Anders Schack-Mulligen
|
7e83a608a2
|
Merge pull request #4954 from aschackmull/java/member-hasqualifiedname
Java: Add Member.hasQualifiedName.
|
2021-02-15 10:02:13 +01:00 |
|
Chris Smowton
|
402f20c5e2
|
Merge pull request #5154 from smowton/smowton/admin/deprecate-old-maven-predicate-names
Java: Re-introduce deprecated versions of old Maven predicate names
|
2021-02-12 17:22:05 +00:00 |
|
Chris Smowton
|
80978c7c35
|
Merge pull request #5153 from smowton/smowton/admin/move-misplaced-experimental-query
Move misplaced experimental query into the conventional directory
|
2021-02-12 17:21:57 +00:00 |
|
Anders Schack-Mulligen
|
085286ab58
|
Merge pull request #5135 from pwntester/guava_preconditions
Add support for the Preconditions Class in the Guava framework
|
2021-02-12 14:15:17 +01:00 |
|
Chris Smowton
|
655cfb3a47
|
Re-introduce deprecated versions of old Maven predicate names
|
2021-02-12 12:24:19 +00:00 |
|
Chris Smowton
|
97df60f9d6
|
Move misplaced experimental query into the conventional directory
|
2021-02-12 12:12:16 +00:00 |
|
Marcono1234
|
e89891fa1f
|
Address review comments
|
2021-02-12 01:30:47 +01:00 |
|
Marcono1234
|
2a1c11b517
|
Improve MavenPom documentation, rename inconsistent predicates
|
2021-02-10 23:56:45 +01:00 |
|
Anders Schack-Mulligen
|
b74911204a
|
Merge pull request #4945 from intrigus-lgtm/java/insecure-jxbrowser
Java: Insecure JXBrowser
|
2021-02-10 15:48:17 +01:00 |
|
intrigus
|
5c82ff83de
|
Java: Fix qhelp, fix CWE reference
|
2021-02-10 13:57:51 +01:00 |
|
Alvaro Muñoz
|
645b021845
|
Add support for the Preconditions Class in the Guava framework
|
2021-02-10 13:20:29 +01:00 |
|
Tom Hvitved
|
1f9b42f9ab
|
Data flow: Sync files
|
2021-02-09 20:10:23 +01:00 |
|
intrigus
|
2e30f2d9ce
|
Java: Fix QHelp & accept test output
Accept test output for changed alert message.
|
2021-02-08 00:05:02 +01:00 |
|
Anders Schack-Mulligen
|
35e620a19c
|
Merge pull request #4854 from luchua-bc/java/insecure-ldap-auth
Java: Insecure LDAP authentication
|
2021-02-04 14:56:38 +01:00 |
|
luchua-bc
|
724c3e00e0
|
Update help file
|
2021-02-03 16:45:15 +00:00 |
|
Anders Schack-Mulligen
|
40d02e7e32
|
Merge pull request #4926 from luchua-bc/java/insufficient-key-size
Java: Query to detect weak encryption: insufficient key size
|
2021-02-03 15:16:10 +01:00 |
|
Anders Schack-Mulligen
|
0df7e9fa4e
|
Merge pull request #4989 from lcartey/lcartey/spring-inheritence-improvements
Java: Track taint through Spring Java bean getters on super types
|
2021-02-03 15:06:03 +01:00 |
|
luchua-bc
|
2ace10fcdf
|
Use PostUpdateNode for wrapper method calls
|
2021-02-03 12:21:31 +00:00 |
|
luchua-bc
|
3151aeff48
|
Enhance the query
|
2021-02-02 18:26:29 +00:00 |
|
luchua-bc
|
5e3b6fa341
|
Update qldoc
|
2021-02-02 16:20:39 +00:00 |
|
luchua-bc
|
50be54385a
|
Update qldoc
|
2021-02-02 14:49:50 +00:00 |
|
Luke Cartey
|
76c9b6466e
|
Reformat TaintTrackingUtil.qll with more recent CodeQL CLI
|
2021-01-29 11:27:30 +00:00 |
|
luchua-bc
|
ab7d257569
|
Add more cases and change EC to 256 bits
|
2021-01-28 04:06:27 +00:00 |
|
luchua-bc
|
2ac7b4bab4
|
Update qldoc
|
2021-01-28 04:06:27 +00:00 |
|
luchua-bc
|
058f3af4b2
|
Refactor the hasShortSymmetricKey method
|
2021-01-28 04:06:27 +00:00 |
|
luchua-bc
|
cbaee937d0
|
Optimize the query
|
2021-01-28 04:06:27 +00:00 |
|
luchua-bc
|
cfc950f803
|
Query for weak encryption: Insufficient key size
|
2021-01-28 03:25:15 +00:00 |
|
luchua-bc
|
6a93099b64
|
Simplify the query and update qldoc
|
2021-01-28 03:02:53 +00:00 |
|
intrigus
|
d3e6e594b2
|
Java: Improve QLDoc
|
2021-01-27 11:57:32 +01:00 |
|
intrigus
|
bdba7e14fe
|
Java: Switch to data flow
|
2021-01-27 11:54:40 +01:00 |
|
Joe Farebrother
|
d69ecde5c1
|
Java: Add additional flow steps for guava collection methods and more unit tests
|
2021-01-25 16:37:40 +00:00 |
|
Joe Farebrother
|
7e11d8ed07
|
Java: Add modelling for guava Sets
|
2021-01-25 16:37:40 +00:00 |
|
Joe Farebrother
|
d1427fcd93
|
Java: Add modelling for Guava's collection classes
|
2021-01-25 16:37:40 +00:00 |
|
Luke Cartey
|
5c6f5b7b33
|
Java: Track taint through Spring Java bean getters on super types
|
2021-01-20 16:53:03 +00:00 |
|
Anders Schack-Mulligen
|
dde8d320f3
|
Apply suggestions from code review
Minor qldoc fixes.
|
2021-01-19 08:24:24 +01:00 |
|
Marcono1234
|
703336a77f
|
Add ArrayInit.getSize(), improve documentation
|
2021-01-18 16:44:53 +01:00 |
|
luchua-bc
|
32c54628f8
|
Drop fieldName from the function for runtime evaluation
|
2021-01-15 12:33:00 +00:00 |
|
luchua-bc
|
e5a703e49c
|
Revamp the query
|
2021-01-15 04:05:11 +00:00 |
|
intrigus-lgtm
|
b8076481bf
|
Java: Suggestions from Review
|
2021-01-13 20:32:23 +01:00 |
|
Anders Schack-Mulligen
|
f3b8fe2e2e
|
Java: Add Member.hasQualifiedName.
|
2021-01-13 13:42:35 +01:00 |
|
Anders Schack-Mulligen
|
29935e1388
|
Merge pull request #4771 from intrigus-lgtm/split-cwe-295
Java: Add unsafe hostname verification query and remove existing overlapping query
|
2021-01-13 11:31:38 +01:00 |
|
luchua-bc
|
babe744a30
|
Add SECURITY_PROTOCOL check
|
2021-01-13 03:49:08 +00:00 |
|
intrigus
|
5b3086a93a
|
Java: Fix capitalization of JxBrowser
|
2021-01-12 22:43:41 +01:00 |
|
intrigus
|
1ebc9f4d93
|
Java: Only detect JxBrowser < 6.24
|
2021-01-12 22:39:08 +01:00 |
|
intrigus
|
1901f6bf55
|
Java: Make @id @name of query more similar.
|
2021-01-12 15:36:55 +01:00 |
|
intrigus
|
9b3070ab7c
|
Java: Add JXBrowser disabled certificate query.
|
2021-01-12 14:48:22 +01:00 |
|
intrigus
|
85286f362c
|
Java: Replace global flow by local flow
|
2021-01-11 19:02:07 +01:00 |
|
intrigus-lgtm
|
722bd4dafa
|
Java: Revise qhelp
|
2021-01-11 18:57:24 +01:00 |
|
intrigus-lgtm
|
4cfdb10ddc
|
Java: Improve QLDoc & simplify code
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
|
2021-01-11 18:50:43 +01:00 |
|
intrigus
|
5c1e746c96
|
Java: Rename to EnvReadMethod
|
2021-01-11 13:42:08 +01:00 |
|