hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

4250 Commits

Author SHA1 Message Date
Jami Cogswell
d8dbdfcd70 rename expected file, add ql file, delete qlref file 2022-08-15 15:50:00 -04:00
Jami Cogswell
fdb437552c clean up android query and tests 2022-08-15 15:49:59 -04:00
Jami Cogswell
cf39cc0909 updates to android debug query 2022-08-15 15:49:59 -04:00
Jami Cogswell
6720dba8e7 draft android debug query 2022-08-15 15:49:59 -04:00
Chris Smowton
774e379eb1 Merge pull request #9742 from smehta23/feat/SM/java_partial_path_traversal_vulnerability 
[JAVA] Partial Path Traversal Vuln Query
 2022-08-15 12:56:16 +01:00
Erik Krogh Kristensen
0adb588fe8 Merge pull request #9712 from erik-krogh/badRange 
JS/RB/PY/Java: add suspicious range query
 2022-08-15 13:55:44 +02:00
Chris Smowton
c40ec728c6 Remove non-ascii char 2022-08-15 12:08:14 +01:00
Chris Smowton
38c0557d90 Adjust test to moved and expanded stubs 2022-08-15 12:08:14 +01:00
Chris Smowton
b62e9dc92c Convert tests to inline expectations and fix one bug revealed doing so 
Specifically Apache sshd defines its sensitive api calls on an inherited interface, and they need to be described that way for us to pick them up.
 2022-08-13 14:02:05 +01:00
Chris Smowton
0a6ccbca45 Add stubs and tests for new hardcoded-credential sinks 2022-08-13 12:39:15 +01:00
erik-krogh
b54f037424 Merge branch 'main' into refacReDoS 2022-08-12 20:28:30 +02:00
Chris Smowton
e9df675f88 Autoformat ql 2022-08-11 09:55:46 +01:00
Anders Schack-Mulligen
74b05d2aa4 Kotlin: Reflection test should not refer to DataFlowPrivate. 2022-08-11 09:48:10 +02:00
Chris Smowton
cc8e9806c4 Merge pull request #10009 from smowton/smowton/java17-options 
Java: Adapt tests as required by JDK17 extractor upgrade
 2022-08-10 18:46:06 +01:00
Chris Smowton
341241cf43 Use SrcFloatingPointLiteral 2022-08-10 17:28:14 +01:00
Anders Schack-Mulligen
cbd6d24b9c Merge pull request #9963 from intrigus-lgtm/java/model-set-properties 
Model `java.util.Properties.setProperty`
 2022-08-10 14:51:00 +02:00
Chris Smowton
8c32758ae5 Merge pull request #9829 from smowton/smowton/fix/kotlin-underscore-parameter-names 
Kotlin: Don't extract a name for a '_' parameter
 2022-08-10 12:28:26 +01:00
Tony Torralba
7f5fe85e2e Merge pull request #9975 from atorralba/atorralba/asynctask-improvs 
Java: Improve AsyncTask data flow support
 2022-08-09 17:10:09 +02:00
Erik Krogh Kristensen
49276b1f38 Merge branch 'main' into refacReDoS 2022-08-09 16:18:46 +02:00
Chris Smowton
1c6642f3fb Format QL 2022-08-09 11:50:54 +01:00
Chris Smowton
80f5b977d6 Use sealed classes released version 2022-08-09 11:50:54 +01:00
yo-h
c46b54b9c2 Java 17: exclude non-source locations in some tests 2022-08-09 11:50:54 +01:00
yo-h
0bf7e075e5 Java 17: adjust expected test output 2022-08-09 11:50:54 +01:00
yo-h
27b699df33 Java: adjust test options for JDK 17 upgrade 2022-08-09 11:50:54 +01:00
Tony Torralba
98b930cd67 Accept test changes in experimental query after AsyncTask improvements 2022-08-08 09:23:12 +02:00
Tony Torralba
03b854a1ed Add test for initializer method 2022-08-05 15:29:17 +02:00
Joe Farebrother
a2245bb858 Fix test 2022-08-05 12:56:19 +01:00
Joe Farebrother
498ad230c2 Update stubs 2022-08-05 12:56:19 +01:00
Joe Farebrother
c4de158e0d Add tests 2022-08-05 12:56:18 +01:00
Tony Torralba
9ee90f8022 Remove unnecessary import from test 2022-08-05 11:11:13 +02:00
Tony Torralba
5ebce6ee4f Improve AsyncTask data flow support 
Model the life-cycle described here: https://developer.android.com/reference/android/os/AsyncTask\#the-4-steps
 2022-08-05 10:29:49 +02:00
intrigus
88ded4679a Accept test changes 2022-08-04 16:21:53 +02:00
intrigus
c867a1a146 Test setProperty/put with taint stored earlier 2022-08-04 16:21:51 +02:00
intrigus
0b7f0fbe54 Accept test changes 2022-08-04 16:21:50 +02:00
intrigus
55618adf6a Model java.util.Properties.setProperty 2022-08-04 16:21:48 +02:00
Chris Smowton
84a4b6a866 Make reporting locations consistent with PathCreation; add test 2022-08-03 10:42:09 +01:00
Tony Torralba
593ce01362 Merge pull request #9908 from atorralba/atorralba/xml-inline-exp-test 
Java: Add support for XML InlineExpectationsTest
 2022-07-29 14:49:19 +02:00
Tony Torralba
ec03ebbbfc Add spurious and missing test cases 2022-07-29 13:44:25 +02:00
Tony Torralba
6091f0dbce Use camelCase for XML acronym 2022-07-29 13:44:11 +02:00
luchua-bc
b69eba9238 Add check for Spring redirect 2022-07-29 01:59:47 +00:00
Chris Smowton
1737ed50ba Add test cases for wildcard lowering of array types 2022-07-28 15:52:00 +01:00
Chris Smowton
8cd2aeb65d Accept test changes 2022-07-28 15:52:00 +01:00
Chris Smowton
e7f275382e Add test for Java wildcard substitution 2022-07-28 15:51:59 +01:00
Tony Torralba
7ca955a0e6 Add support for XML InlineExpectationsTest 2022-07-27 17:23:10 +02:00
Chris Smowton
9e7fc1731f Merge pull request #9898 from smowton/smowton/fix/kotlin-super-calls 
Kotlin: implement super-method calls
 2022-07-27 11:31:36 +01:00
Tony Torralba
e179126abb Merge pull request #9129 from atorralba/atorralba/get-underlying-expr 
Java: Add Expr::getUnderlyingExpr predicate
 2022-07-27 11:42:28 +02:00
luchua-bc
1ce31ec32c Add sinks of servlet dispatcher and filter 2022-07-26 23:05:25 +00:00
Chris Smowton
5086841b46 Kotlin: implement super-method calls 
If we only look at the dispatch receiver, these show up like `this` references rather than `super` references, preventing flow through super-calls. The super-interface case requires properly noting that interface methods with a body get a `default` modifier in order to avoid QL discarding the method as a possible callee.
 2022-07-26 17:03:46 +01:00
Tony Torralba
33f5620782 Add more models 2022-07-26 11:06:11 +02:00
Tony Torralba
95db81658b Add CSV models for java.util.Scanner 2022-07-26 10:42:24 +02:00