hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-02 21:58:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,684 Commits 1,730 Branches 164 Tags
b595a70384d4e118dd5fdb94afbb73e27474fb40
Commit Graph

1012 Commits

Author SHA1 Message Date
Kaixuan Li
938039d82c Merge branch 'main' into fix/tainted-arithmetic-bounds-check-barrier 2026-03-29 10:25:39 +08:00
Kaixuan Li
f5cfc5e282 Update java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTainted.java 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2026-03-29 10:25:10 +08:00
MarkLee131
0c5e89a68e Exclude bounds-check arithmetic from tainted-arithmetic sinks 
The java/tainted-arithmetic query now recognizes when an arithmetic
expression appears directly as an operand of a comparison (e.g.,
`if (off + len > array.length)`). Such expressions are bounds checks,
not vulnerable computations, and are excluded via the existing
overflowIrrelevant predicate.

Add test cases for bounds-checking patterns that should not be flagged.
 2026-03-28 17:39:40 +08:00
MarkLee131
da4a2238bc Address PR review: add Signature.getInstance sink, HMAC/PBKDF2 whitelist, fix test APIs 
- Model Signature.getInstance() as CryptoAlgoSpec sink (previously only
  Signature constructor was modeled)
- Add HMAC-based algorithms (HMACSHA1/256/384/512, HmacSHA1/256/384/512)
  and PBKDF2 to the secure algorithm whitelist
- Fix XDH/X25519/X448 tests to use KeyAgreement.getInstance() instead of
  KeyPairGenerator.getInstance() to match their key agreement semantics
- Add test cases for SHA384withECDSA, HMACSHA*, and PBKDF2WithHmacSHA1
  from user-reported false positives
- Update change note to document all additions
 2026-03-28 16:53:46 +08:00
MarkLee131
a9449cc991 Add EC to secure algorithm whitelist for Java CWE-327 query 2026-03-28 16:48:58 +08:00
Owen Mansel-Chan
e96ba4806b Merge pull request #21415 from owen-mc/java/validate-constructor-summary-models 
Java: validate constructor summary models
 2026-03-06 09:09:18 +00:00
Owen Mansel-Chan
92a719092a Update models in test output 2026-03-05 13:32:52 +00:00
Owen Mansel-Chan
2b3111441d Add space before $ in xml test file 2026-03-04 15:03:24 +00:00
Owen Mansel-Chan
ef345a3279 Java: Inline expectation should have space after $ 
This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.
 2026-03-04 12:44:54 +00:00
Owen Mansel-Chan
cf73d96c9d Update test results (remove SPURIOUS annotations) 2026-02-16 12:03:02 +00:00
Owen Mansel-Chan
9fc95f5171 Expand log injection sanitizers to annotation regex matches 2026-02-16 12:01:13 +00:00
Owen Mansel-Chan
146fc7a8c0 Add failing log injection test for @Pattern validation 2026-02-16 12:01:07 +00:00
Owen Mansel-Chan
8f8f4c2d52 Fix Matcher.matches edge case 2026-02-14 00:28:37 +00:00
Owen Mansel-Chan
90befa0c00 Add failing test for Matcher.matches() edge case 2026-02-14 00:28:34 +00:00
Owen Mansel-Chan
bfe26c1989 Add @Pattern as RegexExecution => SSRF sanitizer 2026-02-12 16:57:11 +00:00
Owen Mansel-Chan
d0999e3abd Add failing test for @Pattern validation 2026-02-12 16:57:04 +00:00
Owen Mansel-Chan
a5d9cb179a Merge pull request #20930 from owen-mc/java/spring-rest-template-request-forgery-sinks 
Java: add more Spring RestTemplate request forgery sinks
 2026-01-15 14:23:15 +00:00
Mauro Baluda
5cef0376a9 Update java/ql/test/query-tests/security/CWE-798/semmle/tests/HardcodedCouchBaseCredentials.java 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2026-01-14 11:50:52 +01:00
Mauro Baluda
9efefa6120 Fix test expectations 2026-01-13 22:46:42 +01:00
Mauro Baluda
d335f039ef Improve model for CWE-089 2026-01-13 21:48:43 +01:00
Mauro Baluda
89f0e79ea1 Fix SqlTainted test 2026-01-13 13:55:14 +01:00
Mauro Baluda
dda042f7df rename change notes 2026-01-13 13:07:14 +01:00
Mauro Baluda
15ee88ee24 SQLi test case 2025-12-24 20:30:21 +01:00
Mauro Baluda
b22077c371 Hardcoded credentials in CouchBase 2025-12-22 20:22:20 +01:00
Owen Mansel-Chan
a85d0ea8a3 Make tests pass 2025-12-02 17:08:16 +00:00
Owen Mansel-Chan
8fd8fc07b7 Add failing tests for more regex match methods 2025-12-02 17:06:34 +00:00
Owen Mansel-Chan
969b0cf439 Add SSRF sinks for uriVariables arguments of more methods on Spring RestTemplate 2025-11-27 23:44:35 +00:00
Owen Mansel-Chan
1a59839f3c Range library recognises long literals now 2025-11-24 14:10:54 +00:00
Owen Mansel-Chan
ec381e4ec5 Use range analysis and improve tests 2025-11-21 10:31:50 +00:00
aegilops
e904520779 Fixed formatting 2025-11-20 17:34:42 +00:00
aegilops
62ee6d3a33 Made changes requested by reviewers - bounded() for range checking, style and better comments 2025-11-20 11:46:42 +00:00
aegilops
fa703e3e60 Test cases for sensitive logging sanitizer 2025-11-14 16:53:46 +00:00
Tom Hvitved
a4eab484ce Address review comments 2025-10-24 13:32:39 +02:00
Tom Hvitved
7a9cb64e2e Java: Treat x.matches(regexp) as a sanitizer for request forgery 2025-10-24 09:06:57 +02:00
Joe Farebrother
d8b37d0cde Review suggestions - update comments and description 2025-10-14 16:03:40 +01:00
Joe Farebrother
9cb593b020 Update tests 2025-10-13 14:51:37 +01:00
Joe Farebrother
c799f93811 Update tests and add inline expectations 2025-10-13 14:51:04 +01:00
Jami
3675e4bb4f Merge branch 'main' into jcogs33/java/insecure-spring-actuator-config-promotion 2025-08-26 08:02:17 -04:00
Jami Cogswell
c9692a6d10 Java: fix test failures cause by alert msg change 2025-07-19 13:27:09 -04:00
Jami Cogswell
7250265c1f Java: consider all endpoints except for health and info as sensitive to align with Spring docs 2025-07-18 17:50:18 -04:00
Jami Cogswell
685f68d9d3 Java: support 'management.endpoints.web.expose' property 2025-07-18 17:50:17 -04:00
Jami Cogswell
70d51504a7 Java: rename to align with 'java/spring-boot-exposed-actuators' query 2025-07-18 17:50:12 -04:00
Jami Cogswell
ea35fbbe3b Java: support version 3.x 2025-07-18 17:50:07 -04:00
Jami Cogswell
0d2a4222fd Java: add related location to alert message 2025-07-17 19:22:18 -04:00
Jami Cogswell
2bfc4b4ee2 Java: fix test case for version 1.4 
Need the existence of an ApplicationProperties File, not an ApplicationProperties ConfigPair
 2025-07-17 19:22:15 -04:00
Jami Cogswell
3823186dc6 Java: split tests by versions 
splitting is required to properly test each scenario
 2025-07-17 19:22:13 -04:00
Jami Cogswell
ed8da5e151 Java: convert tests to inline expectations 2025-07-17 19:22:08 -04:00
Jami Cogswell
fc930d9184 Java: update tests for non-experimental directory 2025-07-17 19:22:06 -04:00
Jami Cogswell
a39cb40177 Java: copy out of experimental 2025-07-17 19:22:01 -04:00
Nora Dimitrijević
b33058c967 [TEST] Java: SensitiveCommunication: convert to qlref 2025-07-17 18:59:05 +02:00