hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,671 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

28 Commits

Author SHA1 Message Date
Nora Dimitrijević
895a8fcb0f Swift: convert CleartextLogging test to .qlref 2025-06-24 14:58:08 +02:00
Geoffrey White
c89be6a1de Swift: Refine the heuristic (mostly narrower). 2023-11-21 13:49:53 +00:00
Geoffrey White
5bbc61e83c Swift: Add a few more test cases. 2023-11-21 11:32:40 +00:00
Geoffrey White
b4b78a1bce Swift: Minor corrections. 2023-11-20 19:29:35 +00:00
Geoffrey White
3cecf69818 Swift: Fix spurious results for 'login' functions. 2023-11-20 18:38:47 +00:00
Geoffrey White
aa93165d24 Swift: Add heuristic sinks. 2023-11-20 18:38:47 +00:00
Geoffrey White
d91c5c0486 Swift: Model NSException sinks. 2023-11-20 18:38:46 +00:00
Geoffrey White
7e02c05164 Swift: Address the sprintf case. 2023-11-20 18:38:46 +00:00
Geoffrey White
835967a33e Swift: Fix for autoclosure sinks. 2023-11-20 18:15:16 +00:00
Geoffrey White
795f16ba56 Swift: Model 'printf' variants as cleartext logging sinks. 2023-11-20 18:15:06 +00:00
Geoffrey White
b348dc2a32 Swift: Extend cleartext logging tests (test cases). 2023-11-20 18:11:52 +00:00
Geoffrey White
2a69b03092 Swift: Extend cleartext logging tests (stubs). 2023-11-20 18:11:41 +00:00
Geoffrey White
e2a8569940 Swift: Clean up indentation. 2023-10-12 13:05:20 +01:00
Geoffrey White
8f852f2e7d Swift: Turn sink models into flow summary models, where appropriate. 2023-10-12 12:57:05 +01:00
Geoffrey White
09974b5176 Swift: Extend sink models. 2023-10-12 09:17:04 +01:00
Geoffrey White
0e4cd7f52f Swift: Additional test cases. 2023-10-11 18:37:24 +01:00
Geoffrey White
535a69cd8b Merge branch 'main' into logfix 2023-09-13 19:01:52 +01:00
Geoffrey White
ae0fcf791b Swift: Expand the additional taint step from the cleartext storage database query to the other sensitive data queries. 2023-09-11 22:25:17 +01:00
Geoffrey White
aa5820c061 Swift: Add some test cases. 2023-09-11 19:33:37 +01:00
Geoffrey White
8f2e2a6155 Swift: Fix array content sinks for swift/cleartext-logging. 2023-08-16 08:43:50 +01:00
Geoffrey White
b4595d8b92 Swift: Model getVaList, correct NSLogv sink for swift/cleartext-logging. 2023-08-15 22:05:58 +01:00
Geoffrey White
00cd347117 Swift: Add more heuristic expressions. 2023-06-02 10:42:52 +01:00
Geoffrey White
bc57e464e5 Swift: Add some more test cases. 2023-06-02 10:42:51 +01:00
Tony Torralba
49a41c98ee Test that hashed passwords are 'safe' to log 
This doesn't seem completely right, but the heuristic approach we have regarding sensitive expressions has to draw the line somewhere.
 2023-01-09 18:01:07 +01:00
Tony Torralba
7e0869965c Uncomment tests 2023-01-09 18:01:07 +01:00
Tony Torralba
c1f19dd145 Add stub so that tests work on Linux 2023-01-09 18:01:07 +01:00
Tony Torralba
b203a9eb6e Add a sanitizer for OSLogPrivacy options 
Add test cases to verify how the sanitizer behaves depending on the argument type and the privacy option being used.
 2023-01-09 18:01:07 +01:00
Tony Torralba
aad56097ac Add Cleartext Loggin query for Swift. 
With some caveats: see TODO comments and failing tests.
 2023-01-09 18:01:07 +01:00