Tony Torralba
01a08d44bb
Apply suggestions from code review
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-10-17 14:14:38 +02:00
Geoffrey White
3b9151cb24
Swift: Restore UnknownLocation.toString(), it seems helpful.
2022-10-17 13:11:22 +01:00
Paolo Tranquilli
e49268d036
Swift: show QL class in generated tests on collapsed hierarchies
...
In those kinds of tests the results may have different final classes
that are not necessarily visible (or tested) solely through the string
representation. For better testing and reading of expected results,
`getQlPrimaryClasses` is added in these cases.
2022-10-17 14:08:04 +02:00
erik-krogh
f09e3bd3ac
add String#% as a printf like call
2022-10-17 13:51:43 +02:00
Geoffrey White
9c8bbe384b
Swift: Add Location.toString.
2022-10-17 12:48:17 +01:00
Paolo Tranquilli
c3968a2166
Merge pull request #10854 from github/redsun82/swift-extract-implicit-conversions
...
Swift: extract all `ImplicitConversionExpr`
2022-10-17 13:46:10 +02:00
Geoffrey White
4d0c23c4da
Swift: Add a test of Location.qll.
2022-10-17 12:45:26 +01:00
Chris Smowton
efd7b6e692
Use isFunction
2022-10-17 12:27:58 +01:00
Arthur Baars
f7ff2cdc0d
Merge branch 'main' into actiondispatch-response
2022-10-17 13:22:17 +02:00
erik-krogh
d4919d04ba
add a taint-step for format-calls
2022-10-17 13:16:38 +02:00
erik-krogh
f222cc1f3e
refactor the existing taint-step for string interpolation into StringFormatters.qll
2022-10-17 13:16:38 +02:00
erik-krogh
6de1abcb0e
add a returnsFormatted predicate to the printf model, similar to the JS implementation
2022-10-17 13:16:38 +02:00
erik-krogh
a2b924bbdf
move model of printf style calls to StringFormatters.qll
2022-10-17 13:16:34 +02:00
Paolo Tranquilli
789be9a1ad
Swift: add ImplicitConversionExpr test
2022-10-17 12:57:44 +02:00
Karim Ali
bbc03a1578
add false negatives to the test case
2022-10-17 12:54:34 +02:00
Karim Ali
bb3bf64364
update example with both AES and Blowfish for better clarity
2022-10-17 12:54:34 +02:00
Karim Ali
b840a41222
fix typo in doc
2022-10-17 12:54:34 +02:00
Karim Ali
e942cfb98e
fix typos in docs and in-code comments
2022-10-17 12:54:34 +02:00
Karim Ali
aef9645bd6
change use of toString() to getName()
2022-10-17 12:54:34 +02:00
Karim Ali
81e027f225
address QLDoc style comments
2022-10-17 12:54:34 +02:00
Karim Ali
d56c82ff75
add a query that detects hardcoded keys
2022-10-17 12:54:34 +02:00
Chris Smowton
be53ec9b42
Accept test changes
2022-10-17 11:48:22 +01:00
Chris Smowton
f9d65e42dd
Use compiler-provided adapter functions when creating a function reference
2022-10-17 11:48:21 +01:00
Paolo Tranquilli
e4bcea708e
Swift: extract all ImplicitConversionExpr
...
In order to do so, `VisitorBase` was changed to allow writing one
`translate` function for an abstract class like
`ImplicitConversionExpr`.
2022-10-17 12:47:05 +02:00
Chris Smowton
4c63237ed1
Add test checking argument <-> parameter matching, and fix superconstructor calls that were missing their argument.
2022-10-17 11:44:44 +01:00
Chris Smowton
8553266aae
Allow specialised instances of anonymous classes
2022-10-17 11:27:05 +01:00
Chris Smowton
73f5dea51e
Extract private members of specialised generic classes on demand
2022-10-17 11:27:04 +01:00
Chris Smowton
f1fd470f49
Merge pull request #10821 from smowton/smowton/fix/kotlin-property-ref-to-sam-interface
...
Kotlin SAM conversion: tolerate property refs used to implement a SAM interface
2022-10-17 11:25:24 +01:00
Geoffrey White
2b3ab180fa
Merge pull request #10077 from intrigus-lgtm/cpp/wexpand-commmand-injection
...
Add query for tainted `wordexp` calls.
2022-10-17 11:18:38 +01:00
erik-krogh
dbf2673a91
add returnsFormatted predicate to PrintfStyleCall (similar to JS)
2022-10-17 12:15:31 +02:00
erik-krogh
46627a737e
add an AdditionalTaintStep class for Ruby
2022-10-17 12:15:30 +02:00
Erik Krogh Kristensen
71135da7ff
Merge pull request #10768 from erik-krogh/fixFileLoops
...
JS: fix that js/file-system-race could have FPs related to loops
2022-10-17 12:01:55 +02:00
Tony Torralba
81d38132cf
Fix test expectations
2022-10-17 12:00:51 +02:00
Alex Denisov
dde51d3045
Swift: do not rely on CFStringGetLength
2022-10-17 11:46:07 +02:00
Taus
fa2faeb77b
Merge pull request #10802 from jsoref/spelling-python
...
Spelling python
2022-10-17 11:33:27 +02:00
Tony Torralba
1e4850044c
Increase precision of the URL(string:relativeTo:) models
2022-10-17 11:29:30 +02:00
Alex Denisov
0521855755
Swift: split Xcode autobuild
2022-10-17 11:24:20 +02:00
Jeroen Ketema
720efd62b0
Merge pull request #10825 from jsoref/spelling-cpp
...
Spelling cpp
2022-10-17 10:42:53 +02:00
Rasmus Lerchedahl Petersen
2a56fb5a21
python: expand TODO
2022-10-17 10:23:55 +02:00
Rasmus Lerchedahl Petersen
c4271c1125
Python: add TODO comments
2022-10-17 10:22:47 +02:00
Tony Torralba
a540aaa35b
Address alert message style violation
2022-10-17 10:22:31 +02:00
Tony Torralba
434a2a9f5d
Improve qhelp example text
2022-10-17 10:19:40 +02:00
Alex Denisov
f3ed54e7ba
Swift: only run Xcode autobuilder on macOS
2022-10-17 10:14:06 +02:00
Tony Torralba
c909b8824c
Apply suggestions from code review
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-10-17 10:12:56 +02:00
Erik Krogh Kristensen
122d188f1d
Merge pull request #10832 from erik-krogh/passRb
...
RB: add model for the `Digest` and `OpenSSL::Digest` modules
2022-10-17 10:02:33 +02:00
Tamás Vajk
85fbf4b965
Merge pull request #10767 from tamasvajk/kotlin-prop-ref-fix
...
Kotlin: adjust extracted property reference base class
2022-10-17 09:40:03 +02:00
erik-krogh
191efdf6e0
replace getMethod("new").getReturn() with getInstance()
2022-10-17 09:35:44 +02:00
Anders Schack-Mulligen
6ef5fac239
Merge pull request #10814 from aschackmull/dataflow/synth-global
...
Dataflow: Add support for synthetic global fields in MaD.
2022-10-17 08:34:26 +02:00
Arthur Baars
dbee26ecde
Merge pull request #10850 from hmac/fix-self-test
...
Ruby: Update test fixture
2022-10-17 07:23:51 +02:00
Harry Maclean
aa6c433529
Ruby: Update test fixture
...
This change is due to a8fdda65fb .
2022-10-17 09:44:32 +13:00