The following changes in version 1.20 affect Java analysis in all applications.
TaintTracking libraries are extended to cover additional remote user input and taint steps from the following frameworks: Guice, Protobuf, Thrift and Struts. This affects all security queries, which may yield additional results on projects that use these frameworks.
| Double-checked locking is not thread-safe (
||reliability, correctness, concurrency, external/cwe/cwe-609|| Identifies wrong implementations of double-checked locking that does not use the
| Race condition in double-checked locking object initialization (
||reliability, correctness, concurrency, external/cwe/cwe-609||Identifies wrong implementations of double-checked locking that performs additional initialization after exposing the constructed object.|
| Arbitrary file write during archive extraction (“Zip Slip”) (
||Fewer false positive results|| Results involving a sanitization step that converts a destination
| Result of multiplication cast to wider type (
||Fewer results|| Results involving conversions to
semmle.code.java.security.DataFlowhas been removed. Improved data flow libraries have been available in
There are no changes in this version that affect Java analysis only in QL for Eclipse, and the QL command-line tools.