549 Commits

Author	SHA1	Message	Date
Tony Torralba	48b0df4a3e	Add tests, minor bugfixes	2021-06-08 10:35:18 +02:00
Tony Torralba	d77d0c9e10	Added summaries for Spring PropertyValues	2021-06-07 17:35:03 +02:00
Anders Schack-Mulligen	f73960da8f	Merge pull request #5788 from Marcono1234/marcono1234/stmt-toString ... Java: Override toString() for statements	2021-06-04 12:41:03 +02:00
Anders Schack-Mulligen	60377a8f86	Merge pull request #5383 from smowton/smowton/feature/strbuilder-fluent-methods ... Java: Add models for StrBuilder's fluent methods	2021-06-04 12:33:24 +02:00
Anders Schack-Mulligen	30cb80b341	Merge pull request #5181 from smowton/smowton/feature/commons-tostringbuilder ... Java: Add models for Commons ToStringBuilder	2021-06-04 12:30:36 +02:00
Marcono1234	485b0be805	Java: Fix expected test output	2021-06-03 17:15:00 +02:00
Marcono1234	e0a45507f8	Java: Adjust toString() for statements	2021-06-03 16:27:36 +02:00
Marcono1234	7e778bc008	Java: Override toString() for statements ... Additionally remove redundant QLDoc which is inherited anyways.	2021-06-03 16:27:35 +02:00
Anders Schack-Mulligen	dbe352f3ff	Java: Remove deprecated tests.	2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen	901996f9fd	Java: Add collection flow test.	2021-06-01 11:47:52 +02:00
Anders Schack-Mulligen	43d1b0ab27	Java: Update qltests.	2021-06-01 11:47:52 +02:00
Sebastian Bauersfeld	28f597440f	Add method invocations of Spring's SavedRequest as a remote sources.	2021-05-20 20:00:14 +07:00
Jonathan Leitschuh	5a68ac88ef	Cleanup Jackson logic after code review	2021-05-11 10:48:22 -04:00
Jonathan Leitschuh	bacc3ef5b3	[Java] Jackson add support for 2 step deserialization taint flow	2021-05-11 10:36:47 -04:00
Jonathan Leitschuh	d0638db6e7	[Java] Add data flow through Iterator deserializers for Jackson	2021-05-11 10:36:47 -04:00
Jonathan Leitschuh	56b1f15dda	[Java] Add taint tracking through Jackson deserialization	2021-05-11 10:36:47 -04:00
Jonathan Leitschuh	dfad1fc740	[Java] Add support for com.google.common.base.MoreObjects#firstNonNull	2021-05-03 12:58:00 -04:00
Chris Smowton	6589460357	Add models for Commons ToStringBuilder ... These don't include support for reflectionToString yet, which is coming up in a subsequent PR.	2021-04-21 15:47:19 +01:00
yo-h	cb524b6c19	Merge pull request #5611 from github/yo-h/java16 ... Java: adjust test `options` for JDK 16 upgrade	2021-04-19 15:12:23 -04:00
Anders Schack-Mulligen	579c955892	Java: Adjust some tests.	2021-04-19 14:06:27 +02:00
yo-h	4f2060f96b	Merge commit '2d618d6b928d8b76ac8033b3b63d9bde71caa325' into yo-h/java16	2021-04-11 23:55:33 -04:00
Tom Hvitved	fd8f745468	Java: Adopt shared flow summary library and refactor data-flow nodes.	2021-04-09 16:57:03 +02:00
Anders Schack-Mulligen	6109ef5e88	Merge pull request #5475 from Marcono1234/marcono1234/minus-literal ... Java: Improve documentation regarding minus in front of numeric literals	2021-04-08 16:11:14 +02:00
yo-h	cc63563a88	Merge remote-tracking branch 'upstream-public/main' into yo-h/java16	2021-04-06 13:16:02 -04:00
Chris Smowton	3a274424ab	Convert fluent method models to csv and generalise to the three different variants of StrBuilder.	2021-03-26 14:31:36 +00:00
Chris Smowton	851317e34f	Add models for StrBuilder's fluent methods	2021-03-26 14:31:36 +00:00
Chris Smowton	7fb5bd0cab	Add tests for and slightly expand models of Commons Lang's ArrayUtils class	2021-03-25 15:11:51 +00:00
Marcono1234	993999f64f	Java: Add test for negative numeric literals	2021-03-22 17:43:34 +01:00
yo-h	b495e1efab	Merge pull request #5411 from aschackmull/java/dataflow-lambda-dispatch ... Java: Bugfix dispatch to lambda in call context.	2021-03-22 08:25:21 -04:00
Marcono1234	fa98443bb7	Java: Add value predicates for float and double literals; improve tests	2021-03-21 18:07:55 +01:00
yo-h	0200aedc2e	Java 16: adjust test options	2021-03-21 12:55:25 -04:00
Joe Farebrother	980b2c1f4c	Convert existing Guava models to CSV system	2021-03-16 14:24:49 +00:00
Anders Schack-Mulligen	d1f30d9164	Java: Autoformat.	2021-03-15 15:28:04 +01:00
Anders Schack-Mulligen	662e17ff85	Java: Bugfix dispatch to lambda in call context.	2021-03-15 15:09:03 +01:00
Chris Smowton	58d5c2c32d	Abbreviate redundant value-flow / taint-flow tests	2021-03-12 10:53:27 +00:00
Chris Smowton	6508a223c3	Remove useless =y value specification from inline test expectations	2021-03-11 16:22:56 +00:00
Chris Smowton	b5268def16	Add models for CONST_BYTE and CONST_SHORT	2021-03-11 16:22:56 +00:00
Chris Smowton	1c1ca70027	Add models for flow- and taint-preserving functions in Commons ObjectUtils. ... These should all be value-preserving, but we don't support value-preserving varargs methods yet.	2021-03-11 16:22:54 +00:00
Chris Smowton	189b2215c5	Remove useless value from inline test expectations	2021-03-09 15:11:39 +00:00
Chris Smowton	9163893879	Add models for Commons-Lang's RegExUtils class	2021-03-09 15:11:13 +00:00
Joe Farebrother	7a4ce83169	Merge pull request #5310 from joefarebrother/guava-io ... Java: Add modelling for Guava IO utilities	2021-03-09 11:19:44 +00:00
Chris Smowton	6cf15f49bb	Replace hasTaintFlow=y with hasTaintFlow everywhere	2021-03-08 11:57:35 +00:00
Marcono1234	b7353f0bb0	Java: Simplify tests using InlineExpectationsTest	2021-03-08 11:49:52 +00:00
Anders Schack-Mulligen	cf4f55d9ab	Merge pull request #5223 from smowton/smowton/feature/backward-dataflow-for-modelled-fluent-methods ... Java: Add backward dataflow edges through modelled function invocations	2021-03-05 15:11:43 +01:00
Chris Smowton	012058a866	Apply review suggestions: use ArgumentNode.argumentOf, and change more uses of ValuePreservingCallable -> ValuePreservingMethod	2021-03-05 13:34:13 +00:00
Chris Smowton	990bdc20b0	Move value-preserving callable class into FlowSteps	2021-03-05 11:55:53 +00:00
Joe Farebrother	3f3640fcbd	Model ByteArrayDataOutput	2021-03-05 11:19:55 +00:00
Joe Farebrother	470a2ca336	Add CopyTo	2021-03-05 11:19:55 +00:00
Joe Farebrother	d30d1a2ab2	Add unit tests and fix issues	2021-03-05 11:19:52 +00:00
Joe Farebrother	56e611faaa	Switch existing test cases to inline expectations	2021-03-05 11:19:25 +00:00