hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,029 Commits 1,671 Branches 157 Tags
z80coder/query-pack-release-candidate-2
Commit Graph

4135 Commits

Author SHA1 Message Date
Chris Smowton
44e8dd9ec5 Add change note 2021-07-01 13:36:00 +01:00
Anders Schack-Mulligen
cda5c22f6e Merge pull request #5590 from github/sauyon/java-spring-errors 
Add models for Spring validation.Errors
 2021-07-01 14:29:49 +02:00
Anders Schack-Mulligen
37f8794d01 Merge pull request #6165 from edoardopirovano/fix-regression 
Performance: Improve join order in data flow library
 2021-07-01 14:13:18 +02:00
p0wn4j
0db7496617 Add URLClassLoader and Spring WebClient SSRF sinks 2021-07-01 03:34:14 +04:00
Chris Smowton
753c878f48 Also cover jakarta version of javax.json, and some missed methods 2021-06-30 15:04:15 +01:00
Anders Schack-Mulligen
d8b017e6c0 Merge pull request #6036 from atorralba/atorralba/spring-beans 
Java: Flow summaries for Spring's Bean Properties classes
 2021-06-30 15:41:24 +02:00
Anders Schack-Mulligen
f03d460e95 Java: Fix bad join-order. 2021-06-30 13:42:45 +02:00
Chris Smowton
7f556de8a0 Resolve now-fixed spurious XSS results 2021-06-30 12:04:22 +01:00
Chris Smowton
c37ecb7102 Fix existing JaxRs tests 
* Expose getContentTypeString for use by tests
* Use it to get constant arguments to @Produces annotations
* Note that text/html is xss-vulnerable (I have no idea how it ever came to expect exactly text/plain)
 2021-06-30 12:04:21 +01:00
Chris Smowton
52471b292a Add change note 2021-06-30 12:04:21 +01:00
Chris Smowton
856046ce50 Jax-RS: implement content-type tracking 
This follows content-type specifications across Variant-related functions and the ResponseBuilder class in order to sanitize or sink entities as appropriate.
 2021-06-30 12:04:21 +01:00
Chris Smowton
10714211c6 Add utility functions definining XSS-vulnerable content-types 2021-06-30 12:04:21 +01:00
Chris Smowton
450eebcd40 JaxWS: Pull out MediaType constant interpretation routine 
Also extend the routine slightly to expose multiple content types given with array notation
 2021-06-30 12:04:20 +01:00
Chris Smowton
3e7ea34054 XSS: expose extension point for defining barrier sinks 2021-06-30 12:04:20 +01:00
Tony Torralba
a3e1b139c3 Fix spring stubs location 2021-06-30 12:56:45 +02:00
Tony Torralba
0bb9e464b2 Merge branch 'main' into atorralba/spring-beans 2021-06-30 12:55:10 +02:00
Anders Schack-Mulligen
e235e151f1 Java: Fix bad magic. 2021-06-30 11:09:08 +02:00
Tony Torralba
9d64cadb50 Adapt tests after applying changes from code review 2021-06-30 10:02:03 +02:00
Tony Torralba
b64b8ecec2 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-06-30 09:52:22 +02:00
Anders Schack-Mulligen
374859efb4 Merge pull request #6156 from smowton/smowton/feature/jax-rs-content-type-sensitivity 
Jax RS XSS Tests
 2021-06-30 09:52:07 +02:00
Sauyon Lee
52d1901d6e Adjust validation models to reflect array parameters 2021-06-29 12:01:24 -07:00
Sauyon Lee
52b24118b3 Add tests for Spring validation.Errors 2021-06-29 12:01:23 -07:00
Edoardo Pirovano
8354f66c29 Performance: Improve join order in data flow library 2021-06-29 18:23:22 +01:00
Chris Smowton
47ccb19b84 SSV -> CSV everywhere 
While these are semicolon-delimited, we use CSV as a generic term for delimited values
 2021-06-29 15:59:43 +01:00
Chris Smowton
92ab650b7d Use new interpretSpec/2 predicate where appropriate 2021-06-29 15:59:43 +01:00
Chris Smowton
28ab4c083b Make interpretSpec/3 private again 2021-06-29 15:59:43 +01:00
Chris Smowton
c94c69415f Document Content::hasLocationInfo 2021-06-29 15:59:43 +01:00
Chris Smowton
cf7c966ea7 GenerateFlowTestCase: make imports private 2021-06-29 15:59:43 +01:00
Chris Smowton
5a71812001 Adjust import 
Type Content has moved into DataFlowUtil
 2021-06-29 15:59:43 +01:00
Chris Smowton
95b640db20 Resolve missing qldoc errors 
Document some, make some private, and delete the needless modules surrounding the spring models.
 2021-06-29 15:59:43 +01:00
Chris Smowton
eda7bb6aa2 Fix: restrict generated test cases to requested rows 2021-06-29 15:59:14 +01:00
Chris Smowton
bd1bd8cf08 Switch to an abstract unit / predicate approach to specifying rows to generate tests for 
This enables moving this code into the qll file, rather than having to specify a query predicate in the .ql
 2021-06-29 15:59:14 +01:00
Chris Smowton
f3868887b8 Test case generator: rework to use a less-invasive ExternalFlow API 
Some predicate/type names and docs are also improved
 2021-06-29 15:59:14 +01:00
Chris Smowton
59725d635b Test case generator: improve error reporting 
We now distinguish cases where SSV rows are not in scope at all from those where they don't identify a known type or method, or where input or output specs could not be parsed.
 2021-06-29 15:59:14 +01:00
Chris Smowton
dff9c717bc Fix test case generation when no auxiliary support functions are required 2021-06-29 15:59:14 +01:00
Chris Smowton
c49d5253f0 Revise ExternalFlow and FlowSummaryImpl API used for test generation 2021-06-29 15:59:14 +01:00
Chris Smowton
b1af90991d Add help text to GenerateFlowTestCase.py 2021-06-29 15:59:14 +01:00
Chris Smowton
5f1a491516 Fix test-generation when a type variable's bound is itself a type variable 
For example, class G<A, B extends A>
 2021-06-29 15:59:14 +01:00
Chris Smowton
e542e71cf5 Fix testing methods with 2-qualifier or deeper input specifications 
For example, an identity function on lists-of-maps, which might convey MapValue of Element of Argument[0] to MapValue of Element of ReturnValue, requiring `newWithElement(newWithMapValue(source())` on the input side but `getMapValue(getElement(out))` on the output side.
 2021-06-29 15:59:13 +01:00
Chris Smowton
0d8124bc95 Document test generator 2021-06-29 15:59:13 +01:00
Chris Smowton
617201930d Always use source declarations (i.e, raw types) when naming types in tests 2021-06-29 15:59:13 +01:00
Chris Smowton
e8acfec070 Fix formatting of instance variables 2021-06-29 15:59:13 +01:00
Chris Smowton
e2cfc17bfe Fix output of nested and generic type names, and disambiguate overloads where necessary 2021-06-29 15:59:11 +01:00
Chris Smowton
6d9661f412 Fix open-for-writing statement 2021-06-29 15:58:39 +01:00
Chris Smowton
d6edfd50da Determine when a model row didn't produce any tests; fix the model specifications revealed defective by this feature. 2021-06-29 15:55:34 +01:00
Chris Smowton
6360e0b7c4 Add flow-through test case generator 2021-06-29 15:55:13 +01:00
Chris Smowton
6fee40cfde Add flow-through test case generator 2021-06-29 15:55:13 +01:00
Chris Smowton
ba5dc3cdbc Add models of the javax.json package 2021-06-29 15:21:01 +01:00
Sauyon Lee
b76f761e56 Import springvalidation in ExternalFlow.qll 2021-06-29 05:51:58 -07:00
Sauyon Lee
aa0fbce28e Remove unnecessary code from stubs 2021-06-29 05:51:38 -07:00