hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-31 20:58:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
0c5e89a68eff355ca81aa710827194f501046496
codeql/java/ql/lib/change-notes
History
MarkLee131 0c5e89a68e Exclude bounds-check arithmetic from tainted-arithmetic sinks 
The java/tainted-arithmetic query now recognizes when an arithmetic
expression appears directly as an operand of a comparison (e.g.,
`if (off + len > array.length)`). Such expressions are bounds checks,
not vulnerable computations, and are excluded via the existing
overflowIrrelevant predicate.

Add test cases for bounds-checking patterns that should not be flagged.
2026-03-28 17:39:40 +08:00
..
released
Release preparation for version 2.25.0
2026-03-16 12:15:34 +00:00
2026-03-28-tainted-arithmetic-bounds-check.md
Exclude bounds-check arithmetic from tainted-arithmetic sinks
2026-03-28 17:39:40 +08:00