diff --git a/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql index 84c4bb01c12..3abaa7bdcfa 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql @@ -22,6 +22,7 @@ import semmle.code.java.dataflow.ExternalFlow private import semmle.code.java.security.Sanitizers import Log4jInjectionFlow::PathGraph +overlay[local?] deprecated private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "log4j-injection" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql index c84037719da..0929ca3eb80 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql @@ -17,6 +17,7 @@ import semmle.code.java.dataflow.FlowSources import semmle.code.java.dataflow.ExternalFlow import RemoteUrlToOpenStreamFlow::PathGraph +overlay[local?] deprecated private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "openstream-called-on-tainted-url" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql index c8709745852..11bb600ffe8 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql @@ -22,6 +22,7 @@ import semmle.code.java.security.PathSanitizer private import semmle.code.java.security.Sanitizers import InjectFilePathFlow::PathGraph +overlay[local?] deprecated private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "file-path-injection" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql b/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql index 08f7631af82..c13bc3bb245 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql @@ -18,6 +18,7 @@ import semmle.code.java.security.CommandLineQuery import InputToArgumentToExecFlow::PathGraph private import semmle.code.java.dataflow.ExternalFlow +overlay[local?] deprecated private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "jsch-os-injection" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidWebResourceResponse.qll b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidWebResourceResponse.qll index bd898df205a..b988398e4c2 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidWebResourceResponse.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidWebResourceResponse.qll @@ -7,6 +7,7 @@ private import semmle.code.java.dataflow.ExternalFlow private import semmle.code.java.dataflow.FlowSteps private import semmle.code.java.frameworks.android.WebView +overlay[local?] private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "android-web-resource-response" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll b/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll index ce6de1a0679..12ba6769f74 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll @@ -8,6 +8,7 @@ import semmle.code.java.arithmetic.Overflow import semmle.code.java.dataflow.FlowSteps import semmle.code.java.controlflow.Guards +overlay[local?] private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "thread-resource-abuse" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll b/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll index 8fe997793f4..f8e32890250 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll @@ -9,6 +9,7 @@ import semmle.code.java.controlflow.Guards import semmle.code.java.security.UrlRedirect import Regex +overlay[local?] private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "permissive-dot-regex-query" } } diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll index 5cb92d7ba8d..288814c4c51 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll @@ -291,6 +291,7 @@ module MakeImplCommon Lang> { * to `lambdaCall`, if any. That is, `lastCall` is able to target the enclosing * callable of `lambdaCall`. */ + overlay[global] pragma[nomagic] predicate revLambdaFlow( Call lambdaCall, LambdaCallKind kind, Node node, Type t, boolean toReturn, boolean toJump,