hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 20:26:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,800 Commits 1,672 Branches 157 Tags
e4d22a2a5aa496f5979dca8c5ffb32b218febd03
Commit Graph

6945 Commits

Author SHA1 Message Date
Chris Smowton
341241cf43 Use SrcFloatingPointLiteral 2022-08-10 17:28:14 +01:00
Anders Schack-Mulligen
abad133ab5 Dataflow: Fix identification of source PathNodes in the presence of source-to-source flow. 2022-08-10 15:02:56 +02:00
Anders Schack-Mulligen
cbd6d24b9c Merge pull request #9963 from intrigus-lgtm/java/model-set-properties 
Model `java.util.Properties.setProperty`
 2022-08-10 14:51:00 +02:00
Anders Schack-Mulligen
ecc15a1f95 Java: Remove SensitiveLoggingQuery results that flow through a source. 2022-08-10 14:28:07 +02:00
Chris Smowton
8c32758ae5 Merge pull request #9829 from smowton/smowton/fix/kotlin-underscore-parameter-names 
Kotlin: Don't extract a name for a '_' parameter
 2022-08-10 12:28:26 +01:00
Chris Smowton
09e4c6b66b Add dataflow path-graph 2022-08-10 10:37:55 +01:00
Chris Smowton
2ca0b0c6b5 Inline qhelp overview 
A <p> at the top isn't allowed, and for some reason the inclusion is required to be a valid qhelp file.
 2022-08-10 10:37:48 +01:00
Erik Krogh Kristensen
559ec7ba56 Merge branch 'main' into repeatedWord 2022-08-09 21:22:47 +02:00
smehta23
cf68a11267 Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-09 11:59:28 -07:00
smehta23
4d80fd0b00 Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-09 11:59:14 -07:00
smehta23
7da07400ea Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversalFromRemote.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-09 11:59:03 -07:00
smehta23
c2b670eff8 Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversalFromRemote.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-09 11:58:55 -07:00
Tony Torralba
7f5fe85e2e Merge pull request #9975 from atorralba/atorralba/asynctask-improvs 
Java: Improve AsyncTask data flow support
 2022-08-09 17:10:09 +02:00
Erik Krogh Kristensen
49276b1f38 Merge branch 'main' into refacReDoS 2022-08-09 16:18:46 +02:00
Erik Krogh Kristensen
0abbd50ca1 apply changes based on docs review 2022-08-09 13:51:40 +02:00
Chris Smowton
1c6642f3fb Format QL 2022-08-09 11:50:54 +01:00
Chris Smowton
80f5b977d6 Use sealed classes released version 2022-08-09 11:50:54 +01:00
yo-h
c46b54b9c2 Java 17: exclude non-source locations in some tests 2022-08-09 11:50:54 +01:00
yo-h
0bf7e075e5 Java 17: adjust expected test output 2022-08-09 11:50:54 +01:00
yo-h
27b699df33 Java: adjust test options for JDK 17 upgrade 2022-08-09 11:50:54 +01:00
Shyam Mehta
af92fc389b Update PartialPathTraversalFromRemote.qhelp 2022-08-08 17:37:57 -04:00
Shyam Mehta
50b4df52f0 Fixed precision labels 2022-08-08 17:36:04 -04:00
Shyam Mehta
9d3e8ec475 Update PartialPathTraversalFromRemote.qhelp 2022-08-08 17:35:36 -04:00
smehta23
4f1bc3022c Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversalFromRemote.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-08 17:09:43 -04:00
Ian Lynagh
b5d6258e54 Merge pull request #9809 from igfoo/igfoo/fakeLabel 
Kotlin: Remove the last uses of fakeLabel
 2022-08-08 11:54:53 +01:00
Anders Schack-Mulligen
aa3655678e Merge pull request #9823 from aschackmull/dataflow/stage-module 
Dataflow: Replace stage duplication with parameterised modules.
 2022-08-08 10:56:32 +02:00
Tony Torralba
98b930cd67 Accept test changes in experimental query after AsyncTask improvements 2022-08-08 09:23:12 +02:00
Tony Torralba
03b854a1ed Add test for initializer method 2022-08-05 15:29:17 +02:00
Joe Farebrother
dd83c17144 Use more precise control flow logic 2022-08-05 12:56:21 +01:00
Joe Farebrother
e9f9e681ef Change man-in-the-middle back to machine-in-the-middle 
(gender-neutral language)

This reverts commit d5ab330450d3f5c1d36d0d9b6a8f1dc32bc908e3.
 2022-08-05 12:56:21 +01:00
Joe Farebrother
79b1f24133 Change machine-in-the-middle to man-in-the-middle 2022-08-05 12:56:20 +01:00
Joe Farebrother
04df556861 Add suggested reference 2022-08-05 12:56:20 +01:00
Joe Farebrother
abf894a64c Fix typos 2022-08-05 12:56:20 +01:00
Joe Farebrother
03c2a0e818 Add missing qldoc 2022-08-05 12:56:20 +01:00
Joe Farebrother
0d09484efc Add change note 2022-08-05 12:56:19 +01:00
Joe Farebrother
f8ccbcba70 Add qhelp 2022-08-05 12:56:19 +01:00
Joe Farebrother
a2245bb858 Fix test 2022-08-05 12:56:19 +01:00
Joe Farebrother
498ad230c2 Update stubs 2022-08-05 12:56:19 +01:00
Joe Farebrother
c4de158e0d Add tests 2022-08-05 12:56:18 +01:00
Joe Farebrother
16e16f08dc Add webview cert validation query 2022-08-05 12:56:18 +01:00
Tony Torralba
b75b073dae Remove unused class member 2022-08-05 12:21:22 +02:00
Tony Torralba
9ee90f8022 Remove unnecessary import from test 2022-08-05 11:11:13 +02:00
Tony Torralba
792d34c3a1 Add change note 2022-08-05 11:10:09 +02:00
Anders Schack-Mulligen
3d47875b60 Dataflow: Generate shorter RA/DIL names. 2022-08-05 11:00:56 +02:00
Anders Schack-Mulligen
d3dcc3ce3a Dataflow: Sync. 2022-08-05 11:00:56 +02:00
Anders Schack-Mulligen
09d0f8e0ce Dataflow: Replace stage duplication with parameterised modules. 2022-08-05 11:00:56 +02:00
Tony Torralba
5ebce6ee4f Improve AsyncTask data flow support 
Model the life-cycle described here: https://developer.android.com/reference/android/os/AsyncTask\#the-4-steps
 2022-08-05 10:29:49 +02:00
intrigus
b7d94906bf Add change note 2022-08-04 16:21:55 +02:00
intrigus
88ded4679a Accept test changes 2022-08-04 16:21:53 +02:00
intrigus
c867a1a146 Test setProperty/put with taint stored earlier 2022-08-04 16:21:51 +02:00