Joe Farebrother
b96edb9c64
Add Sensitive Result Receiver query
2023-01-12 11:44:39 +00:00
Geoffrey White
418d593a97
Swift: Replace NumericOrCharType with a more basic NumericType, and rename classes for consistency with other static languages.
2023-01-12 11:43:20 +00:00
Geoffrey White
d0eb167d47
Swift: Merge FloatingPointType.qll into NumericOrCharType.qll, because it is a numeric type and other stuff like CharacterType is there.
2023-01-12 11:42:36 +00:00
Geoffrey White
4e5483744f
Swift: Add a test case we're discussing.
2023-01-12 10:52:03 +00:00
Michael Nebel
48d0eccbf6
Go: Cleanup and renaming.
2023-01-12 11:13:34 +01:00
Michael Nebel
3749a1bd4d
Go: Migrate unit tests to use data extensions for Models as Data.
2023-01-12 11:13:33 +01:00
Michael Nebel
218f553fef
Go: Convert remaining CSV production models to use data extensions.
2023-01-12 11:13:33 +01:00
Michael Nebel
ebb3485a73
Go: Use the extensible predicates for model definitions.
2023-01-12 11:13:33 +01:00
Michael Nebel
5fd687d3df
Go: Add MaD related extensible predicates.
2023-01-12 11:13:33 +01:00
Michael Nebel
0f993a0d26
Go: Prepare library for adding extensions.
2023-01-12 11:13:28 +01:00
Mathias Vorreiter Pedersen
1ae52b6c7e
C++: Speedup 'MissingCheckScanf'.
2023-01-12 10:13:02 +00:00
Paolo Tranquilli
4f5f0aad45
Merge branch 'main' into redsun82/swift-open-redirection
2023-01-12 10:54:04 +01:00
Michael Nebel
18a815ca8b
Merge pull request #11721 from michaelnebel/csharpjava/refactorprovenance
...
C#/Java: Re-factor provenance related predicates.
2023-01-12 10:50:31 +01:00
yoff
006eaf3e2a
Merge pull request #11088 from yoff/python/inline-query-tests
...
Python: Inline query tests
2023-01-12 10:32:26 +01:00
Geoffrey White
994ea704da
Swift: Clean up the QL a little.
2023-01-12 09:31:48 +00:00
Jami Cogswell
fd593fd4f0
Java: undo changes to tests that were affected by numeric-flow summary models
2023-01-11 22:34:19 -05:00
Harry Maclean
33a1469a56
Ruby: Add change note
2023-01-12 16:29:00 +13:00
Jami Cogswell
ce74c9d959
Java: Date models as neutral
2023-01-11 22:15:41 -05:00
Jami Cogswell
6bb865ad05
Java: make numeric flow models neutral
2023-01-11 18:04:43 -05:00
Henning Makholm
1d4b2fd0bb
Merge pull request #11870 from github/hmakholm/pr/mergeback-2.12.0
...
Merge codeql-cli-2.12.0 back to main
2023-01-11 23:51:56 +01:00
Harry Maclean
8219465389
Ruby: fix missing doc
2023-01-12 11:35:35 +13:00
Harry Maclean
0626d693f5
Ruby: Recognise rack applications
...
This is a basic first step in modelling rack apps. We recognise classes
that look like rack applications and then treat the argument to `call`
in the same way that we treat `request.env` in ActionController classes.
This finds a TP in CVE-2021-43840.
2023-01-12 11:28:31 +13:00
Pierre
4e1f772f23
Merge pull request #11702 from github/turbo/experimental/combined
...
Introduce the security-experimental CodeQL suite and experimental tag
2023-01-11 20:37:42 +01:00
Geoffrey White
6a0b56bf40
Swift: Fix for extensions.
2023-01-11 18:32:07 +00:00
Geoffrey White
2622de9747
Swift: Improve Core Data coverage.
2023-01-11 18:26:34 +00:00
Geoffrey White
82f9903bf0
Swift: Additional test cases for swift/cleartext-storage-database on Core Data.
2023-01-11 18:22:32 +00:00
Jami Cogswell
0c7ffb0554
Java: update System.getProperty model
2023-01-11 12:04:22 -05:00
Pierre
c3116b3f0f
Merge branch 'main' into turbo/experimental/combined
2023-01-11 18:02:55 +01:00
Jami Cogswell
2a99af0e6d
Java: remove summary model for String.endsWith
2023-01-11 10:58:46 -05:00
Jami Cogswell
99ee6c95a1
Java: remove models for Consumer.accept and Collectors.toMap
2023-01-11 10:44:38 -05:00
Jami Cogswell
ac064ac2a7
Java: remove model for Collectors.joining
2023-01-11 10:30:49 -05:00
Michael Nebel
7e4f7a0c17
C#: Address review comments and sync files.
2023-01-11 16:29:24 +01:00
Michael Nebel
67cbe38255
Sync files.
2023-01-11 16:20:55 +01:00
Michael Nebel
8112058a0a
Java: Adapt TopJdpApi library to the re-factor.
2023-01-11 16:20:55 +01:00
Michael Nebel
372ecf402f
Go: Delete unused summaryModel predicate.
2023-01-11 16:20:55 +01:00
Michael Nebel
80a4197604
Swift: Re-factor provenance related predicates for summarized callable.
2023-01-11 16:20:55 +01:00
Michael Nebel
c01361a1fd
Ruby: Re-factor provenance related predicates for summarized callable.
2023-01-11 16:20:55 +01:00
Michael Nebel
59a9e255c7
Python: Re-factor provenance related predicates for summarized callable.
2023-01-11 16:20:55 +01:00
Michael Nebel
6622eda04c
Go: Re-factor provenance related predicates for summarized callable.
2023-01-11 16:20:55 +01:00
Michael Nebel
6a047d6916
Java: Re-factor provenance related predicates for summarized callable.
2023-01-11 16:20:55 +01:00
Michael Nebel
ea173f9516
Sync files.
2023-01-11 16:20:55 +01:00
Michael Nebel
7422029e49
C#: Re-factor provenance related predicates for summarized callable.
2023-01-11 16:20:48 +01:00
Michael Nebel
4b47b08ed2
Merge pull request #11760 from michaelnebel/movemodelgenerator
...
C#/Java: Move the modelgenerator.
2023-01-11 16:02:36 +01:00
Tony Torralba
c6d9e1ec81
Merge pull request #11742 from atorralba/atorralba/swift/more-path-injection-sinks
...
Swift: Add more path injection sinks
2023-01-11 15:15:42 +01:00
Tony Torralba
c115a9fee4
Add more path injection sinks
2023-01-11 14:28:24 +01:00
Tony Torralba
5d54482c71
Merge pull request #11770 from atorralba/atorralba/ql/omittable-exists
...
QL: Add OmittableExists query
2023-01-11 14:27:40 +01:00
Michael Nebel
11ca3f49f6
C#/Java: Adjust imports after moving files.
2023-01-11 13:13:33 +01:00
Michael Nebel
787b4743ee
C#/Java: Rename the directories containing the model generator and tests.
2023-01-11 13:13:33 +01:00
Michael Nebel
178fd0e9e1
C#/Java: Remove all dashes in mode-generator.
2023-01-11 13:13:33 +01:00
erik-krogh
6914e9a17a
Merge branch 'main' into atorralba/ql/omittable-exists
2023-01-11 13:09:38 +01:00
