hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,671 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

4345 Commits

Author SHA1 Message Date
Cornelius Riemenschneider
0f5dd5d7c7 Add one more test with a more complicated guard. 2019-10-07 15:14:42 +02:00
Cornelius Riemenschneider
d79eaffd3a Prune unreachable paths in the Java dataflow library based on call context. 
We now detect patterns like
f(bool cond){
       if(cond)
        then A
        else B
and prune branches for calls like f(true) or f(false).
This pruning is done both in the local (bigstep) flow graph
as well as in the inter-procedural dataflow graph.
 2019-10-07 15:10:54 +02:00
Cornelius Riemenschneider
dba93b30e7 Add tests exhibiting false positives in the dataflow library, where call context is not used to prune branches. 2019-10-07 14:59:55 +02:00
Anders Schack-Mulligen
066a2f0d12 Java: Add another overflow check pattern to UselessComparisonTest. 2019-10-04 15:04:40 +02:00
Tom Hvitved
7f6e253425 Java: Update expected test output 2019-10-04 11:09:44 +02:00
yh-semmle
3313af5189 Merge pull request #2036 from aschackmull/java/eq-ssa-guard 
Java: Improve guards for equal ssa variables.
 2019-10-02 12:00:59 -04:00
Anders Schack-Mulligen
f87cb4d6ac Java/C++/C#: Address review comments and fix test. 2019-10-02 14:32:17 +02:00
Anders Schack-Mulligen
0afea80d53 Java: Improve guards for equal ssa variables. 2019-09-26 16:29:13 +02:00
Tom Hvitved
6318cc9a71 Java: Update expected test output 2019-09-18 13:36:15 +02:00
Anders Schack-Mulligen
2d620698d8 Java: Adjust qltest expected output. 2019-09-12 11:00:49 +02:00
Jonas Jensen
9c9b7ac651 C#/C++/Java: Revert AccessPathNil.toString changes 
This caused too many `*.expected` files to change, also in our internal
repo.
 2019-09-02 15:59:36 +02:00
Jonas Jensen
a98992f0f9 C#/C++/Java: distinguish toString of nil from cons 2019-09-02 14:22:03 +02:00
Jonas Jensen
cdede8744f C#/C++/Java: Prettier PartialAccessPath.toString 2019-09-02 14:05:50 +02:00
Jonas Jensen
c3bc9f8575 C#/C++/Java: Unbreak partial data flow support 
Partial data flow had a semantic merge conflict with this branch. The
problem is that partial data flow doesn't (and shouldn't) cause the
initial pruning steps to run, but the length-2 access paths depend on
the `consCand` information that comes from that initial pruning. The
solution is to restore the old `AccessPath` class, now called
`PartialAccessPath` for use only by partial data flow.

With this change, partial data flow will in some cases allow more field
flow than non-partial data flow.
 2019-09-02 14:02:39 +02:00
Jonas Jensen
6c96a8d339 Java: Accept test changes 
Note: the results in `partial` have regressed and will need to be fixed
in a follow-up commit.
 2019-09-02 13:14:17 +02:00
Anders Schack-Mulligen
8a318ce4e7 Java: Extend test with graph. 2019-08-30 14:35:21 +02:00
Anders Schack-Mulligen
6582734733 Java: Add test. 2019-08-30 14:32:55 +02:00
Luke Cartey
dfa371c65b Java: Add missing SQL query APIs. 
* executeLargeUpdate
 * prepareCall
 2019-08-30 10:40:49 +01:00
Pavel Avgustinov
cc854dd937 Merge branch 'master' of github.com:Semmle/ql into attribute 2019-08-23 09:55:35 +01:00
Anders Schack-Mulligen
629c19e719 Java: Autoformat. 2019-08-21 14:38:17 +02:00
Pavel Avgustinov
cb3551b4d6 Merge commit '76982404' into attribute 2019-08-21 12:44:07 +01:00
Anders Schack-Mulligen
6ff4fe38ec Java/C++/C#: Add field flow support for stores in nested fields. 2019-08-19 14:41:06 +02:00
Pavel Avgustinov
127c33700c Add Java stubs readme 2019-08-17 18:57:50 +01:00
Pavel Avgustinov
c92eb58300 Add j2objc license 2019-08-17 16:31:18 +01:00
Pavel Avgustinov
b52ea1e21b Add Apache Shiro third-party notice 2019-08-17 16:31:18 +01:00
Anders Schack-Mulligen
a50ea54ff6 Java: Fix tests. 2019-08-08 12:03:01 +02:00
Anders Schack-Mulligen
f8804943ee Java: Change in/out barriers to be explicit in the configuration. 2019-08-05 12:05:12 +02:00
Anders Schack-Mulligen
d3c5644229 Java: Add support for in/out barriers on sources and sinks. 2019-07-26 11:52:55 +02:00
Anders Schack-Mulligen
3024b5cb9e Java: Bugfix for flow through methods with taintstep and upcast. 2019-07-22 15:39:30 +02:00
Anders Schack-Mulligen
a583f000c1 Java: Fix tests. 2019-06-27 13:20:03 +02:00
yh-semmle
0fb323b5ff Java: add QL library for modeling AndroidManifest.xml files 2019-06-10 12:59:47 -04:00
Anders Schack-Mulligen
0e12df0a15 Java: Add SwitchExpr support in Guards.qll 2019-06-04 16:03:23 +02:00
Anders Schack-Mulligen
48b19f1fea Java: Replace ValidatedVariable with guarded accesses. 2019-05-20 16:46:11 +02:00
Anders Schack-Mulligen
f367427fb8 Java: Deprecate RemoteUserInput. 2019-05-06 13:43:58 +02:00
Anders Schack-Mulligen
dec31a3dd6 Java: Use range analysis in IntMultToLong. 2019-04-05 10:42:23 +02:00
Anders Schack-Mulligen
b1e364b56a Java: Support precondition calls as guards. 2019-04-02 10:58:46 +02:00
yh-semmle
64b2d331ae Java: add test for Guice framework support 2019-02-15 20:01:08 -05:00
Anders Schack-Mulligen
52ad816074 Merge pull request #904 from rneatherway/zipslip-fix 
Java: Add a flow step for `Path::toFile` in ZipSlip
 2019-02-11 13:08:38 +01:00
Robin Neatherway
409733838b Java: Add a flow step for Path::toFile in ZipSlip 2019-02-11 10:33:44 +00:00
Henning Makholm
b8a03464bf Fix false positives in java/unused parameter 
Methods that are mentioned in a member reference expression should count
as rootdefs for the unused parameter query. Such methods have to match
the functional interface of the reference expression, so it is to be
expected that they will sometimes have to declare parameters that they
don't actually use.
 2019-02-07 21:14:36 +01:00
yh-semmle
3e8f7a740c Merge pull request #838 from aschackmull/java/taint-collections 
Java: Add additional taint steps through collections.
 2019-02-05 09:59:24 -05:00
Anders Schack-Mulligen
a29f615da0 Java: Add additional taint steps through collections. 2019-01-28 14:34:09 +01:00
semmle-qlci
65b64c7c05 Merge pull request #645 from sb-semmle/configuration-file-library 
Approved by yh-semmle
 2019-01-26 02:06:16 +00:00
Sebastian Bauersfeld
170acd539c Add tests for ConfigFiles library. 2019-01-23 19:35:20 -05:00
yh-semmle
23e94c23e3 Merge pull request #786 from aschackmull/java/double-checked-locking 
Java: Fix FP in DoubleCheckedLocking.ql
 2019-01-22 17:39:54 -05:00
Anders Schack-Mulligen
17b4276699 Java: Fix bug in qltest and query for immutable types. 2019-01-18 11:37:38 +01:00
Henning Makholm
26b6581bdb test example for ODASA-6859 2019-01-17 23:30:39 +01:00
Anders Schack-Mulligen
944c082a8d Java: Fix FP in DoubleCheckedLocking.ql 2019-01-17 16:38:25 +01:00
yh-semmle
b0364e3592 Merge pull request #729 from aschackmull/java/intmulttolong 
Java: Restrict attention to integral types in IntMultToLong.
 2019-01-08 14:40:22 -05:00
Anders Schack-Mulligen
06e48ca19f Java: Update test. 2019-01-08 11:57:54 +01:00