hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,003 Commits 1,671 Branches 157 Tags
e58b90ef1c670308976b6e901b202a4c4ab665a3
Commit Graph

3455 Commits

Author SHA1 Message Date
Chris Smowton
9c4a50503c Allow local interfaces 
Java 16 permits enums and interfaces to be declared method-locally. Enums are already classes, but interfaces are not (in dbscheme terms), so we need to permit isLocalClass to tag them like it already does classes.
 2021-09-02 14:51:45 +01:00
Tom Hvitved
c3ecae503b Data flow: Sync files 2021-09-01 19:58:47 +02:00
Benjamin Muskalla
ee8958ba03 Fix nodes for local taint test 2021-09-01 15:55:59 +02:00
Benjamin Muskalla
c1d34d7d6f Move Strings to lib 2021-09-01 15:55:39 +02:00
Benjamin Muskalla
190bf90bc8 Replace stringbuilder step with model 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
7ddf7ff211 Track taint from concatenated string 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
d178fe4e5d Fix failing tests 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
93bc8aa7b2 Fix tests to take trim into account 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
7be179cf6c Mark String constructor as propagating taint 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
3928ffd30d Support CharSequence#subSequence 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
b7e608abc9 Model string builder APIs 2021-09-01 15:41:14 +02:00
Benjamin Muskalla
dab626270d Convert Objects API to csv model 2021-09-01 15:41:14 +02:00
Benjamin Muskalla
5df5805d36 Convert strings to summary model 2021-09-01 15:41:14 +02:00
Benjamin Muskalla
e0d978fd58 Migrate String constructor to model 2021-09-01 15:41:13 +02:00
Chris Smowton
c92b7828cb Merge pull request #6580 from smowton/smowton/admin/guava-models-mistakes 
Fix minor mistakes in old Guava models
 2021-08-31 19:44:23 +01:00
Sauyon Lee
7156dee270 Merge pull request #6521 from sauyon/java/test-gen-improvements 
Java: generate more realistic tests
 2021-08-31 10:06:08 -07:00
Chris Smowton
7977d9c253 Fix minor mistakes in old Guava models 
Also add tests for the affected functions
 2021-08-31 15:26:09 +01:00
Chris Smowton
b38a23daee Fix test cases featuring primitive arrays 
Previously we couldn't print the name of types like `byte[]` for example.
 2021-08-31 15:12:47 +01:00
Chris Smowton
f94d8c341d Abbreviate multi-column min 2021-08-31 11:57:49 +01:00
Chris Smowton
510f5abb9a Add missing qldoc 2021-08-31 11:56:03 +01:00
Chris Smowton
5dddc48e60 autoformat 2021-08-31 11:53:13 +01:00
github-actions[bot]
b28e956dd2 Add changed framework coverage reports 2021-08-30 00:08:31 +00:00
Sauyon Lee
adcb90aa8c fixup generateflowtestcase chaneg 2021-08-27 11:25:03 -07:00
Sauyon Lee
23b9028d2c Correctly determine which support method definitions are required 2021-08-27 11:25:03 -07:00
Sauyon Lee
04e04b3031 Use array allocation syntax 2021-08-27 11:25:03 -07:00
Sauyon Lee
97faeb026f Fix side of stack that gen method types are used 2021-08-27 11:25:03 -07:00
Sauyon Lee
119de6c60c Replace type variables before attempting to match to an array generation 2021-08-27 11:25:03 -07:00
Sauyon Lee
9d66761eeb Consider a callable to ambiguous if it has a varargs parameter 2021-08-27 11:25:02 -07:00
Sauyon Lee
0d174f2daf Only include support methods and imports from working test cases 2021-08-27 11:25:02 -07:00
Sauyon Lee
2132ee52d5 Restrict the size of appliesTo for default methods 2021-08-26 08:02:21 -07:00
Sauyon Lee
abf3bbbe8d Add qldoc for public elements 2021-08-26 08:02:21 -07:00
Sauyon Lee
e7611ab641 Move getCall and appliesTo to relevant classes 2021-08-26 08:02:21 -07:00
Sauyon Lee
ce8d14e6ef Add a priority predicate for test generation support methods 2021-08-26 08:02:21 -07:00
Sauyon Lee
1bd5eb5120 Use if statement instead of manual disjuction 2021-08-26 08:02:21 -07:00
Sauyon Lee
73d6177477 Java test gen: make char zero '\0' 2021-08-26 08:02:20 -07:00
Chris Smowton
2b0f6a2723 Java: Generate more realistic tests 2021-08-26 08:02:20 -07:00
Chris Smowton
33c727e6b9 Split up GenerateFlowTestCase.qll 
This doesn't change any behaviour or alter any predicate bodies
 2021-08-26 08:02:19 -07:00
Chris Smowton
7a0555ecb3 Merge pull request #6357 from artem-smotrakov/static-iv 
Java: Static initialization vector
 2021-08-26 13:45:43 +01:00
Benjamin Muskalla
9ca3b4661a Fix return value for requireNonNullElse 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-26 14:03:55 +02:00
Benjamin Muskalla
8abb9fb045 Replace Objects model 2021-08-26 12:06:56 +02:00
Benjamin Muskalla
4e2c148e80 Model Objects API as CSV 2021-08-26 12:06:47 +02:00
Fosstars
1dd4bf00ac Simplify StaticInitializationVectorSource 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-26 09:42:23 +02:00
Artem Smotrakov
23e2322635 Simplify ArrayUpdate 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-25 19:43:43 +02:00
Artem Smotrakov
f41828e5db Better qldoc in StaticInitializationVectorQuery.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-08-25 19:38:33 +02:00
Fosstars
f97c8bb049 Removed sanitizer in StaticInitializationVectorConfig 2021-08-25 12:40:48 +02:00
Fosstars
86b7b2b86d Updated qldoc for ArrayUpdate 2021-08-25 12:14:36 +02:00
Fosstars
c80a1da483 Don't consider copyOf() and clone() in ArrayUpdate 2021-08-25 12:11:34 +02:00
Andrew Eisenberg
8f73c6968a Merge pull request #6542 from github/aeisenberg/pack/move-external 
Java: Move the ExternalArtifact.qll module to the library pack
 2021-08-24 16:07:26 -07:00
yo-h
2b4635c4e0 Merge pull request #6539 from smowton/smowton/admin/downgrade-sql-unescaped 
Downgrade precision of java/concatenated-sql-query
 2021-08-24 17:22:01 -04:00
Andrew Eisenberg
7f3066cd64 Java: Move the ExternalArtifact.qll module to the library pack 2021-08-24 13:01:02 -07:00