mirror of
https://github.com/github/codeql.git
synced 2026-04-27 09:45:15 +02:00
Merge branch 'main' into jcogs33/java/junit5-missing-nested-annotation
This commit is contained in:
Jami
@@ -1,10 +1,7 @@
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:14:7:14:20 | SSA def(a) : new A(...) { ... } [p] |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:14:11:14:20 | f2(...) : new A(...) { ... } [p] |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:15:16:15:16 | a : new A(...) { ... } [p] |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:15:16:15:22 | get(...) : String |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:18:8:18:15 | p : String |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:18:25:40:3 | SSA def(p) : String |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:28:7:38:5 | SSA def(a) : new A(...) { ... } [p] |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:28:11:38:5 | new (...) : new A(...) { ... } [p] |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:28:11:38:5 | p : String |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:30:14:30:16 | parameter this : new A(...) { ... } [p] |
|
||||
@@ -16,16 +13,11 @@
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:35:26:35:27 | this : new A(...) { ... } [p] |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:39:12:39:12 | a : new A(...) { ... } [p] |
|
||||
| A.java:14:14:14:16 | "A" : String | A.java:39:12:39:12 | p : String |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:14:7:14:20 | SSA def(a) : new A(...) { ... } [String s] |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:14:11:14:20 | f2(...) : new A(...) { ... } [String s] |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:15:16:15:16 | a : new A(...) { ... } [String s] |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:15:16:15:22 | get(...) : String |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:21:7:21:13 | ...=... : String |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:21:7:21:13 | SSA def(s) : String |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:21:7:21:13 | [input] SSA phi(s) : String |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:25:5:25:26 | SSA phi(s) : String |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:25:5:25:26 | phi(String s) : String |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:28:7:38:5 | SSA def(a) : new A(...) { ... } [String s] |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:28:11:38:5 | String s : String |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:28:11:38:5 | new (...) : new A(...) { ... } [String s] |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:30:14:30:16 | parameter this : new A(...) { ... } [String s] |
|
||||
@@ -37,16 +29,11 @@
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:35:26:35:27 | this : new A(...) { ... } [String s] |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:39:12:39:12 | String s : String |
|
||||
| A.java:21:11:21:13 | "B" : String | A.java:39:12:39:12 | a : new A(...) { ... } [String s] |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:14:7:14:20 | SSA def(a) : new A(...) { ... } [String s] |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:14:11:14:20 | f2(...) : new A(...) { ... } [String s] |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:15:16:15:16 | a : new A(...) { ... } [String s] |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:15:16:15:22 | get(...) : String |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:23:7:23:13 | ...=... : String |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:23:7:23:13 | SSA def(s) : String |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:23:7:23:13 | [input] SSA phi(s) : String |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:25:5:25:26 | SSA phi(s) : String |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:25:5:25:26 | phi(String s) : String |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:28:7:38:5 | SSA def(a) : new A(...) { ... } [String s] |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:28:11:38:5 | String s : String |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:28:11:38:5 | new (...) : new A(...) { ... } [String s] |
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:30:14:30:16 | parameter this : new A(...) { ... } [String s] |
|
||||
@@ -60,20 +47,16 @@
|
||||
| A.java:23:11:23:13 | "C" : String | A.java:39:12:39:12 | a : new A(...) { ... } [String s] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:4:5:4:7 | parameter this [Return] : Box [elem] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:4:9:4:16 | e : String |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:4:19:4:31 | SSA def(e) : String |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:4:21:4:24 | this <.field> [post update] : Box [elem] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:4:21:4:28 | ...=... : String |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:4:28:4:28 | e : String |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:6:12:6:18 | parameter this : Box [elem] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:6:31:6:34 | elem : String |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:6:31:6:34 | this <.field> : Box [elem] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:14:7:14:20 | SSA def(a) : new A(...) { ... } [Box b1, ... (2)] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:14:11:14:20 | f2(...) : new A(...) { ... } [Box b1, ... (2)] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:15:16:15:16 | a : new A(...) { ... } [Box b1, ... (2)] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:15:16:15:22 | get(...) : String |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:25:9:25:25 | SSA def(b1) : Box [elem] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:25:14:25:25 | new Box(...) : Box [elem] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:28:7:38:5 | SSA def(a) : new A(...) { ... } [Box b1, ... (2)] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:28:11:38:5 | Box b1 : Box [elem] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:28:11:38:5 | new (...) : new A(...) { ... } [Box b1, ... (2)] |
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:30:14:30:16 | parameter this : new A(...) { ... } [Box b1, ... (2)] |
|
||||
@@ -88,19 +71,16 @@
|
||||
| A.java:25:22:25:24 | "D" : String | A.java:39:12:39:12 | a : new A(...) { ... } [Box b1, ... (2)] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:5:10:5:16 | parameter this [Return] : Box [elem] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:5:18:5:25 | e : String |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:5:28:5:40 | SSA def(e) : String |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:5:30:5:33 | this <.field> [post update] : Box [elem] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:5:30:5:37 | ...=... : String |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:5:37:5:37 | e : String |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:6:12:6:18 | parameter this : Box [elem] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:6:31:6:34 | elem : String |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:6:31:6:34 | this <.field> : Box [elem] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:14:7:14:20 | SSA def(a) : new A(...) { ... } [Box b2, ... (2)] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:14:11:14:20 | f2(...) : new A(...) { ... } [Box b2, ... (2)] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:15:16:15:16 | a : new A(...) { ... } [Box b2, ... (2)] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:15:16:15:22 | get(...) : String |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:27:5:27:6 | b2 [post update] : Box [elem] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:28:7:38:5 | SSA def(a) : new A(...) { ... } [Box b2, ... (2)] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:28:11:38:5 | Box b2 : Box [elem] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:28:11:38:5 | new (...) : new A(...) { ... } [Box b2, ... (2)] |
|
||||
| A.java:27:16:27:18 | "E" : String | A.java:30:14:30:16 | parameter this : new A(...) { ... } [Box b2, ... (2)] |
|
||||
|
||||
@@ -1,6 +1,4 @@
|
||||
| A.java:5:18:5:21 | null | A.java:2:13:2:20 | o |
|
||||
| A.java:5:18:5:21 | null | A.java:5:12:5:21 | SSA def(src) |
|
||||
| A.java:5:18:5:21 | null | A.java:5:18:5:21 | null |
|
||||
| A.java:5:18:5:21 | null | A.java:6:12:6:18 | SSA def(x) |
|
||||
| A.java:5:18:5:21 | null | A.java:6:16:6:18 | src |
|
||||
| A.java:5:18:5:21 | null | A.java:7:10:7:10 | x |
|
||||
|
||||
@@ -3,14 +3,12 @@ edges
|
||||
| A.java:12:14:12:18 | src(...) : Object | A.java:12:5:12:5 | b [post update] : Box [elem] |
|
||||
| A.java:12:14:12:18 | src(...) : Object | A.java:12:5:12:18 | ...=... : Object |
|
||||
| A.java:13:12:13:12 | b : Box [elem] | A.java:17:13:17:16 | f1(...) : Box [elem] |
|
||||
| A.java:17:9:17:16 | SSA def(b) : Box [elem] | A.java:18:8:18:8 | b : Box [elem] |
|
||||
| A.java:17:13:17:16 | f1(...) : Box [elem] | A.java:17:9:17:16 | SSA def(b) : Box [elem] |
|
||||
| A.java:17:13:17:16 | f1(...) : Box [elem] | A.java:18:8:18:8 | b : Box [elem] |
|
||||
| A.java:18:8:18:8 | b : Box [elem] | A.java:21:11:21:15 | b : Box [elem] |
|
||||
#select
|
||||
| 0 | A.java:12:5:12:5 | b [post update] : Box [elem] |
|
||||
| 0 | A.java:12:5:12:18 | ...=... : Object |
|
||||
| 0 | A.java:13:12:13:12 | b : Box [elem] |
|
||||
| 1 | A.java:17:9:17:16 | SSA def(b) : Box [elem] |
|
||||
| 1 | A.java:17:13:17:16 | f1(...) : Box [elem] |
|
||||
| 1 | A.java:18:8:18:8 | b : Box [elem] |
|
||||
| 2 | A.java:21:11:21:15 | b : Box [elem] |
|
||||
|
||||
@@ -2,8 +2,7 @@ edges
|
||||
| A.java:4:16:4:18 | parameter this [Return] [elem] | A.java:22:17:22:25 | new Box(...) [elem] |
|
||||
| A.java:4:16:4:18 | this <constr(this)> [post update] [elem] | A.java:4:16:4:18 | parameter this [Return] [elem] |
|
||||
| A.java:5:19:5:22 | elem | A.java:24:10:24:19 | other.elem |
|
||||
| A.java:22:9:22:25 | SSA def(other) [elem] | A.java:23:13:23:17 | other [elem] |
|
||||
| A.java:22:17:22:25 | new Box(...) [elem] | A.java:22:9:22:25 | SSA def(other) [elem] |
|
||||
| A.java:22:17:22:25 | new Box(...) [elem] | A.java:23:13:23:17 | other [elem] |
|
||||
| A.java:23:13:23:17 | other [elem] | A.java:24:10:24:14 | other [elem] |
|
||||
| A.java:23:13:23:17 | other [post update] [elem] | A.java:24:10:24:14 | other [elem] |
|
||||
| A.java:24:10:24:14 | other [elem] | A.java:24:10:24:19 | other.elem |
|
||||
@@ -11,7 +10,6 @@ edges
|
||||
| A.java:28:5:28:5 | b [post update] [elem] | A.java:27:16:27:20 | b [Return] [elem] |
|
||||
| A.java:28:14:28:25 | new Object(...) | A.java:28:5:28:5 | b [post update] [elem] |
|
||||
#select
|
||||
| 0 | A.java:22:9:22:25 | SSA def(other) [elem] |
|
||||
| 0 | A.java:22:17:22:25 | new Box(...) [elem] |
|
||||
| 0 | A.java:23:13:23:17 | other [elem] |
|
||||
| 0 | A.java:23:13:23:17 | other [post update] [elem] |
|
||||
|
||||
@@ -1,13 +1,9 @@
|
||||
| TestSwitchExpr.java:4:15:4:22 | o |
|
||||
| TestSwitchExpr.java:7:16:7:28 | SSA def(x1) |
|
||||
| TestSwitchExpr.java:7:21:7:28 | source(...) |
|
||||
| TestSwitchExpr.java:8:16:8:30 | SSA def(x2) |
|
||||
| TestSwitchExpr.java:8:21:8:30 | switch (...) |
|
||||
| TestSwitchExpr.java:10:24:10:25 | x1 |
|
||||
| TestSwitchExpr.java:12:16:12:30 | SSA def(x3) |
|
||||
| TestSwitchExpr.java:12:21:12:30 | switch (...) |
|
||||
| TestSwitchExpr.java:13:38:13:39 | x2 |
|
||||
| TestSwitchExpr.java:16:16:16:30 | SSA def(x4) |
|
||||
| TestSwitchExpr.java:16:21:16:30 | switch (...) |
|
||||
| TestSwitchExpr.java:19:23:19:24 | x3 |
|
||||
| TestSwitchExpr.java:23:14:23:15 | x4 |
|
||||
|
||||
@@ -1,24 +1,19 @@
|
||||
| Test.java:12:15:12:47 | SSA def(inp) |
|
||||
| Test.java:12:21:12:47 | new FileInputStream(...) |
|
||||
| Test.java:14:21:14:39 | buffer(...) |
|
||||
| Test.java:14:36:14:38 | inp |
|
||||
| Test.java:15:16:15:54 | SSA def(lines) |
|
||||
| Test.java:15:24:15:54 | readLines(...) |
|
||||
| Test.java:15:42:15:44 | inp |
|
||||
| Test.java:16:18:16:45 | readFully(...) |
|
||||
| Test.java:16:36:16:38 | inp |
|
||||
| Test.java:17:22:17:55 | toBufferedInputStream(...) |
|
||||
| Test.java:17:52:17:54 | inp |
|
||||
| Test.java:18:10:18:71 | SSA def(bufread) |
|
||||
| Test.java:18:20:18:71 | toBufferedReader(...) |
|
||||
| Test.java:18:45:18:70 | new InputStreamReader(...) |
|
||||
| Test.java:18:67:18:69 | inp |
|
||||
| Test.java:19:19:19:48 | toByteArray(...) |
|
||||
| Test.java:19:39:19:41 | inp |
|
||||
| Test.java:20:10:20:50 | SSA def(chars) |
|
||||
| Test.java:20:18:20:50 | toCharArray(...) |
|
||||
| Test.java:20:38:20:40 | inp |
|
||||
| Test.java:21:10:21:43 | SSA def(s) |
|
||||
| Test.java:21:14:21:43 | toString(...) |
|
||||
| Test.java:21:31:21:33 | inp |
|
||||
| Test.java:22:20:22:52 | toInputStream(...) |
|
||||
|
||||
@@ -10,13 +10,11 @@
|
||||
| A.java:20:16:20:16 | this <.field> |
|
||||
| A.java:21:12:21:20 | getThis(...) |
|
||||
| A.java:21:12:21:20 | this <.method> |
|
||||
| A.java:25:7:25:17 | SSA def(a) |
|
||||
| A.java:25:11:25:17 | new A(...) |
|
||||
| A.java:25:11:25:17 | new A(...) [pre constructor] |
|
||||
| A.java:26:12:26:12 | a |
|
||||
| A.java:26:12:26:22 | getThis(...) |
|
||||
| A.java:26:12:26:36 | getThisWrap(...) |
|
||||
| A.java:27:7:27:17 | SSA def(c) |
|
||||
| A.java:27:11:27:17 | new C(...) |
|
||||
| A.java:27:11:27:17 | new C(...) [pre constructor] |
|
||||
| A.java:28:5:28:5 | c |
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
| Test.java:4:14:4:36 | replaceAll(...) | This call to 'replaceAll' should be a call to 'replace' as its $@ is not a regular expression. | Test.java:4:28:4:30 | "t" | first argument |
|
||||
@@ -0,0 +1,2 @@
|
||||
query: Performance/StringReplaceAllWithNonRegex.ql
|
||||
postprocess: utils/test/InlineExpectationsTestQuery.ql
|
||||
@@ -0,0 +1,7 @@
|
||||
public class Test {
|
||||
void f() {
|
||||
String s1 = "test";
|
||||
s1 = s1.replaceAll("t", "x"); // $ Alert // NON_COMPLIANT
|
||||
s1 = s1.replaceAll(".*", "x"); // COMPLIANT
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,13 @@
|
||||
import jakarta.persistence.EntityManager;
|
||||
|
||||
public class JakartaPersistence {
|
||||
|
||||
public static String source() { return null; }
|
||||
|
||||
public static void test(EntityManager entityManager) {
|
||||
|
||||
entityManager.createNativeQuery(source()); // $ sqlInjection
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1 +1 @@
|
||||
//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../../stubs/mongodbClient:${testdir}/../../../../../stubs/springframework-5.8.x:${testdir}/../../../../../stubs/apache-hive --release 21
|
||||
//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../../stubs/mongodbClient:${testdir}/../../../../../stubs/springframework-5.8.x:${testdir}/../../../../../stubs/apache-hive:${testdir}/../../../../../stubs/jakarta-persistence-api-3.2.0 --release 21
|
||||
|
||||
7
java/ql/test/stubs/jakarta-persistence-api-3.2.0/jakarta/persistence/EntityManager.java
generated
Normal file
7
java/ql/test/stubs/jakarta-persistence-api-3.2.0/jakarta/persistence/EntityManager.java
generated
Normal file
@@ -0,0 +1,7 @@
|
||||
package jakarta.persistence;
|
||||
|
||||
public interface EntityManager extends AutoCloseable {
|
||||
|
||||
Query createNativeQuery(String sqlString);
|
||||
|
||||
}
|
||||
7
java/ql/test/stubs/jakarta-persistence-api-3.2.0/jakarta/persistence/Query.java
generated
Normal file
7
java/ql/test/stubs/jakarta-persistence-api-3.2.0/jakarta/persistence/Query.java
generated
Normal file
@@ -0,0 +1,7 @@
|
||||
package jakarta.persistence;
|
||||
|
||||
public interface Query {
|
||||
|
||||
int executeUpdate();
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user