hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,684 Commits 1,672 Branches 157 Tags
dd31be43e07d901bafb543c8f65be8e9b5abb364
Commit Graph

8654 Commits

Author SHA1 Message Date
Jami Cogswell
91db1be399 update Intent file 2022-10-04 12:33:24 +02:00
Jami Cogswell
960e9db2fb add missing expectation to tests 2022-10-04 12:33:24 +02:00
Tony Torralba
1857a5d311 Refactor Intent flow steps 2022-10-04 12:33:24 +02:00
Jami Cogswell
00b0a6bf38 update act tests 2022-10-04 12:33:23 +02:00
Jami Cogswell
834927c50b update tests 2022-10-04 12:33:23 +02:00
Jami Cogswell
9a7cf7db65 simplify hasName usage 2022-10-04 12:33:23 +02:00
Jami Cogswell
c7e7e24cf8 clean up files 2022-10-04 12:33:23 +02:00
Jami Cogswell
012cfebd7a resolve merge conflict 2022-10-04 12:33:23 +02:00
Jami Cogswell
da7f27a7f2 add change note 2022-10-04 12:33:23 +02:00
Jami Cogswell
66b3c4687d resolve merge conflict 2022-10-04 12:33:23 +02:00
Jami Cogswell
0a135a7f21 resolve merge conflict 2022-10-04 12:33:23 +02:00
Jami Cogswell
0f64361065 remove simple query 2022-10-04 12:33:23 +02:00
Jami Cogswell
af812cf407 fix code scanning bot warnings 2022-10-04 12:33:23 +02:00
Jami Cogswell
47fcbdd4b4 resolve merge conflict 2022-10-04 12:33:23 +02:00
Jami Cogswell
d07babe3c5 add initial framework for service and receiver test cases 2022-10-04 12:33:23 +02:00
Jami Cogswell
6cf3898101 add experimental global flow config, and clean-up some code 2022-10-04 12:33:23 +02:00
Jami Cogswell
9947b32446 resolve merge conflict 2022-10-04 12:33:23 +02:00
Jami Cogswell
11ce910c38 resolved merge conflict in FlowSources 2022-10-04 12:33:23 +02:00
Jami Cogswell
7576047214 create simple query and initial experimentation 2022-10-04 12:33:23 +02:00
Tony Torralba
9db65eae7f Address review comments 2022-10-04 12:27:01 +02:00
Tony Torralba
b8fa9433be Fix duplicated test 2022-10-04 12:27:01 +02:00
Tony Torralba
264d6db9d7 Rename AllowListGuard to AllowedPrefixGuard 2022-10-04 12:27:01 +02:00
Tony Torralba
90020b6aab Make block lists work with substring matching too 
A block list approach doesn't need to restrict itself to prefix matching
 2022-10-04 12:27:01 +02:00
Tony Torralba
69d1895175 Update java/ql/lib/semmle/code/java/security/PathSanitizer.qll 2022-10-04 12:27:01 +02:00
Tony Torralba
6fcaae20e7 Add tests and fix bugs highlighted by them 2022-10-04 12:27:01 +02:00
Tony Torralba
f19eb783be Generalize file/path taint steps 
This is needed by PathSanitizer but also helps simplify ZipSlip.ql
 2022-10-04 12:27:01 +02:00
Tony Torralba
4e29c39c78 Merge ZipSlip sanitization logic into PathSanitizer.qll 
Apply code review suggestions regarding weak sanitizers
 2022-10-04 12:27:01 +02:00
Tony Torralba
89d905cc03 Add change note 2022-10-04 12:27:01 +02:00
Tony Torralba
08c67fb174 Use PathInjectionSanitizer in relevant queries 2022-10-04 12:27:01 +02:00
Tony Torralba
dff878e531 Apply TaintedPath recent changes to TaintedPathLocal 2022-10-04 12:26:59 +02:00
Tony Torralba
5706e8b377 Improve PathSanitizer 
Rename PathTraversalSanitizer to PathInjectionSanitizer
 2022-10-04 12:26:17 +02:00
Tony Torralba
50ad234694 Move PathSanitizer to the main library 2022-10-04 12:26:17 +02:00
Tony Torralba
d5478a01ab Merge pull request #10671 from github/revert-10640-atorralba/fix-cartesian-product 
Java: Revert #10489 and #10640
 2022-10-04 12:25:46 +02:00
Chris Smowton
e29be411ef Merge pull request #9811 from smowton/smowton/feature/kotlin-jvmoverloads-annotation 
Kotlin: Implement JvmOverloads annotation
 2022-10-04 11:21:44 +01:00
Tony Torralba
2deb3e5625 Reapply "Java: Fix cartesian product" 
This reverts commit c1654ce7cc.
 2022-10-04 11:11:44 +02:00
Chris Smowton
58cb5446c3 Add cross-check to getValueParameterLabel 2022-10-04 10:04:18 +01:00
Tony Torralba
281e49daf7 Revert "Java: Add CompilationUnit.getATypeAvailableBySimpleName()" 
This reverts commit 431aa2cb79.
 2022-10-04 10:59:45 +02:00
Tony Torralba
01b950f68b Revert "Java: Rename predicate to getATypeInScope" 
This reverts commit fd99ae78b3.
 2022-10-04 10:59:43 +02:00
Tony Torralba
df29e05b9f Revert "Java: Adjust ImpossibleJavadocThrows.ql" 
This reverts commit c40b6285a2.
 2022-10-04 10:59:39 +02:00
Tony Torralba
c1654ce7cc Revert "Java: Fix cartesian product" 2022-10-04 10:56:32 +02:00
Tamas Vajk
2c467376ea Revert "Only log once the missing java-kotlin method mapping warnings" 
This reverts commit 7524f3372d.
 2022-10-04 08:54:07 +02:00
Dilan Bhalla
bff2633f8d java guidance: experimental version of exectainted 2022-10-03 11:18:17 -07:00
Ed Minnix
c6f91500f0 Update query description to better describe issue 2022-10-03 13:12:53 -04:00
Ed Minnix
52d519765a Merge ContentProvider tests into one manifest 
Merge the read-only, write-only, read-write, and full test cases into
one AndroidManifest.xml file.

Also added the not-exported test case.
 2022-10-03 12:16:45 -04:00
Ed Minnix
09077935b1 Added query change note 2022-10-03 11:30:43 -04:00
Edward Minnix III
071f082b64 Add mention of content provider in query description 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-10-03 11:21:33 -04:00
Edward Minnix III
2970e8c76a Remove redundant documentation 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2022-10-03 11:21:02 -04:00
Edward Minnix III
cfc0bb595f Documentation fix for hasIncompletePermissions 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-10-03 11:20:15 -04:00
Ian Lynagh
01fe465bdf Kotlin: Make MiniStdLib more closely match the real stdlib 2022-10-03 16:16:11 +01:00
Ed Minnix
28e7049722 Add exported requirement to ContentProvider permissions test 2022-10-03 10:52:42 -04:00