hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,525 Commits 1,690 Branches 160 Tags
7024b07dd2b77d9ff57acbbb37c4ac1e89e30ab8
Commit Graph

3308 Commits

Author SHA1 Message Date
Tom Hvitved
7024b07dd2 Java: Adapt to changes in FlowSummaryImpl 
Missing manual models were added using the following code added to `FlowSummaryImpl.qll`:

```ql
    private predicate testsummaryElement(
      Input::SummarizedCallableBase c, string namespace, string type, boolean subtypes, string name,
      string signature, string ext, string originalInput, string originalOutput, string kind,
      string provenance, string model, boolean isExact
    ) {
      exists(string input, string output, Callable baseCallable |
        summaryModel(namespace, type, subtypes, name, signature, ext, originalInput, originalOutput,
          kind, provenance, model) and
        baseCallable = interpretElement(namespace, type, subtypes, name, signature, ext, isExact) and
        (
          c.asCallable() = baseCallable and input = originalInput and output = originalOutput
          or
          correspondingKotlinParameterDefaultsArgSpec(baseCallable, c.asCallable(), originalInput,
            input) and
          correspondingKotlinParameterDefaultsArgSpec(baseCallable, c.asCallable(), originalOutput,
            output)
        )
      )
    }

    private predicate testsummaryElement2(
      string namespace, string type, boolean subtypes, string name, string signature, string ext,
      string originalInput, string originalOutput, string kind, string provenance, string model,
      string namespace2, string type2
    ) {
      exists(Input::SummarizedCallableBase c |
        testsummaryElement(c, namespace2, type2, _, _, _, ext, originalInput, originalOutput, kind,
          provenance, model, false) and
        testsummaryElement(c, namespace, type, subtypes, name, _, _, _, _, _, provenance, _, true) and
        signature = paramsString(c.asCallable()) and
        not testsummaryElement(c, _, _, _, _, _, _, originalInput, originalOutput, kind, provenance,
          _, true)
      )
    }

    private string getAMissingManualModel(string namespace2, string type2) {
      exists(
        string namespace, string type, boolean subtypes, string name, string signature, string ext,
        string originalInput, string originalOutput, string kind, string provenance, string model
      |
        testsummaryElement2(namespace, type, subtypes, name, signature, ext, originalInput,
          originalOutput, kind, provenance, model, namespace2, type2) and
        result =
          "- [\"" + namespace + "\", \"" + type + "\", True, \"" + name + "\", \"" + signature +
            "\", \"\", \"" + originalInput + "\", \"" + originalOutput + "\", \"" + kind + "\", \"" +
            provenance + "\"]"
      )
    }
```
 2026-01-26 12:40:15 +01:00
Owen Mansel-Chan
a5d9cb179a Merge pull request #20930 from owen-mc/java/spring-rest-template-request-forgery-sinks 
Java: add more Spring RestTemplate request forgery sinks
 2026-01-15 14:23:15 +00:00
Owen Mansel-Chan
97e0b4e9fd Use parameter name to only select correct overloads 2026-01-15 10:36:03 +00:00
Anders Schack-Mulligen
9c1351c3fe Merge pull request #21149 from aschackmull/java/typeflow-partially-unbound 
Java: Add TypeFlow base case for partially unbound types.
 2026-01-13 12:31:38 +01:00
Anders Schack-Mulligen
8e2d74a7b1 Java: Add TypeFlow base case for partially unbound types. 2026-01-12 12:45:06 +01:00
Owen Mansel-Chan
d7acb75f9d Merge pull request #21055 from owen-mc/java/allow-mad-barriers 
Java: allow MaD barriers
 2026-01-09 10:27:48 +00:00
Owen Mansel-Chan
8c9318b1a0 Minor tweaks to QLDocs 2026-01-09 09:38:10 +00:00
Owen Mansel-Chan
766e908c79 Accept MaD sanitizers for existing sink kinds 2026-01-06 14:38:27 +00:00
Owen Mansel-Chan
81667d741a Rename classes for external sanitizers 2026-01-06 14:36:54 +00:00
yoff
cbc0100675 Apply suggestion from @Copilot 2025-12-16 10:11:05 +01:00
yoff
c6240e5a99 java: understand more initializers 
Whne a fiels is assigned a safe type in a constructor,
that field is not exposed.
 2025-12-16 10:11:05 +01:00
Tom Hvitved
d709343d38 Merge pull request #21011 from aschackmull/mad/shared-externalflow 
Java/C++/Go/C#: Share parts of ExternalFlow.qll
 2025-12-15 20:27:04 +01:00
Anders Schack-Mulligen
64a48e4e7b MaD: Use "namespace" instead "package" in shared code. 2025-12-12 13:57:02 +01:00
Anders Schack-Mulligen
7f8d0771df MaD: Rename file. 2025-12-12 13:50:58 +01:00
Tom Hvitved
0b81d44ec7 Rust: Apply same filtering of generated summaries as in C# and Java 2025-12-12 11:16:16 +01:00
Anders Schack-Mulligen
5bddc8d289 Go: Move Go package-grouping support into shared lib. 2025-12-12 09:17:51 +01:00
Anders Schack-Mulligen
07252519c8 Java/C++: Thread additional models through the shared lib. 2025-12-12 08:20:20 +01:00
Anders Schack-Mulligen
47dcf05a32 C++/Go/Java: Don't import top-level extensible predicates. 2025-12-12 08:20:19 +01:00
Anders Schack-Mulligen
3b334ea215 Java/C#: Share model coverage code. 2025-12-12 08:20:19 +01:00
Anders Schack-Mulligen
cb578e32ab Java: Move interpretModelForTest into shared code. 2025-12-12 08:20:17 +01:00
Anders Schack-Mulligen
4066c0d84a Java: Fix input/output naming. 2025-12-11 16:24:29 +01:00
Owen Mansel-Chan
87f58fe51a Convert regex injection barrier to MaD 2025-12-11 16:24:29 +01:00
Owen Mansel-Chan
44295e4c7d Convert XSS barrier to MaD 2025-12-11 16:24:28 +01:00
Owen Mansel-Chan
7e562f3150 Convert request forgery barrier guard to MaD 2025-12-11 16:24:28 +01:00
Owen Mansel-Chan
f6e3c77145 Convert path injection barrier to MaD 2025-12-11 16:24:27 +01:00
Owen Mansel-Chan
f6e40bd49d Convert trust boundary violation barrier and barrier guard to MaD 2025-12-11 16:24:26 +01:00
Anders Schack-Mulligen
8da65ec6d0 Java: Add support for boolean MaD barrier guards. 2025-12-11 16:24:25 +01:00
Anders Schack-Mulligen
d24b0ff596 Java: Basic support for pass-through barrier models. 2025-12-11 16:24:25 +01:00
Anders Schack-Mulligen
9cd2247b91 Java: expose support for more general BarrierGuards. 2025-12-10 12:23:52 +01:00
Anders Schack-Mulligen
ebb989962c Guards: Generalise ValidationWrapper to support GuardValue-based BarrierGuards. 2025-12-10 12:23:51 +01:00
Owen Mansel-Chan
5c8ab1f6d1 Merge pull request #20956 from owen-mc/java/improve-regex-sanitizer 
Java: improve regex sanitizer for `java/ssrf`
 2025-12-04 15:32:12 +00:00
Anders Schack-Mulligen
dc6d3fe7ba Use flowFrom. 2025-12-03 14:04:18 +01:00
Owen Mansel-Chan
a85d0ea8a3 Make tests pass 2025-12-02 17:08:16 +00:00
Owen Mansel-Chan
566aa8f201 Refactor regex sanitizer 
Move it to Sanitizers.qll and rename it to be more general (mostly
following Go).
 2025-12-02 16:04:39 +00:00
Owen Mansel-Chan
9f2a7f712a Apply suggestion from @owen-mc 2025-12-02 15:52:01 +00:00
Asger F
b8cff77cab Merge pull request #20873 from github/shared-xml-discard 
Share XML discard predicates
 2025-12-01 10:06:02 +01:00
Asger F
38a1bb0e29 Use string instead of @file in XML discards 2025-11-28 09:23:27 +01:00
Owen Mansel-Chan
992bd68d4b Use set literals #2 2025-11-28 03:48:50 +00:00
Owen Mansel-Chan
22b614ac48 Use set literals 2025-11-28 03:34:17 +00:00
Owen Mansel-Chan
62238fcbd7 Fix variable name in qldoc 2025-11-28 03:33:18 +00:00
Owen Mansel-Chan
89546cbc83 Fix qldoc inaccuracies 2025-11-28 01:09:07 +00:00
Owen Mansel-Chan
8debe49563 Correct mistake in qldoc 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-28 01:00:16 +00:00
Owen Mansel-Chan
969b0cf439 Add SSRF sinks for uriVariables arguments of more methods on Spring RestTemplate 2025-11-27 23:44:35 +00:00
Asger F
dbf14c190a Factor XML discard predicates into OverlayXml.qll 2025-11-26 11:48:32 +01:00
Owen Mansel-Chan
f0dec21b9b Merge branch 'main' into java-kotlin-sensitive-logging-substring-barriers 2025-11-25 23:24:58 +00:00
Owen Mansel-Chan
e37336d550 No need for getUnderlyingExpr to look through casts 2025-11-24 14:10:20 +00:00
Owen Mansel-Chan
d2fc6a7b5b Merge branch 'main' into java-kotlin-sensitive-logging-substring-barriers 2025-11-21 12:20:04 +00:00
Anders Schack-Mulligen
298e4cfcc5 Java: Recognize int-sized long literals. 2025-11-21 12:53:39 +01:00
Owen Mansel-Chan
ec381e4ec5 Use range analysis and improve tests 2025-11-21 10:31:50 +00:00
Anders Schack-Mulligen
30d68d8906 Java: Add missing deprecated annotations. 2025-11-21 10:14:13 +01:00