hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

5184 Commits

Author SHA1 Message Date
Chris Smowton
091227982c Delete unnecessary test files 2022-02-25 17:33:08 +00:00
Ahmed Farid
899b8d03b2 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
308f86f66f Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
2eee6b4f69 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
7859288040 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
d83444cb18 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
e79c0eaa71 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
36cf1010f8 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
8e6f76d47a Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:07 +00:00
Ahmed Farid
fa8af6bf70 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:07 +00:00
Ahmed Farid
19d0e1f4a7 Create ComparingValueOfSensetiveHeader.qlref 2022-02-25 17:33:07 +00:00
Ahmed Farid
f96e47db09 Update ComparingValueOfSensetiveHeader.java 2022-02-25 17:33:07 +00:00
Ahmed Farid
09e054ace6 Update ComparingValueOfSensetiveHeader.java 2022-02-25 17:33:07 +00:00
Ahmed Farid
f758ed0d85 Update ComparingValueOfSensetiveHeader.java 2022-02-25 17:33:07 +00:00
ahmed532009
4a9ee5826d Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:07 +00:00
ahmed532009
6da9bc593f Rename csrfComparison.java to ComparingValueOfSensetiveHeader.java 2022-02-25 17:33:07 +00:00
ahmed532009
a0a1c587e5 Create ComparingValueOfSensetiveHeader.java 2022-02-25 17:33:07 +00:00
ahmed532009
aa488e532f Update csrfComparison.java 2022-02-25 17:33:07 +00:00
Chris Smowton
333130b2a4 Abbreviate isSink 2022-02-25 17:33:07 +00:00
Chris Smowton
80a2b388bf Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:07 +00:00
ahmed532009
fa81f43694 Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:06 +00:00
ahmed532009
39e07cbc9c Update and rename UnsafecsrfComparison.java to csrfComparison.java 2022-02-25 17:33:06 +00:00
ahmed532009
c6c67b907b Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:06 +00:00
ahmed532009
98b06d35af Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:06 +00:00
ahmed532009
bf95e59b24 Update TimingAttackAgainstHeader.qhelp 2022-02-25 17:33:06 +00:00
ahmed532009
ab6a7bb3d8 Update TimingAttackAgainstHeader.ql 2022-02-25 17:33:06 +00:00
root
49feeb1c36 Timing attacks while comparing the headers value 2022-02-25 17:33:06 +00:00
Asger F
a8bfebaeb6 Merge pull request #8149 from asgerf/shared/use-shared-access-path-syntax 
Shared: use shared access path syntax to parse arguments in CSV rows
 2022-02-25 14:04:18 +01:00
Chris Smowton
b1c98ae3c2 Add further test directly examining signature of method with problematic parameter types 2022-02-24 17:39:11 +00:00
Chris Smowton
379f2438a6 Add test checking that inheritence is noticed even with annotations present 2022-02-24 17:39:11 +00:00
github-actions[bot]
20fe22c8c8 Release preparation for version 2.8.2 2022-02-24 14:57:08 +00:00
Chris Smowton
01db73bfc7 Merge pull request #5935 from porcupineyhairs/javaSstiNew 
Java : Add SSTI query
 2022-02-23 17:30:02 +00:00
Chris Smowton
7b425a80bc Note path query expectations 2022-02-23 16:02:54 +00:00
Chris Smowton
a8fe10f353 Java template injection query: import pathgraph 2022-02-23 13:47:24 +00:00
Asger Feldthaus
f1bfb31403 Shared: fix typo in a comment 2022-02-23 14:13:41 +01:00
Asger Feldthaus
efec348eb3 Java: use AccessPathSyntax library 2022-02-23 14:13:40 +01:00
Asger Feldthaus
5cab737ef1 Shared: sync AccessPathSyntax.qll 2022-02-23 14:13:40 +01:00
Chris Smowton
50d9945625 Autoformat 2022-02-23 11:41:23 +00:00
Chris Smowton
476997a599 Replace more non-breaking spaces 2022-02-23 11:02:17 +00:00
Tony Torralba
f011bbc92c Merge pull request #8055 from luchua-bc/java/unsafe-url-forward-with-shared-lib 
CWE-552: Switch to the shared PathSanitizer library
 2022-02-23 11:00:23 +01:00
Porcupiney Hairs
c81d85f321 Include suggestions from review 2022-02-22 23:07:34 +05:30
Ian Lynagh
691473bd6e Java: Add a changenote 2022-02-22 14:07:31 +00:00
Porcuiney Hairs
e536628a66 Java : Add SSTI query 2022-02-22 15:57:53 +05:30
Ian Lynagh
7ce9b160d0 Java: Performance tweaks 2022-02-21 17:05:00 +00:00
Asger Feldthaus
7848fcec80 Shared: sync AccessPathSyntax.qll 2022-02-21 08:21:53 +01:00
Asger Feldthaus
55ac5cb012 Shared: auto format 2022-02-21 08:21:53 +01:00
Asger Feldthaus
4985fbb526 Shared: update getSummaryCsv and related test output 2022-02-21 08:21:53 +01:00
Asger Feldthaus
dcc523a2b7 Shared: auto format 2022-02-21 08:21:53 +01:00
Asger Feldthaus
d911e0abf8 Shared: use getToken instead of getLastToken 2022-02-21 08:21:52 +01:00
Asger Feldthaus
c4304a980d Shared: add explicit this 2022-02-21 08:21:52 +01:00