hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 12:16:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,611 Commits 1,672 Branches 157 Tags
ea4c2e432100cb15e4ad5448d02c36153a6f9f95
Commit Graph

7754 Commits

Author SHA1 Message Date
Tamas Vajk
cb3c53dee7 Kotlin: Add test case for unexpected vararg extraction error 2022-09-06 11:32:24 +02:00
Tony Torralba
b94e0d3e69 Merge pull request #10251 from atorralba/atorralba/implicit-pendingintent-sinks 
Java: Add new AlarmManager sinks to Use of implicit PendingIntents
 2022-09-06 11:31:27 +02:00
Tamás Vajk
5f841f71db Merge pull request #10291 from tamasvajk/kotlin-fix-array-set 
Kotlin: Fix array `set` operator extraction
 2022-09-06 09:01:05 +02:00
Tamas Vajk
1c21ce0ec4 Kotlin: Lookup getter methods based on special JVM method mapping 2022-09-05 16:02:25 +02:00
Tamas Vajk
6a90db9b30 Kotlin: List diagnostics for special getter method extraction 2022-09-05 16:00:40 +02:00
Ian Lynagh
b38ad13f82 Merge pull request #10268 from tamasvajk/kotlin-local-function-comments 
Kotlin: fix doc comment extraction for local functions
 2022-09-05 13:35:01 +01:00
erik-krogh
a86a940df7 add getRepr() and toString() on RelevantState 2022-09-05 13:27:34 +02:00
Erik Krogh Kristensen
0162bc3c77 use RelevantState inside the lastStartState predicate 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-09-05 11:22:12 +02:00
Tamas Vajk
6f7f760682 Kotlin: Fix array set operator extraction 2022-09-05 10:20:07 +02:00
Tamas Vajk
608f99bd0d Kotlin: Add test case for various array set operator overloads 2022-09-05 10:19:57 +02:00
Tamas Vajk
37500d274a Accept failing consistency test 2022-09-05 08:58:38 +02:00
erik-krogh
c38062ce93 convert RelevantState to a class in the PrefixConstruction module 2022-09-02 20:26:31 +02:00
Tamas Vajk
7daf53fd99 Add regenerated models after rebase 2022-09-02 16:32:42 +02:00
Tamas Vajk
2138e491a5 Add change note 2022-09-02 16:12:22 +02:00
Tamas Vajk
8c5d220dc0 Add optional friendly name parameter to MaD generator 2022-09-02 16:12:22 +02:00
Tamas Vajk
5004a5fb60 Fix failing external model tests 2022-09-02 16:12:22 +02:00
Tamas Vajk
09e62058ae Generate negative summaries 2022-09-02 16:12:22 +02:00
Tamas Vajk
9fad42b25d Kotlin: Add manual model for Array.withIndex 2022-09-02 16:12:21 +02:00
Tamas Vajk
bb82bcabbe Kotlin: move and rename KotlinStdLib.qll to kotlin/StdLib.qll 2022-09-02 16:12:21 +02:00
Tamas Vajk
8c7fdb969d Kotlin: Regenerating StdLib models with already existing models 2022-09-02 16:12:21 +02:00
Tamas Vajk
a144fa06dc Kotlin: Add generated MaD for stdlib 2022-09-02 16:12:21 +02:00
Tamas Vajk
57d861337b Kotlin: Add dataflow tests for stdlib calls 2022-09-02 16:12:21 +02:00
Tamas Vajk
71cce9cf28 Kotlin: Extract error expression for enumValues<T> calls 2022-09-02 15:42:05 +02:00
Tamas Vajk
fd0d2ad767 Kotlin: Add test for enumValues call with type parameter 2022-09-02 15:40:03 +02:00
Michael Nebel
5511bc8e28 Java/Ruby/Swift: Sync files. 2022-09-02 15:17:24 +02:00
Ian Lynagh
07b3b15528 Merge pull request #10221 from tamasvajk/kotlin-internal 
Kotlin: Change `Modifiable::isPublic` to not cover Kotlin `internal` members
 2022-09-02 11:51:56 +01:00
Tamas Vajk
c77f573a8e Kotlin: fix doc comment extraction for local functions 2022-09-02 10:47:08 +02:00
Tamas Vajk
46c52aeaae Kotlin: Add test for doc comment on local functions 2022-09-02 10:45:08 +02:00
Tamas Vajk
bea0ce9ff9 Fix review findings 2022-09-02 09:20:20 +02:00
Erik Krogh Kristensen
6cee635cb5 Merge pull request #10180 from erik-krogh/fixTags 
Add missing security tags
 2022-09-02 08:04:57 +02:00
Ian Lynagh
710ba3cb14 Merge pull request #10257 from igfoo/igfoo/hasModifier 
Java: Correct hasModifier documentation
 2022-09-01 15:49:06 +01:00
Edoardo Pirovano
8f332714f4 Merge pull request #10260 from github/edoardo/3.7-mergeback 
Merge `rc/3.7` into `main`
 2022-09-01 15:44:17 +01:00
Tamas Vajk
e66d2dddb6 Fix review findings 2022-09-01 14:07:27 +02:00
Ian Lynagh
7ed18f1b32 Java: Correct hasModifier documentation 2022-09-01 11:52:07 +01:00
Tamas Vajk
a5415c9c8a Kotlin: Fix array indexer extraction 2022-09-01 11:12:14 +02:00
Tamas Vajk
afeea64078 Kotlin: Add test case for overloaded array get 2022-09-01 11:09:44 +02:00
Tony Torralba
04c230b128 Docs fixes 2022-09-01 09:57:32 +02:00
Tony Torralba
5d9f366ac5 Add change note 2022-09-01 09:53:46 +02:00
Tony Torralba
bee4e4b40a Add new AlarmManager sinks 2022-09-01 09:47:58 +02:00
Ian Lynagh
7dc5bdafe3 Merge pull request #10186 from github/post-release-prep/codeql-cli-2.10.4 
Post-release preparation for codeql-cli-2.10.4
 2022-08-31 17:29:57 +01:00
Tamás Vajk
bf7437fd2e Merge pull request #10224 from tamasvajk/kotlin-comment-fixes 
Kotlin: Fix issues in comment extraction
 2022-08-31 14:22:09 +02:00
Anders Schack-Mulligen
784eef3f2c Java: Support SCCs in TypeFlow. 2022-08-31 13:20:00 +02:00
Michael Nebel
1cb6d78d35 Merge pull request #10170 from michaelnebel/java/models-io 
Java: Update models for commons-io and add negative models.
 2022-08-31 11:05:09 +02:00
Tony Torralba
2ec53bf78c Merge pull request #9873 from luchua-bc/java/permissive-dot-regex 
Java: CWE-625 Query to detect regex dot bypass
 2022-08-31 10:24:18 +02:00
luchua-bc
e2e87980cc Move pattern check to MatchRegexConfiguration::isSink 2022-08-30 22:48:12 +00:00
Ed Minnix
6485e73cd3 Added documentation for providesMainIntent pred 2022-08-30 13:00:44 -04:00
Ed Minnix
500a6f3b86 Add check for files which provide the app launcher 
Adds support for filtering which applications include the
`android.intent.action.MAIN` intent.
 2022-08-30 12:54:26 -04:00
Ed Minnix
b5c54f5a3b Add check for android:allowBackup explicitly set 
`android:allowBackup` has a default value of `true`. So we want to flag
any file which explicitly sets it.
 2022-08-30 12:53:12 -04:00
Erik Krogh Kristensen
72942afe3e Merge pull request #10220 from erik-krogh/overlapsWithNothing 
print a correct range for ranges that doesn't contain any alpha-numeric chars
 2022-08-30 15:38:34 +02:00
Tamas Vajk
9ced14672d Kotlin: Assign container class as the owner of init block comments 2022-08-30 15:37:55 +02:00