hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

804 Commits

Author SHA1 Message Date
Jonathan Leitschuh
b282c7f1b9 Apply suggestions from code review 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-03-07 11:31:32 -05:00
Jonathan Leitschuh
523ddb79f3 Cleanup after code review feedback 2022-03-04 15:35:01 -05:00
Jonathan Leitschuh
5243fe3dbf Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-03-04 15:30:52 -05:00
Jonathan Leitschuh
7ab193dde2 Add System.getProperties().getProperty support 2022-03-03 20:08:38 -05:00
Jonathan Leitschuh
04cd0dbfe9 [Java] Add CharacterLiteral to CompileTimeConstantExpr.getStringValue 2022-03-03 18:08:17 -05:00
Jonathan Leitschuh
31527a67e5 Refactor OS Checks & SystemProperty logic from review feedback 2022-03-03 17:15:35 -05:00
Jonathan Leitschuh
103c770ce7 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-03-03 16:39:45 -05:00
Jonathan Leitschuh
fea50065f5 Fix duplicated comment 2022-03-02 19:54:04 -05:00
Jonathan Leitschuh
85de9f305e Fix naming of OSCheck method 2022-03-02 19:41:46 -05:00
Jonathan Leitschuh
a7adbb7291 Refactor more system property access logic 2022-03-02 19:33:05 -05:00
Jonathan Leitschuh
3c53a05e16 Add OS Checks based upon separator or path separator 2022-03-02 14:15:56 -05:00
Jonathan Leitschuh
82d3cd8924 Improve system property lookup 2022-03-02 12:51:15 -05:00
Jonathan Leitschuh
5913c9acad Refactor OS Guard Checks 2022-03-02 12:51:14 -05:00
Jonathan Leitschuh
fd63107edf Update OS Check from Review Feedback 2022-03-02 12:51:12 -05:00
Jonathan Leitschuh
9f5022ee95 Review fixup and add test for apache SystemUtils 2022-03-02 12:50:38 -05:00
Jonathan Leitschuh
49513443f2 Update java/ql/lib/semmle/code/java/os/OSCheck.qll 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2022-03-02 12:50:37 -05:00
Jonathan Leitschuh
3cdfc00542 Cleanup from review feedback 2022-03-02 12:50:37 -05:00
Jonathan Leitschuh
cd073a2173 Java: Add Guard Classes for checking OS 2022-03-02 12:50:35 -05:00
Ian Lynagh
1e62b485a5 Merge pull request #8241 from igfoo/igfoo/stats4 
Java: Update stats and make some performance tweaks
 2022-02-28 12:58:06 +00:00
Ian Lynagh
0bf1370cd5 Java: Autoformat QL 2022-02-25 19:08:08 +00:00
Asger Feldthaus
f1bfb31403 Shared: fix typo in a comment 2022-02-23 14:13:41 +01:00
Asger Feldthaus
efec348eb3 Java: use AccessPathSyntax library 2022-02-23 14:13:40 +01:00
Asger Feldthaus
5cab737ef1 Shared: sync AccessPathSyntax.qll 2022-02-23 14:13:40 +01:00
Ian Lynagh
7ce9b160d0 Java: Performance tweaks 2022-02-21 17:05:00 +00:00
Asger Feldthaus
7848fcec80 Shared: sync AccessPathSyntax.qll 2022-02-21 08:21:53 +01:00
Asger Feldthaus
55ac5cb012 Shared: auto format 2022-02-21 08:21:53 +01:00
Asger Feldthaus
4985fbb526 Shared: update getSummaryCsv and related test output 2022-02-21 08:21:53 +01:00
Asger Feldthaus
dcc523a2b7 Shared: auto format 2022-02-21 08:21:53 +01:00
Asger Feldthaus
d911e0abf8 Shared: use getToken instead of getLastToken 2022-02-21 08:21:52 +01:00
Asger Feldthaus
c4304a980d Shared: add explicit this 2022-02-21 08:21:52 +01:00
Asger Feldthaus
dc6a13242b Shared: update comment in AccessPathSyntax.qll 2022-02-21 08:21:52 +01:00
Asger Feldthaus
be63cf7049 Shared: fix qldoc and move getRawToken to top-level 2022-02-21 08:21:52 +01:00
Asger Feldthaus
affdbe9955 Java: remove support for legacy syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
a121b73181 Java: update CSV rows to dot-separated syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
753c557dbe Java: use AccessPathSyntax.qll to parse input/output summary specs 2022-02-21 08:16:54 +01:00
Tony Torralba
5f0ab522f3 Merge pull request #7988 from Marcono1234/marcono1234/sealed-types-predicates 
Java: Add predicates for sealed classes
 2022-02-15 15:11:56 +01:00
Marcono1234
a496b1d1a1 Java: Add predicates for sealed classes 2022-02-14 21:04:38 +01:00
Jonathan Leitschuh
df716cbaa0 Revert changes to MethodAccessSystemGetProperty 2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
3a15678b1e Java: CWE-200: Temp directory local information disclosure vulnerability 2022-02-04 17:10:23 -05:00
Tom Hvitved
6bb71f051b Merge pull request #7791 from hvitved/dataflow/inline-local-flow-star 
Data flow: Inline `local(Expr|Instruction)?(Flow|Taint)`
 2022-02-03 09:02:43 +01:00
Arthur Baars
6acf49d4da Merge pull request #7814 from aibaars/fix-ql-alerts 
Ruby: fix all QL-QL alerts
 2022-02-02 18:25:38 +01:00
Tony Torralba
4f13bf8941 Merge pull request #6492 from atorralba/atorralba/android-cleartext-storage-database 
Java: Create new query Cleartext storage of sensitive information in Android databases
 2022-02-02 16:23:05 +01:00
Tony Torralba
54e8ea56e8 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-02-02 15:44:26 +01:00
Arthur Baars
33b97f3e0c Update synchronized files 2022-02-02 13:30:45 +01:00
Tom Hvitved
f2352d8272 Data flow: Inline local(Expr|Instruction)?(Flow|Taint) 
Computing a full transitive closure is often bad; by inlining all calls we are
providing more context to the QL optimizer.
 2022-01-31 14:33:41 +01:00
Tom Hvitved
682163962a Data flow: Sync files 2022-01-28 13:01:24 +01:00
Alvaro Muñoz Sanchez
c49c7903a8 add java.util.regex models and tests 2022-01-25 10:50:39 +01:00
Tony Torralba
4f4f531dfc Add missing QLDoc 2022-01-24 15:13:09 +01:00
Tom Hvitved
6efa595478 Merge pull request #7688 from hvitved/dataflow/required-component-stack 
Data flow: Restructure `RequiredSummaryComponentStack`
 2022-01-24 15:10:08 +01:00
Tony Torralba
b59fd4070f Merge pull request #7136 from atorralba/atorralba/promote-insecure-trustmanager 
Java: Promote Insecure TrustManager from experimental
 2022-01-24 14:05:14 +01:00