363 Commits

Author	SHA1	Message	Date
f1v3	168fc4170d	Apply suggestions from code review	2021-09-30 14:26:14 +01:00
alexet	447eb23356	Java: Fix for tc magic issue with subtyping.	2021-09-29 16:01:08 +01:00
Joe Farebrother	3ae5f13c3d	Generate tests and stubs	2021-09-29 15:44:21 +01:00
Rasmus Wriedt Larsen	987b573709	Fix hasLocationInfo URL reference ... Follow up to https://github.com/github/codeql/pull/5830	2021-09-29 13:47:58 +02:00
Chris Smowton	413ac4e8f4	Merge pull request #6684 from owen-mc/java/model/apache-collections-subpackages ... Java: model remaining subpackages of Apache Commons Collections	2021-09-28 12:28:48 +01:00
Anders Schack-Mulligen	e95dc82087	Autoformat.	2021-09-28 13:00:50 +02:00
Tony Torralba	cec6cd0830	Merge pull request #6724 from atorralba/atorralba/android-contentprovider-sources ... Java: Add sources for content providers in Android	2021-09-28 12:13:54 +02:00
Anders Schack-Mulligen	9a9bbe3123	Dataflow: Support side-effects for callbacks in summaries.	2021-09-28 11:42:38 +02:00
Tony Torralba	46eb27cd01	Don't restrict inputs to be ParameterNodes ... Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-09-28 11:21:56 +02:00
Anders Schack-Mulligen	fc8b439263	Merge pull request #6740 from aschackmull/java/callback-dispatch ... Java: Add callback dispatch to more anonymous classes.	2021-09-28 10:49:27 +02:00
Owen Mansel-Chan	342c14887b	Fix existing models for MapUtils	2021-09-27 16:24:37 +01:00
Owen Mansel-Chan	f69787afd0	Miscellaneous model fixes	2021-09-27 16:24:30 +01:00
Owen Mansel-Chan	9b12980688	Do not model some protected methods	2021-09-27 16:24:29 +01:00
Owen Mansel-Chan	cb0f82c36e	Do not modelled protected static inner classes	2021-09-27 16:24:29 +01:00
Owen Mansel-Chan	3b678bfbc5	Address review comments	2021-09-27 16:24:28 +01:00
Owen Mansel-Chan	e1750adc38	Address problems highlighted by generating tests	2021-09-27 16:24:27 +01:00
Owen Mansel-Chan	fd0fb9483e	Model the remaining subpackages in Apache Commons Collections	2021-09-27 16:24:26 +01:00
Owen Mansel-Chan	3d1d491e6b	Model java.lang.Object.clone() better for access paths. ... Model value flow for Element, MapKey and MapValue. This assumes that clone() is a shallow copy.	2021-09-27 16:24:25 +01:00
Anders Schack-Mulligen	cfa0d46b73	Merge pull request #6097 from atorralba/atorralba/promote-xslt-injection ... Java: Promote XSLT Injection from experimental	2021-09-27 13:14:57 +02:00
Tony Torralba	d5f675c2dc	Fix unbound field ... Add tests for non-exported providers	2021-09-27 12:58:28 +02:00
Tony Torralba	78c12dc505	Move to lib	2021-09-27 12:04:14 +02:00
Tony Torralba	6967b06dee	Decouple XsltInjection.qll to reuse the taint tracking configuration	2021-09-27 11:59:51 +02:00
Tony Torralba	6d9a88d1c8	Move to lib	2021-09-27 11:43:46 +02:00
alexet	49f8f46354	Java: Cache params string computation.	2021-09-24 14:12:26 +01:00
Anders Schack-Mulligen	854f2a046a	Java: Add StringLiteral.isTextBlock().	2021-09-24 13:11:18 +02:00
Tony Torralba	b52a2cd292	Apply code review comments ... Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-09-23 15:48:15 +02:00
Anders Schack-Mulligen	4841c3037d	Java: Add callback dispatch to more anonymous classes.	2021-09-23 14:34:56 +02:00
Joe Farebrother	0919042692	Model Bundle and Intent extra methods	2021-09-23 12:03:45 +01:00
Tony Torralba	d0b9920cac	Fix encryption sanitizer ... It now discards sensitive exprs (sources) instead of sinks for better precision	2021-09-23 10:42:30 +02:00
Tony Torralba	51d2b5225e	Remove cached property from SensitiveSource::flowsTo	2021-09-23 10:42:30 +02:00
Tony Torralba	a30554e97c	Refactored cleartext storage libraries	2021-09-23 10:42:30 +02:00
Chris Smowton	93daaf5b5b	Merge pull request #6174 from joefarebrother/guava-collections ... Java: Model Guava collections package	2021-09-23 09:13:24 +01:00
Joe Farebrother	522c6e01d2	Sort models by class and name	2021-09-22 15:23:01 +01:00
Joe Farebrother	6e9bee1be7	Add missing models	2021-09-21 16:32:49 +01:00
Anders Schack-Mulligen	2c41de6648	Merge pull request #6720 from aschackmull/java/isunreachableincall-joinorder ... Java: Fix join-order in isUnreachableInCall.	2021-09-21 16:07:42 +02:00
Anders Schack-Mulligen	dd1bed02e8	Merge pull request #6721 from aschackmull/dataflow/subpaths01-joinorder ... Dataflow: Fix join-order in subpaths01	2021-09-21 16:05:41 +02:00
Tony Torralba	a811ab3aff	Add ContentProvider sources	2021-09-21 12:09:28 +02:00
Anders Schack-Mulligen	eaf05305ff	Merge pull request #6709 from aschackmull/java/local-taint-collections ... Java: Add container flow to the local taint flow relation.	2021-09-20 16:04:45 +02:00
Anders Schack-Mulligen	044623a360	Dataflow: Sync.	2021-09-20 14:58:28 +02:00
Anders Schack-Mulligen	07c05528ef	Dataflow: Fix join-order in subpaths01.	2021-09-20 14:58:12 +02:00
Anders Schack-Mulligen	c72e385a47	Java: Fix join-order in isUnreachableInCall.	2021-09-20 14:09:09 +02:00
Joe Farebrother	3ef09da1df	Add models for more of methods; update stubs	2021-09-17 16:57:49 +01:00
Anders Schack-Mulligen	2cbad4aed6	Merge pull request #6600 from atorralba/atorralba/fix-conditionalbypass ... Java: Fix performance of the query User-controlled bypass of sensitive method	2021-09-17 16:07:39 +02:00
Joe Farebrother	1111afc031	Update tests for new support methods; fix bad model	2021-09-16 15:23:03 +01:00
Joe Farebrother	eb45e67784	Generate tests for modified models	2021-09-16 15:23:02 +01:00
Joe Farebrother	1eacbd88b8	Fix up some incorrect models; simplify/remove some redundand ones	2021-09-16 15:23:02 +01:00
Joe Farebrother	39349f3763	Fix failing test	2021-09-16 15:23:02 +01:00
Joe Farebrother	225e70a8d0	Fill in implementations fo getMapKey/Value	2021-09-16 15:23:01 +01:00
Joe Farebrother	338a6f2114	Fill in implementations for getElement	2021-09-16 15:23:01 +01:00
Joe Farebrother	cd7c7c3152	Implement array getters/constructors in generated tests	2021-09-16 15:23:01 +01:00