hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-24 02:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,477 Commits 1,693 Branches 161 Tags
744c495ac2db29c1a23ad345c2e4b9128bb71cdb
Commit Graph

1139 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
744c495ac2 Merge pull request #5824 from JLLeitschuh/feat/JLL/guava_first_non_null 
[Java] Add support for com.google.common.base.MoreObjects#firstNonNull
 2021-05-11 09:42:20 +02:00
Dave Bartolomeo
f85aff869c Java: Fix PR feedback 2021-05-10 16:37:23 -04:00
Dave Bartolomeo
d9f243d18a Java: Fix QLDoc for Container.toString() 
Fixes #5828

The QLDoc was just too specific about the default implementation. I've improved the wording.
 2021-05-08 11:14:02 -04:00
Tony Torralba
b69be30b88 Fix imports as suggested in code review 2021-05-07 11:07:06 +02:00
Tony Torralba
8af7f4a484 New sinks and test cases 2021-05-06 09:18:49 +02:00
Tony Torralba
215118c7ea Fixes in QLDocs and imports 2021-05-06 09:18:49 +02:00
Tony Torralba
720b5d6da3 Refactored sto use CSV sink model. Also, added more sinks 2021-05-06 09:18:49 +02:00
Tony Torralba
ab62bb66f4 Consider second parameter of Node.selectNodes 2021-05-06 09:18:49 +02:00
Tony Torralba
d72dd9b861 javax.xml.xpath.XPath is an interface 2021-05-06 09:18:49 +02:00
Tony Torralba
2bb2baf6f7 Support more methods that evaluate XPath expressions 2021-05-06 09:18:49 +02:00
Tony Torralba
3705970bfd Refactored XPath.qll to remove redundant classes and restrict visibility 2021-05-06 09:18:49 +02:00
Tony Torralba
d739a8cac2 Moved configuration from XPath.qll back to XPath Injection query 2021-05-06 09:18:48 +02:00
Tony Torralba
ee269fbc69 Added missing doc comments 2021-05-06 09:18:48 +02:00
Tony Torralba
fb3e56eac8 Fix imports and stubs so that tests pass 2021-05-06 09:18:48 +02:00
Tony Torralba
a62997463f Remove unused imports; use set literals in hasName 2021-05-06 09:18:48 +02:00
Tony Torralba
ed5619498c WIP: XPath Injection promotion 2021-05-06 09:18:48 +02:00
Jonathan Leitschuh
dfad1fc740 [Java] Add support for com.google.common.base.MoreObjects#firstNonNull 2021-05-03 12:58:00 -04:00
intrigus
08731fc6cf Fix typo. 2021-04-29 20:26:34 +02:00
Anders Schack-Mulligen
404a6c1506 Merge pull request #5805 from smowton/smowton/admin/spring-setter-method-docs 
Document `SpringProperty::getSetterMethod`.
 2021-04-29 15:10:58 +02:00
Anders Schack-Mulligen
c78285e557 Merge pull request #5784 from Marcono1234/marcono1234/switch-expr-stmt-parent 
Java: Add StmtParent as superclass of SwitchExpr
 2021-04-29 15:02:05 +02:00
Chris Smowton
2787c2f874 Document SpringProperty::getSetterMethod. 2021-04-29 12:28:26 +01:00
Tom Hvitved
37377644c9 Merge pull request #5781 from hvitved/java/predictable-seed-df6 
Java: Use separate data-flow copy for `PredictableSeedFlowConfiguration`
 2021-04-27 19:01:55 +02:00
Tamás Vajk
4cc88662e2 Merge pull request #5557 from tamasvajk/feature/java-sinks-csv 
Java: convert sinks to CSV
 2021-04-27 15:58:09 +02:00
Marcono1234
05ce49adaf Java: Add StmtParent as superclass of SwitchExpr 
Database type `@stmtparent` already includes `@switchexpr`, this commit merely
changes the class SwitchExpr to also accordingly extend StmtParent.
 2021-04-27 15:17:55 +02:00
Tom Hvitved
017beb6786 Java: Use separate data-flow copy for PredictableSeedFlowConfiguration 2021-04-27 10:07:33 +02:00
Anders Schack-Mulligen
bc8c55836a Merge pull request #5743 from aschackmull/java/flow-summary-tweaks 
Java/C#: Move a couple of flow summary tweaks to the shared implementation.
 2021-04-23 13:46:04 +02:00
Tamás Vajk
cb28bc80b7 Merge branch 'main' into feature/java-sinks-csv 2021-04-22 11:41:18 +02:00
Tamas Vajk
7134eb9079 Improve documentation of csv sink models 2021-04-22 11:37:41 +02:00
Tamas Vajk
1caa5c4780 Adjust hostname verifier sink identifier name 2021-04-22 11:22:18 +02:00
Tamas Vajk
6c78a247f2 Revert erroneous refactoring in header splitting sink base class 2021-04-22 11:20:39 +02:00
Tamas Vajk
9b1c54e81b Add argument indices to HTTP header splitting sinks 2021-04-22 11:17:25 +02:00
Tamas Vajk
180904e9f6 Revert "Java: Convert Google HTTP client API parseAs sink to CSV format" 
This reverts commit 3e53484bb3.
 2021-04-22 11:14:51 +02:00
Owen Mansel-Chan
fea9f5f431 Merge pull request #5746 from owen-mc/java/refactor-exec-tainted 
Make ExecTainted easier to extend
 2021-04-22 10:14:28 +01:00
Owen Mansel-Chan
8a01799fb8 Make imports private 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-04-22 09:46:49 +01:00
Owen Mansel-Chan
4b8d4f5bbd Update docs 2021-04-22 09:30:50 +01:00
Owen Mansel-Chan
e448dcb725 Avoid bad join order 
We want to avoid joining on `i` first.
 2021-04-22 09:30:49 +01:00
Owen Mansel-Chan
9f1704560b Include constructors in abstract class 2021-04-22 09:30:48 +01:00
Chris Smowton
94f0a1532d Merge pull request #5682 from smowton/smowton/docs/fix-has-modifier-comment 
Fix documentation of Modifier.qll
 2021-04-21 15:41:29 +01:00
Owen Mansel-Chan
9c72e73a82 Make ExecTainted easier to extend 
To add a method that executes a command, you can now define a class
extending ExecMethod.
 2021-04-21 14:55:37 +01:00
Anders Schack-Mulligen
f9599da32d Java/C#: Move a couple of flow summary tweaks to the shared implementation. 2021-04-21 14:24:15 +02:00
Anders Schack-Mulligen
9362ae0687 Merge pull request #5422 from tamasvajk/feature/sink-migration-ldap 
Java: Migrate LDAP injection sinks to CSV format
 2021-04-21 10:05:28 +02:00
Tamas Vajk
583513bafd Fix review findings 2021-04-20 16:28:47 +02:00
Anders Schack-Mulligen
80eb0a2df6 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-04-19 15:45:58 +02:00
Anders Schack-Mulligen
7d84cfacef Java: Add MapKeyContent and MapValueContent. 2021-04-19 14:06:27 +02:00
Anders Schack-Mulligen
39862740e0 Java: Convert support for fluent interfaces. 2021-04-19 14:06:27 +02:00
Anders Schack-Mulligen
60965b0d8c Java: Adjust some csv models. 2021-04-19 14:02:19 +02:00
Anders Schack-Mulligen
a27dac029f Java: Use shared flow summary library for csv models. 2021-04-19 14:02:19 +02:00
Chris Smowton
bd3b3178ba Fix documentation of Modifier.qll 2021-04-15 09:16:51 +01:00
Anders Schack-Mulligen
f43d427875 Merge pull request #5645 from Marcono1234/marcono1234/primary-ql-class 
Java: Override getAPrimaryQlClass() for more classes
 2021-04-14 14:51:29 +02:00
Chris Smowton
591ac38c31 Merge pull request #5591 from Marcono1234/marcono1234/member-nested-type 
Java: Add MemberType
 2021-04-14 12:29:54 +01:00