hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,672 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

564 Commits

Author SHA1 Message Date
Chris Smowton
c37ecb7102 Fix existing JaxRs tests 
* Expose getContentTypeString for use by tests
* Use it to get constant arguments to @Produces annotations
* Note that text/html is xss-vulnerable (I have no idea how it ever came to expect exactly text/plain)
 2021-06-30 12:04:21 +01:00
Tony Torralba
a3e1b139c3 Fix spring stubs location 2021-06-30 12:56:45 +02:00
Tony Torralba
0bb9e464b2 Merge branch 'main' into atorralba/spring-beans 2021-06-30 12:55:10 +02:00
Tony Torralba
9d64cadb50 Adapt tests after applying changes from code review 2021-06-30 10:02:03 +02:00
Anders Schack-Mulligen
374859efb4 Merge pull request #6156 from smowton/smowton/feature/jax-rs-content-type-sensitivity 
Jax RS XSS Tests
 2021-06-30 09:52:07 +02:00
Sauyon Lee
52b24118b3 Add tests for Spring validation.Errors 2021-06-29 12:01:23 -07:00
Chris Smowton
ba5dc3cdbc Add models of the javax.json package 2021-06-29 15:21:01 +01:00
Sauyon Lee
534ab86900 Add models for Spring validation.Errors 2021-06-29 05:51:21 -07:00
Chris Smowton
48d4493146 Fix test indentation 2021-06-29 12:42:20 +01:00
Chris Smowton
9551321592 Fix LinkedMultiValueMap models and make tests more realistic 2021-06-29 12:40:57 +01:00
Chris Smowton
60179ce8f0 Genericise MultiValueMaps; remove non-longer-needed casts 2021-06-29 12:32:22 +01:00
Chris Smowton
916c7c576d Remove superfluous (Object) casts 2021-06-29 12:28:42 +01:00
Chris Smowton
71f6d59646 Genericise test util functions 2021-06-29 12:27:03 +01:00
Chris Smowton
60126b406f Clean up test 
Remove unused import; drop unused util methods and needless casts.
 2021-06-29 12:20:47 +01:00
Anders Schack-Mulligen
1bd01a5eee Update java/ql/test/library-tests/frameworks/spring/util/test.ql 2021-06-29 13:13:09 +02:00
Chris Smowton
3d270bbc50 Drop models for stringifying functions 
Per default stringification isn't taint-propagating in Java
 2021-06-29 12:01:08 +01:00
Chris Smowton
0441098b18 Amend models of MultiValueMap.addAll overloads 2021-06-29 11:58:46 +01:00
Chris Smowton
5769f4718f Add missing CollectionUtils model 2021-06-29 11:44:29 +01:00
Chris Smowton
f7a4614f56 Add missing tests for AntPathMatcher's protected methods; fix models accordingly 2021-06-29 11:35:25 +01:00
Chris Smowton
768a8e78dd Fixup JaxRs.ql to cope with stubbed MediaType file 
In a real-world situation this type would be defined in an imported jar, but since here it is defined in a stub the getADeclaredContentType routine can see it is defined as an empty string in the stubbed implementation. Filter these out so the test more closely resembles the real situation.
 2021-06-28 19:24:19 +01:00
Sauyon Lee
240058be28 fixup! Fix tests for Spring util 
Apply review comments
 2021-06-28 10:53:00 -07:00
Sauyon Lee
bddc88c010 Add stubs for Spring util tests 2021-06-28 08:26:40 -07:00
Sauyon Lee
60db9e1851 Rename springframework-5.2.3 to 5.3.8 2021-06-28 08:26:39 -07:00
Sauyon Lee
fb0e6bfb42 Fix tests for Spring util 2021-06-28 08:26:39 -07:00
Sauyon Lee
739b142209 Generate tests for Spring util 2021-06-28 08:26:38 -07:00
Tony Torralba
8112d723e0 Merge branch 'main' into atorralba/spring-beans 2021-06-28 17:02:31 +02:00
Tony Torralba
393b95cbbe Remove 'magic' from tests 2021-06-28 17:01:34 +02:00
Owen Mansel-Chan
044ecc51e5 Manually improve tests #2 2021-06-25 13:51:18 +01:00
Owen Mansel-Chan
2fd4c9f1b9 Manually improve tests 2021-06-25 11:17:11 +01:00
Owen Mansel-Chan
acc43fcaca Add options file 2021-06-25 11:17:07 +01:00
Owen Mansel-Chan
7004c87ec0 Manually edit tests so they pass 2021-06-25 11:17:05 +01:00
Owen Mansel-Chan
4388f19ddf Add automatically-generated tests 2021-06-25 11:17:04 +01:00
Anders Schack-Mulligen
95ad8b55fe Merge pull request #6107 from aschackmull/dataflow/implicit-reads 
Dataflow: Add support for implicit reads
 2021-06-24 15:38:35 +02:00
Anders Schack-Mulligen
1e511c0a9e Merge pull request #6137 from smowton/smowton/feature/java-util-optional 
Java: Model java.util.Optional
 2021-06-24 13:21:36 +02:00
Chris Smowton
74feaf2893 Adapt to static methods and nested types returning unbound declaring types 
Previously these returned raw declaring types instead
 2021-06-23 16:03:18 +01:00
Chris Smowton
b34448af87 {Generic,Parameterized,Raw}Type: implement getAPrimaryQlClass 
An aid to debugging
 2021-06-23 15:58:31 +01:00
Chris Smowton
9fd1606238 Model java.util.Optional 2021-06-22 21:17:22 +01:00
Anders Schack-Mulligen
206a37cf08 Merge pull request #6130 from aschackmull/java/collection-test 
Java: Improve test and fix a few missing cases.
 2021-06-22 11:56:44 +02:00
Anders Schack-Mulligen
38fc8a750c Java: Improve test and fix a few missing cases. 2021-06-22 11:16:02 +02:00
Anders Schack-Mulligen
c06e152e90 Java: Remove outdated test. 2021-06-21 16:08:59 +02:00
Anders Schack-Mulligen
27c973e157 Java: Fix some qltests. 2021-06-21 16:08:52 +02:00
Chris Smowton
e2aaae8181 Increase test fieldFlowBranchLimit to 1000 
Might as well head off future failures in this test

Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-06-21 12:51:37 +01:00
Chris Smowton
c5eef7be8c Increase field flow branch limit in Jax-RS tests 
This fixes apparently-missing results by allowing the dataflow library to persist even when there are many Map implementations possibly available.
 2021-06-21 12:46:13 +01:00
Anders Schack-Mulligen
7eb6da3888 Merge pull request #5772 from smowton/smowton/feature/apache-tuple-flow 
Add models for Apache Commons Lang's tuple types
 2021-06-18 11:25:07 +02:00
Chris Smowton
2cc1f46871 Model constructors for (Imm|M)utable(Pair|Triple) 2021-06-17 12:34:40 +01:00
Chris Smowton
fbaa382158 Add tests for Pair.of and Triple.of 2021-06-17 12:34:40 +01:00
Chris Smowton
472a2a64dd Add models for Apache Commons tuples 2021-06-17 12:25:21 +01:00
Chris Smowton
f388aae78e Fix getAnArgUsageOffset and improve its space complexity 
Also add tests checking the output of the new function
 2021-06-17 11:41:05 +01:00
Anders Schack-Mulligen
8fe2f4a554 Merge pull request #6034 from owen-mc/java/jax-rs 
Improve JAX-WS and JAX-RS models
 2021-06-17 12:35:34 +02:00
Owen Mansel-Chan
b9bc1f978c Update style of inline expectation comments 2021-06-17 10:04:15 +01:00