hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
0154e31e64d2e03378803711ccf147f065368d3b
codeql/change-notes/1.23/analysis-java.md
Anders Schack-Mulligen 0154e31e64 Java: Add change note.
2019-10-02 11:47:53 +02:00

1.7 KiB
Raw Blame History

Improvements to Java analysis

The following changes in version 1.23 affect Java analysis in all applications.

Changes to existing queries

Query Expected impact Change
Dereferenced variable may be null (java/dereferenced-value-may-be-null) Fewer false positives Certain indirect null guards involving two auxiliary variables known to be equal can now be detected.
Query built from user-controlled sources (java/sql-injection) More results The query now identifies arguments to Statement.executeLargeUpdate and Connection.prepareCall as SQL expressions sinks.
Query built from local-user-controlled sources (java/sql-injection-local) More results The query now identifies arguments to Statement.executeLargeUpdate and Connection.prepareCall as SQL expressions sinks.
Query built without neutralizing special characters (java/concatenated-sql-query) More results The query now identifies arguments to Statement.executeLargeUpdate and Connection.prepareCall as SQL expressions sinks.

Changes to QL libraries

  • The data-flow library has been extended with a new feature to aid debugging. Instead of specifying isSink(Node n) { any() } on a configuration to explore the possible flow from a source, it is recommended to use the new Configuration::hasPartialFlow predicate, as this gives a more complete picture of the partial flow paths from a given source. The feature is disabled by default and can be enabled for individual configurations by overriding int explorationLimit().