713 Commits

Author	SHA1	Message	Date
erik-krogh	44b6366586	delete old deprecations	2023-06-02 11:58:08 +02:00
Jami	1a82e21fdb	Merge pull request #13136 from jcogs33/jcogs33/revamp-java-source-kinds ... Java: change `android-widget` MaD source kind to `remote`	2023-06-01 14:18:02 -04:00
Jami Cogswell	de15013715	Java: remove RemoteFlowSources module	2023-06-01 12:25:26 -04:00
Jami Cogswell	6722892828	Java: switch 'android-widget' source kind to 'remote'	2023-06-01 12:25:25 -04:00
Jami Cogswell	5dbb698481	Java: update open/jdbc-url sink kinds to request-forgery	2023-05-31 15:50:31 -04:00
Jami Cogswell	cb10f4976b	Java: update create/read-file sink kinds to path-injection	2023-05-31 15:49:07 -04:00
Jami Cogswell	eb1a8e2189	Java: update write-file sink kind to file-system-store	2023-05-31 15:49:07 -04:00
Jami Cogswell	ac8d985a63	Java: update xss sink kind to html-injection and js-injection	2023-05-31 15:49:07 -04:00
Jami Cogswell	041caa7405	Java: update header-splitting sink kind to response-splitting	2023-05-31 15:49:07 -04:00
Jami Cogswell	51df84ed1c	Java: update set-hostname-verifier sink kind to hostname-verification	2023-05-31 15:49:07 -04:00
Jami Cogswell	b23f384a50	Java: update intent-start sink kind to intent-redirection	2023-05-31 15:49:07 -04:00
Jami Cogswell	5aa3e57ff3	Java: update pending-intent-sent sink kind to pending-intents	2023-05-31 15:49:07 -04:00
Jami Cogswell	3ff4c7de8f	Java: update ldap sink kind to ldap-injection	2023-05-31 15:49:07 -04:00
Jami Cogswell	6d2d25406c	Java: update xslt sink kind to xslt-injection	2023-05-31 15:49:07 -04:00
Jami Cogswell	cea97b3f2a	Java: update mvel sink kind to mvel-injection	2023-05-31 15:49:06 -04:00
Jami Cogswell	6cee0c4c75	Java: update jexl sink kind to jexl-injection	2023-05-31 15:49:06 -04:00
Jami Cogswell	6431d370c1	Java: update groovy sink kind to groovy-injection	2023-05-31 15:49:06 -04:00
Jami Cogswell	430010daa3	Java: update logging sink kind to log-injection	2023-05-31 15:49:06 -04:00
Jami Cogswell	8c4b394e1a	Java: update ssti sink kind to template-injection	2023-05-31 15:49:06 -04:00
Jami Cogswell	fc58d10a4e	Java: update xpath sink kind to xpath-injection	2023-05-31 15:49:06 -04:00
Jami Cogswell	55be2e5b67	Java: update url-redirect sink kind to url-redirection	2023-05-31 15:49:06 -04:00
Jami Cogswell	d24d8b1626	Java: update sql sink kind to sql-injection	2023-05-31 15:49:06 -04:00
Michael Nebel	915042a881	Minor cleanup and sync files.	2023-05-26 12:25:00 +02:00
Michael Nebel	b7a8660375	Java: Re-factor getComponent.	2023-05-26 12:24:59 +02:00
Tony Torralba	6f012d51c0	Merge pull request #13091 from atorralba/atorralba/java/inputstreamwrapper-transitive ... Java: Make inputStreamWrapper consider supertypes transitively	2023-05-23 13:28:17 +02:00
Tony Torralba	770099f210	Merge branch 'main' into atorralba/java/promote-xxe-experimental-sinks	2023-05-16 09:49:34 +02:00
Tony Torralba	549fa7e288	Java: make inputStreamWrapper only act on constructors from outside of source	2023-05-12 17:47:56 +02:00
Tony Torralba	aa14105e1c	Don't use the reflexive transitive closure, so that the predicate becomes a little more efficient	2023-05-10 16:45:07 +02:00
Tony Torralba	2c41c5b0e2	Make inputStreamWrapper consider supertypes transitively	2023-05-09 17:27:16 +02:00
Michael Nebel	f2f9944a1c	Merge pull request #12931 from michaelnebel/neutralkinds ... Java/C#: Introduce kind for neutrals.	2023-05-09 08:42:38 +02:00
Edward Minnix III	05b1bd881e	Merge pull request #12852 from egregius313/egregius313/java/webgoat/model-jwsheader ... Java: Model `io.jsonwebtoken.SigningKeyResolverAdapter` and `io.jsonwebtoken.JwsHeader`	2023-05-08 10:57:34 -04:00
Michael Nebel	baee4cedfd	Apply suggestions from code review ... Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>	2023-05-08 16:19:00 +02:00
Michael Nebel	efa2bd8614	Apply suggestions from code review ... Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>	2023-05-08 16:19:00 +02:00
Michael Nebel	bcbda9046f	Java: Extend neutrals with a kind column and introduce validation.	2023-05-08 16:18:59 +02:00
Mathias Vorreiter Pedersen	09ba9a74ce	Merge pull request #12959 from MathiasVP/identity-consistency-check ... DataFlow: Add an "identity-step" consistency check	2023-05-05 10:03:20 +01:00
Edward Minnix III	a34a51737f	Add SyntheticFields for JwsHeader ... Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2023-05-04 16:52:40 -04:00
Jami	3c74c8bbe0	Merge pull request #13019 from jcogs33/jcogs33/url-open-stream-updates ... Java: switch `url-open-stream` sink models to `experimentalSinkModel`	2023-05-04 15:07:44 -04:00
Kasper Svendsen	4035b16ac1	Merge pull request #13008 from kaspersv/kaspersv/explicit-this-receivers-shared1 ... Java, C#: Make implicit this receivers explicit	2023-05-04 15:38:45 +02:00
Anders Schack-Mulligen	1185bfc90f	Merge pull request #12986 from aschackmull/java/mapvalue-precision ... Java: Force high precision for MapValueContent.	2023-05-04 14:52:41 +02:00
Mathias Vorreiter Pedersen	77001a070b	Merge branch 'main' into identity-consistency-check	2023-05-03 22:01:06 +01:00
Jami Cogswell	2224c5d9be	Java: remove url-open-stream kind from getInvalidModelKind	2023-05-03 10:08:50 -04:00
Kasper Svendsen	081085e128	Java: Make implicit this receivers explicit	2023-05-03 13:37:35 +02:00
Kasper Svendsen	e071a25653	Java, C#: Make implicit this receivers explicit	2023-05-03 13:09:00 +02:00
Anders Schack-Mulligen	97cd3b8576	Java: Force high precision for MapValueContent.	2023-05-02 11:19:21 +02:00
Anders Schack-Mulligen	ca09649679	Dataflow: Forward hasLocationInfo.	2023-05-02 10:48:32 +02:00
Anders Schack-Mulligen	5927bb2030	Dataflow: Replace "extends Node" with "instanceof Node".	2023-05-02 09:48:34 +02:00
Mathias Vorreiter Pedersen	e506f638fc	DataFlow: Sync identical files.	2023-04-27 18:40:33 +01:00
Anders Schack-Mulligen	71ae0909d8	Dataflow: Enforce type pruning in all forward stages.	2023-04-27 14:55:26 +02:00
Anders Schack-Mulligen	a761eea2dc	Dataflow: Autoformat	2023-04-27 14:52:25 +02:00
Anders Schack-Mulligen	4f2d2361a4	Dataflow: Eliminate TypedContent.	2023-04-27 14:52:25 +02:00