hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,672 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

510 Commits

Author SHA1 Message Date
Tony Torralba
084cda6daa Merge branch 'main' into atorralba/promote-groovy-injection 2021-08-03 09:53:46 +02:00
Chris Smowton
fad1622730 Merge pull request #5435 from haby0/DynamicallyLoadedClasses 
Java: CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
 2021-08-02 16:04:30 +01:00
Tony Torralba
08bdd1aa7a Merge branch 'main' into atorralba/promote-ognl-injection 2021-08-02 16:05:38 +02:00
Anders Schack-Mulligen
53e6ddfeb6 Merge pull request #6001 from atorralba/atorralba/promote-mvel-injection 
Java: Promote MVEL injection query from experimental
 2021-08-02 14:40:26 +02:00
Tony Torralba
f4b78ef3bd Fix stubs 2021-08-02 14:12:05 +02:00
Tony Torralba
9b384d84cc Merge branch 'main' into atorralba/promote-ognl-injection 2021-08-02 14:06:45 +02:00
Tony Torralba
351a24558d Add tests for JacksonSerializability 
Upgraded jackson stubs to 2.12
 2021-08-02 14:03:30 +02:00
Anders Schack-Mulligen
3b676d432f Merge pull request #5900 from artem-smotrakov/unsafe-jackson-deserialization 
Java: Unsafe deserialization with Jackson
 2021-08-02 12:45:30 +02:00
Fosstars
a4b0041120 Better looksLikeResolveClassStep() predicate 2021-07-30 09:28:03 +02:00
Joe Farebrother
f1ca29a846 Add more stubs 2021-07-29 15:58:42 +01:00
Joe Farebrother
096509b9aa Generate tests and stubs 2021-07-29 15:01:50 +01:00
Artem Smotrakov
7fec575df8 Simplify JsonTypeInfo stub 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-07-28 14:23:50 +02:00
haby0
2a50cf8244 Fix 2021-07-22 22:24:09 +08:00
haby0
d8f5f6987b Fix 2021-07-22 21:53:41 +08:00
haby0
e160352b38 Fix 2021-07-22 21:48:46 +08:00
haby0
4ebf0ed7c5 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') 2021-07-22 21:45:29 +08:00
Tony Torralba
99e66cffa2 Merge branch 'main' into atorralba/promote-unsafe-android-webview-fetch 2021-07-20 17:30:56 +02:00
Tony Torralba
b6904a7992 Merge branch 'main' into atorralba/promote-ognl-injection 2021-07-20 17:17:17 +02:00
Tony Torralba
430d9f1834 Merge branch 'main' into atorralba/promote-missing-jwt-signature-check 2021-07-20 16:20:35 +02:00
Tony Torralba
b8ea833a61 Merge branch 'main' into atorralba/promote-jndi-injection 2021-07-20 15:01:26 +02:00
Chris Smowton
7819d32784 Make MediaType stub constants actually constant 
This is required to use them in annotations
 2021-07-19 18:28:30 +01:00
Chris Smowton
16c5952167 Add and improve Spring-web stubs 2021-07-19 18:20:37 +01:00
Chris Smowton
34a4b71891 Add models of JSON-java, aka org.json 2021-07-19 17:57:27 +01:00
Tony Torralba
5ca8b380e9 Merge branch 'main' into atorralba/promote-mvel-injection 2021-07-19 13:45:10 +02:00
Tony Torralba
b08f417a1e Merge branch 'main' into atorralba/promote-groovy-injection 2021-07-19 12:44:03 +02:00
Anders Schack-Mulligen
d1f21a854a Merge pull request #6042 from joefarebrother/spring-http 
[Java] Model spring `http` package
 2021-07-19 11:24:41 +02:00
Anders Schack-Mulligen
c32a75a1b3 Merge pull request #6183 from smowton/smowton/feature/javax-json-models 
Add models of the jakarta/javax.json package
 2021-07-19 11:19:21 +02:00
Joe Farebrother
f7de2e64c5 Fix failing test caused by an imprecission in the stubber 2021-07-15 15:15:37 +01:00
Chris Smowton
7b984cc2b0 Add models for Apache Commons Lang's Mutable container 2021-07-15 14:58:25 +01:00
Joe Farebrother
0e8dd9f335 Use generated stubs 2021-07-15 11:03:51 +01:00
Joe Farebrother
4be7e94dcc Add more spring stubs 2021-07-15 10:33:30 +01:00
Chris Smowton
0b2750828e Add models for org.springframework.jdbc.object 
Also add tests for the existing Spring JDBC SQL injection sinks in the process
 2021-07-14 17:25:00 +01:00
Sauyon Lee
16931e5de8 Add necessary stubs for Spring 
Co-Authored-By: smowton <smowton@github.com>
 2021-07-14 04:57:56 -07:00
Anders Schack-Mulligen
04244b3c45 Merge pull request #5974 from github/sauyon/java/spring-webmultipart 
Model Spring `web.multipart`
 2021-07-14 13:57:24 +02:00
Sauyon Lee
51211c0394 Add stubs 2021-07-13 10:29:02 -07:00
Anders Schack-Mulligen
9388983e41 Java: Add missing stub. 2021-07-13 15:26:37 +02:00
Artem Smotrakov
aefd21075b Added tests for UnsafeDeserialization.ql and Jackson 2021-07-09 10:24:10 +02:00
Chris Smowton
8b7db8a8cc Merge pull request #5408 from p0wn4j/urlclassloader-webclient-ssrf-sinks 
Java: Add URLClassLoader, WebClient SSRF sinks
 2021-07-01 16:14:22 +01:00
Anders Schack-Mulligen
cda5c22f6e Merge pull request #5590 from github/sauyon/java-spring-errors 
Add models for Spring validation.Errors
 2021-07-01 14:29:49 +02:00
p0wn4j
0db7496617 Add URLClassLoader and Spring WebClient SSRF sinks 2021-07-01 03:34:14 +04:00
Chris Smowton
753c878f48 Also cover jakarta version of javax.json, and some missed methods 2021-06-30 15:04:15 +01:00
Tony Torralba
0bb9e464b2 Merge branch 'main' into atorralba/spring-beans 2021-06-30 12:55:10 +02:00
Anders Schack-Mulligen
374859efb4 Merge pull request #6156 from smowton/smowton/feature/jax-rs-content-type-sensitivity 
Jax RS XSS Tests
 2021-06-30 09:52:07 +02:00
Chris Smowton
ba5dc3cdbc Add models of the javax.json package 2021-06-29 15:21:01 +01:00
Sauyon Lee
aa0fbce28e Remove unnecessary code from stubs 2021-06-29 05:51:38 -07:00
Sauyon Lee
fe2b73ed72 Stub more of Spring 2021-06-29 05:51:19 -07:00
Chris Smowton
6b3bc42ef2 Add JAX-RS XSS tests 2021-06-28 19:24:18 +01:00
Sauyon Lee
bddc88c010 Add stubs for Spring util tests 2021-06-28 08:26:40 -07:00
Sauyon Lee
60db9e1851 Rename springframework-5.2.3 to 5.3.8 2021-06-28 08:26:39 -07:00
Tony Torralba
8112d723e0 Merge branch 'main' into atorralba/spring-beans 2021-06-28 17:02:31 +02:00