hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-28 18:28:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,801 Commits 1,723 Branches 164 Tags
0175a596ef7907ddfd6d9d65db7537d121a9002e
Commit Graph

880 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
0175a596ef Update java/ql/src/experimental/Security/CWE/CWE-600/UncaughtServletException.ql 2020-12-02 13:33:59 +01:00
luchua-bc
dcb7324643 Add the constraint that the caller method must throw an exception 2020-11-11 16:47:53 +00:00
luchua-bc
a83f9ced96 Change the query to only catch the common exception rethrown case 2020-11-09 12:07:43 +00:00
luchua-bc
3f0cdb6a1a Update qldoc and comments 2020-11-03 19:40:28 +00:00
luchua-bc
fa54c23a83 Handle the edge case that an exception is rethrown in a catch clause 2020-11-03 16:31:12 +00:00
luchua-bc
6a8ce37428 Add query for initCause and addSuppressed 2020-11-02 11:59:14 +00:00
luchua-bc
78d7fe2fbb Detect rethrowing unprocessed exceptions in catch clause 2020-11-01 02:13:50 +00:00
luchua-bc
756db4c03a Simplify the query and add more test cases 2020-10-31 01:33:24 +00:00
luchua-bc
67af9b0f3e Add comments and update JavaDocs of GenericServlet using the source JAR 2020-10-30 17:05:53 +00:00
luchua-bc
93d1393ded Add error-page check 2020-10-30 16:45:56 +00:00
luchua-bc
a61f814b4b Change to ServletResponse type and fix formatting error 2020-07-02 12:49:25 +00:00
luchua-bc
1d0232b464 Add more servlet methods and fix formatting errors 2020-07-02 03:07:19 +00:00
luchua-bc
d978f28822 Simplify the query for subtype check 2020-06-30 11:15:18 +00:00
luchua-bc
382e5a5a7a Revert "Add remote source of Android intent extra" 
This reverts commit 65e76ab18f.
 2020-06-30 00:55:05 +00:00
luchua-bc
3e8e9f9969 Revert "Add method access qualifier as source" 
This reverts commit 87668bf075.
 2020-06-30 00:54:27 +00:00
luchua-bc
065b90ab6b Revert "text changes" 
This reverts commit 0f8dd7c328.
 2020-06-30 00:53:03 +00:00
luchua-bc
ede9cec4a9 Uncaught Servlet Exception 2020-06-29 20:07:53 +00:00
luchua-bc
0f8dd7c328 text changes 2020-06-27 22:56:00 +00:00
Bt2018
87668bf075 Add method access qualifier as source 2020-06-27 18:00:52 -04:00
luchua-bc
65e76ab18f Add remote source of Android intent extra 2020-06-25 20:20:18 +00:00
Anders Schack-Mulligen
791f31fa65 Merge pull request #3595 from luchua-bc/j2ee-server-directory-listing 
Java: Add check for J2EE server directory listing
 2020-06-24 16:45:34 +02:00
Anders Schack-Mulligen
941177ee25 Merge pull request #3762 from hvitved/dataflow/clear-contents 
Data flow: Model field clearing
 2020-06-24 10:19:50 +02:00
Anders Schack-Mulligen
3b62bd254c Merge pull request #3723 from JLLeitschuh/fix/JLL/gitignore_vs_code_generated_files 
Add .gitignore for VS Code Generated maven project files
 2020-06-24 09:35:01 +02:00
Tom Hvitved
a3e7fd60f2 Data flow: Enable syntax highlighting in QLDoc snippets 2020-06-23 16:54:34 +02:00
Bt2018
fffc88ea5b Metadata update 2020-06-23 10:34:28 -04:00
luchua-bc
89260d6f8a Fix ending line error 2020-06-23 12:36:07 +00:00
luchua-bc
7642b43990 Adjust id tag and fix ending line error 2020-06-23 12:10:07 +00:00
Tom Hvitved
ff751ac0f8 Data flow: Sync files 2020-06-23 10:55:12 +02:00
Tom Hvitved
c01f570d9e Java: Implement clearsContent() 2020-06-23 10:55:12 +02:00
Tom Hvitved
c057e82efa Data flow: Sync files 2020-06-23 10:55:11 +02:00
Tom Hvitved
e578827626 Java: Add more field-flow tests 2020-06-23 10:55:11 +02:00
semmle-qlci
e06a54c33d Merge pull request #3494 from hvitved/dataflow/partial-flow-access-path-limit 
Approved by aschackmull
 2020-06-22 12:09:00 +01:00
Anders Schack-Mulligen
71665a02fa Merge pull request #3737 from Marcono1234/patch-1 
Simplify NoAssignInBooleanExprs.ql
 2020-06-22 10:46:00 +02:00
Tom Hvitved
72e6c9c2b1 Data flow: Use accessPathLimit() in partial flow as well 2020-06-22 10:08:51 +02:00
Anders Schack-Mulligen
8107fbadc2 Merge pull request #3456 from hvitved/dataflow/precise-field-types 
Data flow: Track precise types during field flow
 2020-06-19 11:50:10 +02:00
Marcono1234
161ba92123 Simplify NoAssignInBooleanExprs.ql 2020-06-18 15:16:09 +02:00
Anders Schack-Mulligen
74eab3cbc0 Dataflow: Fix qltest. 2020-06-17 17:23:35 +02:00
Anders Schack-Mulligen
cedfaf6aaf Dataflow: autoformat 2020-06-17 17:09:55 +02:00
Anders Schack-Mulligen
543ab71dfe Dataflow: minor review fixes. 2020-06-17 17:03:22 +02:00
Anders Schack-Mulligen
d28b5ace63 Dataflow: Sync. 2020-06-17 15:40:48 +02:00
Anders Schack-Mulligen
10b64fc47a Dataflow: Record content type for stores. 2020-06-17 15:40:42 +02:00
Jonathan Leitschuh
c2052ed152 Add .gitignore for VS Code Generated maven project files 
When VS Code detects a Maven project, it automatically generates
a bunch of Eclipse files to describe the project.

These are now ignored in order to not pollute the repository
 2020-06-15 22:29:30 -04:00
Anders Schack-Mulligen
041af38934 Merge pull request #3697 from intrigus-lgtm/patch-1 
Fix typo
 2020-06-12 10:04:40 +02:00
Jonas Jensen
abd05bcff1 Merge pull request #3596 from robertbrignull/more-suites 
Add more code-scanning suites
 2020-06-12 09:08:20 +02:00
intrigus-lgtm
422b059aec Fix typo 2020-06-11 22:54:13 +02:00
semmle-qlci
1b8f3c4b84 Merge pull request #3657 from hvitved/dataflow/hidden-nodes 
Approved by aschackmull, jbj
 2020-06-10 13:22:09 +01:00
semmle-qlci
22d50f009e Merge pull request #3667 from aschackmull/java/compiletimeconstant-cast-eval 
Approved by aibaars
 2020-06-10 12:05:42 +01:00
Anders Schack-Mulligen
4b3ca13f25 Merge pull request #3491 from luchua-bc/java-insecure-smtp-ssl 
Java: CWE-297 insecure JavaMail SSL configuration
 2020-06-10 11:02:50 +02:00
Anders Schack-Mulligen
c334d72f11 Java: Fix CompileTimeConstantExpr qldoc and add char cast case. 2020-06-10 10:59:10 +02:00
luchua-bc
1fd9c7fdec Add all dependent class stubs 2020-06-09 20:12:05 +00:00