-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Java: prototype overlay data flow #17436
base: main
Are you sure you want to change the base?
Conversation
@@ -0,0 +1,805 @@ | |||
private import codeql.dataflow.DataFlow as DF | |||
private import codeql.dataflow.TaintTracking as TT |
Check warning
Code scanning / CodeQL
Names only differing by case Warning
base import semmle.code.java.dataflow.internal.DataFlowPrivate | ||
base import semmle.code.java.dataflow.internal.DataFlowUtil | ||
base import semmle.code.java.dataflow.internal.DataFlowDispatch | ||
import Public |
Check warning
Code scanning / CodeQL
Redundant import Warning
semmle.code.java.dataflow.internal.DataFlowUtil
base import semmle.code.java.dataflow.internal.DataFlowUtil | ||
base import semmle.code.java.dataflow.internal.DataFlowDispatch | ||
import Public | ||
import Private |
Check warning
Code scanning / CodeQL
Redundant import Warning
semmle.code.java.dataflow.internal.DataFlowPrivate
overlay import semmle.code.java.dataflow.internal.DataFlowPrivate | ||
overlay import semmle.code.java.dataflow.internal.DataFlowUtil | ||
overlay import semmle.code.java.dataflow.internal.DataFlowDispatch | ||
import Public |
Check warning
Code scanning / CodeQL
Redundant import Warning
semmle.code.java.dataflow.internal.DataFlowUtil
overlay import semmle.code.java.dataflow.internal.DataFlowUtil | ||
overlay import semmle.code.java.dataflow.internal.DataFlowDispatch | ||
import Public | ||
import Private |
Check warning
Code scanning / CodeQL
Redundant import Warning
semmle.code.java.dataflow.internal.DataFlowPrivate
from LogInjectionFlow::PathNode source, LogInjectionFlow::PathNode sink | ||
where LogInjectionFlow::flowPath(source, sink) | ||
select sink.getNode(), source, sink, "This log entry depends on a $@.", source.getNode(), | ||
"user-provided value" |
Check warning
Code scanning / CodeQL
Consistent alert message Warning
No description provided.