hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

5825 Commits

Author SHA1 Message Date
Chris Smowton
92ab650b7d Use new interpretSpec/2 predicate where appropriate 2021-06-29 15:59:43 +01:00
Chris Smowton
28ab4c083b Make interpretSpec/3 private again 2021-06-29 15:59:43 +01:00
Chris Smowton
c94c69415f Document Content::hasLocationInfo 2021-06-29 15:59:43 +01:00
Chris Smowton
cf7c966ea7 GenerateFlowTestCase: make imports private 2021-06-29 15:59:43 +01:00
Chris Smowton
5a71812001 Adjust import 
Type Content has moved into DataFlowUtil
 2021-06-29 15:59:43 +01:00
Chris Smowton
95b640db20 Resolve missing qldoc errors 
Document some, make some private, and delete the needless modules surrounding the spring models.
 2021-06-29 15:59:43 +01:00
Chris Smowton
eda7bb6aa2 Fix: restrict generated test cases to requested rows 2021-06-29 15:59:14 +01:00
Chris Smowton
bd1bd8cf08 Switch to an abstract unit / predicate approach to specifying rows to generate tests for 
This enables moving this code into the qll file, rather than having to specify a query predicate in the .ql
 2021-06-29 15:59:14 +01:00
Chris Smowton
f3868887b8 Test case generator: rework to use a less-invasive ExternalFlow API 
Some predicate/type names and docs are also improved
 2021-06-29 15:59:14 +01:00
Chris Smowton
59725d635b Test case generator: improve error reporting 
We now distinguish cases where SSV rows are not in scope at all from those where they don't identify a known type or method, or where input or output specs could not be parsed.
 2021-06-29 15:59:14 +01:00
Chris Smowton
dff9c717bc Fix test case generation when no auxiliary support functions are required 2021-06-29 15:59:14 +01:00
Chris Smowton
c49d5253f0 Revise ExternalFlow and FlowSummaryImpl API used for test generation 2021-06-29 15:59:14 +01:00
Chris Smowton
b1af90991d Add help text to GenerateFlowTestCase.py 2021-06-29 15:59:14 +01:00
Chris Smowton
5f1a491516 Fix test-generation when a type variable's bound is itself a type variable 
For example, class G<A, B extends A>
 2021-06-29 15:59:14 +01:00
Chris Smowton
e542e71cf5 Fix testing methods with 2-qualifier or deeper input specifications 
For example, an identity function on lists-of-maps, which might convey MapValue of Element of Argument[0] to MapValue of Element of ReturnValue, requiring `newWithElement(newWithMapValue(source())` on the input side but `getMapValue(getElement(out))` on the output side.
 2021-06-29 15:59:13 +01:00
Chris Smowton
0d8124bc95 Document test generator 2021-06-29 15:59:13 +01:00
Chris Smowton
617201930d Always use source declarations (i.e, raw types) when naming types in tests 2021-06-29 15:59:13 +01:00
Chris Smowton
e8acfec070 Fix formatting of instance variables 2021-06-29 15:59:13 +01:00
Chris Smowton
e2cfc17bfe Fix output of nested and generic type names, and disambiguate overloads where necessary 2021-06-29 15:59:11 +01:00
Chris Smowton
6d9661f412 Fix open-for-writing statement 2021-06-29 15:58:39 +01:00
Chris Smowton
d6edfd50da Determine when a model row didn't produce any tests; fix the model specifications revealed defective by this feature. 2021-06-29 15:55:34 +01:00
Chris Smowton
6360e0b7c4 Add flow-through test case generator 2021-06-29 15:55:13 +01:00
Chris Smowton
6fee40cfde Add flow-through test case generator 2021-06-29 15:55:13 +01:00
Chris Smowton
ba5dc3cdbc Add models of the javax.json package 2021-06-29 15:21:01 +01:00
Sauyon Lee
b76f761e56 Import springvalidation in ExternalFlow.qll 2021-06-29 05:51:58 -07:00
Sauyon Lee
92f1c51653 fixup! Add models for Spring validation.Errors 
Rename SpringErrors to SpringValidation
 2021-06-29 05:51:36 -07:00
Sauyon Lee
534ab86900 Add models for Spring validation.Errors 2021-06-29 05:51:21 -07:00
Chris Smowton
d4bb8a70c2 Merge pull request #5976 from github/sauyon/java/spring-util 
Model Spring `util`
 2021-06-29 13:50:12 +01:00
Anders Schack-Mulligen
ad8bef5177 Update java/ql/src/semmle/code/java/frameworks/spring/SpringUtil.qll 2021-06-29 14:08:48 +02:00
Chris Smowton
9551321592 Fix LinkedMultiValueMap models and make tests more realistic 2021-06-29 12:40:57 +01:00
Chris Smowton
d6c4325c13 Import SpringUtil from ExternalFlow.qll 2021-06-29 12:18:30 +01:00
Chris Smowton
3d270bbc50 Drop models for stringifying functions 
Per default stringification isn't taint-propagating in Java
 2021-06-29 12:01:08 +01:00
Chris Smowton
0441098b18 Amend models of MultiValueMap.addAll overloads 2021-06-29 11:58:46 +01:00
Chris Smowton
b202110285 Drop redundant model that can be inherited from java.util.Iterator 2021-06-29 11:47:22 +01:00
Chris Smowton
f67e9ae1cc Drop tests for protected inner classes 2021-06-29 11:45:59 +01:00
Chris Smowton
5769f4718f Add missing CollectionUtils model 2021-06-29 11:44:29 +01:00
Chris Smowton
659478cc39 Remove model for protected class 
Can't be accessed outside the org.springframework.util package.
 2021-06-29 11:40:19 +01:00
Chris Smowton
f7a4614f56 Add missing tests for AntPathMatcher's protected methods; fix models accordingly 2021-06-29 11:35:25 +01:00
Chris Smowton
dec0123751 Autoformat 2021-06-29 09:52:24 +01:00
yo-h
aa19fe606d Java: add dbscheme stats for permits relation 2021-06-28 21:18:25 -04:00
yo-h
1f6996002a Java: add permits relation to dbscheme (sealed classes) 2021-06-28 19:48:39 -04:00
Sauyon Lee
4012076c90 fixup! Model spring util 
Apply review comments
 2021-06-28 10:52:58 -07:00
Sauyon Lee
92ebb63b1f Model Spring AntPath utils 2021-06-28 08:26:38 -07:00
Sauyon Lee
c4e9b1fd8e Model Spring util 2021-06-28 08:26:37 -07:00
Tony Torralba
8112d723e0 Merge branch 'main' into atorralba/spring-beans 2021-06-28 17:02:31 +02:00
Tony Torralba
393b95cbbe Remove 'magic' from tests 2021-06-28 17:01:34 +02:00
Chris Smowton
3d69868297 Change ID and description of cloned query 
This should be cleaned up more effectively soon, but this suffices to fix the clashing-id problem.
 2021-06-28 12:18:59 +01:00
Chris Smowton
8aa9cd52b5 Merge pull request #5811 from mogwailabs/insecureJmxRmiServerEnvironment 
Java: Add query - insecure environment configuration during JMX/RMI server init
 2021-06-25 22:09:20 +01:00
Timo Mueller
e5fa5325b5 Auto formatting .ql file 2021-06-25 22:31:29 +02:00
Chris Smowton
def4a23af2 Merge pull request #4879 from intrigus-lgtm/java/improve-trustmanager 
Java: Add/improve insecure trustmanager query
 2021-06-25 18:15:55 +01:00