Commit Graph

47078 Commits

Author SHA1 Message Date
Chris Smowton
712b0d866e Merge pull request #6297 from aschackmull/java/query-metadata4
Java: More missing metadata.
2021-07-15 14:32:47 +01:00
Geoffrey White
aabb2fc3a1 C++: Tune SensitiveExprs.qll based on real TP and FP results. 2021-07-15 14:25:29 +01:00
Slavomir
498332c186 Mention Fiber.json in Fiber.qll 2021-07-15 15:15:10 +02:00
Slavomir
7d1a632b61 Move fiber spec in the same folder as source 2021-07-15 15:12:02 +02:00
Slavomir
92e0f02d2a Remove special cases inside if 2021-07-15 15:06:28 +02:00
Arthur Baars
a47002c6d8 Merge pull request #6302 from github/aibaars/drop-spaces
C# remove spurious spaces in <code> tag
2021-07-15 14:57:21 +02:00
Arthur Baars
e387d602b2 C# remove spurious spaces in <code> tag 2021-07-15 14:38:01 +02:00
Rasmus Wriedt Larsen
900cbc9a2f Merge pull request #6265 from tausbn/python-performance-fixes
Python: Fix a few performance issues.
2021-07-15 14:19:37 +02:00
Rasmus Wriedt Larsen
a5834c4d78 Python: Fix py/polynomial-redos 2021-07-15 14:16:19 +02:00
Rasmus Wriedt Larsen
76caf43b54 Python: Add tests for py/polynomial-redos 2021-07-15 14:15:44 +02:00
Rasmus Wriedt Larsen
1be0dc0876 Python: Move test for ReDoS 2021-07-15 14:15:24 +02:00
Arthur Baars
d059ec0c93 CPP: drop opaque-id properties
The undocumented @opaque-id property takes precendence over the normal @id
property and causes the SARIF output produced by CodeQL to use that ID for
rules.
2021-07-15 14:12:01 +02:00
Erik Krogh Kristensen
ae2fc7171b add a taint step through the ansi-to-html library 2021-07-15 14:04:16 +02:00
Anders Schack-Mulligen
5b7c2d133f Merge pull request #6291 from aschackmull/java/csv-synthfield
Java: Add support for synthetic fields in csv rows.
2021-07-15 13:43:56 +02:00
Anders Schack-Mulligen
9b2b593cb4 Java: More missing metadata. 2021-07-15 13:41:12 +02:00
Geoffrey White
e3e7b00986 Merge pull request #6004 from MathiasVP/path-sensitive-stack-variable-reachability-analysis
C++: Add path-sensitivity to `StackVariableReachability`
2021-07-15 12:34:33 +01:00
Erik Krogh Kristensen
aaa8969537 add sort-keys as a clone call 2021-07-15 13:16:17 +02:00
Erik Krogh Kristensen
d2c74480b9 add taint step through flatten libraries 2021-07-15 12:36:07 +02:00
Erik Krogh Kristensen
77f4d56cd9 add taint step through array-union, array-uniq, and uniq 2021-07-15 12:32:29 +02:00
Anders Schack-Mulligen
8ccdd4fb9f Merge pull request #6211 from aschackmull/dataflow/refactor-call-context-check
Dataflow: Refactor call context check
2021-07-15 12:27:23 +02:00
Tom Hvitved
caf88a2d31 C#: Remove redundant conjunct in ssaDefReachesReadWithinBlock 2021-07-15 12:25:33 +02:00
Anders Schack-Mulligen
7339bd89ba Java: Add support for synthetic fields in csv rows. 2021-07-15 12:19:34 +02:00
Joe Farebrother
0e8dd9f335 Use generated stubs 2021-07-15 11:03:51 +01:00
Joe Farebrother
af78b99475 Include stubs for javax 2021-07-15 10:58:12 +01:00
Joe Farebrother
f59ab527b4 Fix issue with nested types 2021-07-15 10:57:32 +01:00
Joe Farebrother
65ce8aa798 Fix issue with circular type bounds 2021-07-15 10:49:14 +01:00
Joe Farebrother
0577e12b97 Add consistency checks 2021-07-15 10:49:13 +01:00
Joe Farebrother
ecf130f7ae Move stubber to utils folder for consistency with test generator 2021-07-15 10:49:13 +01:00
Joe Farebrother
ddb93e8829 Fix a bug with type bounds + a few other bugs 2021-07-15 10:49:13 +01:00
Joe Farebrother
036e83a247 Fix error with implementing interfaces 2021-07-15 10:49:13 +01:00
Joe Farebrother
06d6ddc1b9 Fix issue with reporting javac output 2021-07-15 10:49:13 +01:00
Joe Farebrother
8f40a6e21e Use shlex for printing commands 2021-07-15 10:49:13 +01:00
Joe Farebrother
c850c7d079 Fix typo in comment 2021-07-15 10:49:13 +01:00
Joe Farebrother
b562bdd14f Simplify the python script 2021-07-15 10:49:12 +01:00
Joe Farebrother
f35320e85b Add explanatory comments + minor fixes 2021-07-15 10:49:12 +01:00
Joe Farebrother
cce6217e17 Apply suggestions from code review
Co-authored-by: Chris Smowton <smowton@github.com>
2021-07-15 10:49:12 +01:00
Joe Farebrother
471c140d2c Fix incorrect comment 2021-07-15 10:49:12 +01:00
Joe Farebrother
cffaa8d9a0 Improve the stubbing query to handle more language constructs correctly 2021-07-15 10:49:12 +01:00
Joe Farebrother
40bb19e4f1 Add Java stubbing script 2021-07-15 10:49:12 +01:00
Joe Farebrother
e7e432d7fd Fix incorrect row 2021-07-15 10:39:05 +01:00
Joe Farebrother
f3ab295f0f Fix up tests 2021-07-15 10:34:21 +01:00
Joe Farebrother
bbc4d4855c Move tests 2021-07-15 10:34:18 +01:00
Joe Farebrother
51045a83c2 Add change note 2021-07-15 10:33:33 +01:00
Joe Farebrother
df74a142dd Update for collection flow and add more tests 2021-07-15 10:33:33 +01:00
Joe Farebrother
8f89d748fe Add spring tests 2021-07-15 10:33:33 +01:00
Joe Farebrother
4be7e94dcc Add more spring stubs 2021-07-15 10:33:30 +01:00
Joe Farebrother
c1555b36a1 Add additional HTTP flow steps 2021-07-15 10:32:13 +01:00
Joe Farebrother
9b6213dbf0 Convert existing spring http steps to csv 2021-07-15 10:32:10 +01:00
Erik Krogh Kristensen
5ff7d208b7 add taint step through arrify 2021-07-15 11:24:50 +02:00
Erik Krogh Kristensen
e64f29fe8f add support for Array.prototype.find and polyfills 2021-07-15 11:16:06 +02:00