aschackmull
Follow
aschackmull
Follow
Popular repositories
-
-
vscode-codeql-starter Public
Forked from github/vscode-codeql-starter
Starter workspace to use with the CodeQL extension for Visual Studio Code.
CodeQL
954 contributions in the last year
Less
More
Contribution activity
January 2022
Created 39 commits in 1 repository
Opened 3 pull requests in 1 repository
Reviewed 31 pull requests in 1 repository
github/codeql
31 pull requests
- Java: Promote Insecure TrustManager from experimental
-
Data flow: Restructure
RequiredSummaryComponentStack - Java: CWE-378: Temp Directory Hijacking Race Condition Vulnerability
- Java: Remove some JNDI Injection sinks
- Update CSV framework coverage reports
- small refactorizations across CodeQL
- Java: Improvements to the Android query Use of implicit PendingIntents
-
Java: Fix recursion in
entrypointFieldStep - C#: Get rid of negative parameter/argument data-flow positions
- Java: CWE-927 - Query to detect the use of implicit PendingIntents
-
Android: Add the Intent parameter of the
onActivityResultmethod as a source - Java: CWE-266 - Query to detect Intent URI Permission Manipulation in Android applications
- Java: Create new query Cleartext storage of sensitive information in Android databases
- simplify expressions that could be type-casts
- Java: Promote Unsafe certificate trust query from experimental
- Refactor Apache Commons Lang model
- Remove security-severity tag to java/random-used-once
- QL-for-QL: Add a could-be-cast query
- Don't include arg -> param edges in PathGraph::edges where arg is not reachable
- Update CSV framework coverage reports
- Update CSV framework coverage reports
- Dataflow: Add support for flow state
- C++: Fix join order in 'getConversionType4'
- Java: Add Spring and Apache Common Langs taint flow steps
- Dataflow: Add default taint sanitizer guard
- Some pull request reviews not shown.