hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,000 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.3
Commit Graph

1162 Commits

Author SHA1 Message Date
Tony Torralba
e54eaed26f Refactor tests to use InlineFlowTest 2023-04-26 12:19:59 +02:00
Tony Torralba
db73e16b70 Add tests 2023-04-26 12:12:10 +02:00
Jami
cff7f63193 Merge pull request #12838 from jcogs33/jcogs33/add-class-for-callables-interesting-for-modeling 
Java: add class that represents callables that are interesting for MaD models
 2023-04-25 09:28:56 -04:00
Tony Torralba
e3d93c3581 Fix FileCopyUtils models 2023-04-24 15:07:19 +02:00
Jami Cogswell
2ae4b646a0 Java: adjust genVsMan query test cases 2023-04-20 16:19:15 -04:00
Jami Cogswell
fa1a6da60d Java: update genVsMan query test case 2023-04-20 16:19:15 -04:00
Tony Torralba
62f5a5dcd5 Merge pull request #10707 from atorralba/atorralba/log-injection-sanitizers 
Java: Add line break sanitizers to java/log-injection
 2023-04-19 08:20:04 +02:00
Ed Minnix
e6a2528c38 Refactor XSS and SpringJDBC tests to lib configurations 2023-04-17 23:48:06 -04:00
Ed Minnix
66f971e70d Refactor query tests 2023-04-17 23:48:06 -04:00
Jami
a149c41baf Merge pull request #12155 from jcogs33/jcogs33/add-heuristic-ssrf-models 
Java: add ssrf models discovered with heuristics
 2023-04-17 15:45:48 -04:00
Tony Torralba
f5702f5c69 Address review comment 
Handle more regex cases that cover line breaks
 2023-04-17 09:33:44 +02:00
Tony Torralba
e167d3ce00 Add line break sanitizers 2023-04-17 09:33:44 +02:00
Ed Minnix
0fc775027f Fix SensitiveResultReceiver test case 2023-04-13 23:06:16 -04:00
Edward Minnix III
3e55c47e3e flow(_, sink) to flowTo(sink) 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-04-13 23:06:16 -04:00
Ed Minnix
88eb0231c1 Refactor taintedString.ql test 2023-04-13 23:06:16 -04:00
Ed Minnix
735a7383c6 Refactor HardcodedCredentialsSourceCall 2023-04-13 23:06:16 -04:00
Jami Cogswell
0e3d9e1fec Java: update options file 2023-04-13 09:57:44 -04:00
Jami Cogswell
f27eff4f73 Java: add tests back 2023-04-13 09:15:03 -04:00
Jami Cogswell
6271b6f1c3 Java: temp removal of tests 2023-04-13 09:15:02 -04:00
Jami Cogswell
0445509080 Java: update test cases and add stubs 2023-04-13 09:15:02 -04:00
Jami Cogswell
540b8391dc Java: add more tests 2023-04-13 09:12:55 -04:00
Jami Cogswell
cd7b79f62b Java: add tests for org.apache.hc.client5.http.fluent 2023-04-13 09:12:54 -04:00
Jami Cogswell
1afa5af3dd Java: move version 5 tests to new file and add tests for org.apache.hc.client5.http.classic.methods 2023-04-13 09:12:54 -04:00
Jami Cogswell
2a23f8766e Java: add tests for org.apache.hc.client5.http.async.methods.model.yml; resolve conflicts 2023-04-13 09:12:54 -04:00
Jami Cogswell
c4f8a9a2eb Java: update genVsMan query test case; resolve conflict 2023-04-06 10:21:53 -04:00
Jami
c55c9f50c9 Merge pull request #12680 from jcogs33/jcogs33/metrics-query-refactor-top500 
Java: test GeneratedVsManualCoverage query on top 500 JDK APIs
 2023-04-06 10:07:35 -04:00
Jami Cogswell
cc92936f6a Java: rename stubs directory 2023-04-06 08:32:09 -04:00
Jonathan Leitschuh
0d774a647c Fix partial path traversal Java example Again 
The original wouldn't compile, and the fix made by #11899 is sub-optimal.
This keeps the entire comparision using the Java `Path` object, which is optimal.

Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2023-03-31 23:36:07 -04:00
Jami Cogswell
0688fa6ed1 Java: update expected file for results without interface members 2023-03-31 18:02:09 -04:00
Jami Cogswell
c69745a6f8 Java: fix stubs 2023-03-31 18:02:09 -04:00
Jami Cogswell
266939840d Java: update expected file with results that include interface members 2023-03-31 18:02:09 -04:00
Jami Cogswell
8b18df0987 Java: update top jdk apis test case with stubs 2023-03-31 18:02:09 -04:00
Jami Cogswell
e0524a1177 Java: add test case for top jdk apis 2023-03-31 18:02:09 -04:00
Ed Minnix
a798b1959f Replace flow(_, sink) with flowTo(sink) 2023-03-29 22:33:09 -04:00
Ed Minnix
6a3eadf6cb Refactor ImplicitPendingIntents 2023-03-29 22:33:09 -04:00
Ed Minnix
42b582da2f Refactor StaticInitializationVector 2023-03-29 22:33:09 -04:00
Ed Minnix
469ac80d40 Refactor PartialPathTraversal 2023-03-29 22:33:09 -04:00
Ed Minnix
f8e26f1571 Refactor MissingJWTSignatureCheck 2023-03-29 22:33:09 -04:00
Ed Minnix
cae5637d8d Refactor InsufficientKeySize 2023-03-29 22:33:09 -04:00
Ed Minnix
fa2f0dbc3b Refactor InsecureBasicAuth 2023-03-29 22:33:09 -04:00
Ed Minnix
dcd46c2236 Refactor InsecureTrustManager 2023-03-29 22:33:09 -04:00
Ed Minnix
2698b61514 Refactor HardcodedCredentialsApiCall.qll 2023-03-29 22:33:08 -04:00
Ed Minnix
ac8dec740a Refactor UnsafeCertTrustQuery 2023-03-29 22:33:08 -04:00
Ed Minnix
a040ff6997 Refactor ConditionalBypass 2023-03-29 22:33:08 -04:00
Ed Minnix
e5f11d00a7 Refactor CWE-502/UnsafeDeserialization 2023-03-29 22:33:08 -04:00
Edward Minnix III
117a983423 Merge pull request #12639 from egregius313/egregius313/java/refactor-injection-queries 
Java: Refactor injection queries to new dataflow API
 2023-03-29 11:02:18 -04:00
Ed Minnix
9bfb13b942 Update to the Global/flow* api 2023-03-27 12:26:18 -04:00
Ed Minnix
658c54a18f Change names of configuration to fit new naming convention 2023-03-27 12:16:44 -04:00
Ed Minnix
6a0167fa7f Convert to using the new DataFlow modules 2023-03-27 12:16:44 -04:00
Ed Minnix
98b445c6b7 Convert test to InlineExpectationsTest 2023-03-27 12:16:43 -04:00