hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

1439 Commits

Author SHA1 Message Date
Chris Smowton
205b6fe6d7 Fix bad merge on Uri.java 2021-10-12 12:35:05 +01:00
Chris Smowton
9e0b112f05 Remove now-unnecessary models and tests 2021-10-12 12:35:05 +01:00
Chris Smowton
1dffbcd0bd Fix tests disrupted by re-modelling and stubbing Android 9: 
* Account for changed dataflow graph shape using external flow
* Account for BaseBundle only existing as of Android 5
* Properly implement Parcelable, which we previously got away with due to a partial stub
* Restore an Android 11 function that had been added to the Android 9 Context class (I won't get into enforcing the difference in this PR)
 2021-10-12 12:35:05 +01:00
Chris Smowton
fc0b18cf61 Add tests for Android flow steps 2021-10-12 12:35:05 +01:00
Chris Smowton
cd2c9e9ca3 Add Gson support to unsafe deserialization query 2021-10-12 12:35:04 +01:00
Tony Torralba
a8aa8e3bb4 Use InlineExpectationsTest directly 2021-10-11 16:38:20 +02:00
Owen Mansel-Chan
058a04f756 Merge pull request #6795 from owen-mc/inline-expectation-test-trivial-change 
Change class name in InlineExpectationTest to avoid clash
 2021-10-11 15:35:17 +01:00
Tom Hvitved
d5955f1ae1 Java: Add test for missing summary flow 2021-10-11 11:29:08 +02:00
Anders Schack-Mulligen
5d0e72755d Merge pull request #6770 from aschackmull/java/stream-model 
Java: Add models for java.util.stream.
 2021-10-08 15:48:50 +02:00
Tony Torralba
2df30dc107 Use InlineFlowTest for local and remote flow tests 2021-10-08 11:48:35 +02:00
Tony Torralba
91efb61e97 Use synthetic fields to improve taint precision 2021-10-07 17:03:08 +02:00
Tony Torralba
0325c07bd9 Reorganize fluent models 2021-10-07 17:03:07 +02:00
Tony Torralba
588dedc265 Add stubs 2021-10-07 17:03:05 +02:00
Tony Torralba
1a04ad98bc Add Android Slice models 2021-10-07 17:01:16 +02:00
Chris Smowton
39640efc9b Remove no-longer-needed TaintPreservingCallables and update test expectations 2021-10-07 14:33:39 +01:00
Anders Schack-Mulligen
fc69acee46 Java: Add test. 2021-10-07 13:28:02 +02:00
Chris Smowton
b33daa3d3a Update Intent model tests, and fix models where required 2021-10-06 17:09:47 +01:00
Chris Smowton
4be2347a30 Adapt to use the new shared Intent models 2021-10-06 16:15:18 +01:00
Chris Smowton
f24e310ace Update test expectation details 2021-10-06 12:25:23 +01:00
luchua-bc
987bfa6ca7 Update condition check and qldoc 2021-10-06 12:17:49 +01:00
luchua-bc
8c2fddb297 Update the condition check and use DataFlow in the ql file 2021-10-06 12:17:49 +01:00
Chris Smowton
9e0cf5a2fd Update test expectations to include subpaths 2021-10-06 12:17:49 +01:00
Chris Smowton
3607d50994 Update remote flow source locations 2021-10-06 12:17:46 +01:00
luchua-bc
02bfa1ca57 Optimize the query 2021-10-06 12:16:04 +01:00
luchua-bc
0621e65827 Query to detect exposure of sensitive information from android file intent 2021-10-06 12:16:04 +01:00
Anders Schack-Mulligen
d0b307ecfb Merge pull request #6103 from atorralba/atorralba/promote-insecure-javamail 
Java: Promote Insecure JavaMail SSL Configuration from experimental
 2021-10-06 09:24:11 +02:00
Chris Smowton
5b13232a9d Merge pull request #6739 from joefarebrother/android-intent-extra 
Java: Model Android Bundle and Intent extras methods
 2021-10-05 15:39:42 +01:00
Joe Farebrother
b956238efa Fill in gen/get methods for tests 2021-10-05 12:01:25 +01:00
Tony Torralba
a86cbd884e Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-10-05 09:40:22 +02:00
Tony Torralba
2d1278ece5 Consider setStartTLSRequired for Apache SimpleEmail 2021-10-05 09:18:48 +02:00
Tony Torralba
baffb0ed89 Consider Jakarta Mail 2021-10-05 09:18:47 +02:00
Tony Torralba
73653f77aa Use InlineExpectationsTest 2021-10-05 09:18:45 +02:00
Tony Torralba
0e149f0523 Move from experimental 2021-10-05 09:18:44 +02:00
Anders Schack-Mulligen
745ece6e6d Merge pull request #6613 from Marcono1234/marcono1234/literals-test-split 
Java: Split literals tests
 2021-10-04 16:20:08 +02:00
Anders Schack-Mulligen
65a4f36cf8 Merge pull request #6767 from aschackmull/dataflow/callback-postupdate 
Dataflow: Support side-effects for callbacks in summaries.
 2021-10-04 11:13:18 +02:00
Owen Mansel-Chan
938d003e5e Fix example to use space after $ for consistency 2021-10-02 08:11:49 +01:00
Owen Mansel-Chan
25792b2a45 Change class name to avoid clash with Go and Javascript libraries 2021-10-02 08:04:17 +01:00
Marcono1234
e3fed55945 Java: Add tests for text blocks 2021-10-01 18:16:11 +02:00
Joe Farebrother
085701c7db Remove models.csv 2021-10-01 17:11:12 +01:00
Joe Farebrother
5e4498a53a Add more models; fix tests 2021-10-01 16:53:53 +01:00
Marcono1234
924b7320bc Java: Add test for NullLiteral 2021-10-01 17:27:54 +02:00
Marcono1234
bb6e6f4808 Java: Split literals tests 
This allows changing individual tests in the future without having to adjust
the expected output of all other tests.
 2021-10-01 17:27:50 +02:00
f1v3
168fc4170d Apply suggestions from code review 2021-09-30 14:26:14 +01:00
f1v3
f3bde56de9 detects a hard-coded cipher key for shiro 2021-09-30 14:22:48 +01:00
Chris Smowton
60a023d064 Merge pull request #5852 from luchua-bc/java/hardcoded-azure-credential 
Java: CWE-798 Query to detect hard-coded Azure credentials
 2021-09-30 14:11:29 +01:00
Joe Farebrother
3ae5f13c3d Generate tests and stubs 2021-09-29 15:44:21 +01:00
Chris Smowton
413ac4e8f4 Merge pull request #6684 from owen-mc/java/model/apache-collections-subpackages 
Java: model remaining subpackages of Apache Commons Collections
 2021-09-28 12:28:48 +01:00
Tony Torralba
cec6cd0830 Merge pull request #6724 from atorralba/atorralba/android-contentprovider-sources 
Java: Add sources for content providers in Android
 2021-09-28 12:13:54 +02:00
Chris Smowton
39a12a8464 Remove models that are no longer required 2021-09-28 10:48:43 +01:00
Anders Schack-Mulligen
9a9bbe3123 Dataflow: Support side-effects for callbacks in summaries. 2021-09-28 11:42:38 +02:00