hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' of github.com:github/codeql into python/promote-regex-injection

Browse Source
This commit is contained in:
Rasmus Lerchedahl Petersen
2021-10-12 11:28:12 +02:00
parent b093aaaf27 43f7eede0b
commit 61008fd3d0
1066 changed files with 87595 additions and 6139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/change-notes/2021-08-30-port-modifying-default-query.md Normal file
View File

@@ -0,0 +1,2 @@
lgtm,codescanning
* Updated _Modification of parameter with default_ (`py/modification-of-default-value`) query to use the new data flow library instead of the old taint tracking library and to remove the use of points-to analysis. You may see differences in the results found by the query, but overall this change should result in a more robust and accurate analysis.

2
python/change-notes/2021-09-02-add-Flask-SQLAlchemy-modeling.md Normal file
View File

@@ -0,0 +1,2 @@
lgtm,codescanning
* Added modeling of SQL execution in the `Flask-SQLAlchemy` PyPI package, resulting in additional sinks for the SQL Injection query (`py/sql-injection`).

2
python/change-notes/2021-09-02-add-SQLAlchemy-modeling.md Normal file
View File

@@ -0,0 +1,2 @@
lgtm,codescanning
* Added modeling of SQL execution in the `SQLAlchemy` PyPI package, resulting in additional sinks for the SQL Injection query (`py/sql-injection`). This modeling was originally [submitted as a contribution by @mrthankyou](https://github.com/github/codeql/pull/5680).

2
python/change-notes/2021-09-02-add-SQLAlchemyTextClauseInjection.md Normal file
View File

@@ -0,0 +1,2 @@
lgtm,codescanning
* Expanded the query _SQL query built from user-controlled sources_ (`py/sql-injection`) to alert if user-input is added to a TextClause from SQLAlchemy, since that can lead to SQL injection.

3
python/change-notes/2021-10-08-add-dataflow-for-boolean-expressions.md Normal file
View File

@@ -0,0 +1,3 @@
lgtm,codescanning
* Added data-flow from both `x` and `y` to `x or y` and `x and y`, as a slight over-approximation of what is described in the
[Python Language Reference](https://docs.python.org/3/reference/expressions.html#boolean-operations).

2
python/change-notes/2021-10-08-improve-pickle-dill-shelve-modeling.md Normal file
View File

@@ -0,0 +1,2 @@
lgtm,codescanning
* Improved modeling of decoding through pickle related functions (which can lead to code execution), resulting in additional sinks for the _Deserializing untrusted input_ query (`py/unsafe-deserialization`). Now we fully support `pickle.load`, `pickle.loads`, `pickle.Unpickler`, `marshal.load`, `marshal.loads`, `dill.load`, `dill.loads`, `shelve.open`.