hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,612 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.7
Commit Graph

4033 Commits

Author SHA1 Message Date
Edward Minnix III
eadb8a3988 Merge pull request #10106 from egregius313/egregius313/android-backup-allowed 
Java: Query to detect Android backup allowed
 2022-09-12 11:14:03 -04:00
Tamás Vajk
4569b9585f Merge pull request #10313 from tamasvajk/kotlin-fix-vararg 
Kotlin: Fix `vararg` extraction outside of method call
 2022-09-12 15:54:50 +02:00
Tony Torralba
79a32f1a3e Tainting the freemarker dataModel isn't exploitable 2022-09-12 14:22:06 +02:00
Tony Torralba
409a123490 Tainting the velocity context isn't exploitable 2022-09-12 11:38:29 +02:00
Ed Minnix
817f12cae6 Updated expectations file with new message 
The warning message for the `android:allowBackup` query was updated.
This updates the message in the expectations file.
 2022-09-09 11:35:48 -04:00
Ian Lynagh
c7e3051edd Merge pull request #10239 from tamasvajk/kotlin-fix-declaration-stack 
Kotlin: Fix declaration stack
 2022-09-09 16:03:31 +01:00
Tamás Vajk
05fcbdd9e3 Merge pull request #10365 from tamasvajk/kotlin-fix-isUnspecialised-2 
Kotlin: Fix `isUnspecialised` to handle generic classes inside generic methods
 2022-09-09 16:27:19 +02:00
Tamas Vajk
b8b0fd8a74 Kotlin: Fix isUnspecialised to handle generic classes inside generic methods 2022-09-09 14:32:38 +02:00
Tamas Vajk
3267d7c96e Kotlin: Add test case with various nested generics 2022-09-09 11:09:50 +02:00
Tony Torralba
d748fb5648 Fix bad models, add tests for those 2022-09-09 10:08:52 +02:00
Tony Torralba
e311155acd Use InlineExpectationsTest 2022-09-08 17:38:25 +02:00
Tony Torralba
c9728098ef Generate stubs, adapt tests 2022-09-08 17:38:21 +02:00
Tony Torralba
d5f101d7e6 Add implicit read FlowState test 2022-09-08 17:19:39 +02:00
Ed Minnix
59909751ae Change allowBackup tests to use qlref test format 
Due to some limitations of comments in XML, it is simpler to implement
the `android:allowBackup` tests using the qlref/expectations test format.
 2022-09-08 10:34:17 -04:00
Ed Minnix
e69a8269ad Move CleartextStorage test files into separate dir 
Move the files for the CleartextStorage tests into their own directory
to avoid issues with extraction
 2022-09-08 10:33:05 -04:00
Ed Minnix
09b723fc6d Formatting fixes for allowBackup tests 2022-09-07 13:30:19 -04:00
Ed Minnix
5206c792b0 Additional Unit tests for the allowBackup query 2022-09-07 12:07:48 -04:00
Tamás Vajk
b129c4098d Merge pull request #10278 from tamasvajk/kotlin-reified-enum 
Kotlin: Extract error expression for `enumValues<T>` calls
 2022-09-07 17:33:08 +02:00
Tamas Vajk
25977778a2 Kotlin: Fix duplicate field entry in declaration stack 2022-09-07 15:21:11 +02:00
Tamas Vajk
0c257a1b78 Kotlin: add test for incorrect declaration stack 2022-09-07 15:21:10 +02:00
Tony Torralba
cd61bd0606 Move files from experimental 2022-09-07 13:13:40 +02:00
Tamás Vajk
3410dd589d Merge pull request #9783 from tamasvajk/feature/kotlin-stdlib-mad 
Kotlin: Add MaD for stdlib
 2022-09-07 12:57:23 +02:00
Tony Torralba
8e0b4892ee Add Implicit PendingIntents sinks for Compat classes 2022-09-07 11:04:22 +02:00
Tamas Vajk
07038d0b3a Fix QL formatting 2022-09-07 10:48:22 +02:00
Tamás Vajk
b1e0d73de8 Merge pull request #10297 from tamasvajk/kotlin-fix-kotlin-to-java-fn-names 
Kotlin: Lookup getter methods based on special JVM method mapping
 2022-09-07 08:56:19 +02:00
Ed Minnix
0a83cedeb7 Unit tests for android:allowBackup query 2022-09-06 13:52:43 -04:00
Tony Torralba
ff731f1d83 Merge pull request #10138 from atorralba/atorralba/contentresolver-summaries 
Java: Add summaries for ContentResolver and adjacent classes
 2022-09-06 16:28:28 +02:00
Tony Torralba
b745b5ab71 Add models for androidx.core.app.NotificationCompat 2022-09-06 14:43:13 +02:00
Tamas Vajk
826bbdf834 Kotlin: Fix vararg extraction outside of method call 2022-09-06 11:32:32 +02:00
Tamas Vajk
cb3c53dee7 Kotlin: Add test case for unexpected vararg extraction error 2022-09-06 11:32:24 +02:00
Tony Torralba
b94e0d3e69 Merge pull request #10251 from atorralba/atorralba/implicit-pendingintent-sinks 
Java: Add new AlarmManager sinks to Use of implicit PendingIntents
 2022-09-06 11:31:27 +02:00
Tamás Vajk
5f841f71db Merge pull request #10291 from tamasvajk/kotlin-fix-array-set 
Kotlin: Fix array `set` operator extraction
 2022-09-06 09:01:05 +02:00
Tamas Vajk
1c21ce0ec4 Kotlin: Lookup getter methods based on special JVM method mapping 2022-09-05 16:02:25 +02:00
Tamas Vajk
6a90db9b30 Kotlin: List diagnostics for special getter method extraction 2022-09-05 16:00:40 +02:00
Ian Lynagh
b38ad13f82 Merge pull request #10268 from tamasvajk/kotlin-local-function-comments 
Kotlin: fix doc comment extraction for local functions
 2022-09-05 13:35:01 +01:00
Tamas Vajk
6f7f760682 Kotlin: Fix array set operator extraction 2022-09-05 10:20:07 +02:00
Tamas Vajk
608f99bd0d Kotlin: Add test case for various array set operator overloads 2022-09-05 10:19:57 +02:00
Tamas Vajk
37500d274a Accept failing consistency test 2022-09-05 08:58:38 +02:00
Tamas Vajk
7daf53fd99 Add regenerated models after rebase 2022-09-02 16:32:42 +02:00
Tamas Vajk
5004a5fb60 Fix failing external model tests 2022-09-02 16:12:22 +02:00
Tamas Vajk
9fad42b25d Kotlin: Add manual model for Array.withIndex 2022-09-02 16:12:21 +02:00
Tamas Vajk
a144fa06dc Kotlin: Add generated MaD for stdlib 2022-09-02 16:12:21 +02:00
Tamas Vajk
57d861337b Kotlin: Add dataflow tests for stdlib calls 2022-09-02 16:12:21 +02:00
Tamas Vajk
71cce9cf28 Kotlin: Extract error expression for enumValues<T> calls 2022-09-02 15:42:05 +02:00
Tamas Vajk
fd0d2ad767 Kotlin: Add test for enumValues call with type parameter 2022-09-02 15:40:03 +02:00
Ian Lynagh
07b3b15528 Merge pull request #10221 from tamasvajk/kotlin-internal 
Kotlin: Change `Modifiable::isPublic` to not cover Kotlin `internal` members
 2022-09-02 11:51:56 +01:00
Tamas Vajk
c77f573a8e Kotlin: fix doc comment extraction for local functions 2022-09-02 10:47:08 +02:00
Tamas Vajk
46c52aeaae Kotlin: Add test for doc comment on local functions 2022-09-02 10:45:08 +02:00
Tamas Vajk
e66d2dddb6 Fix review findings 2022-09-01 14:07:27 +02:00
Tamas Vajk
a5415c9c8a Kotlin: Fix array indexer extraction 2022-09-01 11:12:14 +02:00