hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-31 04:38:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
4,813 Commits 1,723 Branches 164 Tags
64aa111b657f461623a8526e2b68012c97d350b7
Commit Graph

116 Commits

Author SHA1 Message Date
yh-semmle
64aa111b65 Merge pull request #1342 from aschackmull/java/field-annotation-cu 
Java: Check compilation unit of the same element in both disjuncts.
 2019-05-22 16:36:24 -04:00
Anders Schack-Mulligen
3e5bbd96b1 Java: Account for non-source annotation on second field in multi-field declarations. 2019-05-22 11:33:10 +02:00
yh-semmle
29ae7b5c3c Merge pull request #1322 from aschackmull/java/deprecate-remoteuserinput 
Java: Deprecate RemoteUserInput
 2019-05-20 12:56:51 -04:00
Anders Schack-Mulligen
d0de0254e1 Java: Check compilation unit of the same element in both disjuncts. 2019-05-20 16:41:08 +02:00
yh-semmle
5466ae619d Merge pull request #1317 from aschackmull/java/domedge 
Java: Refactor Guard.controls in terms of dominating edges.
 2019-05-20 10:40:10 -04:00
Anders Schack-Mulligen
9ebeac25ad Merge pull request #1329 from hvitved/dataflow/performance 
Data flow: performance improvements
 2019-05-20 14:27:03 +02:00
Tom Hvitved
bc00877ff2 Data flow: Add nomagic to storeCand() 2019-05-20 12:05:20 +02:00
Tom Hvitved
360c7a1ac5 Address review comments 2019-05-20 09:59:17 +02:00
yh-semmle
6468721f76 Merge pull request #1324 from aschackmull/java/switchexpr-nullness 
Java: Add SwitchExpr to Nullness::dereference.
 2019-05-19 22:24:27 -04:00
yh-semmle
e5f4d475d0 Merge pull request #1320 from aschackmull/java/guardslogic-perf 
Java: Fix join-order for GuardsLogic::conditionalAssign.
 2019-05-19 22:23:18 -04:00
Tom Hvitved
02ca09aa43 Data flow: performance improvements 2019-05-16 07:35:10 +02:00
Anders Schack-Mulligen
531d30f048 Java: Add SwitchExpr to Nullness::dereference. 2019-05-15 13:20:55 +02:00
Anders Schack-Mulligen
3eb3cd345d Java: Update qldoc and add callsImpl convenience wrapper. 2019-05-14 16:31:56 +02:00
Anders Schack-Mulligen
f9e4512f32 Java: Update polyCalls to use virtual dispatch. 2019-05-14 15:36:12 +02:00
Anders Schack-Mulligen
b71acd2ff9 Java: Deprecate RemoteUserInput 2019-05-14 12:33:36 +02:00
Anders Schack-Mulligen
14cad57960 Java: Improve joinorder for GuardsLogic::conditionalAssign. 2019-05-14 11:28:18 +02:00
Anders Schack-Mulligen
ebb63c8141 Java: Refactor Guard.controls in terms of dominating edges. 2019-05-13 16:35:30 +02:00
Max Schaefer
79e01a2de5 Merge pull request #1305 from aschackmull/java/abstract-flowsources 
Java: Introduce an abstract class RemoteFlowSource to ease customization.
 2019-05-10 11:42:15 +01:00
Anders Schack-Mulligen
66813a91ef Java: Postpone deprecation to separate PR. 2019-05-09 13:40:25 +02:00
Jonas Jensen
639d715d03 Merge pull request #1226 from hvitved/dataflow/prepare-for-csharp 
Generalize data-flow library in preparation for C# adoption
 2019-05-06 14:42:46 +02:00
Anders Schack-Mulligen
f367427fb8 Java: Deprecate RemoteUserInput. 2019-05-06 13:43:58 +02:00
Anders Schack-Mulligen
10a6362357 Java: Introduce an abstract class RemoteFlowSource to ease customization. 2019-05-03 15:48:22 +02:00
Tom Hvitved
d9bf0a670e Data flow: Address review comments 2019-05-03 15:00:48 +02:00
Tom Hvitved
b6206d7370 Data flow: Introduce ReturnKind 2019-05-02 20:30:50 +02:00
yh-semmle
3a988d0312 Java 12: revert addition of deprecated annotations for preview features 2019-04-30 10:59:08 -04:00
yh-semmle
de47f25141 Java 12: remove deprecated annotation from Stmt::getEnclosingStmt 2019-04-30 10:59:07 -04:00
yh-semmle
f22084e18a Java 12: add more QL deprecated annotations 2019-04-30 10:59:06 -04:00
Anders Schack-Mulligen
0a569f6c1a Java: Change TCs of Stmt.getParent to Stmt.getEnclosingStmt. 2019-04-30 10:59:06 -04:00
Anders Schack-Mulligen
6ecf46ce85 Java: Add CFG edges for switch expressions. 2019-04-30 10:59:05 -04:00
Anders Schack-Mulligen
9a367d9293 Java: JumpStmt.getTarget, Stmt.getEnclosingStmt, SwitchExpr.getAResult. 2019-04-30 10:59:05 -04:00
yh-semmle
61324f0bb0 Java 12: enhanced QLDoc for preview features 2019-04-30 10:59:05 -04:00
yh-semmle
d4e013b297 Java 12: deprecate QL constructs for new preview feature (switch exprs) 2019-04-30 10:59:04 -04:00
yh-semmle
38705038a8 Java 12: add QL for switch expressions, etc 2019-04-30 10:59:04 -04:00
yh-semmle
4ede686283 Java: refactor ConstCase and DefaultCase in preparation for Java 12 2019-04-30 10:59:03 -04:00
Tom Hvitved
29e59e6d1e Address review comments 2019-04-29 20:19:31 +02:00
Sebastian Bauersfeld
2f200d7517 Parameters annotated with Spring's @RequestBody and @PathVariable are remote input sources. 2019-04-17 18:02:00 -04:00
Tom Hvitved
18ced249ab Java: Generalize data-flow library in preparation for C# adoption 2019-04-10 13:05:31 +02:00
Anders Schack-Mulligen
d144ea2f1c Java: Exclude slf4j calls in PrintLnArray as it supports array formatting. 2019-04-04 11:09:41 +02:00
Anders Schack-Mulligen
b1e364b56a Java: Support precondition calls as guards. 2019-04-02 10:58:46 +02:00
Pavel Avgustinov
c26b655956 Merge pull request #1022 from yh-semmle/java/dead-code-override 
Java: respect override annotations in `java/unused-parameter`
 2019-03-01 19:11:46 +00:00
yh-semmle
a4beb03e15 Java: respect override annotations in java/unused-parameter 2019-02-20 15:27:35 -05:00
yh-semmle
b0d9c80ccc Java: add taint steps for Protobuf framework 2019-02-15 20:01:07 -05:00
yh-semmle
fc4aa16905 Java: add remote user input for Apache Thrift framework 2019-02-15 20:01:07 -05:00
yh-semmle
751bbbf583 Java: add remote user input for Struts 2 ActionSupport 2019-02-15 20:01:06 -05:00
yh-semmle
a436369846 Java: add remote user input and taint step for Guice framework 2019-02-15 20:01:06 -05:00
Anders Schack-Mulligen
63a4dd09ad Java: Autoformat qlls. 2019-02-12 14:38:08 +01:00
Henning Makholm
b8a03464bf Fix false positives in java/unused parameter 
Methods that are mentioned in a member reference expression should count
as rootdefs for the unused parameter query. Such methods have to match
the functional interface of the reference expression, so it is to be
expected that they will sometimes have to declare parameters that they
don't actually use.
 2019-02-07 21:14:36 +01:00
yh-semmle
3e8f7a740c Merge pull request #838 from aschackmull/java/taint-collections 
Java: Add additional taint steps through collections.
 2019-02-05 09:59:24 -05:00
Anders Schack-Mulligen
fe7add77d2 Java: Account for the repo move in NonSecurityTestClass. 2019-02-05 14:31:40 +01:00
james
7cc1442ecb Update link text 2019-01-30 09:44:07 +00:00