hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

804 Commits

Author SHA1 Message Date
Ian Lynagh
c20ee76826 Kotlin: Give fields a Kotlin type 
This meant refactoring the EnumEntry extraction a bit. The IR doesn't
give us a type for fields, so we have to make it up based on the parent.
 2022-05-10 19:51:00 +01:00
Ian Lynagh
976cc31c7a Kotlin: Add support for string templates 2022-05-10 19:50:59 +01:00
Ian Lynagh
ba335b0c69 Kotlin: Add StmtExpr 
In some contexts, Kotlin has what we would call a Stmt inside what we
would call an Expr. This allows us to handle this case.
 2022-05-10 19:50:59 +01:00
Ian Lynagh
ba7a7535e9 Kotlin: Add support for more type operators 2022-05-10 19:50:58 +01:00
Ian Lynagh
d247e4fcff Kotlin: WhenBranch isn't postorder 2022-05-10 19:50:58 +01:00
Ian Lynagh
c4880cc935 Kotlin: Fix handling of non-true conditions 2022-05-10 19:50:58 +01:00
Ian Lynagh
7f3ae94d73 Tweak the WhenExpr CFG and QL class 2022-05-10 19:50:58 +01:00
Ian Lynagh
715a92c602 Kotlin: Add CFG for when expressions 2022-05-10 19:50:58 +01:00
Ian Lynagh
14a10564f3 Kotlin: Fix File locations, and fromSource/hasSourceLocation for Kotlin code 2022-05-10 18:46:01 +01:00
Ian Lynagh
cd41d5b9cf Kotlin: Add KotlinType to exprs 2022-05-10 18:46:01 +01:00
Ian Lynagh
1bce9a131a Kotlin: Towards KotlinType support 2022-05-10 18:46:01 +01:00
Tamas Vajk
1a6d693618 Implement review findings + fix ID of nested types 2022-05-10 18:46:00 +01:00
Tamas Vajk
8dff527a0e WIP: type arg extraction 2022-05-10 18:46:00 +01:00
Tamas Vajk
ab77ed085f Add QL classes and tests for comments 2022-05-10 18:45:59 +01:00
Tamas Vajk
5aac46f20f Fix DB relation names to use plurals 2022-05-10 18:45:58 +01:00
Tamas Vajk
bf4fb13326 Revert extracting this and this@TYPE parameters 2022-05-10 18:45:58 +01:00
Tamas Vajk
3bfc93daab Add ExtensionMethod class 2022-05-10 18:45:58 +01:00
Tamas Vajk
32a61c16cb Add break/continue QL and tests 2022-05-10 18:45:58 +01:00
Tamas Vajk
9889f49560 Add QL for ::class expression, and add test 2022-05-10 18:45:58 +01:00
Ian Lynagh
598a2f8cb0 Kotlin: Record compilation and extraction times 2022-05-10 18:45:56 +01:00
Ian Lynagh
651847d202 Java/Kotlin: Enhance 'compilations' support 2022-05-10 18:45:56 +01:00
Ian Lynagh
a64fedf764 Kotlin: When expressions 2022-05-10 18:45:54 +01:00
Michael Nebel
9a45949e8c Merge pull request #9044 from michaelnebel/csharp/flowsummariestest 
C#: Flow summaries test should print, whether a summary is generated or not.
 2022-05-09 10:06:19 +02:00
Michael Nebel
76fd424795 C#: Turn isAutogenerated predicate into a predicate without result. 2022-05-09 07:30:06 +02:00
Tony Torralba
ca2959cf37 Merge pull request #8537 from atorralba/atorralba/unsafe_android_access_improvs 
Java: Improvements to UnsafeAndroidAccess
 2022-05-05 16:46:54 +02:00
Michael Nebel
2dc35c123a Java/Ruby: Sync files. 2022-05-05 13:08:55 +02:00
Tom Hvitved
66a9759329 Merge pull request #8870 from hvitved/dataflow/expect-content 
Data flow: Introduce `expectsContent`
 2022-05-05 09:01:40 +02:00
Tom Hvitved
8e33653d25 Merge pull request #9017 from hvitved/dataflow/subpaths-perf 
Data flow: Speedup `subpaths` predicate
 2022-05-04 16:37:52 +02:00
Tom Hvitved
9cb63c0a5e Data flow: Sync files 2022-05-04 14:49:26 +02:00
Tony Torralba
8601137602 Fix bad join order by moving WebViewRef::getAnAccess from callsites into predicates 2022-05-04 11:58:47 +02:00
Tony Torralba
3b1210eacb Update java/ql/lib/semmle/code/java/security/UnsafeAndroidAccess.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-05-04 10:53:31 +02:00
Tony Torralba
49259a6575 Remove everything related to WebView CSV models 
This reverts commit c6c72eb.
 2022-05-04 10:53:31 +02:00
Tony Torralba
dce11f3984 Removed unnecessary imports 2022-05-04 10:53:30 +02:00
Tony Torralba
f5e72e6e33 Remove getUnderlyingExpr 2022-05-04 10:53:30 +02:00
Tony Torralba
7ba5a032ce Add tests and stubs for the new sources and flow steps 2022-05-04 10:53:30 +02:00
Tony Torralba
b678467e9d Move things around 2022-05-04 10:53:30 +02:00
Tony Torralba
d68311e26d Consider implicit this accesses in WebViewRef 2022-05-04 10:53:30 +02:00
Tony Torralba
51dfebf4c9 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-05-04 10:53:29 +02:00
Tony Torralba
91bdb4299f Improvements to UnsafeAndroidAccess 2022-05-04 10:53:29 +02:00
Tony Torralba
b876431950 Merge pull request #8706 from luchua-bc/java/unsafe-get-resource 
Java: CWE-552 Add sources and sinks to to detect unsafe getResource calls in Java EE applications
 2022-05-04 10:12:28 +02:00
Tom Hvitved
74e99302d6 Address review comments 2022-05-04 09:57:59 +02:00
Tom Hvitved
da72ba46d4 Data flow: Add stub expectsContent for all languages 2022-05-04 09:57:59 +02:00
Tom Hvitved
6e2e8440eb Data flow: Sync files 2022-05-04 09:57:59 +02:00
Tony Torralba
02822c6284 Merge pull request #9013 from atorralba/atorralba/private-externalflow-imports 
Java: Make more ExternalFlow imports private
 2022-05-03 16:02:09 +02:00
Tony Torralba
9c92454fa7 Merge pull request #8872 from atorralba/atorralba/android-widget-flowstep 
Java: Add Editable.toString flow step
 2022-05-03 15:27:52 +02:00
Tom Hvitved
e9c8f979f9 Data flow: Sync files 2022-05-03 11:46:51 +02:00
Anders Schack-Mulligen
249f771fad Merge pull request #8952 from cklin/fix-ql-comments-syntax 
Fix syntax errors in QL comments
 2022-05-03 11:15:56 +02:00
Tony Torralba
c66e583aea Make more ExternalFlow imports private 2022-05-03 10:31:29 +02:00
Anders Schack-Mulligen
86516b157b Merge pull request #8884 from JLLeitschuh/feat/JLL/additional-file-taint-flow 
Java: Add additional `File` taint value flow models
 2022-05-02 16:30:45 +02:00
Jonathan Leitschuh
c8e0d7f847 Summary model for File should include overriden methods 2022-04-29 14:51:26 -04:00