hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,824 Commits 1,672 Branches 157 Tags
ginsbach/EnableJavaOverlayCompilation
Commit Graph

951 Commits

Author SHA1 Message Date
Geoffrey White
32c10885d4 Java: Add test case. 2023-07-20 11:43:11 +01:00
Anders Schack-Mulligen
ae24d68b5d C/C++/C#/Java/Python/Ruby/Swift: Adjust expected output. 2023-07-19 11:41:15 +02:00
Tony Torralba
16529cdd18 Add failing test 2023-07-10 17:40:15 +02:00
Tony Torralba
a7c2a25cac Merge pull request #12879 from atorralba/atorralba/java/command-injection-mad-sinks 
Java: Convert all command injection sinks to MaD format
 2023-06-27 14:06:45 +02:00
Jorge
7d0b880bf7 Merge branch 'main' into jorgectf/deserialization-lookahead 2023-06-23 18:24:39 +02:00
jorgectf
b6e4ba6f9d Add SerialKiller model 2023-06-23 18:19:43 +02:00
Jeroen Ketema
742eb8dd12 Java: Rewrite InlineFlowTest as a parameterized module 2023-06-15 10:52:10 +02:00
Tony Torralba
182513a981 Merge pull request #13235 from atorralba/atorralba/java/hudson-models 
Java: Add Hudson models
 2023-06-14 12:33:18 +02:00
Jeroen Ketema
c3ba206b6a Merge pull request #13346 from jketema/inline-2 
Update inline expectation tests to use parameterized module
 2023-06-13 10:10:55 +02:00
Tony Torralba
ffe67689ec Merge branch 'main' into atorralba/java/command-injection-mad-sinks 2023-06-13 09:27:33 +02:00
Jeroen Ketema
49993b023e Java: Rewrite inline expectation tests to use parameterized module 2023-06-09 10:42:17 +02:00
Anders Schack-Mulligen
a0a9d30286 Java: Fix qltests. 2023-06-09 08:37:35 +02:00
Tony Torralba
ad2f558002 Add Hudson models 
Includes models-as-data rows, flow sources, and XSS sanitizers.

Tests for models-as-data rows not included.
 2023-06-02 11:06:24 +02:00
Tony Torralba
c3b1ef2cdf Merge branch 'main' into atorralba/java/command-injection-mad-sinks 2023-06-02 08:57:24 +02:00
Tony Torralba
903fdb0cb8 Java: Add models for the Play Framework 2023-05-26 10:23:43 +02:00
Tony Torralba
a276cc3094 Convert all command injection sinks to MaD format 2023-05-25 11:41:32 +02:00
Tony Torralba
7d0b02e267 Merge pull request #13248 from atorralba/atorralba/java/nio-files-copy-models-fix 
Java: Tweak java.nio.file.Files.copy models
 2023-05-24 10:55:15 +02:00
Tony Torralba
654bb00946 Java: Tweak java.nio.files.Files.copy models 2023-05-23 10:27:19 +02:00
Ed Minnix
774baead60 Add test case based on missing result 2023-05-22 15:57:15 -04:00
Tony Torralba
b58eb3a92c Java: Add TemplateEngine.createTemplate as a groovy injection sink 2023-05-19 17:45:47 +02:00
Tony Torralba
a8afa4785e Merge pull request #13140 from atorralba/atorralba/java/spring-jdbc-namedparam-models 
Java: Add SQLi sinks for Spring JDBC
 2023-05-18 14:49:28 +02:00
Tony Torralba
2c54996499 Apply @jcogs33's suggestions from code review 2023-05-18 08:51:19 +02:00
Tony Torralba
770099f210 Merge branch 'main' into atorralba/java/promote-xxe-experimental-sinks 2023-05-16 09:49:34 +02:00
Tony Torralba
7d79d87d48 Add XPath.evaluate as XXE sink 2023-05-15 17:39:35 +02:00
Tony Torralba
a48fa652ce Java: Add SQLi sinks for Spring JDBC 2023-05-12 10:57:49 +02:00
Ed Minnix
5f3c8fef3f Privacy markers and fixed imports 2023-05-04 10:25:17 -04:00
Ed Minnix
c2b6a3f4e0 Add XPathInjectionQuery 2023-05-04 10:14:59 -04:00
Anders Schack-Mulligen
f685ae1fa7 Java: Update one more expected output. 2023-04-27 12:00:32 +02:00
Anders Schack-Mulligen
8e6038577d Java: Update expected output. 2023-04-26 14:45:40 +02:00
Tony Torralba
e54eaed26f Refactor tests to use InlineFlowTest 2023-04-26 12:19:59 +02:00
Tony Torralba
db73e16b70 Add tests 2023-04-26 12:12:10 +02:00
Tony Torralba
e3d93c3581 Fix FileCopyUtils models 2023-04-24 15:07:19 +02:00
Tony Torralba
62f5a5dcd5 Merge pull request #10707 from atorralba/atorralba/log-injection-sanitizers 
Java: Add line break sanitizers to java/log-injection
 2023-04-19 08:20:04 +02:00
Ed Minnix
e6a2528c38 Refactor XSS and SpringJDBC tests to lib configurations 2023-04-17 23:48:06 -04:00
Ed Minnix
66f971e70d Refactor query tests 2023-04-17 23:48:06 -04:00
Jami
a149c41baf Merge pull request #12155 from jcogs33/jcogs33/add-heuristic-ssrf-models 
Java: add ssrf models discovered with heuristics
 2023-04-17 15:45:48 -04:00
Tony Torralba
f5702f5c69 Address review comment 
Handle more regex cases that cover line breaks
 2023-04-17 09:33:44 +02:00
Tony Torralba
e167d3ce00 Add line break sanitizers 2023-04-17 09:33:44 +02:00
Ed Minnix
0fc775027f Fix SensitiveResultReceiver test case 2023-04-13 23:06:16 -04:00
Edward Minnix III
3e55c47e3e flow(_, sink) to flowTo(sink) 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-04-13 23:06:16 -04:00
Ed Minnix
88eb0231c1 Refactor taintedString.ql test 2023-04-13 23:06:16 -04:00
Ed Minnix
735a7383c6 Refactor HardcodedCredentialsSourceCall 2023-04-13 23:06:16 -04:00
Jami Cogswell
0e3d9e1fec Java: update options file 2023-04-13 09:57:44 -04:00
Jami Cogswell
f27eff4f73 Java: add tests back 2023-04-13 09:15:03 -04:00
Jami Cogswell
6271b6f1c3 Java: temp removal of tests 2023-04-13 09:15:02 -04:00
Jami Cogswell
0445509080 Java: update test cases and add stubs 2023-04-13 09:15:02 -04:00
Jami Cogswell
540b8391dc Java: add more tests 2023-04-13 09:12:55 -04:00
Jami Cogswell
cd7b79f62b Java: add tests for org.apache.hc.client5.http.fluent 2023-04-13 09:12:54 -04:00
Jami Cogswell
1afa5af3dd Java: move version 5 tests to new file and add tests for org.apache.hc.client5.http.classic.methods 2023-04-13 09:12:54 -04:00
Jami Cogswell
2a23f8766e Java: add tests for org.apache.hc.client5.http.async.methods.model.yml; resolve conflicts 2023-04-13 09:12:54 -04:00