hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.23.0
codeql/java/ql/test/query-tests/security/CWE-502
History
Owen Mansel-Chan fdd1e3fefe Use MaD models for unsafe deserialization sinks when possible 
Many of the unsafe deserialization sinks have to stay defined in QL
because they have custom logic that cannot be expressed in MaD models.
2025-07-16 14:42:07 +01:00
..
com
Add test for ObjectInput.readObject
2025-07-11 11:03:47 +01:00
A.java
Add sink for ObjectInput.readObject to make test pass
2025-07-11 11:05:38 +01:00
AndroidManifest.xml
Make *.xml non-executable
2022-08-24 16:53:48 +01:00
B.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
C.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
FlexjsonServlet.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
GsonActivity.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
GsonServlet.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
JabsorbServlet.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
JacksonTest.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
JoddJsonServlet.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
KryoTest.java
[Java] Fix Kryo FP & Kryo 5 Support
2021-05-05 17:38:34 -04:00
ObjectMessageTest.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
options
Java: rename springframework stubs directory from 5.3.8 to 5.8.x
2025-03-11 15:20:58 -04:00
ParcelableEntity.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
TestMessageBodyReader.java
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00
UnsafeDeserialization.expected
Use MaD models for unsafe deserialization sinks when possible
2025-07-16 14:42:07 +01:00
UnsafeDeserialization.ext.yml
Add test for ObjectInput.readObject
2025-07-11 11:03:47 +01:00
UnsafeDeserialization.qlref
Java: convert UnsafeDeserialization test to .qlref
2025-06-24 16:42:14 +02:00