hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 13:23:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,291 Commits 1,697 Branches 161 Tags
4860034d4122a6efc09b8dfd0aa2f3e43e4bdf1d
Commit Graph

4582 Commits

Author SHA1 Message Date
REDMOND\brodes
25599e9b4b crypto: Update JCA model macs to take into consideration update calls (use prior pattern for signatures). Misc. bug fixes. 2025-10-15 16:25:36 -04:00
REDMOND\brodes
9a6aac1300 Crypto: To get unreferenced parameters as general sources for Java, I've included the caveat that if a function is called, all the calls appear to be in test files. 2025-10-15 14:20:16 -04:00
REDMOND\brodes
ee08385e31 Crytpo: Update JCA keyagreement to type conversion, XDH is a type of ECDH. 2025-10-15 08:06:19 -04:00
REDMOND\brodes
76128ed8dc Crypto: Update InsecureIVorNonce to be a path problem. 2025-10-13 15:29:57 -04:00
REDMOND\brodes
08abdb8c85 Crypto: Adding a "javaConstant" concept to handle config files. 2025-10-13 12:03:41 -04:00
REDMOND\brodes
36673659ad Crypto: Weak asymmetric key gen size fixes and test. 2025-10-10 14:49:35 -04:00
Nicolas Will
fdba3acc4b Crypto: Fix QL-for-QL alert and auto-format 2025-10-09 13:59:51 +02:00
REDMOND\brodes
11e81395b5 Crypto: Updated default flows to use taint tracking (this is needed to fix false positives in the unknown IV/Nonce query). Add the unknown IV/Nonce query and associated test cases. Fix unknown IV/Nonce query to focus on cases where the oepration isn't known or the operation subtype is not encrypt or wrap. 2025-10-08 14:14:17 -04:00
REDMOND\brodes
83ff70bcd8 Crypto: Adding tests for insecure iv or nonce. Updating generic literal sources to include array literals. 2025-10-08 12:47:58 -04:00
REDMOND\brodes
bd34b6ce02 Crypto: Removing JCA model of random, need to reassess this as this impacts the insecure IV/Nonce query. Updated name of the Insecure nonce query to be InsecureIVorNonce 2025-10-08 11:41:21 -04:00
REDMOND\brodes
cf88e3f52d Crypto: Standardize naming where use of "family" and "type" have been used. Prefer 'type'. 2025-10-08 09:54:53 -04:00
Alex Eyers-Taylor
542bdf0792 Java: Use Overlay dataflow in java. 2025-10-07 17:52:12 +01:00
Alex Eyers-Taylor
c49e2ab2da DataFlow: Add code to do overlay informed dataflow. 2025-10-07 17:52:12 +01:00
Anders Schack-Mulligen
18e33b193e Merge pull request #20589 from aschackmull/java/array-entrypoint-read-taint 
Java: Allow taint-read-steps for array sources.
 2025-10-07 15:04:03 +02:00
Anders Schack-Mulligen
7dadbc43fb Java: Add change note. 2025-10-07 13:51:49 +02:00
Anders Schack-Mulligen
11665bea0a Java: Allow taint-read-steps for array sources. 2025-10-07 10:10:02 +02:00
Ben Rodes
b32a6407b9 Update java/ql/lib/experimental/quantum/JCA.qll 
Co-authored-by: Nicolas Will <nicolaswill@github.com>
 2025-10-06 09:04:19 -04:00
Nicolas Will
579da1dbd6 Fix QL-for-QL alerts 2025-10-06 14:45:45 +02:00
REDMOND\brodes
9fa30a3884 Crypto: Updating algorithm string literals and key generation algorithm literal sources to include signatures. 2025-10-03 18:09:27 -04:00
REDMOND\brodes
9c5765a48c Crypto: Add missing string constants for signature algorithms. 2025-10-03 17:17:07 -04:00
REDMOND\brodes
f1eb6511a7 Crypto: Add modeling for JCA signatures. Make consistent use of "unknown" or "other" for unrecognized types. 2025-10-03 12:07:37 -04:00
REDMOND\brodes
a46bd4c4ca Crypto: JCA random number generation model. 2025-10-02 15:21:28 -04:00
Nicolas Will
4901cdf929 Crypto: Refactor and change casts to super 2025-10-02 18:43:38 +02:00
REDMOND\brodes
9673b81677 Crypto: Update JCA 'wihHmac" raw name to be the entire raw string, not just "Hmac" 2025-10-02 11:49:23 -04:00
REDMOND\brodes
704a06e1fa Crypto: Update JCA PBKDF2 modeling: 1) add further inheritance structures to make the inheritance decomposition and caveats clearer, and 2) use getConsumer to establish the hash and hmac consumer. Update the Model to expect hash node types specifically for HMAC getHashALgorithmOrUnknown. 2025-10-02 11:45:13 -04:00
REDMOND\brodes
850c1ec12d Crypto: Fix use of a member where a singleton set literal exists 2025-10-02 09:20:40 -04:00
REDMOND\brodes
b08533b322 Crypto: Fix missing output variable 2025-10-02 09:10:50 -04:00
REDMOND\brodes
c37b7c1389 Merge branch 'signature_model_refactor' of https://github.com/bdrodes/codeql into signature_model_refactor 2025-10-02 09:05:09 -04:00
REDMOND\brodes
38421cec94 Crypto: Missing casing fix for JCA classes 2025-10-02 09:04:23 -04:00
Ben Rodes
d251b3f9f7 Merge branch 'main' into signature_model_refactor 2025-10-02 09:02:34 -04:00
REDMOND\brodes
329a7dee1c Crypto: Fixing JCA class naming casing for PBKDF2 classes. 2025-10-02 09:02:17 -04:00
REDMOND\brodes
d49efefefa Crypto: Fix for non-monotonic recursion in JCA 2025-10-01 14:36:26 -04:00
REDMOND\brodes
92dac0341c Crypto: Adding necessary model interfaces for MacOperationCall in JCA. 2025-10-01 11:13:37 -04:00
Nick Rolfe
9688d84f3e Merge pull request #20549 from github/post-release-prep/codeql-cli-2.23.2 
Post-release preparation for codeql-cli-2.23.2
 2025-09-30 09:45:22 +01:00
github-actions[bot]
a7a4e43991 Post-release preparation for codeql-cli-2.23.2 2025-09-29 15:10:19 +00:00
Kasper Svendsen
b52fff2f81 Merge pull request #20505 from kaspersv/kaspersv/future-proof-java-discarding2 
Overlay: Discard Java config and XML base entities in overlay extracted files
 2025-09-29 13:01:08 +02:00
github-actions[bot]
d2130a589b Release preparation for version 2.23.2 2025-09-29 10:28:45 +00:00
Kasper Svendsen
f02da68c55 Overlay: Discard base XML entities in overlay extracted files 2025-09-23 12:27:51 +02:00
Kasper Svendsen
718c0abdb6 Overlay: Discard base config entities in overlay extracted files 2025-09-23 12:27:51 +02:00
Simon Friis Vindum
7d6e2060e5 Adapt all languages to changes in shared library 2025-09-22 14:18:58 +02:00
Kasper Svendsen
97d62950a8 Merge pull request #20484 from kaspersv/kaspersv/future-proof-java-discarding 
Overlay: Future-proof Java config & XML discard predicates
 2025-09-22 08:16:44 +02:00
Alexander Eyers-Taylor
c1c0828082 Merge pull request #20378 from github/alexet/java-regex-local 
Jave: Use force local to make parsing local after global regex finding.
 2025-09-19 13:48:43 +01:00
Alexander Eyers-Taylor
27e2c4d580 Merge pull request #20459 from github/alexet/caller_tc 
Java: Make a TC overlay caller.
 2025-09-19 13:48:34 +01:00
Kasper Svendsen
dbb9a26f78 Overlay: Future-proof Java XML discarding 2025-09-18 11:37:38 +02:00
Kasper Svendsen
3cd737e40d Overlay: Future-proof Java config discarding 2025-09-18 10:57:22 +02:00
Alex Eyers-Taylor
34b40a14e8 Java: Make a TC overlay caller. 2025-09-17 16:22:22 +01:00
github-actions[bot]
4e8343664f Post-release preparation for codeql-cli-2.23.1 2025-09-17 10:13:40 +00:00
Alex Eyers-Taylor
2201974844 Jave: Use force local to make parsing local after global regex finding. 2025-09-16 15:55:04 +01:00
github-actions[bot]
02a1b1efcb Release preparation for version 2.23.1 2025-09-16 14:14:42 +00:00
Anders Schack-Mulligen
f9ffee010f Java: Minor nullness cleanup. 2025-09-12 15:41:17 +02:00