hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,671 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

65 Commits

Author SHA1 Message Date
Tony Torralba
d786ea90a4 Java: Add more neutrals 
Adds more neutral models to help the model generator ignore certain callables.

Also improves the precision of certain URL models by using synthetic fields so that the parts of a URL are tainted separately.
 2024-03-26 17:31:11 +01:00
Owen Mansel-Chan
fc367042ef Fix df-manual model with wrong parameter type 2024-03-17 14:21:01 +00:00
Tony Torralba
eecab9122a Recognize the model generator involvement in the models' provenances 2024-03-14 08:56:23 +01:00
Tony Torralba
5b88b8a3ed A few more neutrals 2024-03-14 08:53:58 +01:00
Max Schaefer
93990ec9df Merge pull request #15486 from github/java/update-mad-decls-after-triage-2024-01-31T11-16-45 
Java: Update MaD Declarations after Triage
 2024-02-09 11:18:17 +00:00
Max Schaefer
705a377060 Address review comments. 2024-02-06 12:54:29 +00:00
Max Schaefer
ab6cea14c8 Fix missing quotes. 2024-01-31 11:49:25 +00:00
Max Schaefer
ad8038bade Update MaD Declarations after Triage 2024-01-31 11:28:10 +00:00
Tony Torralba
e2bf9ea2eb Consider File.exists() et al a path-injection sink 2024-01-30 14:51:36 +01:00
Tony Torralba
19cb7adb6d Migrate path injection sinks to MaD 
Deprecate and stop using PathCreation

Path creation sinks are now summaries
 2024-01-26 12:19:54 +01:00
Anders Schack-Mulligen
6c02e30f56 Java: Update models. 2023-08-23 13:24:55 +02:00
Jami Cogswell
19622aec49 Java: remove duplicate 'Files.newOutputStream' ai model 2023-08-04 14:06:57 -04:00
Jami Cogswell
e64d581f7a Java: remove duplicate 'Files.newInputStream' ai model 2023-08-04 14:05:05 -04:00
Jami Cogswell
d2a24dee7f Java: remove duplicate 'Files.delete' ai model 2023-08-04 14:02:59 -04:00
Jami Cogswell
516831aa41 Java: remove duplicate 'Files.move' ai model 2023-08-04 14:01:27 -04:00
Jami Cogswell
c510d33fbf Java: remove duplicate 'Files.deleteIfExists' ai model 2023-08-04 13:52:18 -04:00
Stephan Brandauer
c6f10519fa Merge branch 'main' into java/update-mad-decls-after-triage-2023-06-08T08-51-47 2023-06-08 12:00:07 +02:00
Stephan Brandauer
bda938c544 Update MaD Declarations after Triage 2023-06-08 10:51:48 +02:00
Tony Torralba
6d7234f8ed Merge pull request #13225 from atorralba/atorralba/java/path-injection-mad-sinks-2 
Java: Migrate path injection sinks to models-as-data (simplified)
 2023-06-07 14:27:36 +02:00
Tony Torralba
0065e6e1d6 Apply suggestions from code review 
Fix incorrect models-as-data rows
 2023-06-06 10:04:22 +02:00
Taus
7ad860fc98 Java: Update MaD declarations after triage 
Co-authored-by: Stephan Brandauer <kaeluka@github.com>
 2023-06-05 18:00:40 +02:00
Tony Torralba
527fe523a8 Add PathCreation.qll sinks to models-as-data 
The old PathCreation sinks can't be removed because doing so would cause alert wobble in the path injection queries. See their getReportingNode predicates.
 2023-06-02 09:14:35 +02:00
Jami
617107de35 Merge pull request #12916 from jcogs33/jcogs33/revamp-java-sink-kinds 
Java: revamp MaD sink kinds
 2023-06-01 12:48:30 -04:00
Jami Cogswell
cb10f4976b Java: update create/read-file sink kinds to path-injection 2023-05-31 15:49:07 -04:00
Jami Cogswell
eb1a8e2189 Java: update write-file sink kind to file-system-store 2023-05-31 15:49:07 -04:00
Jami Cogswell
f255b6acb8 Java: fix typos 2023-05-26 18:55:13 -04:00
Jami Cogswell
7e6913af62 Java: update provenance to 'hq-manual' 2023-05-26 18:55:13 -04:00
Jami Cogswell
65dd7eb8e7 Java: add neutral models discovered with path-inj and ssrf heuristics 2023-05-26 18:55:13 -04:00
Tony Torralba
654bb00946 Java: Tweak java.nio.files.Files.copy models 2023-05-23 10:27:19 +02:00
Michael Nebel
bd23814e7c Java: Update existing neutrals to include kind information. 2023-05-08 16:18:59 +02:00
Mathew Payne
44c1b48f94 Merge branch 'main' into main 2023-04-17 12:40:23 +01:00
Michael Nebel
169d8d5cf9 Java: All ai-generated models have been manually verified. 2023-04-13 09:21:06 +02:00
Mathew Payne
824ff8ad88 Add function signature to model 2023-04-12 14:54:06 +00:00
Mathew Payne
d0529bba2b Add missing models for Java IO 
- java.io.OutputStream
- java.nio.file.Files
 2023-04-12 14:43:11 +00:00
Stephan Brandauer
18801b39c6 Update MaD Declarations after Triage 2023-04-06 12:23:50 +02:00
Tony Torralba
bced2d692b Apply suggestions from code review 2023-04-05 15:19:21 +02:00
Stephan Brandauer
f87618238f Review suggestions 2023-04-05 15:15:03 +02:00
Stephan Brandauer
0a5d19fc71 Update MaD Declarations after Triage 2023-04-05 15:15:02 +02:00
Jami Cogswell
b8ceb7112d Java: update ordering of Path.getFileName model 2023-03-23 18:07:06 -04:00
Jami Cogswell
8046ec2f78 Java: update -1 to this 2023-03-23 18:01:28 -04:00
Jami Cogswell
17e0920325 Java: resolve more conflicts 2023-03-23 18:00:14 -04:00
Jami Cogswell
c213d56d2c Java: resolve some more -1 to this conflicts 2023-03-23 17:56:46 -04:00
Jami Cogswell
44c3a41194 Java: resolve more -1 to this conflicts 2023-03-23 17:53:27 -04:00
Tony Torralba
1258812428 Fix Argument[this] 2023-03-20 17:13:44 +01:00
Tony Torralba
a66b7ed54a Fix incorrect model, add missing model 2023-03-20 17:09:48 +01:00
Stephan Brandauer
0cab45e4b9 update old data to current standard (stream creation arg is a sink) 2023-03-20 17:09:48 +01:00
Stephan Brandauer
8802fbdfe7 Update java/ql/lib/ext/java.nio.file.model.yml 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-20 17:09:48 +01:00
Tony Torralba
bc99a44f3a Apply suggestions from code review 2023-03-20 17:09:48 +01:00
Stephan Brandauer
12bb0d98c0 move toFile back to its original location 2023-03-20 17:09:48 +01:00
Stephan Brandauer
4761c3a328 remove duplicates 2023-03-20 17:09:48 +01:00