hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,671 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

4109 Commits

Author SHA1 Message Date
Benjamin Muskalla
6b2460d4a1 Formatting 2021-11-10 16:30:21 +01:00
Benjamin Muskalla
060862ab3b Avoid certain test sources in models 2021-11-10 16:30:21 +01:00
Benjamin Muskalla
e607953b9c Simplify query 2021-11-10 16:30:21 +01:00
Benjamin Muskalla
9a859334d4 Formatting 2021-11-10 16:30:21 +01:00
Benjamin Muskalla
6c59333716 Remove workaround that accounted for missing flow 2021-11-10 16:30:21 +01:00
Benjamin Muskalla
7dae6122d9 Support CharSequence#toString 
Given CharSequence is often used as an
alias for String, ensure taint through toString is flowing
 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
ca9d5439f0 Restrict source configuration to return nodes 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
7a7ec06819 Simplify sink configuration 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
1a4fd7bc7d Allow camelcase names 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
2b2ac82fb7 Fix bug in sink detection 2021-11-10 16:30:20 +01:00
Benjamin Muskalla
c616eb1473 Fix finding more sources 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
38579ef25b Add proper metadata to queries 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
a80d50cbc0 Simplify field flow 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
a1d8dfb524 Initial support for source models 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
c844f5382f Add script to generate flow models 2021-11-10 16:30:19 +01:00
Benjamin Muskalla
f9fea15a52 Initial support for capturing sink models 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
364de55b8d Support parameter->parameter flow 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
cd11ef3bf6 Support outgoing taint flow from fields 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
c3462be2c9 Capture argument->return value flows 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
4ca006ba3d Only expose visible innner classes 2021-11-10 16:30:18 +01:00
Benjamin Muskalla
88032afdc3 Add test for final class 2021-11-10 16:30:17 +01:00
Benjamin Muskalla
ec772fb6b2 Add support for qualifier flow 2021-11-10 16:30:17 +01:00
Benjamin Muskalla
32ef40c77b Add scaffolding for summary model generator 2021-11-10 16:30:17 +01:00
Tom Hvitved
198b321158 Java: Hide parameters of summarized callables 2021-11-10 15:13:32 +01:00
Anders Schack-Mulligen
6d9fb3ca43 Dataflow: Sync. 2021-11-10 15:11:13 +01:00
Anders Schack-Mulligen
678a21e532 Dataflow: Support hidden return nodes in subpaths. 2021-11-10 15:11:13 +01:00
Benjamin Muskalla
f9fa22c14d Removed unused import 2021-11-10 10:21:54 +01:00
Benjamin Muskalla
1a751608de Extract Commons IO into seperate file 2021-11-10 10:15:27 +01:00
github-actions[bot]
f5426336c3 Add changed framework coverage reports 2021-11-10 00:09:06 +00:00
Anders Schack-Mulligen
1efe1e0d10 Java: Improve algorithm for subtyping of parameterized types. 2021-11-09 15:49:17 +01:00
Benjamin Muskalla
bfe2e2e0b9 Model taint for FilterOutputStream 2021-11-09 14:21:50 +01:00
Anders Schack-Mulligen
1e0eb2f6e4 Merge pull request #7072 from aschackmull/java/nomagic-synchsetunsynchget 
Java: Fix bad magic in SynchSetUnsynchGet.
 2021-11-08 13:48:22 +01:00
Anders Schack-Mulligen
92fb7f555c Java: Fix bad magic in SynchSetUnsynchGet. 2021-11-08 11:42:20 +01:00
Anders Schack-Mulligen
85fdbda16f Merge pull request #7002 from aschackmull/java/field-node 
Java: Add FieldValueNode to break up cartesian step relation.
 2021-11-08 09:31:42 +01:00
github-actions[bot]
d7bfaec0f5 Add changed framework coverage reports 2021-11-05 00:09:28 +00:00
Tony Torralba
f4704f1325 Merge pull request #6397 from atorralba/atorralba/android-intent-redirect-query 
Java: Create new Android Intent Redirection query
 2021-11-04 10:42:59 +01:00
Tony Torralba
fd92c4e435 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-11-04 10:08:53 +01:00
Anders Schack-Mulligen
e6145f04d2 Merge pull request #6966 from atorralba/atorralba/android-explicit-intent-sanitizer 
Android: Add ExplicitIntentSanitizer and allowIntentExtrasImplicitRead
 2021-11-03 10:20:09 +01:00
Mathias Vorreiter Pedersen
4a2894a707 Merge pull request #7025 from MathiasVP/nomagic-parameterCand 
Dataflow: Replace a 'noinline' pragma with a 'nomagic' pragma
 2021-11-02 20:40:44 +00:00
Anders Schack-Mulligen
7d0152f3c0 Merge pull request #6932 from aschackmull/dataflow/flow-features 
Dataflow: Add support for call context restrictions on sources/sinks.
 2021-11-02 13:24:17 +01:00
Mathias Vorreiter Pedersen
6f4107ff23 Dataflow: Replace a 'noinline' pragma with a 'nomagic' pragma. 2021-11-02 11:37:40 +00:00
CodeQL CI
5d62aa5b29 Merge pull request #6994 from erik-krogh/redundant-cast 
Approved by RasmusWL, aschackmull, esbena, geoffw0, hvitved, nickrolfe
 2021-11-02 03:45:48 -07:00
Anders Schack-Mulligen
42a046edc6 Merge pull request #7004 from Marcono1234/marcono1234/deprecate-StringLiteral-getRepresentedString 
Java: Deprecate `StringLiteral.getRepresentedString()`
 2021-11-02 09:57:52 +01:00
github-actions[bot]
093be44258 Add changed framework coverage reports 2021-11-02 00:09:00 +00:00
Marcono1234
668928045e Merge branch 'main' into marcono1234/deprecate-StringLiteral-getRepresentedString 2021-11-01 16:32:57 +01:00
Anders Schack-Mulligen
e88bbfdd67 Merge pull request #7008 from JLLeitschuh/feat/JLL/java_optional_lambda_support 
Java: Model java.util.Optional lambda methods
 2021-11-01 13:49:21 +01:00
Chris Smowton
b59f6665a2 Fix punctuation 2021-11-01 11:02:58 +00:00
Chris Smowton
9ff426cf23 Sort Optional models 2021-11-01 10:59:03 +00:00
Anders Schack-Mulligen
301a907596 Update java/ql/lib/semmle/code/java/Expr.qll 2021-11-01 09:36:09 +01:00
Jonathan Leitschuh
c2a2a3a676 Java: Model java.util.Optional lambda methods 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-29 13:23:47 -04:00