codeql

mirror of https://github.com/github/codeql.git synced 2026-01-10 05:00:29 +01:00

Author	SHA1	Message	Date
Ed Minnix	2d5944fb0e	Refactor DataFlow configurations to use "Config" naming convention	2023-03-19 17:44:07 -04:00
Anders Schack-Mulligen	6408d7cbbe	Java: Refactor RsaWithoutOaep.	2023-03-15 10:37:54 +01:00
Anders Schack-Mulligen	b3b5c2c767	Java: Refactor UnsafeContentUriResolution.	2023-03-15 10:32:58 +01:00
Anders Schack-Mulligen	4b814ec71c	Java: Refactor SensitiveCommunication.ql.	2023-03-15 10:32:35 +01:00
Anders Schack-Mulligen	ca8e013618	Java: Refactor FragmentInjection.	2023-03-15 10:23:21 +01:00
Anders Schack-Mulligen	5bd530f570	Java: Refactor IntentUriPermissionManipulation.	2023-03-15 10:13:28 +01:00
Anders Schack-Mulligen	b14b95cd79	Java: Refactor LogInjection	2023-03-15 10:10:02 +01:00
Anders Schack-Mulligen	e8a7139020	Merge pull request #12476 from aschackmull/java/refactor-dataflow-queries-2 Java: Refactor more dataflow queries to the new API	2023-03-15 09:40:32 +01:00
Edward Minnix III	de1ecf943e	Merge pull request #11915 from egregius313/egregius313/arbitrary-apk-installation Java: Arbitrary APK installation	2023-03-14 06:23:51 -04:00
Anders Schack-Mulligen	7c0e89ffdd	Java: Refactor ArithmeticTainted.ql, TempDirLocalInformationDisclosure.ql	2023-03-13 11:27:14 +01:00
Anders Schack-Mulligen	da273269cb	Java: Refactor PolynomialReDoS.ql	2023-03-13 11:27:14 +01:00
Ed Minnix	b6eeac5bc8	Update names to new naming convention	2023-03-10 15:13:58 -05:00
Edward Minnix III	e2acc26419	Apply docs review suggestions - Punctuation - Rewording Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2023-03-10 09:47:47 -05:00
Anders Schack-Mulligen	64dd8b9488	Merge branch 'main' into java/refactor-dataflow-queries-1	2023-03-10 12:38:06 +01:00
Anders Schack-Mulligen	730eae9521	Java: Autoformat	2023-03-10 09:39:41 +01:00
Edward Minnix III	e8f1f364c5	Refactor to module api for PathNodes Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2023-03-09 10:45:55 -05:00
Ed Minnix	da43a61506	Convert dataflow configuration to using new module-configuration	2023-03-08 19:19:00 -05:00
Ed Minnix	882e909862	Renamed ArbitraryAPKInstallation to ArbitraryApkInstallation	2023-03-08 12:16:46 -05:00
Ed Minnix	3ea167cadf	Split ArbitraryApkInstallation file into 3 files	2023-03-08 12:12:11 -05:00
Edward Minnix III	2d1088e923	Change severity level to error Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2023-03-08 12:12:11 -05:00
Ed Minnix	0eaad4136e	Add RemoteFlowSource as a valid source	2023-03-08 12:12:11 -05:00
Ed Minnix	4d51e4fed0	Change description wording	2023-03-08 12:12:11 -05:00
Ed Minnix	10cd6328dc	Add missing QLDocs	2023-03-08 12:12:11 -05:00
Edward Minnix III	8ec5b5b7fa	Apply suggestions from code review Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>	2023-03-08 12:12:10 -05:00
Ed Minnix	fa416564c7	Documentation and examples	2023-03-08 12:12:10 -05:00
Ed Minnix	d3d712fbff	Remove `Url#parse` as a source	2023-03-08 12:12:10 -05:00
Ed Minnix	5f4e8e3e6a	Add test cases relating to intents with the ACTION_INSTALL_PACKAGE action	2023-03-08 12:12:10 -05:00
Ed Minnix	f03e90f894	Remove http(s) literal sources	2023-03-08 12:12:10 -05:00
Edward Minnix III	839b88a4bc	Formatting, capitalization, and typos Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2023-03-08 12:12:10 -05:00
Ed Minnix	b606271a61	Additional documentation	2023-03-08 12:12:10 -05:00
Ed Minnix	12f78dbed4	Add `DataFlow::PathGraph` import	2023-03-08 12:12:10 -05:00
Ed Minnix	2d6cdff14b	Add period to alert message	2023-03-08 12:12:10 -05:00
Ed Minnix	0ec4df28f5	Add query metadata	2023-03-08 12:12:10 -05:00
Ed Minnix	3f589722c2	Refactor query to change returned source	2023-03-08 12:12:10 -05:00
Ed Minnix	618b608962	Arbitrary APK Installation MVP	2023-03-08 12:12:10 -05:00
Anders Schack-Mulligen	2288eab0fd	Java: Refactor BrokenCryptoAlgorithm, MaybeBrokenCryptoAlgorithm	2023-03-07 13:53:36 +01:00
Anders Schack-Mulligen	50935899fa	Java: Refactor XSS.ql	2023-03-07 13:33:00 +01:00
Anders Schack-Mulligen	d839b4038e	Java: Refactor TaintedPath.ql	2023-03-07 11:53:03 +01:00
Anders Schack-Mulligen	cc75a1a97e	Java: Refactor RequestForgery.ql	2023-03-07 11:39:03 +01:00
Anders Schack-Mulligen	35beadc3bb	Java: Refactor SensitiveInfoLog.ql	2023-03-07 11:31:49 +01:00
Anders Schack-Mulligen	4408482699	Java: Refactor NumericCastTainted, NumericCastTaintedLocal	2023-03-07 10:42:00 +01:00
Anders Schack-Mulligen	d4e6e77200	Java: Refactor StackTraceExposure, XSS.qll	2023-03-07 10:38:00 +01:00
Anders Schack-Mulligen	c4cf2febfb	Java: Refactor ResponseSplitting, ResponseSplittingLocal	2023-03-07 10:37:45 +01:00
Jami	029e1d47fe	Merge pull request #12081 from jcogs33/jcogs33/update-some-Files-sinks Java: update `createTempDirectory` and `copy` "create-file" sinks	2023-02-14 10:53:17 -05:00
Tony Torralba	4fad01a739	Further refactoring Avoid having two taint tracking configurations in the same file	2023-02-13 09:18:05 +01:00
Tony Torralba	5555b5cd19	Add local version of the XXE query	2023-02-13 09:18:05 +01:00
Jami Cogswell	ce1c814daa	Java: update path-injection query to use new 'read-file' sink kind	2023-02-11 17:10:58 -05:00
Joe Farebrother	97b2e852c9	Merge pull request #11713 from joefarebrother/sensitive-result-receiver Java: Add query for leaking sensitive data through a ResultReceiver	2023-02-01 16:34:17 +00:00
Tony Torralba	834fc51a3a	Update java/ql/src/Security/CWE/CWE-927/SensitiveResultReceiver.ql	2023-02-01 15:26:26 +01:00
Joe Farebrother	74dba953ca	Apply suggestions from docs review Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>	2023-02-01 12:54:19 +00:00

1 2 3 4 5 ...

959 Commits