hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 13:23:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,861 Commits 1,697 Branches 161 Tags
261ef0fbff76f175d896bd5bc011bcccb824f139
Commit Graph

776 Commits

Author SHA1 Message Date
yh-semmle
a4beb03e15 Java: respect override annotations in java/unused-parameter 2019-02-20 15:27:35 -05:00
yh-semmle
b0d9c80ccc Java: add taint steps for Protobuf framework 2019-02-15 20:01:07 -05:00
yh-semmle
fc4aa16905 Java: add remote user input for Apache Thrift framework 2019-02-15 20:01:07 -05:00
yh-semmle
751bbbf583 Java: add remote user input for Struts 2 ActionSupport 2019-02-15 20:01:06 -05:00
yh-semmle
a436369846 Java: add remote user input and taint step for Guice framework 2019-02-15 20:01:06 -05:00
Anders Schack-Mulligen
63a4dd09ad Java: Autoformat qlls. 2019-02-12 14:38:08 +01:00
Henning Makholm
b8a03464bf Fix false positives in java/unused parameter 
Methods that are mentioned in a member reference expression should count
as rootdefs for the unused parameter query. Such methods have to match
the functional interface of the reference expression, so it is to be
expected that they will sometimes have to declare parameters that they
don't actually use.
 2019-02-07 21:14:36 +01:00
yh-semmle
3e8f7a740c Merge pull request #838 from aschackmull/java/taint-collections 
Java: Add additional taint steps through collections.
 2019-02-05 09:59:24 -05:00
Anders Schack-Mulligen
fe7add77d2 Java: Account for the repo move in NonSecurityTestClass. 2019-02-05 14:31:40 +01:00
james
7cc1442ecb Update link text 2019-01-30 09:44:07 +00:00
james
9d1a050f35 update links to locations in .qll files 2019-01-30 08:01:49 +00:00
Anders Schack-Mulligen
a29f615da0 Java: Add additional taint steps through collections. 2019-01-28 14:34:09 +01:00
semmle-qlci
65b64c7c05 Merge pull request #645 from sb-semmle/configuration-file-library 
Approved by yh-semmle
 2019-01-26 02:06:16 +00:00
Sebastian Bauersfeld
f56fb6d774 Address review comments. 2019-01-24 16:09:06 -05:00
Sebastian Bauersfeld
1727a0cd1f Address review comments. 2019-01-23 18:01:35 -05:00
yh-semmle
b8f53b5c6a Merge pull request #733 from aschackmull/java/remove-old-dataflow 
Java: Remove old dataflow library.
 2019-01-08 14:59:27 -05:00
Anders Schack-Mulligen
51f5198404 Java: Remove old dataflow library. 2019-01-08 13:52:24 +01:00
Anders Schack-Mulligen
9530eb6cdb Java: Switch to built-in gcd. 2019-01-08 10:07:51 +01:00
Sebastian Bauersfeld
c35fc82218 Remove a duplicated predicate. 2018-12-14 12:59:49 -05:00
Aditya Sharad
f92456fcad Merge master into next. 
Conflict in `cpp/ql/test/library-tests/sideEffects/functions/sideEffects.expected`,
resolved by accepting test output (combining changes).
 2018-12-12 17:26:18 +00:00
Sebastian Bauersfeld
6c756c5e6a Rename ConfigLine to ConfigPair. Make ConfigFiles.ql a library, as intended 2018-12-10 14:08:27 -05:00
Sebastian Bauersfeld
3379e71e01 Add ConfigFiles library for working with configuration files. 2018-12-07 15:11:54 -05:00
Anders Schack-Mulligen
f09eb67af0 Java: Add org.apache.commons.lang3.StringUtils.isBlank as a nullguard. 2018-12-07 16:18:32 +01:00
yh-semmle
bc78219653 Java: account for change to field annotation extraction 2018-12-06 23:06:14 -05:00
Anders Schack-Mulligen
ae44b90456 Java: Normalize parentheses. 2018-11-28 15:01:25 +01:00
Anders Schack-Mulligen
fe8dfeec0d Java: Add some this-qualifiers. 2018-11-13 14:58:25 +01:00
Anders Schack-Mulligen
411891c303 Java: Don't inherit methods from co-/contra-variant supertypes. 2018-11-13 14:56:22 +01:00
Anders Schack-Mulligen
fa3fa33c51 Java: Don't construct nonsense SSA for unreachable code. 2018-11-06 16:43:08 +01:00
Anders Schack-Mulligen
41c89475fe Java: Rerun autoformat. 2018-11-01 17:01:12 +01:00
Anders Schack-Mulligen
bf6b7c4734 Java: Add ZipSlip query. 2018-10-31 11:38:27 +01:00
Anders Schack-Mulligen
3d81328c41 Java: Improve array length bounds on array phi nodes that may be null. 2018-10-26 11:18:31 +02:00
semmle-qlci
cbc2d9e257 Merge pull request #361 from aschackmull/java/springweb-servlet-sources 
Approved by yh-semmle
 2018-10-26 02:06:11 +01:00
Anders Schack-Mulligen
1d716ae461 Java: Add remote user input sources for Spring servlets. 2018-10-24 15:00:15 +02:00
Anders Schack-Mulligen
263de5219a Java: Add additional SQL injection sinks. 2018-10-24 13:58:21 +02:00
semmle-qlci
c78f3f8edf Merge pull request #336 from aschackmull/java/dataflow-cleanup 
Approved by yh-semmle
 2018-10-20 03:43:49 +01:00
Anders Schack-Mulligen
0b46ffa7d7 Java/CPP: Sync files. 2018-10-18 15:10:23 +02:00
Anders Schack-Mulligen
bf58b6c9ab Java: Remove self-ref tracking; improve AccessPath.toString on numbers. 2018-10-18 15:05:04 +02:00
Anders Schack-Mulligen
187918396c Java: Autoformat the last 5 files (RangeAnalysis). 2018-10-18 10:03:08 +02:00
semmle-qlci
3af91d5d0a Merge pull request #301 from aschackmull/java/modulus-analysis 
Approved by yh-semmle
 2018-10-18 08:24:32 +01:00
Anders Schack-Mulligen
3dc9071a44 Java: Add missing word in deprecation comments. 2018-10-17 15:59:52 +02:00
Anders Schack-Mulligen
26009065af Java: Fix regression. 2018-10-16 11:29:15 +02:00
Anders Schack-Mulligen
22c986af77 Java: Autoformat. 2018-10-12 13:44:55 +02:00
Anders Schack-Mulligen
11279d4c83 Java: Autoformat Overflow.qll and add comment about imprecise float. 2018-10-12 13:40:32 +02:00
Anders Schack-Mulligen
0f5a3d3bb7 Java: Adjust comment style. 2018-10-12 13:40:32 +02:00
Anders Schack-Mulligen
2f0b983335 Java: Autoformat most of semmle.code.java. 2018-10-12 13:40:32 +02:00
Anders Schack-Mulligen
bc7ea93608 Java: Adjust some comment positions and break some lines. 2018-10-12 13:40:32 +02:00
Anders Schack-Mulligen
5502db4c74 Java: Autoformat most of semmle.code.java.dataflow. 2018-10-12 13:40:32 +02:00
Anders Schack-Mulligen
f341aa79a3 Java/C: Sync dataflow copies. 2018-10-12 13:40:32 +02:00
Anders Schack-Mulligen
3cdcbf0129 Java: Autoformat DataFlowImpl.qll and DataFlowImplCommon.qll. 2018-10-12 13:40:32 +02:00
Anders Schack-Mulligen
815c245f44 Java: Adjust comment style. 2018-10-12 13:40:32 +02:00