hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-21 06:57:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,332 Commits 1,712 Branches 163 Tags
f94055fa2c66afa2a06cc80a2ef4be5a9eedf540
Commit Graph

970 Commits

Author SHA1 Message Date
intrigus
f94055fa2c Move tainted path ad-hoc guard back. 2020-07-19 00:19:29 +02:00
intrigus
33526f61a8 Make path creation subclasses private. 2020-07-19 00:11:04 +02:00
intrigus
b705f7f3e9 Improve "PathCreation" Test. 2020-07-19 00:10:39 +02:00
intrigus
4570444c7e Rename to getAnInput and clarify doc. 2020-07-19 00:10:13 +02:00
intrigus
641c5df79f Centralize and model additional path creations. 2020-07-09 14:48:47 +02:00
Anders Schack-Mulligen
777dc6305c Merge pull request #3893 from aibaars/set-map-list-copy-of 
Java: model some new Set,List,Map methods
 2020-07-09 10:18:12 +02:00
Arthur Baars
e8f216c761 Merge remote-tracking branch 'upstream/master' into set-map-list-copy-of 2020-07-08 15:11:13 +02:00
Anders Schack-Mulligen
bf5c5297d3 Merge pull request #3897 from aibaars/util-objects 
Java: data flow for `java.util.Objects`
 2020-07-08 15:07:50 +02:00
Anders Schack-Mulligen
b88ebd69c1 Java: Fix OgnlInjection qltest 2020-07-08 14:12:27 +02:00
Anders Schack-Mulligen
a4fe4f41b9 Java: Fix JndiInjection qltest 2020-07-08 14:09:08 +02:00
Anders Schack-Mulligen
581d496167 Java: Fix LdapInjection qltest 2020-07-08 14:04:01 +02:00
Arthur Baars
72a24972e7 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-07-08 13:30:24 +02:00
Anders Schack-Mulligen
48e4759632 Merge branch 'master' into java/spring-3653-2 2020-07-08 13:06:51 +02:00
semmle-qlci
6ef7288848 Merge pull request #3922 from aschackmull/java/stub-cleanup 
Approved by aibaars
 2020-07-08 12:04:39 +01:00
Anders Schack-Mulligen
b38839e84e Merge pull request #3920 from Marcono1234/patch-3 
Improve VariableAssign.getSource documentation
 2020-07-08 10:25:13 +02:00
Anders Schack-Mulligen
6eac8e82a3 Java: Consolidate spring-ldap-2.3.2 stubs. 2020-07-08 10:08:44 +02:00
Anders Schack-Mulligen
40b9d34ab9 Java: Consolidate springframework-5.2.3 stubs 2020-07-08 09:57:48 +02:00
Anders Schack-Mulligen
c166fee198 Merge pull request #3894 from aibaars/util-arrays 
Java: model taint for java.util.Arrays
 2020-07-08 09:06:40 +02:00
Marcono1234
00a61816c0 Improve VariableAssign.getSource documentation 2020-07-07 22:37:58 +02:00
Arthur Baars
940fec5669 Drop taint tracking for Arrays.{deepToString,toString} 2020-07-07 17:26:49 +02:00
Arthur Baars
583f7f914e Drop taint tracking for Arrays.{setAll, parallelSetAll, parallelPrefix} 2020-07-07 17:22:30 +02:00
Arthur Baars
9cf6601d02 Java: Data flow for java.util.Objects 2020-07-07 16:58:22 +02:00
Anders Schack-Mulligen
993506d781 Merge pull request #3820 from Marcono1234/patch-2 
Add missing java.nio.file.Files methods to FileReadWrite.qll
 2020-07-07 10:29:17 +02:00
Marcono1234
0a9686709b Fix wrong method name 2020-07-06 18:52:07 +02:00
Anders Schack-Mulligen
f98460cfd0 Java: Use SpringHttpEntity class. 2020-07-06 16:54:20 +02:00
Anders Schack-Mulligen
ae21de90b6 Java: Misc grammar and formatting. 2020-07-06 16:19:42 +02:00
Anders Schack-Mulligen
b06d1c715a Java: More qldoc and some formatting. 2020-07-06 16:04:14 +02:00
Marcono1234
6ff8508d01 Java: Clarify documentation for Location predicate results 2020-07-06 15:46:11 +02:00
Anders Schack-Mulligen
5e9e7feddc Java: Add some qldoc and minor formatting. 2020-07-06 15:39:20 +02:00
Anders Schack-Mulligen
e6658c5110 Java: Cleanup TaintTrackingUtil.qll 2020-07-06 15:35:16 +02:00
Anders Schack-Mulligen
5d8f9a79f1 Java: Misc grammar fixes. 2020-07-06 14:50:33 +02:00
Anders Schack-Mulligen
a80e663ab5 Java: Minor typo fix and autoformat 2020-07-06 14:43:01 +02:00
Anders Schack-Mulligen
2ce0921935 Java: Clean up SpringHttp.qll 2020-07-06 14:35:53 +02:00
Anders Schack-Mulligen
2ae15f9ace Java: Remove list, map, and StringReplaceMethod flow steps. 2020-07-06 14:19:13 +02:00
Anders Schack-Mulligen
a41c2d8abf Java: Make a few predicates private and autoformat SpringController. 2020-07-06 14:18:16 +02:00
Arthur Baars
d2734b2903 Merge pull request #3684 from aschackmull/java/javadoctag-qldoc 
Java: Improve qldoc for JavadocTag.
 2020-07-06 11:42:04 +02:00
Arthur Baars
98d24101b1 Merge pull request #3687 from aschackmull/java/getanenclosingstmt 
Java: Add Expr.getAnEnclosingStmt.
 2020-07-06 11:41:21 +02:00
Marcono1234
f8e474f89a Add missing java.nio.file.Files methods to FileReadWrite.qll 2020-07-05 18:39:26 +02:00
Arthur Baars
19a481f809 Java: Arrays: add tests 2020-07-03 17:15:17 +02:00
Arthur Baars
0b89efbee4 Java: model Arrays::addList 2020-07-03 17:15:17 +02:00
Arthur Baars
a07af79fff Java: model java.util.Arrays 2020-07-03 17:15:17 +02:00
Arthur Baars
1485f7c876 Java: model some new Set,List,Map methods 
Models the taint propagation for the copyOf(..),
of(..), ofEntries(..) and entry(..) methods
 2020-07-03 17:14:53 +02:00
Arthur Baars
c629f6b13a Merge pull request #3869 from aibaars/util-collections 
Java: model java.util.Collections
 2020-07-03 17:09:14 +02:00
Arthur Baars
5fff41f35b Don't track taint on Map keys 2020-07-03 14:47:25 +02:00
Anders Schack-Mulligen
6de612a566 Java: Split SpringWebRequestGetMethod into its own class. 2020-07-03 14:06:54 +02:00
Arthur Baars
5f2a5f1b55 Java: Collections: add tests 2020-07-02 19:18:02 +02:00
Arthur Baars
21a4b8d6c0 Java: remove useless casts 2020-07-02 13:03:15 +02:00
Arthur Baars
d80bf3395f Add Navigable variants and sort method names 2020-07-02 13:02:38 +02:00
Arthur Baars
e7b495e7d3 Java: model Collections::addAll 2020-07-02 12:38:22 +02:00
Arthur Baars
5cf5c77b09 Java: model java.util.Collections 2020-07-02 12:25:55 +02:00