hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-14 11:19:27 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
345b842edcadec51e32b9bc637ba7ed4f733bc80
codeql/java/ql/lib/semmle/code
History
MarkLee131 345b842edc Java: add RegexpCheckBarrier to trust-boundary-violation sanitizers 
The trust-boundary-violation query only recognized OWASP ESAPI validators
as sanitizers. ESAPI is rarely used in modern Java projects, while regex
validation via String.matches() and @javax.validation.constraints.Pattern
is the standard approach in Spring/Jakarta applications.

RegexpCheckBarrier already exists in Sanitizers.qll and is used by other
queries (e.g., RequestForgery). This wires it into TrustBoundaryConfig,
so patterns like input.matches("[a-zA-Z0-9]+") and @Pattern annotations
are recognized as sanitizers, consistent with the existing ESAPI treatment.
2026-04-04 21:36:37 +08:00
..
configfiles
Java: minor refactoring
2025-07-18 17:50:09 -04:00
java
Java: add RegexpCheckBarrier to trust-boundary-violation sanitizers
2026-04-04 21:36:37 +08:00
xml
Factor XML discard predicates into OverlayXml.qll
2025-11-26 11:48:32 +01:00
FileSystem.qll
Overlay: Add overlay annotations to Java & shared libraries
2025-06-24 10:25:06 +02:00
Location.qll
Java: use overlayChangedFiles in discard prediactes
2025-07-15 10:10:32 +01:00
SMAP.qll
Overlay: Add overlay annotations to Java & shared libraries
2025-06-24 10:25:06 +02:00
Unit.qll
Overlay: Add overlay annotations to Java & shared libraries
2025-06-24 10:25:06 +02:00