4531 Commits

Author	SHA1	Message	Date
Marcono1234	c760d39d59	Merge remote-tracking branch 'remotes/origin/main' into marcono1234/statement-expression	2022-05-09 00:28:19 +02:00
Marcono1234	36f56b5a18	Java: Rename StmtExpr to ValueDiscardingExpr ... As mentioned by aschackmull during review, StatementExpression as defined by the JLS only lists possible types of expressions, it does _not_ specify that their value is discarded. Therefore, for example any method call could be considered a StatementExpression. The name ValueDiscardingExpr was chosen as replacement because the JLS uses the phrase "if the expression has a value, the value is discarded" multiple times.	2022-05-09 00:27:15 +02:00
Mathias Vorreiter Pedersen	176e40f139	Merge pull request #9052 from github/post-release-prep/codeql-cli-2.9.1 ... Post-release preparation for codeql-cli-2.9.1	2022-05-06 13:15:17 +01:00
github-actions[bot]	1a25457178	Post-release preparation for codeql-cli-2.9.1	2022-05-05 19:05:50 +00:00
Tony Torralba	ca2959cf37	Merge pull request #8537 from atorralba/atorralba/unsafe_android_access_improvs ... Java: Improvements to UnsafeAndroidAccess	2022-05-05 16:46:54 +02:00
Tom Hvitved	04cc73823d	Java: Introduce 'with/without content' summary components	2022-05-05 14:25:48 +02:00
Tom Hvitved	d9d5372f28	Data flow: Sync files	2022-05-05 13:36:26 +02:00
Michael Nebel	2dc35c123a	Java/Ruby: Sync files.	2022-05-05 13:08:55 +02:00
Tom Hvitved	66a9759329	Merge pull request #8870 from hvitved/dataflow/expect-content ... Data flow: Introduce `expectsContent`	2022-05-05 09:01:40 +02:00
Joe Farebrother	c7d30087d1	Fix issue with named backrefs; add needed import	2022-05-04 15:41:42 +01:00
Joe Farebrother	2d82dfba38	Reorder backreference predicates	2022-05-04 15:41:41 +01:00
Joe Farebrother	9078e13f1c	Apply reveiw suggestions ... - make java imports private - qdoc fixes - reorder predicates - simplifications	2022-05-04 15:41:41 +01:00
Joe Farebrother	b854a2185e	Fix use of sinkModel	2022-05-04 15:41:41 +01:00
Joe Farebrother	b08f22c24d	Remove unnecassary import	2022-05-04 15:41:41 +01:00
Joe Farebrother	eec57d4f25	Simplify dataflow logic by using only one configuration, and expessing more sinks with models-as-data	2022-05-04 15:41:41 +01:00
Joe Farebrother	2a80540157	Sync shared files	2022-05-04 15:41:40 +01:00
Joe Farebrother	e5ca924240	Allow quantifiers invoving {}; add comments	2022-05-04 15:41:40 +01:00
Chris Smowton	bc17d4b91f	Break the recursion between seqChild, RegExpTerm and TRegExpSequence	2022-05-04 15:41:40 +01:00
Chris Smowton	0d13864bc8	Restrict polynomial ReDoS' strings-parsed-as-regexes search to those that could possibly be interesting ... In practice for polynomial ReDoS this means those regexes containing at least one potentially-infinite quantifier (* or +).	2022-05-04 15:41:39 +01:00
Joe Farebrother	0f606d987d	Remove redundant super call. ... Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2022-05-04 15:41:39 +01:00
Joe Farebrother	522a8aff6f	Fix filename case	2022-05-04 15:41:39 +01:00
Joe Farebrother	3d65a9cafc	Update shared files	2022-05-04 15:41:39 +01:00
Joe Farebrother	375ded4ede	Move check to exlude test cases so that it also covers exponential redos	2022-05-04 15:41:39 +01:00
Joe Farebrother	1605d36ddf	Refine polynomial redos sources to exclude length limited methods	2022-05-04 15:41:39 +01:00
Joe Farebrother	04edc10f1e	Exclude regexes from test code	2022-05-04 15:41:38 +01:00
Joe Farebrother	6794268a3c	Split PolynomialRedos definition into a library to avoid duplication in the tests	2022-05-04 15:41:38 +01:00
Joe Farebrother	5555985ad6	Distingush between whether or not a regex is matched against a full string ... Also some fixes and additional tests	2022-05-04 15:41:38 +01:00
Joe Farebrother	bb562643c6	Support possessive quantifiers, which cannot backtrack. ... They are approximated by limiting them to up to one repetition (effectively making *+ like ? and ++ like a no-op).	2022-05-04 15:41:37 +01:00
Joe Farebrother	49374b877a	Fix parsing of alternations in character classes	2022-05-04 15:41:37 +01:00
Joe Farebrother	5ba6bafbef	Use occursInRegex more ccnsistently throughout	2022-05-04 15:41:37 +01:00
Chris Smowton	f5809a7440	ReDoS performance fixes	2022-05-04 15:41:37 +01:00
Joe Farebrother	2d963176bf	Fix change note	2022-05-04 15:41:37 +01:00
Joe Farebrother	9bd3916800	Add change note	2022-05-04 15:41:37 +01:00
Joe Farebrother	3ce0c2c23b	Add more regex use functions in String	2022-05-04 15:41:36 +01:00
Joe Farebrother	c312b4b6b0	Add missing qldoc	2022-05-04 15:41:36 +01:00
Joe Farebrother	57ba8a4d1b	Improve handling of hex escapes; and support some named character classes	2022-05-04 15:41:36 +01:00
Joe Farebrother	5143585080	Fix to PolynomialRedos not finding results and to test cases not finding that	2022-05-04 15:41:36 +01:00
Joe Farebrother	91887ab229	Sync shared files	2022-05-04 15:41:36 +01:00
Joe Farebrother	e23162d91b	Add test cases for PolynomialRedos dataflow logic; make fixes	2022-05-04 15:41:35 +01:00
Joe Farebrother	457cf41825	Support more escaped characters	2022-05-04 15:41:35 +01:00
Joe Farebrother	9f4da65030	Improve calculation of locations of regex terms	2022-05-04 15:41:35 +01:00
Joe Farebrother	dd200e29d4	Improve char set depth calculation	2022-05-04 15:41:35 +01:00
Joe Farebrother	e797d2195c	Topologically sort RegexString	2022-05-04 15:41:34 +01:00
Joe Farebrother	bc109521aa	Simplify octal handling	2022-05-04 15:41:34 +01:00
Joe Farebrother	9e88c67c19	Add more test cases; make some fixes	2022-05-04 15:41:34 +01:00
Joe Farebrother	aa1337db86	Apply style suggestions from code review	2022-05-04 15:41:34 +01:00
Joe Farebrother	e954db293a	Convert snake case predicates to camel case	2022-05-04 15:41:34 +01:00
Joe Farebrother	5b61de67de	Implement style/doc suggestions from code review	2022-05-04 15:41:33 +01:00
Joe Farebrother	28649da187	Add parser tests; fix some parser issues. ... [temporarily renamed existing regex/Test.java during rebasing to avoid conflict]	2022-05-04 15:41:33 +01:00
Joe Farebrother	8e1918216e	Add PrintAst support for regex terms	2022-05-04 15:41:33 +01:00