hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-25 13:16:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,479 Commits 1,673 Branches 157 Tags
47affa0fed674e875699b0587f84a15bef683bbc
Commit Graph

12777 Commits

Author SHA1 Message Date
REDMOND\brodes
32d29ffde3 Changed casing on TCipherType, Added some initial fixes for hash support, started developing openssl hashing modeling. 2025-03-07 10:02:36 -05:00
REDMOND\brodes
b9bd199432 Regression fixes for JCA 2025-03-06 13:39:23 -05:00
REDMOND\brodes
8865d89fe9 Removing old ReusedNonce query. 2025-03-03 16:51:30 -05:00
REDMOND\brodes
2ee1681126 Adding a proof-of-concept PossibleReusedNonce query. 2025-03-03 15:09:27 -05:00
REDMOND\brodes
14cb2bb12f Updates to insecure or unknown nonce at operation. 2025-03-03 14:42:50 -05:00
REDMOND\brodes
076f53147d Proof-of-concept query for InsecureOrUnknownNonceAtOperation 2025-03-03 13:53:16 -05:00
Nicolas Will
627790f98b Clean up consumer and instance interfaces 2025-03-03 19:06:53 +01:00
Nicolas Will
cf33cf7653 Add input and output nodes and fix cross product 2025-02-28 15:21:46 +01:00
Nicolas Will
0354afc365 Make ArtifactConsumers instances of some Artifacts 
TODO: refactor the interfaces
 2025-02-27 15:54:38 +01:00
Nicolas Will
04f4683399 Rewrite handling of known unknowns and data-flow 2025-02-27 05:42:02 +01:00
Nicolas Will
f55f27b0d9 Expand handling of generic artifact sources 2025-02-25 18:22:38 +01:00
Nicolas Will
eb91ecf1fb Add generic artifact data-flow 
The relation between RNG and other artifacts has been added
Nonce has been completed to report its source
 2025-02-25 02:53:13 +01:00
Nicolas Will
2b0b927b0b Add Nonce association to Operation, update graph 2025-02-24 17:37:41 +01:00
REDMOND\brodes
86cab46b8d Misc. updates to support all JCA cipher operations, including wrap, unwrap and doFinal calls. Corrected pathing for init tracing to detect what mode is being set along a path. Added support for tracing the init operation mode argument to source. Since this involved creating an Operation Mode, changes were also made to make cipher block modes (CBC) more explicit (previously just called mode, but now that term is used for various purposes). 2025-02-21 12:53:35 -05:00
REDMOND\brodes
9ac9252f75 Adding a todo 2025-02-20 11:11:41 -05:00
REDMOND\brodes
011ed3fbfd Simplifying additional flow step logic. 2025-02-20 11:10:24 -05:00
REDMOND\brodes
9ee4a7a7b8 Adding a sketch for a CipherOperation concept to model encryption/decryption operations. 2025-02-20 10:37:40 -05:00
REDMOND\brodes
3871c6a33e Adding support for encryption operation detection. 2025-02-18 16:09:00 -05:00
Nicolas Will
8707e4d9a3 Continue Artifact data-flow WIP 2025-02-18 18:35:49 +01:00
Nicolas Will
df01fa7a9c Expand model and JCA modeling 2025-02-17 00:16:08 +01:00
Nicolas Will
b777a22d35 Expand model and specialize newtype relations 2025-02-14 23:43:07 +01:00
Nicolas Will
874e3b5e06 Modify model to use newtypes, expand modeling 2025-02-12 17:58:15 +01:00
Nicolas Will
4d44755945 Refactor Model and CBOM print queries 2025-02-11 15:37:15 +01:00
Kristen Newbury
1a12fb3099 Update JCA model, refactor modes 2025-02-10 13:49:32 -05:00
Kristen Newbury
59208bdb85 Update JCA model to use shared lib 2025-02-10 12:22:22 -05:00
Kristen Newbury
6005437001 Update JCA model with flow to call as AESuse and format JCA model 2025-02-10 11:26:48 -05:00
Kristen Newbury
60d931af9f Update progress on JCA 2025-02-07 15:46:13 -05:00
Kristen Newbury
efcf7eab0c Add broken crypto query 2025-02-05 17:24:25 -05:00
Kristen Newbury
86e51dad8a Improve JCA aes alg model, add test 2025-02-05 13:39:48 -05:00
Kristen Newbury
5f355c7f55 Add first sample JCA encryption model 2025-02-04 11:55:09 -05:00
Tom Hvitved
303b11ec36 Merge pull request #18298 from hvitved/rust/mad-source-sink 
Rust: Add support for MaD sources and sinks with access paths
 2025-01-10 11:49:51 +01:00
yoff
b263132ab2 Merge pull request #17998 from yoff/shared/locations-in-range-analysis 2025-01-09 14:05:54 +01:00
Owen Mansel-Chan
0f8f5d2793 Merge branch 'main' into post-release-prep/codeql-cli-2.20.1 2025-01-08 16:28:23 +00:00
yoff
21e7a0e828 Merge branch 'main' into shared/locations-in-range-analysis 2025-01-08 16:40:59 +01:00
Tom Hvitved
868caf948c Rename {Source,Sink}Node to {Source,Sink}Element 2025-01-08 15:21:43 +01:00
github-actions[bot]
fb20f6ca63 Post-release preparation for codeql-cli-2.20.1 2025-01-07 22:07:40 +00:00
github-actions[bot]
88b6f1e79a Release preparation for version 2.20.1 2025-01-07 20:50:36 +00:00
Dave Bartolomeo
72a53c4b23 Revert "Release preparation for version 2.20.1" 2025-01-07 13:32:23 -05:00
github-actions[bot]
fbf9f2fff8 Release preparation for version 2.20.1 2025-01-07 17:20:13 +00:00
Dave Bartolomeo
22e030584c Revert "Release preparation for version 2.20.1" 2025-01-07 12:14:27 -05:00
Chris Smowton
dd0012edcb ASCII 2025-01-06 23:28:02 +01:00
Chris Smowton
03c6529961 Spelling 2025-01-06 22:46:22 +01:00
github-actions[bot]
a121c5a5d0 Release preparation for version 2.20.1 2025-01-06 18:20:22 +00:00
Chris Smowton
d0eab598b1 Change note 2025-01-06 14:44:12 +00:00
Chris Smowton
5c2df36786 Exclude classes with a writeReplace method from serializability checks 2025-01-06 14:42:44 +00:00
Tom Hvitved
1b31c90d26 Implement FlowSummaryImpl stubs 2025-01-06 13:26:51 +01:00
Asger F
be939dca29 Merge pull request #14350 from asgerf/shared/deduplicate-path-graph 
Shared: Add DataFlow::DeduplicatePathGraph
 2024-12-18 14:04:29 +01:00
Asger F
8340841d54 Shared: Fix propagation of call bit 2024-12-17 11:16:04 +01:00
Asger F
950ae44d03 Shared: Show test failures 2024-12-17 11:15:57 +01:00
Michael Nebel
aaf0cd5dee Merge pull request #17968 from michaelnebel/java/movetestutils 
Move test utilities to the query pack.
 2024-12-16 13:41:30 +01:00