hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,098 Commits 1,671 Branches 157 Tags
66737402c20fc83b3d3a654dcccf4b26c901b100
Commit Graph

1470 Commits

Author SHA1 Message Date
Michael Nebel
e6be88b10e C#: Re-factor XmlEntityInjection to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
60544c6889 C#: Re-factor UrlRedirect to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
bdf1da340d C#: Re-factor TaintedPath to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
52bc43b22b Merge pull request #12595 from michaelnebel/enhanceprovenance 
Java/C# : Enhance provenance.
 2023-04-13 14:27:53 +02:00
Michael Nebel
3a316f17cc C#: Re-factor SqlInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
60a0917ced C#: Re-factor ResourceInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
80e8b6928d C#: Re-factor RegexInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
377b2d7515 C#: Re-factor ReDoS to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
8d17a45dd0 C#: Re-factor MissingXmlValidation to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
8e3bfda7be C#: Re-factor LogForging to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
8284487407 C#: Explicitly add QL Doc for the LdapInjectionConfig predicates. 2023-04-13 10:08:40 +02:00
Michael Nebel
73cd7519a2 C#: Re-factor LdapInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
3bda0b9e8c C#: Re-factor HardcodedCredentials to use the new API. 2023-04-13 10:08:39 +02:00
Michael Nebel
d94b11b001 C#: Re-factor ExtertalApisQuery to use the new API. 2023-04-13 10:08:39 +02:00
Michael Nebel
03482e5e59 Java/C#: Update the internal documentation. 2023-04-13 09:21:05 +02:00
Michael Nebel
37abdc7a51 C#: Adjust the implementation to use the new predicates and Provenance. 2023-04-13 09:21:05 +02:00
Michael Nebel
1d82b09ec1 Sync files. 2023-04-13 09:21:05 +02:00
Chris Smowton
7eefa43f5a Rename and document viableArgParamSpecific to make clear it is a temporary hook. 2023-04-12 14:33:46 +01:00
Chris Smowton
4d8ca3d759 Add dataflow callback to filter out receiver argument flow to Golang interface dispatch candidates. 
Other langauges stub the callback.
 2023-04-12 14:19:06 +01:00
Joe Farebrother
8b08e6042c Update formatting 2023-04-05 14:22:55 +01:00
Joe Farebrother
941df4f274 Add test for cleartext storage 2023-04-05 13:57:23 +01:00
Joe Farebrother
cb2b2bc334 Add qldoc and remove redundant import 2023-04-05 13:57:23 +01:00
Joe Farebrother
92198e1af0 Add local file writes as external location sinks 2023-04-05 13:57:23 +01:00
Michael Nebel
fc43a4e569 C#: Re-factor CleartextStorage to use the new API. 2023-03-31 13:10:42 +02:00
Michael Nebel
fc21f01cb9 Merge pull request #12690 from michaelnebel/csharp/checkedlocalflow 
C#: Dataflow via checked and unchecked expressions.
 2023-03-31 10:12:01 +02:00
Michael Nebel
31e352afb0 C#: Actually add the deprecated keyword to the deprecated classes. 2023-03-30 09:45:49 +02:00
Michael Nebel
483e5c5264 C#: Re-factor ExposureOfPrivateInformation to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
cc4f3f6234 C#: Re-factor CodeInjection to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
60c5bbde0f C#: Re-factor ConditionalBypass to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
cab976cf8f C#: Re-factor CommandInjection to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
c03ce2f63b C#: Re-factor HardCodedSymmetricEncryptionKey to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
5278bbcaaa C#: Re-factor SymmetricKeyTaintTrackingConfiguration to use the new API. 2023-03-29 13:19:56 +02:00
Jeroen Ketema
0acca2ba76 Merge pull request #12687 from jketema/unit-2 
Make imports of `codeql.util.Unit` private
 2023-03-29 13:07:12 +02:00
Anders Schack-Mulligen
7c74fd07e9 Merge pull request #12684 from aschackmull/dataflow/remove-footgun 
Dataflow: Remove accidentally exposed predicates.
 2023-03-28 15:14:58 +02:00
Michael Nebel
50c3c159a9 C#: Make checked and unchecked as a local flow step. 2023-03-28 15:03:33 +02:00
Jeroen Ketema
3b8ad087eb Make imports of codeql.util.Unit private 2023-03-28 14:14:13 +02:00
Anders Schack-Mulligen
d406b051fc Dataflow: Remove accidentally exposed predicates. 2023-03-28 10:04:21 +02:00
Michael Nebel
730848cee8 Merge pull request #12648 from michaelnebel/csharp/cs-web-debug-binary 
C#: Improve cs/web/debug-binary to repect the RemoveAttributes transformation.
 2023-03-28 09:40:46 +02:00
Michael Nebel
9f88a72d9f C#: Make cs/web/debug-binary respect transformation file RemoveAttribute. 2023-03-27 10:39:44 +02:00
Jeroen Ketema
977f15f8a4 Merge pull request #12649 from jketema/unit 
Replace all definitions of `Unit` by `import codeql.util.Unit`
 2023-03-27 08:49:50 +02:00
Anders Schack-Mulligen
85511ba19d Dataflow: Sync 2023-03-24 12:42:06 +01:00
Jeroen Ketema
a87a9438c7 Replace all definitions of Unit by import codeql.util.Unit 2023-03-24 10:39:34 +01:00
Anders Schack-Mulligen
9d88f01c82 Merge pull request #12645 from aschackmull/dataflow/renaming 
Dataflow: Rename Make to Global and hasFlow to flow
 2023-03-24 08:48:31 +01:00
Anders Schack-Mulligen
d440bc2d0c Dataflow: Sync. 2023-03-23 13:40:23 +01:00
Anders Schack-Mulligen
2761aa73ca Dataflow: Sync. 2023-03-23 13:06:19 +01:00
Kasper Svendsen
ce6be1f636 Dataflow: Instantiate stage 1 access paths with proper unit type 2023-03-23 08:32:16 +01:00
Michael Nebel
915efffe21 Merge pull request #12610 from michaelnebel/java/validatespecs 
Java/C#: Validate all AccessPaths.
 2023-03-22 16:22:54 +01:00
Anders Schack-Mulligen
dc6729d0bf Merge pull request #12616 from aschackmull/java-csharp/redundant-sign-analysis-case 
Java/C#: Remove useless disjuncts.
 2023-03-22 13:33:46 +01:00
Michael Nebel
71d184e8c0 C#: Validate all access paths except for Field and Property. 2023-03-22 10:05:46 +01:00
Anders Schack-Mulligen
89d9d65755 Java/C#: Remove useless disjuncts. 2023-03-21 14:45:29 +01:00