mirror of
https://github.com/github/codeql.git
synced 2026-04-30 11:15:13 +02:00
Merge branch 'main' into main
This commit is contained in:
Daniel Santos
@@ -16,15 +16,36 @@
|
||||
import cpp
|
||||
import semmle.code.cpp.commons.Exclusions
|
||||
|
||||
/** Gets the sub-expression of 'e' with the earliest-starting Location */
|
||||
/**
|
||||
* Gets a child of `e`, including conversions but excluding call arguments.
|
||||
*/
|
||||
pragma[inline]
|
||||
Expr getAChildWithConversions(Expr e) {
|
||||
result.getParentWithConversions() = e and
|
||||
not result = any(Call c).getAnArgument()
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the left-most column position of any transitive child of `e` (including
|
||||
* conversions but excluding call arguments).
|
||||
*/
|
||||
int getCandidateColumn(Expr e) {
|
||||
result = e.getLocation().getStartColumn() or
|
||||
result = getCandidateColumn(getAChildWithConversions(e))
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the transitive child of `e` (including conversions but excluding call
|
||||
* arguments) at the left-most column position, preferring less deeply nested
|
||||
* expressions if there is a choice.
|
||||
*/
|
||||
Expr normalizeExpr(Expr e) {
|
||||
result =
|
||||
min(Expr child |
|
||||
child.getParentWithConversions*() = e.getFullyConverted() and
|
||||
not child.getParentWithConversions*() = any(Call c).getAnArgument()
|
||||
|
|
||||
child order by child.getLocation().getStartColumn(), count(child.getParentWithConversions*())
|
||||
)
|
||||
e.getLocation().getStartColumn() = min(getCandidateColumn(e)) and
|
||||
result = e
|
||||
or
|
||||
not e.getLocation().getStartColumn() = min(getCandidateColumn(e)) and
|
||||
result = normalizeExpr(getAChildWithConversions(e)) and
|
||||
result.getLocation().getStartColumn() = min(getCandidateColumn(e))
|
||||
}
|
||||
|
||||
predicate isParenthesized(CommaExpr ce) {
|
||||
@@ -43,8 +64,8 @@ from CommaExpr ce, Expr left, Expr right, Location leftLoc, Location rightLoc
|
||||
where
|
||||
ce.fromSource() and
|
||||
not isFromMacroDefinition(ce) and
|
||||
left = normalizeExpr(ce.getLeftOperand()) and
|
||||
right = normalizeExpr(ce.getRightOperand()) and
|
||||
left = normalizeExpr(ce.getLeftOperand().getFullyConverted()) and
|
||||
right = normalizeExpr(ce.getRightOperand().getFullyConverted()) and
|
||||
leftLoc = left.getLocation() and
|
||||
rightLoc = right.getLocation() and
|
||||
not isParenthesized(ce) and
|
||||
|
||||
@@ -28,7 +28,7 @@ Running path queries in VS Code
|
||||
#. Once the query has finished running, you can see the results in the Results view as usual (under ``alerts`` in the dropdown menu). Each query result describes the flow of information between a source and a sink.
|
||||
#. Expand the result to see the individual steps that the data follows.
|
||||
#. Click each step to jump to it in the source code and investigate the problem further.
|
||||
#. To navigate the path from your keyboard, you can bind shortcuts to the **CodeQL: Show Previous Step on Path** and **CodeQL: Show Next Step on Path** commands.
|
||||
#. To navigate the results from your keyboard, you can bind shortcuts to the **CodeQL: Navigate Up/Down/Left/Right in Result Viewer** commands.
|
||||
|
||||
Further reading
|
||||
-----------------
|
||||
|
||||
@@ -8,16 +8,20 @@ Java framework & library support
|
||||
|
||||
Framework / library,Package,Flow sources,Taint & value steps,Sinks (total),`CWE‑022` :sub:`Path injection`,`CWE‑036` :sub:`Path traversal`,`CWE‑079` :sub:`Cross-site scripting`,`CWE‑089` :sub:`SQL injection`,`CWE‑090` :sub:`LDAP injection`,`CWE‑094` :sub:`Code injection`,`CWE‑319` :sub:`Cleartext transmission`
|
||||
Android,``android.*``,52,479,116,,,3,67,,,
|
||||
Android extensions,``androidx.*``,5,183,8,,,,,,,
|
||||
`Apache Commons Collections <https://commons.apache.org/proper/commons-collections/>`_,"``org.apache.commons.collections``, ``org.apache.commons.collections4``",,1600,,,,,,,,
|
||||
`Apache Commons IO <https://commons.apache.org/proper/commons-io/>`_,``org.apache.commons.io``,,556,106,91,,,,,,15
|
||||
`Apache Commons Lang <https://commons.apache.org/proper/commons-lang/>`_,``org.apache.commons.lang3``,,424,,,,,,,,
|
||||
`Apache Commons Text <https://commons.apache.org/proper/commons-text/>`_,``org.apache.commons.text``,,272,,,,,,,,
|
||||
`Apache HttpComponents <https://hc.apache.org/>`_,"``org.apache.hc.core5.*``, ``org.apache.http``",5,136,28,,,3,,,,25
|
||||
`Apache Log4j 2 <https://logging.apache.org/log4j/2.0/>`_,``org.apache.logging.log4j``,,8,359,,,,,,,
|
||||
`Google Guava <https://guava.dev/>`_,``com.google.common.*``,,728,39,,6,,,,,
|
||||
JBoss Logging,``org.jboss.logging``,,,324,,,,,,,
|
||||
`JSON-java <https://github.com/stleary/JSON-java>`_,``org.json``,,236,,,,,,,,
|
||||
Java Standard Library,``java.*``,3,589,130,28,,,7,,,10
|
||||
Java extensions,"``javax.*``, ``jakarta.*``",63,609,32,,,4,,1,1,2
|
||||
Kotlin Standard Library,``kotlin*``,,1835,12,10,,,,,,2
|
||||
`Spring <https://spring.io/>`_,``org.springframework.*``,29,477,101,,,,19,14,,29
|
||||
Others,"``androidx.core.app``, ``androidx.slice``, ``cn.hutool.core.codec``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.hubspot.jinjava``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2.ognl``, ``com.rabbitmq.client``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``freemarker.cache``, ``freemarker.template``, ``groovy.lang``, ``groovy.util``, ``jodd.json``, ``kotlin``, ``net.sf.saxon.s9api``, ``ognl``, ``okhttp3``, ``org.apache.commons.codec``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.logging``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.ibatis.jdbc``, ``org.apache.log4j``, ``org.apache.logging.log4j``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.velocity.app``, ``org.apache.velocity.runtime``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.hibernate``, ``org.jboss.logging``, ``org.jdbi.v3.core``, ``org.jooq``, ``org.mvel2``, ``org.scijava.log``, ``org.slf4j``, ``org.thymeleaf``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``retrofit2``",65,2326,972,10,,,14,18,,5
|
||||
Others,"``cn.hutool.core.codec``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.hubspot.jinjava``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2.ognl``, ``com.rabbitmq.client``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``freemarker.cache``, ``freemarker.template``, ``groovy.lang``, ``groovy.util``, ``jodd.json``, ``net.sf.saxon.s9api``, ``ognl``, ``okhttp3``, ``org.apache.commons.codec``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.logging``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.ibatis.jdbc``, ``org.apache.log4j``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.velocity.app``, ``org.apache.velocity.runtime``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.hibernate``, ``org.jdbi.v3.core``, ``org.jooq``, ``org.mvel2``, ``org.scijava.log``, ``org.slf4j``, ``org.thymeleaf``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``retrofit2``",60,300,269,,,,14,18,,3
|
||||
Totals,,217,8432,1524,129,6,10,107,33,1,86
|
||||
|
||||
|
||||
@@ -277,7 +277,7 @@ public class OdasaOutput {
|
||||
// Only re-write an existing trap file if we encountered a newer version of the same class.
|
||||
TrapClassVersion trapVersion = readVersionInfo(trap);
|
||||
if (!currVersion.isValid()) {
|
||||
log.warn("Not rewriting trap file for: " + shortName + " " + trapVersion + " " + currVersion + " " + trap);
|
||||
log.trace("Not rewriting trap file for: " + shortName + " " + trapVersion + " " + currVersion + " " + trap);
|
||||
} else if (currVersion.newerThan(trapVersion)) {
|
||||
log.trace("Rewriting trap file for: " + shortName + " " + trapVersion + " " + currVersion + " " + trap);
|
||||
deleteTrapFileAndDependencies(sym, signature);
|
||||
@@ -291,7 +291,7 @@ public class OdasaOutput {
|
||||
// If the TRAP file already exists then we
|
||||
// don't need to write it.
|
||||
if (trap.exists()) {
|
||||
log.warn("Not rewriting trap file for " + trap.toString() + " as it exists");
|
||||
log.trace("Not rewriting trap file for " + trap.toString() + " as it exists");
|
||||
return null;
|
||||
}
|
||||
// If the TRAP file was written in the past, and
|
||||
@@ -301,7 +301,7 @@ public class OdasaOutput {
|
||||
File trapFileDir = trap.getParentFile();
|
||||
File trapOld = new File(trapFileDir, trap.getName().replace(".trap.gz", ".trap-old.gz"));
|
||||
if (trapOld.exists()) {
|
||||
log.warn("Not rewriting trap file for " + trap.toString() + " as the trap-old exists");
|
||||
log.trace("Not rewriting trap file for " + trap.toString() + " as the trap-old exists");
|
||||
return null;
|
||||
}
|
||||
// Otherwise, if any newer TRAP file has already
|
||||
@@ -316,7 +316,7 @@ public class OdasaOutput {
|
||||
if (m.matches() && m.group(1).equals(trapFileBaseName)) {
|
||||
TrapClassVersion v = new TrapClassVersion(Integer.valueOf(m.group(2)), Integer.valueOf(m.group(3)), Long.valueOf(m.group(4)), m.group(5));
|
||||
if (v.newerThan(trapFileVersion)) {
|
||||
log.warn("Not rewriting trap file for " + trap.toString() + " as " + f.toString() + " exists");
|
||||
log.trace("Not rewriting trap file for " + trap.toString() + " as " + f.toString() + " exists");
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1281,6 +1281,7 @@ open class KotlinUsesExtractor(
|
||||
}
|
||||
// Look for an exact type match...
|
||||
javaClass.declarations.findSubType<IrFunction> { decl ->
|
||||
!decl.isFakeOverride &&
|
||||
decl.name.asString() == jvmName &&
|
||||
decl.valueParameters.size == f.valueParameters.size &&
|
||||
decl.valueParameters.zip(f.valueParameters).all { p -> erase(p.first.type).classifierOrNull == erase(p.second.type).classifierOrNull }
|
||||
|
||||
34
java/ql/consistency-queries/diags.ql
Normal file
34
java/ql/consistency-queries/diags.ql
Normal file
@@ -0,0 +1,34 @@
|
||||
import semmle.code.java.Diagnostics
|
||||
|
||||
/*
|
||||
* This query fails if any unexpected diagnostics are recorded in the
|
||||
* database. By putting
|
||||
* // Diagnostic Matches: PAT
|
||||
* in any source files, you can declare that diagnostics matching PAT
|
||||
* (in the string.matches(string) sense) are expected.
|
||||
*/
|
||||
|
||||
class DiagnosticException extends Top {
|
||||
string pattern;
|
||||
|
||||
DiagnosticException() {
|
||||
this.(KtComment).getText() = "// Diagnostic Matches: " + pattern
|
||||
or
|
||||
this.(Javadoc).toString() = "// Diagnostic Matches: " + pattern
|
||||
}
|
||||
|
||||
Diagnostic getException() { diagnosticMessage(result).matches(pattern) }
|
||||
}
|
||||
|
||||
string diagnosticMessage(Diagnostic d) {
|
||||
if d.getFullMessage() != "" then result = d.getFullMessage() else result = d.getMessage()
|
||||
}
|
||||
|
||||
// Check that there aren't any old DiagnosticExceptions left after
|
||||
// something is fixed.
|
||||
query predicate unusedDiagnosticException(DiagnosticException de) { not exists(de.getException()) }
|
||||
|
||||
query predicate unexpectedDiagnostic(Diagnostic d, string s) {
|
||||
s = diagnosticMessage(d) and
|
||||
not d = any(DiagnosticException de).getException()
|
||||
}
|
||||
@@ -1,3 +1 @@
|
||||
| CodeQL Kotlin extractor | 2 | | IrProperty without a getter | d.kt:0:0:0:0 | d.kt:0:0:0:0 |
|
||||
| CodeQL Kotlin extractor | 2 | | Not rewriting trap file for test-db/trap/java/classes/java/lang/Boolean.members/Boolean.members<VERSION>-<MODIFIED>-kotlin.trap.gz as it exists | file://:0:0:0:0 | file://:0:0:0:0 |
|
||||
| CodeQL Kotlin extractor | 2 | | Not rewriting trap file for test-db/trap/java/classes/kotlin/Boolean.members/Boolean.members<VERSION>-<MODIFIED>-null.trap.gz as it exists | file://:0:0:0:0 | file://:0:0:0:0 |
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
|
||||
annotation class SomeAnnotation
|
||||
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
|
||||
@@ -15,4 +15,12 @@ class X {
|
||||
|
||||
annotation class Ann(
|
||||
val p: Int,
|
||||
@get:JvmName("w") val q: Int)
|
||||
@get:JvmName("w") val q: Int)
|
||||
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.jvm.JvmName(name="changeY")
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.jvm.JvmName(name="getX_prop")
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.jvm.JvmName(name="method")
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.jvm.JvmName(name="y")
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
// Diagnostic Matches: Unknown location for kotlin.jvm.JvmName
|
||||
|
||||
@@ -110,3 +110,8 @@ public class TakesArrayList {
|
||||
fun inInArrayComparableAny(c: Comparable<Array<in Array<in Any>>>) { }
|
||||
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
// Diagnostic Matches: Completion failure for type: org.jetbrains.annotations.NotNull
|
||||
// Diagnostic Matches: Unknown location for org.jetbrains.annotations.NotNull
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
| file://:0:0:0:0 | Couldn't find a Java equivalent function to kotlin.Int.toChar in java.lang.Integer |
|
||||
@@ -0,0 +1 @@
|
||||
| test.kt:1:19:1:26 | toChar(...) |
|
||||
@@ -0,0 +1 @@
|
||||
fun f(x: Int) = x.toChar()
|
||||
@@ -0,0 +1,4 @@
|
||||
import java
|
||||
|
||||
from MethodAccess ma
|
||||
select ma
|
||||
@@ -15,6 +15,7 @@ comments
|
||||
| comments.kt:71:9:73:11 | /**\n * An anonymous function comment\n */ | /**\n * An anonymous function comment\n */ |
|
||||
| comments.kt:79:9:81:11 | /**\n * A local function comment\n */ | /**\n * A local function comment\n */ |
|
||||
| comments.kt:88:10:90:11 | /**\n * An anonymous object comment\n */ | /**\n * An anonymous object comment\n */ |
|
||||
| comments.kt:95:1:95:163 | // Diagnostic Matches: % Couldn't get owner of KDoc. The comment is extracted without an owner. ...while extracting a file (comments.kt) at %comments.kt:1:1:96:0% | // Diagnostic Matches: % Couldn't get owner of KDoc. The comment is extracted without an owner. ...while extracting a file (comments.kt) at %comments.kt:1:1:96:0% |
|
||||
commentOwners
|
||||
| comments.kt:4:1:11:3 | /**\n * A group of *members*.\n *\n * This class has no useful logic; it's just a documentation example.\n *\n * @property name the name of this group.\n * @constructor Creates an empty group.\n */ | comments.kt:12:1:31:1 | Group |
|
||||
| comments.kt:4:1:11:3 | /**\n * A group of *members*.\n *\n * This class has no useful logic; it's just a documentation example.\n *\n * @property name the name of this group.\n * @constructor Creates an empty group.\n */ | comments.kt:12:1:31:1 | Group |
|
||||
@@ -39,6 +40,7 @@ commentNoOwners
|
||||
| comments.kt:1:1:1:25 | /** Kdoc with no owner */ |
|
||||
| comments.kt:24:9:24:25 | // A line comment |
|
||||
| comments.kt:28:5:30:6 | /*\n A block comment\n */ |
|
||||
| comments.kt:95:1:95:163 | // Diagnostic Matches: % Couldn't get owner of KDoc. The comment is extracted without an owner. ...while extracting a file (comments.kt) at %comments.kt:1:1:96:0% |
|
||||
commentSections
|
||||
| comments.kt:1:1:1:25 | /** Kdoc with no owner */ | Kdoc with no owner |
|
||||
| comments.kt:4:1:11:3 | /**\n * A group of *members*.\n *\n * This class has no useful logic; it's just a documentation example.\n *\n * @property name the name of this group.\n * @constructor Creates an empty group.\n */ | A group of *members*.\n\nThis class has no useful logic; it's just a documentation example.\n\n |
|
||||
|
||||
@@ -90,4 +90,6 @@ class XX {
|
||||
*/
|
||||
X() {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Diagnostic Matches: % Couldn't get owner of KDoc. The comment is extracted without an owner. ...while extracting a file (comments.kt) at %comments.kt:1:1:96:0%
|
||||
|
||||
@@ -122,3 +122,5 @@ fun fn_when(x: Boolean, y: Boolean) {
|
||||
else -> false
|
||||
} -> { } }
|
||||
}
|
||||
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Int.dec in java.lang.Integer ...while extracting a call (<no name>) at %Test.kt:40:4:40:6%
|
||||
|
||||
@@ -98,3 +98,5 @@ TODO
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Int.dec in java.lang.Integer ...while extracting a call (<no name>) at %Test.kt:40:4:40:6%
|
||||
|
||||
@@ -35,3 +35,5 @@ public class Test2 {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Int.dec in java.lang.Integer ...while extracting a call (<no name>) at %Test2.kt:34:4:34:6%
|
||||
|
||||
@@ -30,4 +30,6 @@ public fun <T> CoroutineScope.async(
|
||||
block: suspend CoroutineScope.() -> T
|
||||
): Deferred<T> {
|
||||
return null!!
|
||||
}
|
||||
}
|
||||
|
||||
// Diagnostic Matches: % Couldn't get owner of KDoc. The comment is extracted without an owner. ...while extracting a file (kotlinx_coroutines_stubs.kt) at %kotlinx_coroutines_stubs.kt:1:1:36:0%
|
||||
|
||||
@@ -338,3 +338,15 @@ fun unaryExprs(i: Int, d: Double, b: Byte, s: Short, l: Long, f: Float) {
|
||||
+f
|
||||
-f
|
||||
}
|
||||
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Byte.dec in java.lang.Byte %
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Byte.inc in java.lang.Byte %
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Byte.toInt in java.lang.Byte %
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Int.dec in java.lang.Integer %
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Int.inc in java.lang.Integer %
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Int.rangeTo in java.lang.Integer %
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Short.inc in java.lang.Short %
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Short.dec in java.lang.Short %
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Short.toInt in java.lang.Short %
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Long.dec in java.lang.Long %
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Long.inc in java.lang.Long %
|
||||
|
||||
@@ -29,4 +29,9 @@ fun foo() {
|
||||
"someString".bar("foo")
|
||||
fun String.baz(p1: String): String { return "Baz" }
|
||||
"someString".baz("bazParam")
|
||||
}
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Completion failure for type: org.jetbrains.annotations.NotNull
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
// Diagnostic Matches: Unknown location for org.jetbrains.annotations.NotNull
|
||||
|
||||
@@ -8,4 +8,7 @@ class B<T> {
|
||||
val b0 = B<String>()
|
||||
val b1 = B<Any>()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
|
||||
@@ -61,3 +61,5 @@ class Class1<T1> {
|
||||
Local<Int>().fn2(t, "")
|
||||
}
|
||||
}
|
||||
|
||||
// Diagnostic Matches: % Found more type arguments than parameters: foo.bar.Class1 ...while extracting a enclosing class (fn1) at %generics.kt:57:5:62:5%
|
||||
|
||||
@@ -3,3 +3,6 @@ public class Test() {
|
||||
internal constructor(x: Int, y: Int) : this() { }
|
||||
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
|
||||
@@ -10,3 +10,6 @@ public class Test {
|
||||
internal fun internalFun() = 3
|
||||
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
|
||||
@@ -1 +1,8 @@
|
||||
fun f(n: Number, b: Byte) = n.toByte() + n.toShort() + n.toInt() + n.toLong() + n.toFloat() + n.toDouble() + b.toByte() + b.toShort() + b.toInt() + b.toLong() + b.toFloat() + b.toDouble()
|
||||
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Byte.toByte in java.lang.Byte ...while extracting a call (<no name>) at %test.kt:1:112:1:119%
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Byte.toDouble in java.lang.Byte ...while extracting a call (<no name>) at %test.kt:1:178:1:187%
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Byte.toFloat in java.lang.Byte ...while extracting a call (<no name>) at %test.kt:1:164:1:172%
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Byte.toInt in java.lang.Byte ...while extracting a call (<no name>) at %test.kt:1:139:1:145%
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Byte.toLong in java.lang.Byte ...while extracting a call (<no name>) at %test.kt:1:151:1:158%
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Byte.toShort in java.lang.Byte ...while extracting a call (<no name>) at %test.kt:1:125:1:133%
|
||||
|
||||
@@ -28,3 +28,5 @@ fun special(n: Number, m: Map<String, String>, s: String, l: MutableList<Int>) {
|
||||
m.entries.first().key
|
||||
m.entries.first().value
|
||||
}
|
||||
|
||||
// Diagnostic Matches: % Couldn't find a Java equivalent function to kotlin.Number.toChar in java.lang.Number %
|
||||
|
||||
@@ -13,3 +13,10 @@ class Dkotlin : Base() {
|
||||
override fun fn0(x: Int): String = super.fn0(x)
|
||||
override suspend fun fn1(x: Int): String = super.fn1(x)
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Completion failure for type: org.jetbrains.annotations.NotNull
|
||||
// Diagnostic Matches: Completion failure for type: org.jetbrains.annotations.Nullable
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
// Diagnostic Matches: Unknown location for org.jetbrains.annotations.NotNull
|
||||
// Diagnostic Matches: Unknown location for org.jetbrains.annotations.Nullable
|
||||
|
||||
@@ -2,3 +2,6 @@ public class Kotlin {
|
||||
internal fun kotlinFun() {
|
||||
}
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
|
||||
@@ -85,3 +85,14 @@ public class TestDefaultParameterReference {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
// Diagnostic Matches: Completion failure for type: org.jetbrains.annotations.NotNull
|
||||
// Diagnostic Matches: Unknown location for org.jetbrains.annotations.NotNull
|
||||
// Diagnostic Matches: Completion failure for type: kotlin.jvm.JvmOverloads
|
||||
// Diagnostic Matches: Completion failure for type: kotlin.jvm.JvmStatic
|
||||
// Diagnostic Matches: Completion failure for type: org.jetbrains.annotations.Nullable
|
||||
// Diagnostic Matches: Unknown location for kotlin.jvm.JvmOverloads
|
||||
// Diagnostic Matches: Unknown location for kotlin.jvm.JvmStatic
|
||||
// Diagnostic Matches: Unknown location for org.jetbrains.annotations.Nullable
|
||||
|
||||
@@ -4,3 +4,10 @@ public class A {
|
||||
fun <T> genericFunctionWithOverloads(x: T? = null, y: List<T>? = null, z: T? = null): T? = z
|
||||
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
// Diagnostic Matches: Completion failure for type: kotlin.jvm.JvmOverloads
|
||||
// Diagnostic Matches: Completion failure for type: org.jetbrains.annotations.Nullable
|
||||
// Diagnostic Matches: Unknown location for kotlin.jvm.JvmOverloads
|
||||
// Diagnostic Matches: Unknown location for org.jetbrains.annotations.Nullable
|
||||
|
||||
@@ -65,3 +65,10 @@ fun externalUser() {
|
||||
NonCompanion.propWithStaticSetter = NonCompanion.propWithStaticGetter
|
||||
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Incomplete annotation: @kotlin.Metadata(%)
|
||||
// Diagnostic Matches: Unknown location for kotlin.Metadata
|
||||
// Diagnostic Matches: Completion failure for type: kotlin.jvm.JvmStatic
|
||||
// Diagnostic Matches: Completion failure for type: org.jetbrains.annotations.NotNull
|
||||
// Diagnostic Matches: Unknown location for kotlin.jvm.JvmStatic
|
||||
// Diagnostic Matches: Unknown location for org.jetbrains.annotations.NotNull
|
||||
|
||||
@@ -31,3 +31,16 @@ public class Int {
|
||||
public object Unit {
|
||||
}
|
||||
|
||||
// Diagnostic Matches: % Can't find java.lang.Boolean
|
||||
// Diagnostic Matches: % Can't find java.lang.Byte
|
||||
// Diagnostic Matches: % Can't find java.lang.Character
|
||||
// Diagnostic Matches: % Can't find java.lang.Double
|
||||
// Diagnostic Matches: % Can't find java.lang.Float
|
||||
// Diagnostic Matches: % Can't find java.lang.Integer
|
||||
// Diagnostic Matches: % Can't find java.lang.Long
|
||||
// Diagnostic Matches: % Can't find java.lang.Short
|
||||
// Diagnostic Matches: % Can't find java.lang.Void
|
||||
// Diagnostic Matches: % Can't find kotlin.UByte
|
||||
// Diagnostic Matches: % Can't find kotlin.UInt
|
||||
// Diagnostic Matches: % Can't find kotlin.ULong
|
||||
// Diagnostic Matches: % Can't find kotlin.UShort
|
||||
|
||||
@@ -11,4 +11,3 @@ class Class1 {
|
||||
kotlin.jvm.internal.collectionToArray(listOf(1))
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
| file://:0:0:0:0 | Truncated string of length 1048577 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048577 | DATE TIME Truncated string of length 1048577\nTruncated string of length 1048577, starting '//A03BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB', ending 'BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBCDE' ...while extracting a file (long_comments.kt) at long_comments.kt:1:1:19:0\n |
|
||||
| file://:0:0:0:0 | Truncated string of length 1048577 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048577 | DATE TIME Truncated string of length 1048577\nTruncated string of length 1048577, starting '//A03BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB', ending 'BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBCDE' ...while extracting a file (long_comments.kt) at long_comments.kt:1:1:22:0\n |
|
||||
| file://:0:0:0:0 | Truncated string of length 1048577 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048577 | DATE TIME Truncated string of length 1048577\nTruncated string of length 1048577, starting 'ABBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB', ending 'BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBCDE' ...while extracting a expression (<no name>) at long_string.kt:16:31:16:1048607\n ...while extracting a variable expr (longStringLiteral3) at long_string.kt:16:5:16:1048608\n ...while extracting a variable (longStringLiteral3) at long_string.kt:16:5:16:1048608\n ...while extracting a statement (longStringLiteral3) at long_string.kt:16:5:16:1048608\n ...while extracting a block body (<no name>) at long_string.kt:13:22:19:1\n ...while extracting a body (<no name>) at long_string.kt:13:22:19:1\n ...while extracting a function (longLiteralFun) at long_string.kt:13:1:19:1\n ...while extracting a declaration (longLiteralFun) at long_string.kt:13:1:19:1\n ...while extracting a file (long_string.kt) at long_string.kt:1:1:21:0\n |
|
||||
| file://:0:0:0:0 | Truncated string of length 1048577 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048577 | DATE TIME Truncated string of length 1048577\nTruncated string of length 1048577, starting 'ABBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB', ending 'BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBCDE' ...while extracting a expression (<no name>) at long_string.kt:16:31:16:1048607\n ...while extracting a variable expr (longStringLiteral3) at long_string.kt:16:5:16:1048608\n ...while extracting a variable (longStringLiteral3) at long_string.kt:16:5:16:1048608\n ...while extracting a statement (longStringLiteral3) at long_string.kt:16:5:16:1048608\n ...while extracting a block body (<no name>) at long_string.kt:13:22:19:1\n ...while extracting a body (<no name>) at long_string.kt:13:22:19:1\n ...while extracting a function (longLiteralFun) at long_string.kt:13:1:19:1\n ...while extracting a declaration (longLiteralFun) at long_string.kt:13:1:19:1\n ...while extracting a file (long_string.kt) at long_string.kt:1:1:21:0\n |
|
||||
| file://:0:0:0:0 | Truncated string of length 1048578 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048578 | DATE TIME Truncated string of length 1048578\nTruncated string of length 1048578, starting '//A04BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB', ending 'BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBCDEF' ...while extracting a file (long_comments.kt) at long_comments.kt:1:1:19:0\n |
|
||||
| file://:0:0:0:0 | Truncated string of length 1048578 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048578 | DATE TIME Truncated string of length 1048578\nTruncated string of length 1048578, starting '//A05"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""', ending '""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""CDEF' ...while extracting a file (long_comments.kt) at long_comments.kt:1:1:19:0\n |
|
||||
| file://:0:0:0:0 | Truncated string of length 1048578 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048578 | DATE TIME Truncated string of length 1048578\nTruncated string of length 1048578, starting '//A04BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB', ending 'BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBCDEF' ...while extracting a file (long_comments.kt) at long_comments.kt:1:1:22:0\n |
|
||||
| file://:0:0:0:0 | Truncated string of length 1048578 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048578 | DATE TIME Truncated string of length 1048578\nTruncated string of length 1048578, starting '//A05"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""', ending '""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""CDEF' ...while extracting a file (long_comments.kt) at long_comments.kt:1:1:22:0\n |
|
||||
| file://:0:0:0:0 | Truncated string of length 1048578 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048578 | DATE TIME Truncated string of length 1048578\nTruncated string of length 1048578, starting 'A"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""', ending '""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""CDEF' ...while extracting a expression (<no name>) at long_string.kt:18:31:18:2097181\n ...while extracting a variable expr (longStringLiteral5) at long_string.kt:18:5:18:2097182\n ...while extracting a variable (longStringLiteral5) at long_string.kt:18:5:18:2097182\n ...while extracting a statement (longStringLiteral5) at long_string.kt:18:5:18:2097182\n ...while extracting a block body (<no name>) at long_string.kt:13:22:19:1\n ...while extracting a body (<no name>) at long_string.kt:13:22:19:1\n ...while extracting a function (longLiteralFun) at long_string.kt:13:1:19:1\n ...while extracting a declaration (longLiteralFun) at long_string.kt:13:1:19:1\n ...while extracting a file (long_string.kt) at long_string.kt:1:1:21:0\n |
|
||||
| file://:0:0:0:0 | Truncated string of length 1048578 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048578 | DATE TIME Truncated string of length 1048578\nTruncated string of length 1048578, starting 'A"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""', ending '""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""CDEF' ...while extracting a expression (<no name>) at long_string.kt:18:31:18:2097181\n ...while extracting a variable expr (longStringLiteral5) at long_string.kt:18:5:18:2097182\n ...while extracting a variable (longStringLiteral5) at long_string.kt:18:5:18:2097182\n ...while extracting a statement (longStringLiteral5) at long_string.kt:18:5:18:2097182\n ...while extracting a block body (<no name>) at long_string.kt:13:22:19:1\n ...while extracting a body (<no name>) at long_string.kt:13:22:19:1\n ...while extracting a function (longLiteralFun) at long_string.kt:13:1:19:1\n ...while extracting a declaration (longLiteralFun) at long_string.kt:13:1:19:1\n ...while extracting a file (long_string.kt) at long_string.kt:1:1:21:0\n |
|
||||
| file://:0:0:0:0 | Truncated string of length 1048578 | CodeQL Kotlin extractor | 2 | | Truncated string of length 1048578 | DATE TIME Truncated string of length 1048578\nTruncated string of length 1048578, starting 'ABBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB', ending 'BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBCDEF' ...while extracting a expression (<no name>) at long_string.kt:17:31:17:1048608\n ...while extracting a variable expr (longStringLiteral4) at long_string.kt:17:5:17:1048609\n ...while extracting a variable (longStringLiteral4) at long_string.kt:17:5:17:1048609\n ...while extracting a statement (longStringLiteral4) at long_string.kt:17:5:17:1048609\n ...while extracting a block body (<no name>) at long_string.kt:13:22:19:1\n ...while extracting a body (<no name>) at long_string.kt:13:22:19:1\n ...while extracting a function (longLiteralFun) at long_string.kt:13:1:19:1\n ...while extracting a declaration (longLiteralFun) at long_string.kt:13:1:19:1\n ...while extracting a file (long_string.kt) at long_string.kt:1:1:21:0\n |
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -28,3 +28,5 @@ public class A {
|
||||
b.elem = new Object();
|
||||
}
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Incomplete inheritance relation for type java.lang.Object and supertype none
|
||||
|
||||
@@ -119,4 +119,6 @@ public class Test<V> {
|
||||
* @param <X> does not exist
|
||||
*/
|
||||
interface GenericInterface<T> {}
|
||||
|
||||
// Diagnostic Matches: Incomplete inheritance relation for type java.lang.Object and supertype none
|
||||
}
|
||||
|
||||
@@ -14,4 +14,6 @@ public class Test {
|
||||
Object test2() {
|
||||
return null; // returnstatement.ql
|
||||
}
|
||||
|
||||
// Diagnostic Matches: Incomplete inheritance relation for type java.lang.Object and supertype none
|
||||
}
|
||||
|
||||
@@ -1197,7 +1197,8 @@ private predicate reachesReturn(
|
||||
exists(DataFlow::Node mid, PathSummary oldSummary, PathSummary newSummary |
|
||||
flowStep(read, cfg, mid, oldSummary) and
|
||||
reachesReturn(f, mid, cfg, newSummary) and
|
||||
summary = oldSummary.append(newSummary)
|
||||
summary = oldSummary.append(newSummary) and
|
||||
pragma[only_bind_out](summary).isLevel()
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -22,14 +22,14 @@ def codeql_workspace(repository_name = "codeql"):
|
||||
_swift_prebuilt_version,
|
||||
repo_arch,
|
||||
),
|
||||
build_file = "@%s//swift/tools/prebuilt:BUILD.swift-prebuilt.bazel" % repository_name,
|
||||
build_file = "@%s//swift/third_party/swift-llvm-support:BUILD.swift-prebuilt.bazel" % repository_name,
|
||||
sha256 = sha256,
|
||||
)
|
||||
|
||||
http_archive(
|
||||
name = "fishhook",
|
||||
url = "https://github.com/facebook/fishhook/archive/aadc161ac3b80db07a9908851839a17ba63a9eb1.zip",
|
||||
build_file = "@%s//swift/tools/fishhook:BUILD.fishhook.bazel" % repository_name,
|
||||
build_file = "@%s//swift/third_party/fishhook:BUILD.fishhook.bazel" % repository_name,
|
||||
strip_prefix = "fishhook-aadc161ac3b80db07a9908851839a17ba63a9eb1",
|
||||
sha256 = "9f2cdee6dcc2039d4c47d25ab5141fe0678ce6ed27ef482cab17fe9fa38a30ce",
|
||||
)
|
||||
|
||||
@@ -52,7 +52,7 @@ pkg_runfiles(
|
||||
|
||||
pkg_files(
|
||||
name = "swift-test-sdk-arch",
|
||||
srcs = ["//swift/tools/prebuilt:swift-test-sdk"],
|
||||
srcs = ["//swift/third_party/swift-llvm-support:swift-test-sdk"],
|
||||
prefix = "qltest/" + codeql_platform,
|
||||
strip_prefix = strip_prefix.from_pkg(),
|
||||
)
|
||||
|
||||
@@ -12,7 +12,7 @@ swift_cc_binary(
|
||||
"//swift/extractor/infra",
|
||||
"//swift/extractor/remapping",
|
||||
"//swift/extractor/visitors",
|
||||
"//swift/tools/prebuilt:swift-llvm-support",
|
||||
"//swift/third_party/swift-llvm-support",
|
||||
],
|
||||
)
|
||||
|
||||
|
||||
@@ -7,6 +7,6 @@ swift_cc_library(
|
||||
visibility = ["//swift:__subpackages__"],
|
||||
deps = [
|
||||
"//swift/extractor/trap",
|
||||
"//swift/tools/prebuilt:swift-llvm-support",
|
||||
"//swift/third_party/swift-llvm-support",
|
||||
],
|
||||
)
|
||||
|
||||
@@ -2,7 +2,7 @@ load("//swift:rules.bzl", "swift_cc_library")
|
||||
|
||||
swift_cc_library(
|
||||
name = "remapping",
|
||||
srcs = ['SwiftOutputRewrite.cpp'] + select({
|
||||
srcs = ["SwiftOutputRewrite.cpp"] + select({
|
||||
"@platforms//os:linux": [
|
||||
"SwiftOpenInterception.Linux.cpp",
|
||||
],
|
||||
@@ -13,7 +13,7 @@ swift_cc_library(
|
||||
hdrs = glob(["*.h"]),
|
||||
visibility = ["//swift:__subpackages__"],
|
||||
deps = [
|
||||
"//swift/tools/prebuilt:swift-llvm-support",
|
||||
"//swift/third_party/swift-llvm-support",
|
||||
] + select({
|
||||
"@platforms//os:linux": [],
|
||||
"@platforms//os:macos": [
|
||||
|
||||
@@ -7,6 +7,6 @@ swift_cc_library(
|
||||
visibility = ["//swift:__subpackages__"],
|
||||
deps = [
|
||||
"//swift/extractor/infra",
|
||||
"//swift/tools/prebuilt:swift-llvm-support",
|
||||
"//swift/third_party/swift-llvm-support",
|
||||
],
|
||||
)
|
||||
|
||||
@@ -3,7 +3,11 @@ private import codeql.swift.dataflow.DataFlow
|
||||
private import codeql.swift.dataflow.ExternalFlow
|
||||
private import codeql.swift.dataflow.FlowSources
|
||||
|
||||
private class UrlRemoteFlowSource extends SourceModelCsv {
|
||||
/**
|
||||
* A model for custom URL remote flow sources. iOS apps can receive arbitrary
|
||||
* URLs from other apps in these functions if they register a custom URL scheme.
|
||||
*/
|
||||
private class CustomUrlRemoteFlowSource extends SourceModelCsv {
|
||||
override predicate row(string row) {
|
||||
row =
|
||||
[
|
||||
|
||||
Reference in New Issue
Block a user