3153 Commits

Author	SHA1	Message	Date
Jami Cogswell	5b089bbb9c	split sanitizer into three	2022-11-08 15:29:33 -05:00
Jami Cogswell	91491d9a7b	refactor into more classes; add more test cases; add LITERAL sanitizer	2022-11-08 15:29:33 -05:00
Jami Cogswell	50d638d1b6	create RegexInjection.qll file	2022-11-08 15:29:33 -05:00
Jami Cogswell	f6f26fe6c5	refactor code; add change note	2022-11-08 15:29:33 -05:00
Jami Cogswell	037a05cd66	add classes for Pattern, Matcher, and RegExUtils	2022-11-08 15:29:33 -05:00
Jami Cogswell	6545cff0ef	add Pattern.quote sanitizer	2022-11-08 15:29:33 -05:00
Jami Cogswell	833c5edf06	move to .qll file and switch to InlineExpectations tests	2022-11-08 15:29:32 -05:00
Rasmus Wriedt Larsen	4895daba85	DataFlow: Add read/store stepIsLocal consistency checks	2022-11-08 13:32:49 +01:00
Tony Torralba	ef967b6a21	Merge pull request #10890 from atorralba/atorralba/android-startactivities-summaries ... Java: Add flow summaries for startActivities	2022-11-07 18:06:30 +01:00
Erik Krogh Kristensen	d67235b3c1	Merge pull request #11071 from erik-krogh/fixCanon ... ReDoS: fix canonicalization in NfaUtils	2022-11-07 14:10:50 +01:00
Tamás Vajk	830be92f1d	Merge pull request #11089 from tamasvajk/kotlin-enum-ctor-call ... Kotlin: Extract missing arguments of enum constructor calls	2022-11-07 12:55:27 +01:00
Tamas Vajk	4e8d8a4de1	Add compilerGeneratedReason for enum constructor call arguments	2022-11-07 10:07:05 +01:00
Anders Schack-Mulligen	a1dba82360	Dataflow: Sync.	2022-11-04 12:41:55 +01:00
Anders Schack-Mulligen	828d187198	Dataflow: Fix a couple of join-orders.	2022-11-04 12:41:55 +01:00
Tom Hvitved	587e6739d9	Merge pull request #11060 from hvitved/dataflow/path-node-reach-charpred ... Data flow: Restrict public `PathNode`s to those that may reach a sink	2022-11-04 10:17:09 +01:00
Anders Schack-Mulligen	331b8c0144	Merge pull request #10904 from aschackmull/java/joinorders ... Java: Fix some join-orders.	2022-11-04 09:24:31 +01:00
Michael Nebel	3c8fb0520e	C#: Sync files.	2022-11-04 08:20:53 +01:00
Tom Hvitved	d3488da0c2	Data flow: Sync files	2022-11-03 15:52:30 +01:00
erik-krogh	c15f63ce62	sync files	2022-11-01 21:35:27 +01:00
Jami Cogswell	f40eefce57	use CompileTimeConstantExpr instead of StringLiteral	2022-10-27 17:11:07 -04:00
Jami Cogswell	65f7474110	simplify algorithm.matches	2022-10-27 16:44:03 -04:00
Jami Cogswell	1bfdfc954b	shorten class/predicate names	2022-10-26 16:30:14 -04:00
Tamas Vajk	9cc7a30a75	Kotlin: do not report on unused object extension parameters	2022-10-26 15:06:51 +02:00
Jami Cogswell	1e80fa118c	add modules	2022-10-25 18:26:00 -04:00
Tamas Vajk	eaa04b72f1	Apply code review findings	2022-10-25 13:49:54 +02:00
Tamas Vajk	78c23c2657	Kotlin: Exclude constructs in serialization constructors from java/evaluation-to-constant	2022-10-25 13:49:54 +02:00
Chris Smowton	b9f4856d47	Merge pull request #10876 from smowton/smowton/feature/kotlin-default-method-auto-mad ... Java models-as-data: infer Kotlin $default models from that of its parent function	2022-10-25 11:58:54 +01:00
Jami Cogswell	1a1245343d	remove getNodeIntValue	2022-10-24 17:09:24 -04:00
Jami Cogswell	c742a09def	remove AlgoSpec class	2022-10-24 16:15:18 -04:00
Jami Cogswell	d569f93e78	update getAlgoSpec	2022-10-24 16:05:57 -04:00
Jami Cogswell	09829d7f7a	simplify instanceof usage	2022-10-24 15:49:41 -04:00
Jami Cogswell	8bc0a64863	remove KeyGenInitMethodAccess class	2022-10-24 15:42:36 -04:00
Jami Cogswell	eb69b98dff	remove separators	2022-10-24 15:28:31 -04:00
Jami Cogswell	2ee23f004e	update qldoc for AlgorithmParameterSpec	2022-10-24 15:22:33 -04:00
Jami Cogswell	4c8e0a7648	update qldoc of JavaSecurityKeyPairGenerator and JavaSecurityAlgoParamGenerator	2022-10-24 15:05:05 -04:00
Chris Smowton	7a0bded2ac	Kotlin: support argument-range specifications for $default methods	2022-10-24 19:31:03 +01:00
Chris Smowton	1fe9e8457f	Kotlin: Fix varargs dataflow, and varargs default handling ... Dataflow requires accounting for the fact that the varargs parameter isn't necessarily last in the parameter list in a couple more places. Default handling just requires that if the only null parameter is the varargs argument, and it has no default value, then no $default method is required-- the caller is expected to simply pass nothing (at QL / source level) or an empty array (at JVM level).	2022-10-21 11:14:41 +01:00
Anders Schack-Mulligen	9ebcaf80e7	Java: Fix some join-orders.	2022-10-20 14:23:36 +02:00
Chris Smowton	e868cdf91b	Merge pull request #9876 from smowton/smowton/feature/interface-forwarding ... Kotlin: implement default interface forwarding	2022-10-20 10:17:47 +01:00
Chris Smowton	c6b62c934b	Merge pull request #10853 from smowton/smowton/fix/specialised-anon-classes ... Kotlin: extract called private methods of specialised types, and specialised instances of anonymous types	2022-10-19 16:48:28 +01:00
Jami Cogswell	e5982f19fa	minor updates	2022-10-19 11:05:40 -04:00
Tony Torralba	0678b06a9b	Apply review suggestions	2022-10-19 16:58:43 +02:00
Tony Torralba	429bd5fbd8	Add flow summaries for startActivities ... Uses SyntheticCallables and SyntheticGlobals to pair each startActivities call to getIntent calls in the components targeted by the intent(s).	2022-10-19 16:25:04 +02:00
Jami Cogswell	961e5c72a3	minor updates	2022-10-19 08:44:35 -04:00
Tony Torralba	fd8f8cb930	Merge pull request #10223 from atorralba/atorralba/unsafe-content-resolver ... Java: New Android query to detect unsafe content URI resolution	2022-10-19 11:22:04 +02:00
Jami Cogswell	4df0fbcce1	update tests	2022-10-19 01:17:57 -04:00
Jami Cogswell	dc8b62baa0	add support for AlgorithmParameterGenerator	2022-10-19 00:11:59 -04:00
Jami Cogswell	ff557a287f	add min key size predicates	2022-10-18 23:08:54 -04:00
Chris Smowton	b148e3168f	Java models-as-data: infer Kotlin $default models from that of its parent function	2022-10-18 18:17:08 +01:00
Tamás Vajk	543e2f5aab	Merge pull request #10678 from tamasvajk/kotlin-type-param-modifiers ... Kotlin: Extract type parameter modifiers (`reified`, `in`, `out`)	2022-10-18 09:10:57 +02:00