hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-30 23:58:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
59,785 Commits 1,673 Branches 157 Tags
d15c60ba7674a98060011357e4bd57be01ffb9d7
Commit Graph

1024 Commits

Author SHA1 Message Date
Eric Bickle
7a4382fb69 Merge branch 'main' into fix/thread-resource-arithmetic 2023-10-10 09:38:16 -07:00
Eric Bickle
80c8259e34 Remove unnecessary AdditionalValueStep check 2023-10-10 09:35:45 -07:00
Michael Nebel
cf3a62d201 Java: Address review comments. 2023-10-09 13:06:59 +02:00
Eric Bickle
000c1f7ec8 Java: Flow taint through ArithExpr for ThreadResourceAbuse 
Ensure that tainted values flow through arithmetic operations when
checking for ThreadResourceAbuse vulnerabilities.

For example, multiplying 'number of seconds' by 1000 as an input
to Thread.Sleep, which accepts milliseconds, is a common scenario.
 2023-10-06 14:24:37 -07:00
Michael Nebel
40e63a63e2 Java: Re-factor most queries and tests to use threat models. 2023-10-04 14:01:58 +02:00
Tony Torralba
586c8803c5 Move the sources back the .ql files 
Otherwise they would both apply at the same time, making both versions of the query identical.
 2023-08-04 10:02:56 +02:00
Tony Torralba
e9bad321b6 Apply suggestions from code review 2023-08-04 09:21:45 +02:00
aegilops
fc7f8409be Fix up for code review 2023-08-03 13:50:40 +01:00
Tony Torralba
b5d08ade59 Formatting 2023-08-01 09:35:25 +02:00
Paul Hodgkinson
bfbb77a796 Merge branch 'main' into java/experimental/command-injection 2023-06-29 09:51:14 +01:00
aegilops
01798f63f8 Switched to new dataflow and added a test (but it doesn't produce results yet) 2023-06-28 17:14:39 +01:00
aegilops
23bf8470ce Removed .md and made class change 2023-06-19 17:29:17 +01:00
aegilops
8c9ccab9c9 Autoformat 2023-06-19 11:53:53 +01:00
aegilops
2112d73a6a Autoformat 2023-06-19 11:50:54 +01:00
aegilops
1a108fb1c9 Changed to for constant string 2023-06-19 11:46:08 +01:00
aegilops
7c235e3786 Fixed linting issues. Will not fix instanceof, that is necessary 2023-06-19 11:41:23 +01:00
aegilops
8c73fbeabe Formatted 2023-06-16 17:33:21 +01:00
aegilops
55eeb00309 Added experimental tag 2023-06-16 17:27:01 +01:00
aegilops
b6c35dd88c Added experimental version of Java Command Injection query, to be more sensitive to unusual code constructs 2023-06-16 17:12:53 +01:00
Tony Torralba
ffe67689ec Merge branch 'main' into atorralba/java/command-injection-mad-sinks 2023-06-13 09:27:33 +02:00
Anders Schack-Mulligen
a0a9d30286 Java: Fix qltests. 2023-06-09 08:37:35 +02:00
Tony Torralba
6d7234f8ed Merge pull request #13225 from atorralba/atorralba/java/path-injection-mad-sinks-2 
Java: Migrate path injection sinks to models-as-data (simplified)
 2023-06-07 14:27:36 +02:00
erik-krogh
44b6366586 delete old deprecations 2023-06-02 11:58:08 +02:00
Tony Torralba
527fe523a8 Add PathCreation.qll sinks to models-as-data 
The old PathCreation sinks can't be removed because doing so would cause alert wobble in the path injection queries. See their getReportingNode predicates.
 2023-06-02 09:14:35 +02:00
Tony Torralba
c3b1ef2cdf Merge branch 'main' into atorralba/java/command-injection-mad-sinks 2023-06-02 08:57:24 +02:00
Jami Cogswell
5dbb698481 Java: update open/jdbc-url sink kinds to request-forgery 2023-05-31 15:50:31 -04:00
Jami Cogswell
cb10f4976b Java: update create/read-file sink kinds to path-injection 2023-05-31 15:49:07 -04:00
Tony Torralba
a276cc3094 Convert all command injection sinks to MaD format 2023-05-25 11:41:32 +02:00
Tony Torralba
770099f210 Merge branch 'main' into atorralba/java/promote-xxe-experimental-sinks 2023-05-16 09:49:34 +02:00
Jami
3c74c8bbe0 Merge pull request #13019 from jcogs33/jcogs33/url-open-stream-updates 
Java: switch `url-open-stream` sink models to `experimentalSinkModel`
 2023-05-04 15:07:44 -04:00
Jami Cogswell
917268e7e6 Java: activate the models in openstream query 2023-05-03 09:57:45 -04:00
Kasper Svendsen
081085e128 Java: Make implicit this receivers explicit 2023-05-03 13:37:35 +02:00
Tony Torralba
fba61d51ed Remove experimental files 2023-04-26 12:24:30 +02:00
Edward Minnix III
aeff6d3b85 Merge pull request #12808 from egregius313/egregius313/java/dataflow/refactor-experimental 
Java: Refactor experimental queries to new DataFlow API
 2023-04-13 10:58:34 -04:00
Tony Torralba
d7feaf4098 Merge pull request #12685 from atorralba/atorralba/java/command-injection-mad 
Java: Add command-injection sink kind and refactor command injection queries
 2023-04-13 11:38:14 +02:00
Ed Minnix
2edad6ec71 Remove unused import 2023-04-12 20:42:26 -04:00
Ed Minnix
c756bdbc30 Fix naming in SensitiveCookieNotHttpOnly 2023-04-12 20:39:18 -04:00
Ed Minnix
c49bf01dc8 Refactor PermissiveDotRegex.ql 2023-04-12 20:37:36 -04:00
Ed Minnix
5164c2480f Refactor SensitiveCookieNotHttpOnly 2023-04-12 20:37:36 -04:00
Ed Minnix
8f7d8cbcea Refactor timing attack queries 2023-04-12 20:37:36 -04:00
Ed Minnix
597949dbfe Refactor PermissiveDotRegexQuery 2023-04-12 20:37:36 -04:00
Ed Minnix
157b7ceaff Refactor TimingAttackAgainstHeader 2023-04-12 20:37:36 -04:00
Ed Minnix
a186b771ba Refactor JxBrowserWithoutCertValidation 2023-04-12 20:37:35 -04:00
Ed Minnix
ccdd9bce33 Refactor Revocation checking 2023-04-12 20:37:35 -04:00
Ed Minnix
380888e446 Refactor ClientSuppliedIpUsedInSecurityCheck 2023-04-12 20:37:35 -04:00
Ed Minnix
3c85ca9740 Refactor ThreadResourceAbuse 2023-04-12 20:37:35 -04:00
Ed Minnix
da5a719ffc Refactor UnsafeUsageOfClientSideEncryptionVersion 2023-04-12 20:37:35 -04:00
Ed Minnix
e880a5f187 Refactor UnsafeTlsVersion 2023-04-12 20:37:35 -04:00
Ed Minnix
e3f6bc043d Refactor InsecureWebResourceResponse 2023-04-12 20:37:35 -04:00
Ed Minnix
074745315c Refactor SensitiveAndroidFileLeak 2023-04-12 20:37:35 -04:00