Sauyon Lee
4ea45dbf34
Use data-flow API in stringConcatStep
2019-11-21 23:48:23 -08:00
Sauyon Lee
9651a0bfc4
Use the split taint predicate to emulate taint where required
...
In particular, the OpenUrlRedirect and CleartextLogging queries, which both have taint flow into
an object when one of its fields is written.
2019-11-21 22:58:36 -08:00
Sauyon Lee
c0730fe4cc
Make taintStep public
2019-11-21 22:58:25 -08:00
Sauyon Lee
3f437612e1
Add qldoc to all taint step predicates.
2019-11-20 11:27:24 -08:00
Sauyon Lee
09865a5f5c
Add a field read taint step
2019-11-18 23:58:01 -08:00
Sauyon Lee
e0c589060a
Split taintStep into many predicates
2019-11-18 23:58:00 -08:00
Max Schaefer
8cc60ba543
Add more codeql metadata files.
2019-11-14 10:35:21 +00:00
Max Schaefer
616d78e2a5
Teach CleartextLogging not to flag constant sources.
2019-11-13 14:25:32 +00:00
Max Schaefer
50cde34878
Merge pull request #181 from sauyon/hardcoded-sensitive
...
HardcodedCredentials: Use SensitiveActions
2019-11-13 09:21:45 +00:00
Sauyon Lee
3b39f5c2e1
OpenUrlRedirect: Use the regexp library for RegexpCheck
2019-11-12 15:14:05 -08:00
Sauyon Lee
50a008900c
HardcodedCredentials: Use SensitiveActions
2019-11-12 14:08:44 -08:00
Max Schaefer
06fe00006a
Conservatively handle indirect updates through pointer-type receiver.
...
Method references `x.m` where the receiver of `m` is a pointer implicitly take the address of `x`, so they should be treated much the same as `&x` in terms of data flow. (Ideally we'd make this explicit in the data-flow graph itself, but that's for another PR.)
2019-11-12 08:54:47 +00:00
Max Schaefer
d14eb855fc
Go analysis support for CodeQL.
2019-11-08 12:16:26 +00:00
