1271 Commits

Author	SHA1	Message	Date
Michael Nebel	0ed724eb13	Java: Make a flow summary for Set.clear using WithoutElement and introduce appropriate tests.	2023-08-08 11:10:08 +02:00
Stephan Brandauer	3433437034	Java: automodel application mode: only extract the first argument corresponding to a varargs array	2023-08-07 14:15:17 +02:00
Stephan Brandauer	e1a5eba61b	Java: automodel application mode: refactor varargs endpoint class to rely on normal argument node for nicer extracted examples	2023-08-07 12:18:52 +02:00
Stephan Brandauer	0781cb78e8	Java: automodel application mode: add isVarargsArray metadata value	2023-08-07 12:18:51 +02:00
Stephan Brandauer	5abf7769a7	Java: automodel application mode: use endpoint class like in framework mode	2023-08-07 12:18:51 +02:00
Tony Torralba	fb0102b763	Java: New models for JAX-RS	2023-08-07 11:52:23 +02:00
Anders Starcke Henriksen	e2abd3ff13	Create separate automodel pack.	2023-08-03 13:55:15 +02:00
Michael Nebel	e97a4a1aea	Java: Update telemetry test expected output.	2023-08-01 12:03:44 +02:00
Stephan Brandauer	bc3e78f034	Java: add automodel framework mode test case for newly supported interface-method parameter extraction	2023-08-01 09:18:58 +02:00
Stephan Brandauer	5ad984f22f	Java: update text expectations after merging #13823	2023-08-01 09:18:58 +02:00
Stephan Brandauer	da87d82d08	Java: fix a comment	2023-08-01 09:18:58 +02:00
Stephan Brandauer	be629b27ed	Java: Automodel package private test case	2023-08-01 09:18:57 +02:00
Stephan Brandauer	f5c4155d63	Java: Automodel tests: update after merging #13818	2023-08-01 09:18:57 +02:00
Stephan Brandauer	44b8ec642e	Java: merge framework mode tests into one	2023-08-01 09:18:57 +02:00
Stephan Brandauer	8cc367c45e	Java: merge application mode tests into one	2023-08-01 09:18:57 +02:00
Stephan Brandauer	37b6b46dbf	Java: update extraction query tests after merging PR #13747	2023-08-01 09:18:57 +02:00
Stephan Brandauer	50603102d1	Java: tests for automodel application mode, test that local calls are not candidates	2023-08-01 09:18:57 +02:00
Stephan Brandauer	457604e37e	Java: tests for automodel framework mode negative example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	938a7a788f	Java: tests for automodel application mode negative example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	abed936556	Java: tests for automodel framework mode positive example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	1bc222ec40	Java: tests for automodel application mode positive example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	2e89a11949	Java: tests for automodel application mode candidate extraction	2023-08-01 09:18:56 +02:00
Stephan Brandauer	18fe587e75	Java: tests for automodel framework mode candidate extraction	2023-08-01 09:18:56 +02:00
Tony Torralba	2cbb7ed296	Java: Add XXE sinks for MDHT	2023-07-31 11:13:17 +02:00
Geoffrey White	369f88beda	Java: Fix for multiple parse mode flags.	2023-07-20 11:49:54 +01:00
Geoffrey White	32c10885d4	Java: Add test case.	2023-07-20 11:43:11 +01:00
Anders Schack-Mulligen	ae24d68b5d	C/C++/C#/Java/Python/Ruby/Swift: Adjust expected output.	2023-07-19 11:41:15 +02:00
Tony Torralba	16529cdd18	Add failing test	2023-07-10 17:40:15 +02:00
Koen Vlaswinkel	51af03d2bc	Java: Add tests for names of nested classes	2023-06-28 09:52:25 +02:00
Tony Torralba	a7c2a25cac	Merge pull request #12879 from atorralba/atorralba/java/command-injection-mad-sinks ... Java: Convert all command injection sinks to MaD format	2023-06-27 14:06:45 +02:00
Jorge	7d0b880bf7	Merge branch 'main' into jorgectf/deserialization-lookahead	2023-06-23 18:24:39 +02:00
jorgectf	b6e4ba6f9d	Add SerialKiller model	2023-06-23 18:19:43 +02:00
Jeroen Ketema	742eb8dd12	Java: Rewrite InlineFlowTest as a parameterized module	2023-06-15 10:52:10 +02:00
Tony Torralba	182513a981	Merge pull request #13235 from atorralba/atorralba/java/hudson-models ... Java: Add Hudson models	2023-06-14 12:33:18 +02:00
Jeroen Ketema	c3ba206b6a	Merge pull request #13346 from jketema/inline-2 ... Update inline expectation tests to use parameterized module	2023-06-13 10:10:55 +02:00
Tony Torralba	ffe67689ec	Merge branch 'main' into atorralba/java/command-injection-mad-sinks	2023-06-13 09:27:33 +02:00
Jeroen Ketema	49993b023e	Java: Rewrite inline expectation tests to use parameterized module	2023-06-09 10:42:17 +02:00
Anders Schack-Mulligen	85d6b44d92	Java: Fix test output.	2023-06-09 08:37:36 +02:00
Anders Schack-Mulligen	a0a9d30286	Java: Fix qltests.	2023-06-09 08:37:35 +02:00
Tony Torralba	6d7234f8ed	Merge pull request #13225 from atorralba/atorralba/java/path-injection-mad-sinks-2 ... Java: Migrate path injection sinks to models-as-data (simplified)	2023-06-07 14:27:36 +02:00
Tony Torralba	ad2f558002	Add Hudson models ... Includes models-as-data rows, flow sources, and XSS sanitizers. Tests for models-as-data rows not included.	2023-06-02 11:06:24 +02:00
Tony Torralba	527fe523a8	Add PathCreation.qll sinks to models-as-data ... The old PathCreation sinks can't be removed because doing so would cause alert wobble in the path injection queries. See their getReportingNode predicates.	2023-06-02 09:14:35 +02:00
Tony Torralba	c3b1ef2cdf	Merge branch 'main' into atorralba/java/command-injection-mad-sinks	2023-06-02 08:57:24 +02:00
Nick Rolfe	7290e2bfd9	Java: avoid call to Location.toString()	2023-06-01 17:06:34 +01:00
Tony Torralba	903fdb0cb8	Java: Add models for the Play Framework	2023-05-26 10:23:43 +02:00
Tony Torralba	a276cc3094	Convert all command injection sinks to MaD format	2023-05-25 11:41:32 +02:00
Tony Torralba	7d0b02e267	Merge pull request #13248 from atorralba/atorralba/java/nio-files-copy-models-fix ... Java: Tweak java.nio.file.Files.copy models	2023-05-24 10:55:15 +02:00
Tony Torralba	654bb00946	Java: Tweak java.nio.files.Files.copy models	2023-05-23 10:27:19 +02:00
Ed Minnix	774baead60	Add test case based on missing result	2023-05-22 15:57:15 -04:00
Tony Torralba	b58eb3a92c	Java: Add TemplateEngine.createTemplate as a groovy injection sink	2023-05-19 17:45:47 +02:00