hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

4152 Commits

Author SHA1 Message Date
Tony Torralba
9d50511ea4 Fix stubs 2021-10-18 09:27:53 +02:00
Tony Torralba
e3b46f25a5 Merge branch 'main' into atorralba/fix-local-and-remote-flow-tests 2021-10-18 08:52:37 +02:00
Tony Torralba
5deb996b33 Merge branch 'main' into atorralba/android_slice_models 2021-10-18 08:41:48 +02:00
Marcono1234
43b7bc52ca Java: Add MemberRefExpr.getReceiverType() 2021-10-18 00:26:19 +02:00
Ian Lynagh
e485a16993 Java: Don't use dbscheme tables in CloseType.qll 2021-10-15 18:39:42 +01:00
Erik Krogh Kristensen
caeeebf572 add explicit this qualifier on all of java 2021-10-15 15:27:37 +02:00
Taus
b2e4276bc8 Merge pull request #6886 from aschackmull/java-python/perffix-transitive-step-x3 
Java/Python: Fix some potential performance problems due to transitive deltas.
 2021-10-15 11:06:35 +02:00
Anders Schack-Mulligen
4de1deefc4 Merge pull request #6889 from tausbn/java-fix-import-order 
Java: Fix import order in `SignAnalysisSpecific`
 2021-10-15 09:17:50 +02:00
Anders Schack-Mulligen
0b82289950 Merge pull request #6828 from zbazztian/adjust-jsp-locations 
Adjust locations of results in JSP files
 2021-10-15 08:28:11 +02:00
Taus
a9c5fd2cc0 Java: Fix import order in SignAnalysisSpecific 2021-10-14 15:51:56 +00:00
Anders Schack-Mulligen
310eec07c1 Java/Python: Fix some potential performance problems due to transitive deltas. 2021-10-14 16:10:00 +02:00
Anders Schack-Mulligen
cb5f2559ea Java: Fix performance problem due to transitive step. 2021-10-14 15:54:54 +02:00
Geoffrey White
f08d2ee759 Merge branch 'main' into setliterals 2021-10-14 14:39:39 +01:00
Geoffrey White
a82c76d2f9 Java: Set literals. 2021-10-14 14:22:40 +01:00
Anders Schack-Mulligen
8b6baa250c Merge pull request #6878 from aschackmull/remove-singleton-setliteral 
C++/C#/Java/JavaScript/Python: Remove singleton set literals.
 2021-10-14 14:53:05 +02:00
Mathias Vorreiter Pedersen
47a85bbb1d Merge pull request #6869 from MathiasVP/fix-prefix/suffix-equality 
Java/JS/Python: Replace '.prefix'/'.suffix' with '.matches'
 2021-10-14 13:47:03 +01:00
Tom Hvitved
f5420333e2 Sync shared files 2021-10-14 11:49:02 +02:00
Anders Schack-Mulligen
57cb300759 C++/C#/Java/JavaScript/Python: Remove singleton set literals. 2021-10-14 11:34:22 +02:00
Tom Hvitved
c14dcfbfe4 Data flow: Sync 2021-10-13 20:13:28 +02:00
Andrew Eisenberg
878203f1d0 Merge pull request #6862 from github/aeisenberg/tutorial 
Move tutorial directly into each qlpack
 2021-10-13 09:29:37 -07:00
Andrew Eisenberg
0d1632a5d2 Move tutorial directly into each qlpack 
Previously, the tutorial was injected during build time. This is much
simpler.
 2021-10-13 08:37:04 -07:00
Anders Schack-Mulligen
169cc75c88 Merge pull request #6840 from aschackmull/java/misc-perf 
Java: Fix some performance issues.
 2021-10-13 15:53:49 +02:00
Mathias Vorreiter Pedersen
d85d009a54 Java: Replace '.prefix'/'.suffix' with '.matches'. 2021-10-13 13:19:06 +01:00
Anders Schack-Mulligen
306388a6bc Update java/ql/src/Likely Bugs/Comparison/StringComparison.ql 2021-10-13 08:57:31 +02:00
github-actions[bot]
2f27a0c9f9 Add changed framework coverage reports 2021-10-13 00:09:35 +00:00
Andrew Eisenberg
bbb2637bcc QlPacks: Add the defaultSuite to query packs that are missing it 
Also, change some examples pack names from `codeql-lang-examples` to
`codeql/lang-examples`. This doesn't affect behaviour since internally,
the legacy name is converted to the modern name.
 2021-10-12 11:54:50 -07:00
Anders Schack-Mulligen
0e5f89a03c Merge pull request #6463 from smowton/smowton/admin/gson-unsafe-deserialization 
Java: add Gson support to unsafe-deserialization query
 2021-10-12 16:15:27 +02:00
Tom Hvitved
10739b11ee Merge pull request #6841 from hvitved/dataflow/incorrect-summary-chaining 
Data flow: Add tests for missing summary flow
 2021-10-12 15:44:21 +02:00
Chris Smowton
83c6406167 Update javadoc 2021-10-12 13:51:02 +01:00
Tom Hvitved
cc305ed766 Data flow: Sync 2021-10-12 14:37:33 +02:00
Tom Hvitved
296e268339 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-10-12 14:28:32 +02:00
Chris Smowton
3c96e62be7 Remove duplicate declaration 2021-10-12 12:35:05 +01:00
Chris Smowton
8816aa1431 Improve Android stub fidelity to the point that all relevant tests work 
Note these still aren't entirely mechanically generated stubs matching the real Android 9.
 2021-10-12 12:35:05 +01:00
Chris Smowton
205b6fe6d7 Fix bad merge on Uri.java 2021-10-12 12:35:05 +01:00
Chris Smowton
5da392ebfe Introduce TaintInheritingContent 2021-10-12 12:35:05 +01:00
Chris Smowton
1afc03b9b5 Remove redundant import 2021-10-12 12:35:05 +01:00
Chris Smowton
9e0b112f05 Remove now-unnecessary models and tests 2021-10-12 12:35:05 +01:00
Chris Smowton
490168fb05 Fix comments 2021-10-12 12:35:05 +01:00
Chris Smowton
1dffbcd0bd Fix tests disrupted by re-modelling and stubbing Android 9: 
* Account for changed dataflow graph shape using external flow
* Account for BaseBundle only existing as of Android 5
* Properly implement Parcelable, which we previously got away with due to a partial stub
* Restore an Android 11 function that had been added to the Android 9 Context class (I won't get into enforcing the difference in this PR)
 2021-10-12 12:35:05 +01:00
Chris Smowton
81c0e66b1d Add change note and update qhelp 2021-10-12 12:35:05 +01:00
Chris Smowton
fc0b18cf61 Add tests for Android flow steps 2021-10-12 12:35:05 +01:00
Chris Smowton
cd2c9e9ca3 Add Gson support to unsafe deserialization query 2021-10-12 12:35:04 +01:00
Anders Schack-Mulligen
6b4ca31783 Merge pull request #6849 from Marcono1234/marcono1234/improvements 
Java: Serialization query improvements
 2021-10-12 13:30:45 +02:00
Tony Torralba
a8aa8e3bb4 Use InlineExpectationsTest directly 2021-10-11 16:38:20 +02:00
Owen Mansel-Chan
058a04f756 Merge pull request #6795 from owen-mc/inline-expectation-test-trivial-change 
Change class name in InlineExpectationTest to avoid clash
 2021-10-11 15:35:17 +01:00
Marcono1234
ba0dbd5871 Java: Improve IncorrectSerializableMethods.ql; address review comments 2021-10-11 14:29:10 +02:00
Tom Hvitved
68ea3e7b49 Data flow: Add debugging predicates for rendering data flow graphs for summarized callables 2021-10-11 11:29:08 +02:00
Tom Hvitved
d5955f1ae1 Java: Add test for missing summary flow 2021-10-11 11:29:08 +02:00
github-actions[bot]
ea0a0522a7 Add changed framework coverage reports 2021-10-11 00:08:32 +00:00
Marcono1234
a7670fbcab Java: Enhance IncorrectSerializableMethods.ql 2021-10-11 02:05:53 +02:00