hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,045 Commits 1,672 Branches 157 Tags
bd9e3d0fa9a4fe3e9be6bf8d779964423cffbe1c
Commit Graph

2362 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
bd9e3d0fa9 Merge pull request #5751 from aschackmull/java/collection-flow 
Java: Convert all collection and array steps from taint flow to value flow.
 2021-06-03 15:29:14 +02:00
Anders Schack-Mulligen
e86c534c48 Revert "Java: Update coverage." 
This reverts commit 1c081eeaed.
 2021-06-03 09:02:49 +02:00
Anders Schack-Mulligen
acca26f1d6 Merge pull request #5992 from hvitved/java/is-unreachable-perf 
Java: Improve performance of `isUnreachableInCall()`
 2021-06-03 08:49:51 +02:00
Tom Hvitved
daf2cc3d53 Java: Improve performance of isUnreachableInCall() 2021-06-02 20:39:05 +02:00
Anders Schack-Mulligen
8e6dd51f50 Merge pull request #5868 from Marcono1234/marcono1234/ignore-not-closing-char-array-closeable 
Java: Ignore char array based closeables for CloseReader.ql and CloseWriter.ql
 2021-06-02 15:00:59 +02:00
Chris Smowton
7382b349c2 Merge pull request #5987 from aschackmull/java/query-metadata 
Java: Add missing metadata.
 2021-06-02 12:40:34 +01:00
Anders Schack-Mulligen
8a20395857 Merge pull request #5940 from pwntester/main 
Remove XSS sink for Java
 2021-06-02 12:30:20 +02:00
Anders Schack-Mulligen
c0e562de21 Merge pull request #5979 from hvitved/java/shared-external-summaries 
Java: Move some CSV flow summary code into shared library
 2021-06-02 12:28:45 +02:00
Alvaro Muñoz
a3a215afea HTTP -> Http 2021-06-02 11:12:39 +02:00
Anders Schack-Mulligen
5e96e28792 Java: Add missing metadata. 2021-06-02 10:24:46 +02:00
Alvaro Muñoz
9aba92397d lift XssSink check to InformationLeakSink 2021-06-01 17:16:41 +02:00
Anders Schack-Mulligen
650c4f19d2 Java: More qldoc. 2021-06-01 16:09:17 +02:00
Alvaro Muñoz
970b4e7d6a update java library coverage documentation 2021-06-01 14:54:31 +02:00
Anders Schack-Mulligen
922b421a45 Java: Add change note. 2021-06-01 14:33:52 +02:00
Anders Schack-Mulligen
1c081eeaed Java: Update coverage. 2021-06-01 14:00:05 +02:00
Alvaro Muñoz
0fb692400c fix failing test 2021-06-01 13:57:13 +02:00
Tom Hvitved
14f9a5c280 Java: Move some CSV flow summary code into shared library 2021-06-01 13:22:14 +02:00
Anders Schack-Mulligen
fc913e744e Java: Minor model fix. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
dbe352f3ff Java: Remove deprecated tests. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
901996f9fd Java: Add collection flow test. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
43d1b0ab27 Java: Update qltests. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
a40880af70 Java: Add read-as-taint and config-dependent store-as-taint. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
2f087e17cb Java: Allow <> in types for now. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
3f538e7fac Java: Update some models. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
9e313d0cf6 Java: Remove container taint steps. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
3b6cef4f74 Java: Add container flow models. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
ffd52bb673 Java: Fix bug in matching generic signatures. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
1001dd84e6 Java: Switch array steps and one containerstep. 2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen
ce509eb7e1 Merge pull request #5927 from aschackmull/dataflow/flowthrough-dispatch-perf 
Dataflow: Improve performance in flow-through pruning
 2021-06-01 11:46:22 +02:00
Anders Schack-Mulligen
a4661e1aca Merge pull request #5704 from edvraa/regexj 
Java: Regex injection
 2021-06-01 11:45:59 +02:00
Anders Schack-Mulligen
5d21c64247 Dataflow: qldoc fix. 2021-06-01 10:49:47 +02:00
Anders Schack-Mulligen
4f9a6c151b Dataflow: Code review fixes. 2021-06-01 10:29:17 +02:00
Anders Schack-Mulligen
683f853fa5 Dataflow: Fix another bad join order. 2021-05-31 15:14:13 +02:00
Alvaro Muñoz
41d034d5a0 Attempt to use information-leak sink category 2021-05-30 00:22:40 +02:00
Alvaro Muñoz
f60df3b26a Update java/change-notes/2021-05-28-remove-senderror-xss-sink.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-05-28 15:13:19 +02:00
Alvaro Muñoz
5a894ac7f7 update java library coverage documentation 2021-05-28 15:13:19 +02:00
Alvaro Muñoz
db2f05ac24 Updated Java change notes 2021-05-28 15:13:18 +02:00
Alvaro Muñoz
735e4e4b7b update failing tests 2021-05-28 15:13:18 +02:00
Alvaro Muñoz
706874491b Remove XSS sink for Java 2021-05-28 15:13:18 +02:00
Erik Krogh Kristensen
79989cc3f4 CPP/Java: Fix getAPrimaryQlClass implementations 2021-05-27 21:36:27 +02:00
Tamás Vajk
1997f500c2 Merge pull request #5832 from tamasvajk/feature/csv-coverage-report 
Java: github action for CSV coverage report
 2021-05-25 14:51:19 +02:00
Anders Schack-Mulligen
d05f524759 Merge pull request #5941 from aschackmull/java/virt-disp-perf 
Java: Improve performance of virtual dispatch calculation.
 2021-05-25 14:44:51 +02:00
Tamas Vajk
70b3066bb8 Add regenerated CSV reports 2021-05-25 13:38:22 +02:00
Tamas Vajk
d4f1cbe8d8 Add updated coverage report 2021-05-25 13:33:26 +02:00
Tamas Vajk
3db22ba482 Add Java coverage report files 2021-05-25 13:33:26 +02:00
Tamas Vajk
f1911e338d Move and generate files to documentation folder + clean up after the script is executed 2021-05-25 13:33:26 +02:00
Anders Schack-Mulligen
4884da363f Java: Bugfix. 2021-05-25 11:48:35 +02:00
Anders Schack-Mulligen
017bf68906 Dataflow: Fix bad join order. 2021-05-25 11:40:53 +02:00
Anders Schack-Mulligen
d00618f4f4 Java: Improve performance of virtual dispatch calculation. 2021-05-21 15:04:08 +02:00
Sebastian Bauersfeld
ffcca4d5e9 Add change note. 2021-05-20 20:07:14 +07:00