jensen
5ea69601c3 Merge pull request #1525 from aibaars/drop-import-additional-libraries 
Drop ImportAdditionalLibraries.ql
 2019-07-02 11:26:31 +02:00
Arthur Baars
9197c186e1 Drop: ImportAdditionalLibraries.ql 2019-06-28 15:53:07 +02:00
Anders Schack-Mulligen
a93ecae1ae Java: Don't report lambdas (or other anon classes) as dead. 2019-06-28 12:59:54 +02:00
yh-semmle
0d4ff2d7fe Merge pull request #1513 from aschackmull/java/whitelist-sha512 
Java: Add SHA512 to the crypto whitelist.
 2019-06-27 19:48:13 -04:00
Anders Schack-Mulligen
85eac80be9 Java: Add simple sanitizer for java/http-response-splitting. 2019-06-27 14:03:48 +02:00
Anders Schack-Mulligen
93646974a6 Java: Add SHA512 to the crypto whitelist. 2019-06-27 13:38:04 +02:00
Anders Schack-Mulligen
a583f000c1 Java: Fix tests. 2019-06-27 13:20:03 +02:00
Anders Schack-Mulligen
ff45387ead Java: Minor TypeFlow precision improvement and refactor. 2019-06-27 12:42:46 +02:00
Anders Schack-Mulligen
2af3598223 Java: Restrict Object.toString dispatch based on a more closed-world assumption. 2019-06-26 17:42:40 +02:00
yh-semmle
32f48f4351 Java: add db stats for compilation/diagnostic relations 2019-06-12 17:21:35 -04:00
yh-semmle
ca7a5b3926 Java: add compilation/diagnostic relations to dbscheme 2019-06-12 17:21:34 -04:00
yh-semmle
547bd584a0 Merge pull request #1447 from aschackmull/java/equals-type-test 
Java: Improve precision of java/unchecked-cast-in-equals
 2019-06-12 09:49:18 -04:00