hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

1184 Commits

Author SHA1 Message Date
Tony Torralba
33f5620782 Add more models 2022-07-26 11:06:11 +02:00
Tony Torralba
95db81658b Add CSV models for java.util.Scanner 2022-07-26 10:42:24 +02:00
Chris Smowton
b1dd3c2d84 Model java.util.Properties.getProperty 2022-07-13 13:59:28 +01:00
Ian Lynagh
a0636ff843 Merge pull request #9545 from igfoo/igfoo/type_cycles 
Java: Fix RefType.getAStrictAncestor() in the presence of type hierarchy cycles
 2022-07-12 14:28:54 +01:00
Joe Farebrother
a41f28ebe5 Use more file openning methods 2022-06-28 10:10:28 +02:00
Joe Farebrother
cb717a22bf Fix failing test cases 2022-06-28 10:10:27 +02:00
Joe Farebrother
810854d6b5 Add tests 2022-06-28 10:10:27 +02:00
Tony Torralba
cc354caa1f Merge pull request #9319 from atorralba/atorralba/add-editable-valueof-step 
Kotlin: Add taint step for String.valueOf(Editable)
 2022-06-22 13:50:30 +02:00
Michael Nebel
2e46e93f36 Java: Update java models with provenance column information. 2022-06-20 16:20:02 +02:00
Tony Torralba
b373c435f6 Fix test expectations 2022-06-20 13:16:45 +02:00
Tony Torralba
78fcdd22db Change test class name 2022-06-20 12:07:32 +02:00
Tony Torralba
2b2fa6e15b Add taint step for String.valueOf(Editable) 
Kotlin inlines expr.toString() as String.valueOf(expr) when expr is nullable
 2022-06-20 12:07:31 +02:00
Ian Lynagh
b524fb4f3a Java: Add a test for cycles in the type hierarchy 2022-06-14 14:08:19 +01:00
Michael Nebel
a8b103b89c Java: Update dependencies. 2022-05-24 08:21:39 +02:00
Anders Schack-Mulligen
8beef45599 Merge pull request #9195 from aschackmull/java/perf-local-flow 
Java: Performance fixes for local flow relation
 2022-05-20 12:38:02 +02:00
Chris Smowton
1039e29b90 Adjust test result 2022-05-19 13:42:28 +01:00
Chris Smowton
4f54bb66b8 Accept consistency check failure 
The Java extractor assigns a type with unbound type variables to the result of ImmutableSortedMap.of calls.
 2022-05-19 11:55:31 +01:00
Anders Schack-Mulligen
48ab5b2403 C#/Ruby/Java: Fix references. 2022-05-18 09:27:54 +02:00
Marcono1234
4e1a73f4d9 Java: Rename FloatingPointLiteral to FloatLiteral 
"Floating point" refers to both `double` and `float`, and is also used by
the JLS in this way. Therefore the old CodeQL class name for `float` literals
was misleading.
 2022-05-16 22:06:04 +02:00
Joe Farebrother
59e400d2e0 Merge pull request #7723 from joefarebrother/redos 
Java: Add ReDoS queries
 2022-05-12 13:50:38 +01:00
Anders Schack-Mulligen
9a4d86e9b4 Merge pull request #8571 from Marcono1234/marcono1234/statement-expression 
Java: Add `ValueDiscardingExpr`
 2022-05-11 13:37:24 +02:00
Anders Schack-Mulligen
25336df302 Merge pull request #8873 from atorralba/atorralba/android-startactivity-flowstep 
Java: Add flow step from startActivity to getIntent
 2022-05-11 11:08:08 +02:00
Tony Torralba
43b425d0e4 Merge pull request #9002 from atorralba/atorralba/https-urls-improvs 
Java: Add OkHttp and Retrofit models
 2022-05-11 10:48:08 +02:00
Marcono1234
c760d39d59 Merge remote-tracking branch 'remotes/origin/main' into marcono1234/statement-expression 2022-05-09 00:28:19 +02:00
Marcono1234
36f56b5a18 Java: Rename StmtExpr to ValueDiscardingExpr 
As mentioned by aschackmull during review, StatementExpression as defined
by the JLS only lists possible types of expressions, it does _not_ specify
that their value is discarded. Therefore, for example any method call could
be considered a StatementExpression.

The name ValueDiscardingExpr was chosen as replacement because the JLS uses
the phrase "if the expression has a value, the value is discarded" multiple
times.
 2022-05-09 00:27:15 +02:00
Joe Farebrother
66ab2bca75 Update PrintAst test output 2022-05-04 15:41:41 +01:00
Joe Farebrother
5e3ba130dc Add a test for deeply nested sequences 2022-05-04 15:41:40 +01:00
Joe Farebrother
4ed2e8d1fd Update tests to account for only regexes with quantifiers being considered 2022-05-04 15:41:40 +01:00
Joe Farebrother
49374b877a Fix parsing of alternations in character classes 2022-05-04 15:41:37 +01:00
Joe Farebrother
4b845d5dac Move test cases to their own directory to avoid conflict 2022-05-04 15:41:35 +01:00
Joe Farebrother
9f4da65030 Improve calculation of locations of regex terms 2022-05-04 15:41:35 +01:00
Joe Farebrother
bc109521aa Simplify octal handling 2022-05-04 15:41:34 +01:00
Joe Farebrother
9e88c67c19 Add more test cases; make some fixes 2022-05-04 15:41:34 +01:00
Joe Farebrother
28649da187 Add parser tests; fix some parser issues. 
[temporarily renamed existing regex/Test.java during rebasing to avoid conflict]
 2022-05-04 15:41:33 +01:00
Tony Torralba
2d3b15f936 Add more taint models 2022-05-04 12:32:59 +02:00
Tony Torralba
7b3a803d19 Add flow step from startActivity to getIntent 2022-05-03 15:46:17 +02:00
Tony Torralba
9c92454fa7 Merge pull request #8872 from atorralba/atorralba/android-widget-flowstep 
Java: Add Editable.toString flow step
 2022-05-03 15:27:52 +02:00
Anders Schack-Mulligen
86516b157b Merge pull request #8884 from JLLeitschuh/feat/JLL/additional-file-taint-flow 
Java: Add additional `File` taint value flow models
 2022-05-02 16:30:45 +02:00
Tony Torralba
8602a6f6c9 Add models for OkHttp and Retrofit 2022-05-02 15:42:15 +02:00
Tony Torralba
604a5fc71f Merge pull request #8639 from atorralba/atorralba/spring-beans-improvements 
Java: Improve Spring models
 2022-04-28 11:59:51 +02:00
Jonathan Leitschuh
2565cdb964 Add additional File taint value flow models 
Adds
 - File::getAbsoluteFile
 - File::getCanonicalFile
 - File::getAbsolutePath
 - File::getCanonicalPath
 2022-04-26 10:42:53 -04:00
Artem Smotrakov
12ca1f0b11 Fixed library-tests/frameworks/guava/handwritten/flow.ql 2022-04-26 13:34:24 +01:00
Artem Smotrakov
e86fd72529 Moved RabbitMQ tests to java/ql/test/library-tests/frameworks/rabbitmq 2022-04-26 13:34:23 +01:00
Artem Smotrakov
20f185e772 Use tainted tag in JMS tests 2022-04-26 13:34:23 +01:00
Artem Smotrakov
b6bd4f92d1 Added sources and steps for JMS API 2022-04-26 13:34:21 +01:00
Artem Smotrakov
269143a19f Java: Added sources and flow steps for RabbitMQ 2022-04-26 13:34:04 +01:00
Tony Torralba
2ee83e2ba2 Add Editable.toString flow step 2022-04-26 13:34:16 +02:00
Anders Schack-Mulligen
cbdd4927ce Merge pull request #8582 from Marcono1234/marcono1234/JumpStmt-superclass 
Java: Make `JumpStmt` a proper superclass
 2022-04-25 12:22:20 +02:00
Tom Hvitved
b033f107df Merge remote-tracking branch 'upstream/main' into dataflow/interpret-read-store 2022-04-22 14:35:02 +02:00
Marcono1234
7bed14bbf0 Merge remote-tracking branch 'remotes/origin/main' into marcono1234/statement-expression 2022-04-10 18:23:45 +02:00