hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-27 14:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,595 Commits 1,673 Branches 157 Tags
e4422fc939a7b82b4b1b289a02c021e8fcdc41a8
Commit Graph

1576 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
cf4f55d9ab Merge pull request #5223 from smowton/smowton/feature/backward-dataflow-for-modelled-fluent-methods 
Java: Add backward dataflow edges through modelled function invocations
 2021-03-05 15:11:43 +01:00
Chris Smowton
012058a866 Apply review suggestions: use ArgumentNode.argumentOf, and change more uses of ValuePreservingCallable -> ValuePreservingMethod 2021-03-05 13:34:13 +00:00
Chris Smowton
eed357dc93 ValuePreservingCallable -> ValuePreservingMethod 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-03-05 13:28:35 +00:00
Chris Smowton
a37b98ca27 Value-preserving methods: handle generics in DataFlowUtil.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-03-05 13:15:06 +00:00
Chris Smowton
ca86925a45 Update java/ql/src/semmle/code/java/dataflow/FlowSteps.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-03-05 13:02:19 +00:00
Chris Smowton
45f3365d06 Apply suggestions from code review 
Note value-preserving functions can't be constructors

Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-03-05 12:52:38 +00:00
Chris Smowton
990bdc20b0 Move value-preserving callable class into FlowSteps 2021-03-05 11:55:53 +00:00
Anders Schack-Mulligen
0d7f6ced8f Merge pull request #5334 from Marcono1234/marcono1234/improve-constant-loop-condition 
Java: Improve constant-loop-condition
 2021-03-05 11:36:25 +01:00
Anders Schack-Mulligen
00983c8967 Merge pull request #4965 from artem-smotrakov/jexl-injection 
Java: Query for detecting JEXL injections
 2021-03-05 10:52:36 +01:00
Anders Schack-Mulligen
20ccb52912 Merge pull request #4299 from torque59/play-framework 
Initial support for Java - Play Framework > 2.6.x
 2021-03-05 10:51:53 +01:00
Anders Schack-Mulligen
8d292070a4 Merge pull request #5272 from Marcono1234/marcono1234/simplify-own-member-access-checks 
Java: Simplify own member access checks
 2021-03-05 10:22:17 +01:00
Anders Schack-Mulligen
3565ba51b3 Merge pull request #5209 from smowton/smowton/feature/commons-misc-text 
Java: add models for miscellaneous text-processing utilities from Commons Lang
 2021-03-05 10:21:58 +01:00
Marcono1234
e9e9634306 Java: Improve constant-loop-condition 2021-03-04 23:33:29 +01:00
Marcono1234
c8315577fe Java: Simplify own member access checks 2021-03-04 22:45:52 +01:00
Artem Smotrakov
7d52b53c24 Merge branch 'jexl-injection' of github.com:artem-smotrakov/ql into jexl-injection 2021-03-04 20:29:10 +01:00
Artem Smotrakov
0695b2a1fb Removed TaintedSpringRequestBody 2021-03-04 20:27:39 +01:00
Owen Mansel-Chan
96eaf2119f Correct signature and package in comment 
cf https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html#addCookie(javax.servlet.http.Cookie)
 2021-03-04 15:10:02 +00:00
Chris Smowton
da0a7f343a Move existing value-preserving methods to use ValuePreservingCallable 2021-03-04 11:45:45 +00:00
Chris Smowton
40b0f68d2a Add backward dataflow edges through modelled function invocations. 
Also add convenience abstract classes for easily modelling new functions as fluent or value-preserving.
 2021-03-04 11:45:19 +00:00
Chris Smowton
71cd329ded Directly import Lang from ExternalFlow's Frameworks module 2021-03-04 11:12:21 +00:00
Chris Smowton
563404120f Move calls to getSourceDeclaration 2021-03-04 11:11:56 +00:00
Chris Smowton
43b9436bb8 Convert Apache misc text models to CSV taint-flow specifications 2021-03-04 11:11:56 +00:00
Chris Smowton
0029d3b743 Java CSV flow summaries: allow specifying an unqualified typename to imply either the type itself or any generic specialisation. 
It is still possible to specify a precise generic signature if need be.
 2021-03-04 11:11:56 +00:00
Chris Smowton
b0ba0585a7 Add models for Apache Commons Lang and Text's Str[ing]Substitutor 2021-03-04 11:11:55 +00:00
Chris Smowton
f749c31136 Add models for commons lang/text's Str[ing]Lookup class 2021-03-04 11:11:55 +00:00
Chris Smowton
1580d23b2b Add models for WordUtils and StrTokenizer 
Both of these have commons-text and commons-lang variants.
 2021-03-04 11:11:55 +00:00
Anders Schack-Mulligen
45f52289ea Merge branch 'main' into java/merge-5226 2021-03-04 11:36:16 +01:00
Anders Schack-Mulligen
fe07630e40 Merge pull request #5219 from smowton/smowton/feature/backward-dataflow-for-fluent-methods 
Java: Add backward dataflow edges through fluent function invocations.
 2021-03-04 11:13:32 +01:00
Anders Schack-Mulligen
f91c71c8f7 Merge pull request #5270 from Marcono1234/marcono1234/class-isPackageProtected 
Java: Add Class and Interface.isPackageProtected()
 2021-03-03 16:33:57 +01:00
Anders Schack-Mulligen
7ca57fd7a5 Merge pull request #5294 from Marcono1234/patch-1 
Java: Fix wrong algorithm name matching
 2021-03-03 16:33:13 +01:00
Marcono1234
d5d0439471 Java: Fix wrong algorithm name matching 
The regex character class `[5|7]` matches `5`, `7` and `|`.
 2021-03-03 15:44:23 +01:00
Anders Schack-Mulligen
3400c121d6 Merge pull request #5202 from joefarebrother/apache-http 
Java: Add modelling for Apache HTTP Components
 2021-03-03 13:41:41 +01:00
Artem Smotrakov
7cc7ec962e Updated recommendations for avoiding JEXL injections 2021-03-03 11:40:59 +01:00
Artem Smotrakov
c243f2f042 Improved JexlInjection.qhelp 2021-03-02 21:25:26 +01:00
Artem Smotrakov
6b66323ac3 Simplified JexlInjectionLib.qll and removed LocalUserInput 2021-03-02 21:22:46 +01:00
Anders Schack-Mulligen
0eb2c06e20 Merge pull request #3945 from porcupineyhairs/structsDevMode 
Java: Add query to detect Apache Struts enabled Devmode
 2021-03-02 15:22:20 +01:00
Anders Schack-Mulligen
b0fa8dfeae Merge pull request #4214 from porcupineyhairs/springViewManipulation 
[Java] Add QL for detecting Spring View Manipulation Vulnerabilities.
 2021-03-02 11:31:42 +01:00
Anders Schack-Mulligen
394c82d564 Apply suggestions from code review 
Adjust qldoc.
 2021-03-02 10:17:07 +01:00
Porcuiney Hairs
5151a528ac Include suggestions from review 2021-03-01 22:59:30 +05:30
Chris Smowton
cdccc1a064 Remove needless typecasts 2021-03-01 16:47:34 +00:00
Porcuiney Hairs
14ec148272 refactor to meet experimental guidelines. 2021-03-01 18:46:33 +05:30
Chris Smowton
c32514bf66 Sync dataflow library files 2021-03-01 10:27:28 +00:00
Chris Smowton
e6b1fe9b5f Fluent interface dataflow: support argument-output flow directly declared by the simpleLocalFlowStep relation 
This means we will treat fluent interfaces that are modelled the same as those where we determine an argument flows to an output by inspection of the function body.
 2021-03-01 10:23:38 +00:00
Chris Smowton
fadbb32bd6 Add backward dataflow edges through fluent function invocations. 
This means that much as obj.getA().setB(...) already has a side-effect on `obj`, all three setters in obj.setA(...).setB(...).setC(...) will have a side-effect on `obj`.
 2021-03-01 10:11:28 +00:00
Porcupiney Hairs
42a84a18b0 JAVA : Add query to detect Apache Structs enabled DEvmode 
This query detects cases where the development mode is enabled for a
struts configuration. I can't find a CVE per se but, at present, [Github's fuzzy search](https://github.com/search?q=%3Cconstant+name%3D%22struts.devMode%22+value%3D%22true%22+%2F%3E+language%3Axml&type=Code) returns more
than 44000 results. Some of them look like they are classroom projects,
so they may be ineligible for a CVE. But we should be flagging them
anyways as setting the development on in a production system is a very
bad practice and can often lead to remote code execution.
So these should be fixed anyways.
 2021-02-26 16:30:04 +05:30
Porcupiney Hairs
602f63ad45 [Java] Add QL for detecting Spring View Manipulation Vulnerabilities. 2021-02-26 16:29:18 +05:30
Marcono1234
53dc2ce9b6 Java: Use .inc.qhelp extension for included help files 2021-02-26 00:43:51 +01:00
Marcono1234
e21cbe82a9 Update Java documentation links to Java 11 
Where possible update Java documentation links to Java 11.
Additionally update some other links to use HTTPS.
 2021-02-26 00:43:51 +01:00
intrigus
141f057f7b Java: Remove duplicate code. 2021-02-25 21:29:26 +01:00
Marcono1234
fa189ded9d Java: Add Class and Interface.isPackageProtected() 2021-02-25 18:21:18 +01:00