hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,676 Commits 1,671 Branches 157 Tags
yo-h/java15
Commit Graph

1360 Commits

Author SHA1 Message Date
Joe
9baf2b9eff Fix cartesian product 2020-09-18 15:42:03 +01:00
Joe
abb1731be7 Java: Simplify the implementation of ExecTainted 2020-09-18 15:21:03 +01:00
Anders Schack-Mulligen
b3bf570fb7 Merge pull request #4301 from lcartey/java/update-cwe-claims 
Java: Update some CWE claims
 2020-09-18 16:08:40 +02:00
Joe
3cc38feebc Fix a couple of typos in QLDoc comments 2020-09-18 14:51:38 +01:00
lcartey@github.com
2c6f587ee9 Java: Add coverage claim for CWE 193 (off by one) 2020-09-18 12:51:24 +01:00
lcartey@github.com
39200566c3 Java: Update CWE claims for XXE. 
This matches the claims in the C# equivalent.
 2020-09-18 12:30:52 +01:00
Joe
3258134098 Java: Remove superfluous conjunct 2020-09-18 10:41:06 +01:00
lcartey@github.com
32f43a84be Java: Add CWE 564 (SQL Injection: Hibernate) 2020-09-18 10:20:21 +01:00
Joe
9c643ec1cd Java: Fix formatting 2020-09-17 17:46:05 +01:00
Joe
69fd579dfd Java: Fix QLDoc 2020-09-17 17:37:16 +01:00
Joe
2da6234317 Java: Fix QLDoc 2020-09-17 17:31:24 +01:00
Joe
6d0df7cb3a Java: Add a container node for Imports in the PrintAst view 2020-09-17 17:29:36 +01:00
Joe
810baad63f Java: Fix formatting 2020-09-17 17:13:55 +01:00
Joe
fcfc836720 Java: Add tests for ExecTainted 2020-09-17 16:47:55 +01:00
Joe
b6cf1cce20 Java: Make the equivalent changes to ExecTaintedLocal 2020-09-17 15:53:04 +01:00
Joe
6bfc0afaeb Java: Improve the ExecTainted query 2020-09-17 15:39:35 +01:00
Tamás Vajk
5079deb92a Merge pull request #4268 from tamasvajk/feature/java-range-analysis-fn 
Java: Fix range analysis false negative
 2020-09-16 11:08:33 +02:00
Joe
7e9b1a2975 Java: PrintAst: Fix more formatting issues 2020-09-15 17:15:00 +01:00
Joe
3be8fa5155 Java: PrintAst: Fix formatting 2020-09-15 15:10:56 +01:00
Joe
28338eb32e Java: PrintAst: Various minor fixes of typos 
Fix references to C#

Fix getAPrimaryQlClass for JavadocTag

Fix typo for Import

Update test outputs
 2020-09-15 15:02:56 +01:00
Joe
53ab8dac06 Java: PrintAst: Fix failing tests 2020-09-15 14:45:48 +01:00
Joe
112b6d28a1 Java: PrintAst: Handle multiple javadocs in one element correctly 2020-09-15 14:45:48 +01:00
Joe
e38b583ec4 Java: PrintAst: Add tests 2020-09-15 14:45:48 +01:00
Joe
b73e7d8390 Java: PrintAST: Support Javadoc 2020-09-15 14:45:48 +01:00
Joe
c3320eeb3c Java: Improve getAPrimaryQlClass 
Implement it for more types
Fix typos
 2020-09-15 14:45:48 +01:00
Joe
908f025888 Java: PrintAst: Fix a couple of issues related to Annotations 2020-09-15 14:45:48 +01:00
Joe
c20f802666 Java: PrintAst: Supprt generic parameters 2020-09-15 14:45:48 +01:00
Joe
19af3e5e30 Java: Add PrintAST 2020-09-15 14:45:48 +01:00
Joe
efe3ac0a37 Java: Rename the existing file called PrintAst.qll 2020-09-15 11:30:56 +01:00
Tamas Vajk
23a9d0764e Java: Fix range analysis false negative 2020-09-15 12:09:05 +02:00
Tamas Vajk
c66473cb8a Java: Add test for range analysis 2020-09-15 12:07:30 +02:00
Rasmus Wriedt Larsen
fb3060dc3d Java: Minor fixup for SSA AdjacentUsesImpl::varBlockReaches 
This should not change anything in regards to correctness overall -- what we
really care about is `varBlockStep`, and that checks `varOccursInBlock(v, b2)`.
However, the comment is a bit easier to read together with the code
now (and probably also gives slightly smaller predicate result size).
 2020-09-10 13:47:36 +02:00
Rasmus Wriedt Larsen
2172fb6e65 Dataflow: s/data flow/taint propagation/ in QLDoc for sanitizers 2020-09-09 14:30:33 +02:00
Rasmus Wriedt Larsen
d90f0be2c4 Dataflow: defaultTaintBarrier => defaultTaintSanitizer 
Just keeping things a bit more consistent :)
 2020-09-09 14:11:56 +02:00
Mathias Vorreiter Pedersen
9de1fb7c18 Merge pull request #4222 from jbj/BlockStmt 
C++/Java/JS: Rename Block -> BlockStmt
 2020-09-09 10:02:37 +02:00
Arthur Baars
1f4028f4a0 Java: Add new SQL sinks for Hibernate versions 4 and 6 2020-09-08 16:26:13 +02:00
CodeQL CI
9879c6c204 Merge pull request #4184 from aschackmull/java/cleanup-queryinjection 
Approved by aibaars
 2020-09-08 14:52:17 +01:00
Anders Schack-Mulligen
442de2e2d2 Java: Add qldoc. 2020-09-08 15:09:39 +02:00
Jonas Jensen
464d3630a2 Java: Rename Block -> BlockStmt 2020-09-08 08:40:20 +02:00
Arthur Baars
90f013d74f Merge pull request #4176 from aibaars/missing-qhelp 
Add missing QHelp files
 2020-09-02 16:12:42 +02:00
Anders Schack-Mulligen
ed6c1798e2 Java: Fix reference to Unit. 2020-09-02 14:47:01 +02:00
Rasmus Wriedt Larsen
7a54d0b493 Java: Move files in experiemntal dirs to be consistent 2020-09-02 13:19:21 +02:00
Anders Schack-Mulligen
89829e870d Java: Clean up SqlInjectionLib. 2020-09-02 11:17:56 +02:00
Anders Schack-Mulligen
cc61e6117e Merge pull request #3542 from porcupineyhairs/mongoJava 
Java : add MongoDB injection sinks
 2020-09-01 16:19:17 +02:00
CodeQL CI
311e62f21d Merge pull request #4081 from aschackmull/java/dispatch-ctx-this-param 
Approved by aibaars
 2020-09-01 15:06:47 +01:00
CodeQL CI
b9a6183ec2 Merge pull request #4175 from aschackmull/java/adjust-cwe-089-qltest 
Approved by aibaars
 2020-09-01 12:43:56 +01:00
Arthur Baars
2729d109a5 Merge pull request #4123 from aschackmull/java/records-dataflow 
Java: Add data flow for record getters.
 2020-09-01 13:02:24 +02:00
Anders Schack-Mulligen
e5d7208c12 Java: Adjust a few qltests. 2020-09-01 12:49:09 +02:00
Arthur Baars
aedfa47cb4 Add missing QHelp files 2020-09-01 12:46:57 +02:00
Anders Schack-Mulligen
82692876d8 Java: Add some test cases. 2020-09-01 11:24:30 +02:00