hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,624 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.3
Commit Graph

1409 Commits

Author SHA1 Message Date
Joe Farebrother
3cd675bfff Manually fill in most of the remaining support method calls 2021-09-21 17:56:18 +01:00
Joe Farebrother
6e9bee1be7 Add missing models 2021-09-21 16:32:49 +01:00
Joe Farebrother
25d6e00b1a Implement gen methods for MapDifference 2021-09-21 16:30:12 +01:00
Joe Farebrother
a47897bdf9 Implement Table gen methods 2021-09-21 15:29:06 +01:00
Tony Torralba
99881db8bd Add stubs 2021-09-21 12:10:05 +02:00
Tony Torralba
0c1f3ed0b3 Add tests for ContentProvider sources 2021-09-21 12:09:47 +02:00
luchua-bc
8170f01b66 Query to detect uncontrolled thread resource consumption 2021-09-20 02:12:47 +00:00
Joe Farebrother
4929c66e60 Implement gen methods for collections and maps 2021-09-17 17:37:46 +01:00
Joe Farebrother
3ef09da1df Add models for more of methods; update stubs 2021-09-17 16:57:49 +01:00
Anders Schack-Mulligen
2cbad4aed6 Merge pull request #6600 from atorralba/atorralba/fix-conditionalbypass 
Java: Fix performance of the query User-controlled bypass of sensitive method
 2021-09-17 16:07:39 +02:00
Joe Farebrother
0bff1b4afb Implement get methods 2021-09-17 11:08:09 +01:00
Joe Farebrother
1111afc031 Update tests for new support methods; fix bad model 2021-09-16 15:23:03 +01:00
Joe Farebrother
eb45e67784 Generate tests for modified models 2021-09-16 15:23:02 +01:00
Joe Farebrother
a89bd32eb0 Factor out content manipulating methods from tests to a separate file 2021-09-16 15:23:02 +01:00
Joe Farebrother
56a2dc632b Move tests around and remove files used for generating tests 2021-09-16 15:23:02 +01:00
Joe Farebrother
8425a94729 Mark failing tests as missing 
I'm not sure why these tests don't work.
 2021-09-16 15:23:02 +01:00
Joe Farebrother
7bf55fbc49 Update stubs to not include package protected members 2021-09-16 15:23:02 +01:00
Joe Farebrother
60c6158152 Fill in implementations of getters for synthetic fields 2021-09-16 15:23:01 +01:00
Joe Farebrother
225e70a8d0 Fill in implementations fo getMapKey/Value 2021-09-16 15:23:01 +01:00
Joe Farebrother
338a6f2114 Fill in implementations for getElement 2021-09-16 15:23:01 +01:00
Joe Farebrother
cd7c7c3152 Implement array getters/constructors in generated tests 2021-09-16 15:23:01 +01:00
Joe Farebrother
84748cda76 Increase field flow branch limit. 
I'm a little concerned that this appears to be necassary for tests; as it may mean that results involving these flow steps may not be found in real-world projects.
 2021-09-16 15:23:01 +01:00
Joe Farebrother
f94a61cc8a Remove unneeded rows 2021-09-16 15:23:01 +01:00
Joe Farebrother
b51ffadd27 Improve generated tests 2021-09-16 15:23:01 +01:00
Joe Farebrother
c8e2b027ee Add fieldFlowBranchLimit to the tests 2021-09-16 15:23:00 +01:00
Joe Farebrother
6ae11b5b2c Generate stubs. 
Some generated stubs were manually adjusted due to minor issues in the stub generator.
In particular, ambiguous references were resolved and references to private classes were removed.
 2021-09-16 15:23:00 +01:00
Joe Farebrother
ff733e0334 Fix up issues in generated tests 2021-09-16 15:23:00 +01:00
Joe Farebrother
693d729ec6 Generate tests and fix broken specs 2021-09-16 15:23:00 +01:00
Joe Farebrother
1273b063f4 Fix test expectations 2021-09-16 15:23:00 +01:00
Joe Farebrother
5fee6d2d19 Convert Sets utilities 2021-09-16 15:22:59 +01:00
Joe Farebrother
10f0f3038c Add tables, improve tests, make fixes 2021-09-16 15:22:59 +01:00
Joe Farebrother
73aba09eee Add create methods 2021-09-16 15:22:59 +01:00
Joe Farebrother
035d655e72 Update guava collection flow steps to CSV 2021-09-16 15:22:59 +01:00
Marcono1234
020aa4d94c Java: Address feedback and fix test failures 2021-09-16 14:10:48 +01:00
Marcono1234
58d2d5d14e Java: Replace incorrect usage of Literal.getLiteral() 2021-09-16 14:10:48 +01:00
Tony Torralba
f18c163408 Improve handling of the 'author' word as an exception 2021-09-16 11:57:28 +02:00
Tony Torralba
21079a1315 Fix conditionControlsMethod predicate 
Exceptions for throw and return statements were missing the appropriate condition
 2021-09-15 17:51:51 +02:00
Tony Torralba
5ed9949498 Adapt InsecureBasicAuth to the previous commit 2021-09-15 17:20:28 +02:00
Tony Torralba
30178d4f23 Decouple InsecureBasicAuth.qll to reuse the taint tracking configuration 2021-09-15 17:20:27 +02:00
Tony Torralba
148443fae1 Use InlineExpectationsTest 2021-09-15 17:20:27 +02:00
Tony Torralba
2cada386b4 Refactored into InsecureBasicAuth.qll 2021-09-15 17:20:27 +02:00
Tony Torralba
905be67aae Moved from experimental 2021-09-15 17:20:27 +02:00
Chris Smowton
03db15af9a Merge pull request #6685 from smowton/smowton/admin/android-uri-model 
Java: Add models for android.net.Uri[.Builder]
 2021-09-15 10:48:33 +01:00
Anders Schack-Mulligen
8485b6f0b3 Merge pull request #6691 from bmuskalla/moreStringMethods 
Java: Support String#getChars and #translateEscapes
 2021-09-15 10:14:54 +02:00
Anders Schack-Mulligen
3f7d6e6f85 Merge pull request #6136 from smowton/smowton/admin/spring-xss-content-type-sensitivity 
Spring HTTP: improve content-type sensitivity
 2021-09-15 09:50:56 +02:00
Chris Smowton
e5b84fb795 Use InlineFlowTest 2021-09-14 16:37:07 +01:00
Chris Smowton
367a53dd71 Add models for android.net.Uri[.Builder] 2021-09-14 16:37:07 +01:00
Chris Smowton
6cff0d0376 Merge pull request #6393 from luchua-bc/java/xss-jsf 
Java: CWE-079 Query to detect XSS with JavaServer Faces (JSF)
 2021-09-14 15:15:56 +01:00
Tony Torralba
4e93330cb9 Improved tests 
Note that a FN test case was added
 2021-09-14 15:51:08 +02:00
Anders Schack-Mulligen
26eafcb55a Merge pull request #6456 from smowton/smowton/admin/flexjson-unsafe-deserialization 
Java: add unsafe-deserialization support for Flexjson
 2021-09-14 14:33:22 +02:00