hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,624 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.3
Commit Graph

4059 Commits

Author SHA1 Message Date
Tom Hvitved
c3ecae503b Data flow: Sync files 2021-09-01 19:58:47 +02:00
Benjamin Muskalla
ee8958ba03 Fix nodes for local taint test 2021-09-01 15:55:59 +02:00
Benjamin Muskalla
c1d34d7d6f Move Strings to lib 2021-09-01 15:55:39 +02:00
Benjamin Muskalla
190bf90bc8 Replace stringbuilder step with model 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
7ddf7ff211 Track taint from concatenated string 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
d178fe4e5d Fix failing tests 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
93bc8aa7b2 Fix tests to take trim into account 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
7be179cf6c Mark String constructor as propagating taint 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
3928ffd30d Support CharSequence#subSequence 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
b7e608abc9 Model string builder APIs 2021-09-01 15:41:14 +02:00
Benjamin Muskalla
dab626270d Convert Objects API to csv model 2021-09-01 15:41:14 +02:00
Benjamin Muskalla
5df5805d36 Convert strings to summary model 2021-09-01 15:41:14 +02:00
Benjamin Muskalla
e0d978fd58 Migrate String constructor to model 2021-09-01 15:41:13 +02:00
Chris Smowton
c92b7828cb Merge pull request #6580 from smowton/smowton/admin/guava-models-mistakes 
Fix minor mistakes in old Guava models
 2021-08-31 19:44:23 +01:00
Sauyon Lee
7156dee270 Merge pull request #6521 from sauyon/java/test-gen-improvements 
Java: generate more realistic tests
 2021-08-31 10:06:08 -07:00
Chris Smowton
7977d9c253 Fix minor mistakes in old Guava models 
Also add tests for the affected functions
 2021-08-31 15:26:09 +01:00
Chris Smowton
b38a23daee Fix test cases featuring primitive arrays 
Previously we couldn't print the name of types like `byte[]` for example.
 2021-08-31 15:12:47 +01:00
Chris Smowton
f94d8c341d Abbreviate multi-column min 2021-08-31 11:57:49 +01:00
Chris Smowton
510f5abb9a Add missing qldoc 2021-08-31 11:56:03 +01:00
Chris Smowton
5dddc48e60 autoformat 2021-08-31 11:53:13 +01:00
github-actions[bot]
b28e956dd2 Add changed framework coverage reports 2021-08-30 00:08:31 +00:00
Sauyon Lee
adcb90aa8c fixup generateflowtestcase chaneg 2021-08-27 11:25:03 -07:00
Sauyon Lee
23b9028d2c Correctly determine which support method definitions are required 2021-08-27 11:25:03 -07:00
Sauyon Lee
04e04b3031 Use array allocation syntax 2021-08-27 11:25:03 -07:00
Sauyon Lee
97faeb026f Fix side of stack that gen method types are used 2021-08-27 11:25:03 -07:00
Sauyon Lee
119de6c60c Replace type variables before attempting to match to an array generation 2021-08-27 11:25:03 -07:00
Sauyon Lee
9d66761eeb Consider a callable to ambiguous if it has a varargs parameter 2021-08-27 11:25:02 -07:00
Sauyon Lee
0d174f2daf Only include support methods and imports from working test cases 2021-08-27 11:25:02 -07:00
Sauyon Lee
2132ee52d5 Restrict the size of appliesTo for default methods 2021-08-26 08:02:21 -07:00
Sauyon Lee
abf3bbbe8d Add qldoc for public elements 2021-08-26 08:02:21 -07:00
Sauyon Lee
e7611ab641 Move getCall and appliesTo to relevant classes 2021-08-26 08:02:21 -07:00
Sauyon Lee
ce8d14e6ef Add a priority predicate for test generation support methods 2021-08-26 08:02:21 -07:00
Sauyon Lee
1bd5eb5120 Use if statement instead of manual disjuction 2021-08-26 08:02:21 -07:00
Sauyon Lee
73d6177477 Java test gen: make char zero '\0' 2021-08-26 08:02:20 -07:00
Chris Smowton
2b0f6a2723 Java: Generate more realistic tests 2021-08-26 08:02:20 -07:00
Chris Smowton
33c727e6b9 Split up GenerateFlowTestCase.qll 
This doesn't change any behaviour or alter any predicate bodies
 2021-08-26 08:02:19 -07:00
Chris Smowton
7a0555ecb3 Merge pull request #6357 from artem-smotrakov/static-iv 
Java: Static initialization vector
 2021-08-26 13:45:43 +01:00
Benjamin Muskalla
9ca3b4661a Fix return value for requireNonNullElse 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-26 14:03:55 +02:00
Benjamin Muskalla
8abb9fb045 Replace Objects model 2021-08-26 12:06:56 +02:00
Benjamin Muskalla
4e2c148e80 Model Objects API as CSV 2021-08-26 12:06:47 +02:00
Fosstars
1dd4bf00ac Simplify StaticInitializationVectorSource 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-26 09:42:23 +02:00
Artem Smotrakov
23e2322635 Simplify ArrayUpdate 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-25 19:43:43 +02:00
Artem Smotrakov
f41828e5db Better qldoc in StaticInitializationVectorQuery.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-25 19:38:33 +02:00
Fosstars
f97c8bb049 Removed sanitizer in StaticInitializationVectorConfig 2021-08-25 12:40:48 +02:00
Fosstars
86b7b2b86d Updated qldoc for ArrayUpdate 2021-08-25 12:14:36 +02:00
Fosstars
c80a1da483 Don't consider copyOf() and clone() in ArrayUpdate 2021-08-25 12:11:34 +02:00
Andrew Eisenberg
8f73c6968a Merge pull request #6542 from github/aeisenberg/pack/move-external 
Java: Move the ExternalArtifact.qll module to the library pack
 2021-08-24 16:07:26 -07:00
yo-h
2b4635c4e0 Merge pull request #6539 from smowton/smowton/admin/downgrade-sql-unescaped 
Downgrade precision of java/concatenated-sql-query
 2021-08-24 17:22:01 -04:00
Andrew Eisenberg
7f3066cd64 Java: Move the ExternalArtifact.qll module to the library pack 2021-08-24 13:01:02 -07:00
Chris Smowton
5a2dfda09e Add test for field initializers 2021-08-24 14:04:45 +01:00