Michael Nebel
0cab131c51
Java: Add type based summary model generation query.
2022-11-10 13:57:41 +01:00
Michael Nebel
bdc569feea
Java: Initial implementation of type based model generation.
2022-11-10 13:57:41 +01:00
Ian Lynagh
31a1667fda
Java/Kotlin: Add ExtractorInformation query
2022-11-10 12:22:09 +00:00
Ian Lynagh
eea062d357
Merge pull request #11053 from igfoo/igfoo/java-interface-redeclares-tostring
...
Kotlin: Run java-interface-redeclares-tostring on all platforms
2022-11-10 12:14:49 +00:00
Michael Nebel
9c6875ec0f
Merge pull request #10777 from michaelnebel/csharp/generatedataextensions
...
C#: Generate data extension files
2022-11-10 13:08:31 +01:00
Ian Lynagh
72a26865b5
Kotlin: Add a changenote for enabled-by-default
2022-11-10 11:36:15 +00:00
Ian Lynagh
fd6ae3a216
Kotlin: Accept test output
2022-11-09 15:59:15 +00:00
Anders Schack-Mulligen
151f12ef5e
Java: Improve sink model generation precision by excluding variable capture.
2022-11-09 15:32:30 +01:00
Anders Schack-Mulligen
b3b7711149
Dataflow: Sync.
2022-11-09 14:23:15 +01:00
Anders Schack-Mulligen
ade83b3cfe
Dataflow: Introduce support for src/sink grouping in path results.
2022-11-09 14:22:24 +01:00
Anders Schack-Mulligen
fc4f93c87a
Java/C#: Undo configuration footgun firing.
2022-11-09 13:20:39 +01:00
Jami
cfbaf5e53b
Merge pull request #10785 from jcogs33/insuff-key-size-globalflow-keysize
...
Java: Promote insufficient key size query from experimental
2022-11-08 18:05:01 -05:00
Jami Cogswell
13decd38d9
update sink
2022-11-08 15:29:33 -05:00
Jami Cogswell
bada986433
apply review comments
2022-11-08 15:29:33 -05:00
Jami Cogswell
b99a1d2cd9
update sink and tests
2022-11-08 15:29:33 -05:00
Jami Cogswell
e49c5213ca
update change note
2022-11-08 15:29:33 -05:00
Jami Cogswell
0e93e71127
update tests
2022-11-08 15:29:33 -05:00
Jami Cogswell
695d6f0e4e
move files to regexp directory
2022-11-08 15:29:33 -05:00
Jami Cogswell
5402001362
remove original sanitizer
2022-11-08 15:29:33 -05:00
Jami Cogswell
be548c13e1
switch sink to use csv models
2022-11-08 15:29:33 -05:00
Jami Cogswell
5dcd3b2c0f
clean up files
2022-11-08 15:29:33 -05:00
Jami Cogswell
32f7348d30
update help file
2022-11-08 15:29:33 -05:00
Jami Cogswell
eb30e8fe9e
move Pattern.quote and Pattern.LITERAL models to Regex.qll
2022-11-08 15:29:33 -05:00
Jami Cogswell
81ad10bab5
update sink names
2022-11-08 15:29:33 -05:00
Jami Cogswell
5b089bbb9c
split sanitizer into three
2022-11-08 15:29:33 -05:00
Jami Cogswell
91491d9a7b
refactor into more classes; add more test cases; add LITERAL sanitizer
2022-11-08 15:29:33 -05:00
Jami Cogswell
50d638d1b6
create RegexInjection.qll file
2022-11-08 15:29:33 -05:00
Jami Cogswell
f6f26fe6c5
refactor code; add change note
2022-11-08 15:29:33 -05:00
Jami Cogswell
037a05cd66
add classes for Pattern, Matcher, and RegExUtils
2022-11-08 15:29:33 -05:00
Jami Cogswell
6545cff0ef
add Pattern.quote sanitizer
2022-11-08 15:29:33 -05:00
Jami Cogswell
833c5edf06
move to .qll file and switch to InlineExpectations tests
2022-11-08 15:29:32 -05:00
Jami Cogswell
25436fe555
update options and qlref files
2022-11-08 15:29:32 -05:00
Jami Cogswell
32b140045e
move files out of experimental
2022-11-08 15:29:32 -05:00
Rasmus Wriedt Larsen
4895daba85
DataFlow: Add read/store stepIsLocal consistency checks
2022-11-08 13:32:49 +01:00
Tamás Vajk
38abd389eb
Merge pull request #11045 from tamasvajk/kotlin-confusing-default
...
Kotlin: Excluded compiler generated methods from `java/confusing-method-signature`
2022-11-08 10:25:36 +01:00
Tony Torralba
ef967b6a21
Merge pull request #10890 from atorralba/atorralba/android-startactivities-summaries
...
Java: Add flow summaries for startActivities
2022-11-07 18:06:30 +01:00
Tamás Vajk
ed305d2699
Merge pull request #11032 from tamasvajk/kotlin-unused-for-loop-var
...
Kotlin: exclude loop variables on ranges from 'unused locals' check
2022-11-07 15:44:10 +01:00
Erik Krogh Kristensen
d67235b3c1
Merge pull request #11071 from erik-krogh/fixCanon
...
ReDoS: fix canonicalization in NfaUtils
2022-11-07 14:10:50 +01:00
Chris Smowton
eb365c1d24
Merge pull request #11079 from smowton/smowton/test/test-java-extractor-vs-captured-type-variables
...
Java: Add test for multiply-bounded wildcards
2022-11-07 12:31:19 +00:00
Tamás Vajk
830be92f1d
Merge pull request #11089 from tamasvajk/kotlin-enum-ctor-call
...
Kotlin: Extract missing arguments of enum constructor calls
2022-11-07 12:55:27 +01:00
Chris Smowton
e877967a62
Add test verifying no malformed wildcards result from captured type variables with a Collection<? extends ...> type
2022-11-07 10:29:04 +00:00
Chris Smowton
d999c1d3dd
Java: Add test for multiply-bounded wildcards
...
This exercises several cases of variables bounded both by a wildcard and by a bound on the type parameter, checking that the extractor strips the wildcards and captures to decide on a concrete type for the parameters and return values.
2022-11-07 10:29:04 +00:00
Chris Smowton
1cd30847f6
Merge pull request #11121 from smowton/smowton/fix/java-wildcard-extraction
...
Kotlin: fix extraction of Java nested wildcards; wildcards in return types
2022-11-07 10:23:02 +00:00
Chris Smowton
68face8d46
Merge pull request #11130 from smowton/smowton/fix/kotlin-always-extract-file-labels
...
Kotlin: always populate the `files` table
2022-11-07 10:14:41 +00:00
Anders Schack-Mulligen
99ca28ea9b
Merge pull request #10886 from aschackmull/dataflow/joinorders
...
Dataflow: Fix a couple of join-orders.
2022-11-07 11:05:29 +01:00
Chris Smowton
587aa93f6d
Merge pull request #11105 from smowton/smowton/fix/use-defaults-method-to-implement-jvmoverloads
...
Kotlin: use `$default` functions to implement `@JvmOverloads`
2022-11-07 09:54:16 +00:00
Tamas Vajk
4e8d8a4de1
Add compilerGeneratedReason for enum constructor call arguments
2022-11-07 10:07:05 +01:00
Tamas Vajk
7d927a7396
Adjust enum constructor argument extraction based on review
2022-11-07 10:07:05 +01:00
Tamas Vajk
fb5b344427
Fix failing build on early kotlin versions
2022-11-07 10:07:05 +01:00
Tamas Vajk
44e70afa85
Kotlin: Extract missing arguments of enum constructor calls
2022-11-07 10:07:04 +01:00
