hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-12 14:10:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
131e88dfbecf9e8b1462f1c0d9081ac2b5750434
codeql/change-notes/1.23/analysis-java.md
Anders Schack-Mulligen 455bb6cd15 Java/C++/C#: Add change notes.
2019-08-30 14:35:21 +02:00

1.5 KiB
Raw Blame History

Improvements to Java analysis

The following changes in version 1.23 affect Java analysis in all applications.

Changes to existing queries

Query Expected impact Change
Query built from user-controlled sources (java/sql-injection) More results The query now identifies arguments to Statement.executeLargeUpdate and Connection.prepareCall as SQL expressions sinks.
Query built from local-user-controlled sources (java/sql-injection-local) More results The query now identifies arguments to Statement.executeLargeUpdate and Connection.prepareCall as SQL expressions sinks.
Query built without neutralizing special characters (java/concatenated-sql-query) More results The query now identifies arguments to Statement.executeLargeUpdate and Connection.prepareCall as SQL expressions sinks.

Changes to QL libraries

  • The data-flow library has been extended with a new feature to aid debugging. Instead of specifying isSink(Node n) { any() } on a configuration to explore the possible flow from a source, it is recommended to use the new Configuration::hasPartialFlow predicate, as this gives a more complete picture of the partial flow paths from a given source. The feature is disabled by default and can be enabled for individual configurations by overriding int explorationLimit().