hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-18 19:31:11 +02:00
Code Issues Packages Projects Releases Wiki Activity
42,098 Commits 1,780 Branches 169 Tags
f8f21c7ee60d22539ddc05179914ff4f6e3550d0
Commit Graph

657 Commits

Author SHA1 Message Date
Joe Farebrother
f8f21c7ee6 Move static init vector query and tests from experimental to main 2022-08-17 10:35:13 +01:00
Jami
dd23d48ad2 Merge pull request #9939 from jcogs33/android-debug-query-inline-tests 
Java: query to detect android:debuggable attribute enabled
 2022-08-16 10:07:13 -04:00
Sid Shankar
1e1e2318b7 Merge pull request #10052 from github/task/fix-broken-links 
Docs: Replace HTTP broken links to equivalent HTTPS resources
 2022-08-16 08:45:08 -04:00
Erik Krogh Kristensen
f106e064fa Merge pull request #9422 from erik-krogh/refacReDoS 
Refactorizations of the ReDoS libraries
 2022-08-16 09:32:08 +02:00
Jami Cogswell
07e141c5be added commas to help file 2022-08-15 15:50:00 -04:00
Jami Cogswell
b779f9f935 added casting 2022-08-15 15:50:00 -04:00
Jami Cogswell
6e10fcf519 added predicates in the AndroidManifest library and adjusted tests 2022-08-15 15:50:00 -04:00
Jami Cogswell
229324fde0 updated overview section of help file; also added 'App Manifest Overview' to references 2022-08-15 15:50:00 -04:00
Jami Cogswell
3714a98403 add reference to help file 2022-08-15 15:50:00 -04:00
Jami Cogswell
d1a23ad78c updated to getRelativePath with %build% 2022-08-15 15:50:00 -04:00
Jami Cogswell
8c4b98c04f rename files 2022-08-15 15:50:00 -04:00
Jami Cogswell
475d67a4df minor updates, removed comments 2022-08-15 15:50:00 -04:00
Jami Cogswell
e2374f816a test commit for new branch 2022-08-15 15:50:00 -04:00
Jami Cogswell
54470c794d updated location part of query to use abs path and /build 2022-08-15 15:49:59 -04:00
Jami Cogswell
54acd0e330 add numeric value for security-severity 2022-08-15 15:49:59 -04:00
Jami Cogswell
fdb437552c clean up android query and tests 2022-08-15 15:49:59 -04:00
Jami Cogswell
cf39cc0909 updates to android debug query 2022-08-15 15:49:59 -04:00
Jami Cogswell
6720dba8e7 draft android debug query 2022-08-15 15:49:59 -04:00
Sid Shankar
02cd7bc7d2 Remove reference to infosecwriters.com 
infosecwriters.com now redirects to a completely unrelated page. The broken link was replaced with a mailing list post from Diabolical Crab (DCrab) diving into HTTP response splitting.
 2022-08-15 14:41:50 -04:00
Chris Smowton
774e379eb1 Merge pull request #9742 from smehta23/feat/SM/java_partial_path_traversal_vulnerability 
[JAVA] Partial Path Traversal Vuln Query
 2022-08-15 12:56:16 +01:00
Erik Krogh Kristensen
0adb588fe8 Merge pull request #9712 from erik-krogh/badRange 
JS/RB/PY/Java: add suspicious range query
 2022-08-15 13:55:44 +02:00
Chris Smowton
1a3dc1d6eb Remove extra closing tag 2022-08-15 11:31:53 +01:00
Chris Smowton
5677e38994 Style edit 2022-08-15 10:37:55 +01:00
Chris Smowton
3cf871e9e5 Apply docs suggestions 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-08-15 10:34:55 +01:00
Chris Smowton
09e4c6b66b Add dataflow path-graph 2022-08-10 10:37:55 +01:00
Chris Smowton
2ca0b0c6b5 Inline qhelp overview 
A <p> at the top isn't allowed, and for some reason the inclusion is required to be a valid qhelp file.
 2022-08-10 10:37:48 +01:00
smehta23
cf68a11267 Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-09 11:59:28 -07:00
smehta23
4d80fd0b00 Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-09 11:59:14 -07:00
smehta23
7da07400ea Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversalFromRemote.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-09 11:59:03 -07:00
smehta23
c2b670eff8 Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversalFromRemote.qhelp 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-09 11:58:55 -07:00
Erik Krogh Kristensen
49276b1f38 Merge branch 'main' into refacReDoS 2022-08-09 16:18:46 +02:00
Erik Krogh Kristensen
0abbd50ca1 apply changes based on docs review 2022-08-09 13:51:40 +02:00
Shyam Mehta
af92fc389b Update PartialPathTraversalFromRemote.qhelp 2022-08-08 17:37:57 -04:00
Shyam Mehta
50b4df52f0 Fixed precision labels 2022-08-08 17:36:04 -04:00
Shyam Mehta
9d3e8ec475 Update PartialPathTraversalFromRemote.qhelp 2022-08-08 17:35:36 -04:00
smehta23
4f1bc3022c Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversalFromRemote.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-08-08 17:09:43 -04:00
Joe Farebrother
e9f9e681ef Change man-in-the-middle back to machine-in-the-middle 
(gender-neutral language)

This reverts commit d5ab330450d3f5c1d36d0d9b6a8f1dc32bc908e3.
 2022-08-05 12:56:21 +01:00
Joe Farebrother
79b1f24133 Change machine-in-the-middle to man-in-the-middle 2022-08-05 12:56:20 +01:00
Joe Farebrother
04df556861 Add suggested reference 2022-08-05 12:56:20 +01:00
Joe Farebrother
abf894a64c Fix typos 2022-08-05 12:56:20 +01:00
Joe Farebrother
f8ccbcba70 Add qhelp 2022-08-05 12:56:19 +01:00
Joe Farebrother
16e16f08dc Add webview cert validation query 2022-08-05 12:56:18 +01:00
Shyam Mehta
76cecc170e Fix documentation 2022-08-03 14:30:17 -04:00
Chris Smowton
84a4b6a866 Make reporting locations consistent with PathCreation; add test 2022-08-03 10:42:09 +01:00
Chris Smowton
83498f58db Add missing import 2022-08-03 08:53:43 +01:00
Chris Smowton
81f3bcd802 Don't require a PathCreation for every tainted-path sink 2022-08-02 21:30:06 +01:00
Chris Smowton
c95f17fdf2 Make java/path-injection recognise create-file MaD sinks 2022-08-02 21:28:00 +01:00
Shyam Mehta
09ec37943c Partial Path Traversal split into 2 queries 2022-07-20 17:53:26 -04:00
smehta23
b7e522749f Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2022-07-20 15:32:59 -04:00
Chris Smowton
a6970638cb Improve description 2022-07-13 20:27:10 +01:00