hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,824 Commits 1,671 Branches 157 Tags
ginsbach/EnableJavaOverlayCompilation
Commit Graph

1641 Commits

Author SHA1 Message Date
Geoffrey White
835967a33e Swift: Fix for autoclosure sinks. 2023-11-20 18:15:16 +00:00
Geoffrey White
795f16ba56 Swift: Model 'printf' variants as cleartext logging sinks. 2023-11-20 18:15:06 +00:00
Geoffrey White
06c2c423b3 Swift: Clean up the test logic slightly. 2023-11-20 18:12:15 +00:00
Geoffrey White
b348dc2a32 Swift: Extend cleartext logging tests (test cases). 2023-11-20 18:11:52 +00:00
Geoffrey White
2a69b03092 Swift: Extend cleartext logging tests (stubs). 2023-11-20 18:11:41 +00:00
Geoffrey White
c49f05aa2b Swift: Fix false positive / result overlap. 2023-11-16 09:00:35 +00:00
Geoffrey White
96b4a12af7 Swift: Add heuristic sinks. 2023-11-16 09:00:35 +00:00
Geoffrey White
697c3df74a Swift: Model C printf variants. 2023-11-16 09:00:34 +00:00
Geoffrey White
1040561ec1 Swift: Model formatting append methods. 2023-11-16 09:00:34 +00:00
Geoffrey White
a6fe620bcb Swift: Fix Swift warnings in the test. 2023-11-15 18:06:38 +00:00
Geoffrey White
3a38f3b947 Swift: Add test cases. 2023-11-15 18:06:37 +00:00
Geoffrey White
0ae04de7f0 Swift: Test stubs / classes. 2023-11-15 17:23:22 +00:00
Geoffrey White
3a13759f10 Swift: Clean up the test. 2023-11-15 13:35:18 +00:00
Alex Denisov
8b126fe51a Swift: extract MacroDecl 2023-11-15 14:07:45 +01:00
AlexDenisov
57f1f5b829 Merge pull request #14768 from github/alexdenisov/move-semantics 
Swift: extract AST nodes related to move semantics
 2023-11-14 19:13:27 +01:00
Geoffrey White
0342b3eba2 Merge pull request #14772 from geoffw0/webview 
Swift: Use TaintInheritingContent in WebView.qll
 2023-11-14 16:29:32 +00:00
Geoffrey White
6783707e2c Swift: Add heuristic sink. We don't catch everything, but the simple heuristic was better than anything else I tried. 2023-11-14 10:07:12 +00:00
Geoffrey White
80cfb934ce Swift: Add some tests. 2023-11-14 09:52:53 +00:00
Geoffrey White
296dee90dd Merge remote-tracking branch 'upstream/main' into fixmodel 2023-11-14 09:38:14 +00:00
Geoffrey White
c14d4042e0 Merge pull request #14748 from geoffw0/pathinjectionsinks 
Swift: Add more path injection sinks
 2023-11-13 20:15:16 +00:00
Geoffrey White
5a451e964d Swift: Model mainDocumentURL. 2023-11-13 19:51:51 +00:00
Geoffrey White
b157d73c10 Swift: Make the URLRequest test more accurate. 2023-11-13 19:36:03 +00:00
Geoffrey White
463096e4be Swift: Modernize tainted content in WebView.qll. 2023-11-13 18:30:40 +00:00
Geoffrey White
892beeab6d Swift: Add test case. 2023-11-13 18:25:59 +00:00
Geoffrey White
6f56a656e4 Merge pull request #14761 from geoffw0/moderntest 
Swift: Update the inline dataflow tests
 2023-11-13 14:59:08 +00:00
Alex Denisov
002f2a0985 Swift: extract BorrowExpr 2023-11-13 15:55:37 +01:00
Alex Denisov
d21e27c717 Swift: extract ConsumeExpr 2023-11-13 15:55:37 +01:00
Alex Denisov
30e4822fb7 Swift: extract CopyExpr 2023-11-13 15:55:37 +01:00
Geoffrey White
c3577b34d3 Swift: Clean up logic. 2023-11-13 12:37:35 +00:00
Geoffrey White
e4da8da5d9 Swift: Update the example code. 2023-11-13 12:33:20 +00:00
Geoffrey White
098ea50068 Swift: Repair non-inline dataflow test. 2023-11-13 12:09:08 +00:00
Geoffrey White
6e291711ac Swift: Update just enough tests to prove that that source labels are working. 2023-11-13 11:47:24 +00:00
Geoffrey White
fca6ccd2f1 Swift: Remove more unused code. 2023-11-13 11:47:22 +00:00
Geoffrey White
4bf717c3e4 Swift: Use InlineFlowTest.qll in the data flow inline tests, so that we have less code duplication and can use flow labels. 2023-11-13 11:06:05 +00:00
Geoffrey White
d15c46836b Swift: Add features tom InlineFlowTest.qll: extended source/sink names, custom flow tags, use of line-numbers as a fallback value. 2023-11-13 10:55:17 +00:00
Geoffrey White
d56625cb8b Swift: Rename the capture test to look more like the others. 2023-11-10 17:59:44 +00:00
Geoffrey White
c327f0f0a7 Merge branch 'main' into pathinjectionsinks 2023-11-10 16:04:56 +00:00
Geoffrey White
5a09a325f2 Swift: Add heuristic path injection sinks. 2023-11-10 15:13:51 +00:00
Alex Denisov
0fb439b54d Swift: test ElementArchetypeType via PackType 2023-11-10 11:44:45 +01:00
Alex Denisov
e865c3cbd3 Swift: extract parameter packs 2023-11-10 10:20:14 +01:00
Geoffrey White
ebf7231be7 Swift: Make the 'completePath' models work. 2023-11-09 18:21:12 +00:00
Geoffrey White
9b5556e245 Swift: Test 'completePath' more carefully. 2023-11-09 18:21:12 +00:00
Geoffrey White
2d313ef4c7 Swift: Add some path injection sink models. 2023-11-09 18:21:12 +00:00
Geoffrey White
cd147038cd Swift: Fill some gaps in the URL, NSURL models. 2023-11-09 11:51:18 +00:00
Geoffrey White
a86862d578 Swift: Add test cases (heuristic). 2023-11-09 11:33:10 +00:00
Geoffrey White
04016ebd20 Swift: Add test cases (more library functions). 2023-11-09 11:31:58 +00:00
Geoffrey White
f99df55e94 Swift: Add test stubs. 2023-11-09 11:28:33 +00:00
Mathias Vorreiter Pedersen
68e7f84c23 Merge pull request #14661 from geoffw0/commandinject4 
Swift: Fix defaultImplicitTaintRead on fields
 2023-11-08 15:52:18 +00:00
Geoffrey White
6b434d10ce Merge pull request #14701 from geoffw0/promotecmdline 
Swift: Promote the command injection query out of experimental
 2023-11-08 15:46:29 +00:00
Alex Denisov
12f9e3a1dd Swlft: fix CFG for SingleValueStmtExpr 2023-11-07 18:12:39 +01:00