Jami Cogswell
0462425191
Java: rename getMethod to getMethodValue
2025-01-30 10:14:20 -05:00
Jami Cogswell
20e8eb4323
Java: some clean-up and refactoring
2025-01-30 10:14:18 -05:00
Jami Cogswell
d4114f66c2
Java: more name-based heuristic tests to test regex
2025-01-30 10:14:16 -05:00
Jami Cogswell
0ab37684e1
Java: more database update tests and stubs
2025-01-30 10:14:14 -05:00
Jami Cogswell
3bf6dc24c1
Java: Stapler tests and stubs
2025-01-30 10:14:11 -05:00
Jami Cogswell
26b7c1a572
Java: qldocs for CallGraph module
2025-01-30 10:14:09 -05:00
Jami Cogswell
27aa9c97a4
Java: add change note
2025-01-30 10:14:07 -05:00
Jami Cogswell
fa27689719
Java: update InlineExpectationsTest import for new location
2025-01-30 10:14:05 -05:00
Jami Cogswell
48d55ec518
Java: performance fix
2025-01-30 10:14:03 -05:00
Jami Cogswell
ede9e78645
Java: remove exists variable in test
2025-01-30 10:14:01 -05:00
Jami Cogswell
48d1fe062b
Java: remove exists variable
2025-01-30 10:13:59 -05:00
Jami Cogswell
c9ad15cc83
Java: update .expected file contents
2025-01-30 10:13:57 -05:00
Jami Cogswell
39ccde0c9d
Java: add name-based heuristic
2025-01-30 10:13:54 -05:00
Jami Cogswell
286c655264
Java: add class for Stapler web methods that are not default-protected from CSRF
2025-01-30 10:13:52 -05:00
Jami Cogswell
0f39011122
Java: add taint-tracking config for execute to exclude FPs from non-update queries like select
2025-01-30 10:13:50 -05:00
Jami Cogswell
97aaf4c011
Java: handle MyBatis annotations for insert/update/delete
2025-01-30 10:13:48 -05:00
Jami Cogswell
df77d4914f
Java: initial tests
2025-01-30 10:13:45 -05:00
Jami Cogswell
178b032453
Java: add query
2025-01-30 10:13:43 -05:00
Jami Cogswell
c553e3132e
Java: add CallGraph module for displaying call graph paths
2025-01-30 10:13:41 -05:00
Jami Cogswell
87a8746b22
Java: add a class for methods that update a sql database (found using sql-injection nodes)
2025-01-30 10:13:39 -05:00
Jami Cogswell
43a288070c
Java: add a class for PreparedStatement methods that update a database
2025-01-30 10:13:37 -05:00
Jami Cogswell
b88731df80
Java: move contents of MyBatisMapperXML.qll in src to MyBatis.qll in lib so importable, and fix experimental files broken by the move
2025-01-30 10:13:27 -05:00
Jami Cogswell
8e9f21dc52
Java: add a class for MyBatis Mapper methods that update a database
2025-01-30 10:01:43 -05:00
Jami Cogswell
506d668289
Java: add class for Spring request mapping methods that are not default-protected from CSRF
2025-01-30 10:01:41 -05:00
Jami Cogswell
0c6925399d
Java: add qhelp
2025-01-30 10:01:39 -05:00
Chuan-kai Lin
b3b7817a2b
Merge pull request #18603 from github/cklin/restrict-alerts-to-exact
...
AlertFiltering: add restrictAlertsToExactLocation
2025-01-30 06:40:39 -08:00
Anders Schack-Mulligen
8edcad0509
Merge pull request #18634 from aschackmull/cpp/unnest-getkind
...
C++: Un-nest the if-then-else sequence.
2025-01-30 14:07:07 +01:00
Jeroen Ketema
8f25dbf98d
Merge pull request #18606 from jketema/typeref
...
C++: Support mixed `typedef`s and `using`s
2025-01-30 14:04:48 +01:00
Jonas Jensen
e27e3ae5a1
Merge pull request #18610 from jbj/bigint-language-reference
...
QL reference: more BigInt updates
2025-01-30 13:47:30 +01:00
Anders Schack-Mulligen
15171eb1a5
C++: Un-nest the if-then-else sequence.
2025-01-30 13:28:44 +01:00
Jonas Jensen
455eb5bf9b
QL spec: fix typo
2025-01-30 13:09:15 +01:00
Simon Friis Vindum
f76647fc00
Rust: Initial model generation setup
2025-01-30 11:45:21 +01:00
Mathias Vorreiter Pedersen
9fa3ff74cc
C++: Accept test changes.
2025-01-29 18:32:35 +00:00
Mathias Vorreiter Pedersen
403a0eb8e6
C++: Fix FPs in 'cpp/overflow-buffer' caused by unions of structs.
2025-01-29 18:30:20 +00:00
Mathias Vorreiter Pedersen
941ad870cb
C++: Move 'hasAFieldWithOffset' to 'Field'.
2025-01-29 18:19:17 +00:00
Mathias Vorreiter Pedersen
3591f84a50
C++: Add lots of tests for CWE-119 involving unions and structs.
2025-01-29 18:11:23 +00:00
Chuan-kai Lin
d6f9eb2953
Merge pull request #18617 from github/cklin/merge-back-2.20.3
...
Mergeback from codeql-cli-2.20.3
2025-01-29 08:15:51 -08:00
Chuan-kai Lin
96caa686fc
AlertFiltering: add restrictAlertsToExactLocation
...
This commit introduces a new extensible predicate
restrictAlertsToExactLocation, which is similar to the existing
restrictAlertsTo predicate but matches alert locations exactly.
2025-01-29 07:50:45 -08:00
Owen Mansel-Chan
04e17ec987
Merge pull request #18565 from owen-mc/go/mad/parameter
...
Go: Fix "Parameter" in models-as-data
2025-01-29 14:13:17 +00:00
Owen Mansel-Chan
168fe4ae20
Merge pull request #18543 from owen-mc/go/misc-improvements-rs-cors
...
Go: miscellaneous improvements rs cors models
2025-01-29 14:12:20 +00:00
Arthur Baars
54efb0a4a6
Merge pull request #18611 from github/aibaars/use-tree-star
...
Rust: add UseTree::is_star
2025-01-29 14:42:03 +01:00
Calum Grant
a033ba9347
C++: Detect multiple definitions based on the format parameter index
2025-01-29 13:36:10 +00:00
Asger F
16f7373712
JS: Model dependency injection in Nest
2025-01-29 13:49:46 +01:00
Asger F
89ad737b2a
JS: Add internal extension points sources of class objects/instances
2025-01-29 13:49:44 +01:00
Asger F
b07c5c6ee0
JS: Add test
2025-01-29 13:49:43 +01:00
Mathias Vorreiter Pedersen
4b2c7ef03f
Merge pull request #18615 from MathiasVP/fix-fp-buffer-overflow
...
C++: Fix FPs in `cpp/overflow-buffer`
2025-01-29 12:12:47 +00:00
Mathias Vorreiter Pedersen
6e312140ce
Merge pull request #18618 from MathiasVP/18592-follow-follow-up-up
...
C++: Don't infer lambda calls when there is a static dispatch
2025-01-29 12:04:46 +00:00
Simon Friis Vindum
e141b4ee95
Merge pull request #18612 from paldepind/shared-model-generation-row
...
Shared: Generalize the number of columns in a generated MaD row
2025-01-29 12:56:07 +01:00
Mathias Vorreiter Pedersen
48cae7e7ed
C++: Accept test changes after previous commit.
2025-01-29 11:04:55 +00:00
Mathias Vorreiter Pedersen
373b38e881
Update cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/tests.cpp
...
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2025-01-29 11:03:52 +00:00
