codeql

mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00

Author	SHA1	Message	Date
Anders Schack-Mulligen	29935e1388	Merge pull request #4771 from intrigus-lgtm/split-cwe-295 Java: Add unsafe hostname verification query and remove existing overlapping query	2021-01-13 11:31:38 +01:00
intrigus	4fa8f5eab2	Java: Accept test changes	2021-01-12 15:29:03 +01:00
intrigus	e11304a1ca	Java: Autoformat	2021-01-11 13:42:08 +01:00
intrigus	c88f07dde4	Java: Accept test output	2021-01-11 13:42:07 +01:00
intrigus	33b0ff28d8	Java: Update test	2021-01-11 13:42:07 +01:00
intrigus	70b0703952	Java: Remove overlapping code	2021-01-11 13:42:07 +01:00
intrigus	3da1cb0879	Java: Add unsafe hostname verification query	2021-01-11 13:42:07 +01:00
Anders Schack-Mulligen	e5b4975450	Merge pull request #4675 from luchua-bc/cleartext-storage-shared-prefs Java: Query to detect cleartext storage of sensitive information using Android SharedPreferences	2021-01-08 12:41:34 +01:00
Chris Smowton	e87fd86e63	Merge pull request #4814 from luchua-bc/java/password-in-configuration Java: Password in Java EE configuration files	2021-01-05 11:42:27 +00:00
Jonathan Leitschuh	ba4a562c9a	Update PrintAst.actual with new test output	2021-01-04 23:37:58 -05:00
Jonathan Leitschuh	028e4756bb	Apply suggestions from code review Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-01-04 10:13:52 -05:00
Jonathan Leitschuh	54950c2f42	Add MethodAccessSystemGetProperty predicate	2021-01-01 20:07:45 -05:00
luchua-bc	b44f01a87b	Enhance the check for embedded passwords	2020-12-17 03:47:38 +00:00
luchua-bc	bed8a68d28	Exclude broken algorithms from the list of secure algorithms	2020-12-17 00:41:23 +00:00
luchua-bc	d7facb42d6	Add missing broken crypto algorithms	2020-12-16 04:32:11 +00:00
luchua-bc	d469e9b24e	Format the code and minor text change	2020-12-13 21:15:18 +00:00
luchua-bc	e27ccd0a81	Format the code and update qldoc	2020-12-13 02:33:03 +00:00
luchua-bc	7ba237120b	Password in Java EE configuration files	2020-12-12 05:15:04 +00:00
Joe Farebrother	24dc631a8f	Java: Fix false positive in XXE query	2020-12-08 16:38:42 +00:00
Joe Farebrother	2fd5d26b1b	Add FP as a test case	2020-12-08 16:37:53 +00:00
Anders Schack-Mulligen	0cc324b715	Merge pull request #3839 from luchua-bc/uncaught-servlet-exception Java: Uncaught servlet exception	2020-12-02 15:12:59 +01:00
yo-h	cdeeefc235	Merge commit '8f2094f' into yo-h/java15-merge	2020-12-01 17:47:58 -05:00
yo-h	7e8bc4a61b	Merge commit '2fa9037' into yo-h/java15-merge	2020-11-29 18:42:20 -05:00
luchua-bc	ad0ac5b874	Change kind to problem	2020-11-27 16:43:57 +00:00
Anders Schack-Mulligen	028a72bcdd	Merge pull request #4610 from luchua-bc/java-nfe-local-android-dos Java: Query to detect Local Android DoS caused by NFE	2020-11-27 14:20:23 +01:00
luchua-bc	7ad031ca70	Move to experimental and update qldoc	2020-11-26 17:09:53 +00:00
Anders Schack-Mulligen	f70072a2db	Merge pull request #3454 from porcupineyhairs/javaSSRf Java : add request forgery query	2020-11-26 08:52:15 +01:00
yo-h	eedc385b37	Java 15: adjust test `options`	2020-11-26 00:14:24 -05:00
luchua-bc	a49160423b	Enhance the query and add more test cases	2020-11-25 04:33:26 +00:00
Anders Schack-Mulligen	0450489022	Java: Review fixes.	2020-11-24 11:31:44 +01:00
luchua-bc	a311462791	Move to query-test folder and update qldoc	2020-11-19 13:12:42 +00:00
luchua-bc	85434ca410	Format the source code and update qldoc	2020-11-17 21:20:53 +00:00
luchua-bc	0bd6255c41	Query for cleartext storage using Android SharedPreferences	2020-11-16 17:23:01 +00:00
Anders Schack-Mulligen	4be731d2ab	Java: Adjust reference to static method and add test.	2020-11-16 11:47:58 +01:00
Porcupiney Hairs	402a320a55	include suggestions from review.	2020-11-13 18:07:42 +05:30
Porcupiney Hairs	4b25532b9f	include suggestions from review.	2020-11-13 17:55:56 +05:30
Porcupiney Hairs	2525cfd786	include suggestions from review.	2020-11-13 00:28:06 +05:30
Porcupiney Hairs	38de9b6433	add request forgery query	2020-11-10 01:19:35 +05:30
luchua-bc	bc899b6337	Move common code to a library and add more test cases	2020-11-09 14:14:54 +00:00
luchua-bc	76a0db84ee	Query for detecting Local Android DoS caused by NFE	2020-11-09 14:10:00 +00:00
luchua-bc	a83f9ced96	Change the query to only catch the common exception rethrown case	2020-11-09 12:07:43 +00:00
Anders Schack-Mulligen	22b4df0f3c	Merge pull request #4512 from luchua-bc/sensitive-broadcast Java: Sensitive broadcast	2020-11-04 10:47:48 +01:00
luchua-bc	fa54c23a83	Handle the edge case that an exception is rethrown in a catch clause	2020-11-03 16:31:12 +00:00
Anders Schack-Mulligen	92494441a7	Merge pull request #4554 from aschackmull/dataflow/reverse-partial Dataflow: Add support reverse partial flow exploration.	2020-11-03 15:34:30 +01:00
Anders Schack-Mulligen	89361a3b75	Merge pull request #3812 from luchua-bc/java-android-remote-source Java: Add remote source of Android intent extra	2020-11-03 09:35:40 +01:00
Anders Schack-Mulligen	7eb64aa998	Dataflow: Code review fixes.	2020-11-03 09:16:20 +01:00
Anders Schack-Mulligen	d5be4d7b92	Dataflow: Add support reverse partial flow exploration.	2020-11-03 09:16:19 +01:00
luchua-bc	864411b4b9	Updates to Android stub classes	2020-11-02 14:06:44 +00:00
luchua-bc	6a8ce37428	Add query for initCause and addSuppressed	2020-11-02 11:59:14 +00:00
luchua-bc	78d7fe2fbb	Detect rethrowing unprocessed exceptions in catch clause	2020-11-01 02:13:50 +00:00

1 2 3 4 5 ...

429 Commits