hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,255 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.2
Commit Graph

3920 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
958763edc2 Python: Add test for ClassValue.isSequence() and isMapping() 
For Python 3.6
 2020-06-09 11:55:22 +02:00
Rasmus Wriedt Larsen
baa415fec8 Python: Add points-to regression for metaclass 2020-06-08 15:03:46 +02:00
Porcupiney Hairs
424e88d318 include sugestions from review 2020-06-08 02:52:11 +05:30
Porcupiney Hairs
1ceb963d4c Python : Add support for detecting XSLT Injection 
This PR adds support for detecting XSLT injection in Python.
I have included the ql files as well as the tests with this.
 2020-06-07 03:05:50 +05:30
Rasmus Wriedt Larsen
1ff369f62d Python: Update test results for fabric.api.execute 2020-06-04 16:30:03 +02:00
Porcupiney Hairs
8c5a97170d Python : Add Xpath injection query 
This PR adds support for detecting XPATH injection in Python.
I have included the ql files as well as the tests with this.
 2020-05-28 03:15:12 +05:30
Rasmus Wriedt Larsen
6cba2fe4f8 Python: Model Django response sinks that are not vuln to XSS 
Since HttpResponse is not *only* used for XSS, it is still valuable to know the
content is send as part of the response.

The *proper* solution to this problem of not all HttpResponses being vulnerable
to XSS is probably to define a new abstract class in Http.qll called
HttpResponseXSSVulnerableSink (or similar). I would like to model a few more
libraries/frameworks before fully comitting to an approach though.
 2020-05-26 16:45:46 +02:00
Rasmus Lerchedahl Petersen
6b168de7fc Python: re, handle \Z 2020-05-26 11:42:21 +02:00
Rasmus Wriedt Larsen
c78ca2616c Merge branch 'master' into python-keyword-only-args 2020-05-26 11:20:04 +02:00
Rasmus Wriedt Larsen
9c75a39b81 Python: Extend command-injection to handle fabric.api.execute 2020-05-26 10:22:27 +02:00
Rasmus Wriedt Larsen
e04d1ffcd2 Python: Add test for fabric.api.execute 2020-05-26 10:20:22 +02:00
Rasmus Lerchedahl Petersen
f1efdee194 Python: re test with \Z 2020-05-26 08:07:13 +02:00
semmle-qlci
8146073c74 Merge pull request #3553 from RasmusWL/python-fix-tainttracking-import 
Approved by tausbn
 2020-05-25 14:18:54 +01:00
Rasmus Wriedt Larsen
f602f3e1c7 Python: Use proper import for semmle.python.dataflow.TaintTracking 
It was moved in 637677d515, but imports were not
updated.
 2020-05-25 13:45:49 +02:00
semmle-qlci
ac1a338390 Merge pull request #3407 from RasmusWL/python-add-BoundMethodValue-v2 
Approved by tausbn
 2020-05-25 12:00:45 +01:00
Taus
a2308771a3 Merge pull request #3489 from yoff/DeprecateObject 
Python: Modernise `py/missing-equals`.
 2020-05-25 10:56:16 +02:00
Rasmus Wriedt Larsen
49d7e12acd Python: Remove unnecessary restriction from getNamedArgumentForCall 
As agreed in https://github.com/github/codeql/pull/3407
 2020-05-25 10:17:37 +02:00
Rasmus Wriedt Larsen
4fc3cae646 Python: Add test for how arguments to *args and **kwargs are handled 2020-05-25 10:16:10 +02:00
Rasmus Lerchedahl Petersen
3e712be431 Python: Modernise 2020-05-25 09:00:34 +02:00
semmle-qlci
079021a3e9 Merge pull request #3453 from RasmusWL/python-flask-routed-params 
Approved by tausbn
 2020-05-20 14:47:53 +01:00
Rasmus Lerchedahl Petersen
4d6ad32f04 Python: Update test expectations. 
As ar as I can tell, all these are improvements
 2020-05-20 08:11:03 +02:00
Rasmus Wriedt Larsen
3774310985 Python: Reduce FPs in Django due to bad XSS taint-sinks 
Fixes https://github.com/github/codeql-python-team/issues/38
 2020-05-18 19:14:43 +02:00
Rasmus Wriedt Larsen
fa08676a1d Python: Proper redirect taint sinks for Django 
Also a major restructuring of the code. A bit controversial since it
renames/moves classes that are already public.

Fixes https://github.com/github/codeql/issues/3466
 2020-05-18 19:14:29 +02:00
Rasmus Wriedt Larsen
72ea4ff0dc Python: Add more tests of django responses 
They clearly shouldn't all be XSS sinks
 2020-05-18 16:56:47 +02:00
Rasmus Wriedt Larsen
8fc803fb9f Merge branch 'master' into python-keyword-only-args 2020-05-18 14:44:31 +02:00
Rasmus Lerchedahl Petersen
b56545b236 Python: Regexp: Handle repetions {n} (with no ,) 2020-05-18 14:44:11 +02:00
Rasmus Lerchedahl Petersen
60d5ba23b3 Python: Move test into appropriate class. 
Also update test expectations with changed line numbers.
 2020-05-15 13:51:51 +02:00
Rasmus Lerchedahl Petersen
1b0687e2f2 Python: update expectations correctly 2020-05-15 13:25:20 +02:00
Rasmus Lerchedahl Petersen
81a5692935 Python: handle \uxxxx and refactor 2020-05-14 21:22:21 +02:00
Rasmus Lerchedahl Petersen
21d1ea5d96 Merge branch 'boolDefault' of github.com:yoff/codeql into boolDefault 2020-05-14 16:06:58 +02:00
Rasmus Lerchedahl Petersen
1817d2af2b Make test for wrong bool type pass 2020-05-14 15:56:57 +02:00
Rasmus Lerchedahl Petersen
7b004c3746 Python: Add test for wrong exception type 2020-05-14 15:42:52 +02:00
yoff
e5eadf9126 Update python/ql/test/query-tests/Functions/general/protocols.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-05-14 07:34:53 +02:00
Rasmus Lerchedahl Petersen
de50aabd60 Python: test for unicode names 2020-05-14 07:30:29 +02:00
Rasmus Lerchedahl Petersen
f9f52b0105 Python: test for unicode in raw strings 2020-05-13 18:47:36 +02:00
Rasmus Lerchedahl Petersen
6a35c6b4d4 Test: __bool__ does not raise TypeError by default 2020-05-12 15:28:12 +02:00
Rasmus Wriedt Larsen
8150c78ae0 Python: In flask, taint routed prameters for variable rules 
Fixes https://github.com/github/codeql-python-team/issues/79
 2020-05-12 15:02:32 +02:00
Rasmus Wriedt Larsen
7d5e35a7aa Python: Expand flask tests to use "variable rules" 
which is what flask calls them. wildcard rules in bottle, django doesn't even
give them a proper term :(
 2020-05-12 14:23:24 +02:00
Rasmus Wriedt Larsen
07ae40206f Python: Don't allow getParameter(-1) for BoundMethodValue 
As per discussion in the PR
 2020-05-05 11:37:10 +02:00
Rasmus Wriedt Larsen
5d5d412b78 Python: Add test of safe methods for py/modification-of-default-value 2020-05-05 11:14:37 +02:00
Rasmus Wriedt Larsen
affca1a728 Python: Add test-cases using keyword arguments for builtin function 2020-05-05 10:26:25 +02:00
Rasmus Wriedt Larsen
838106d49c Python: Refactor get[Named]ArgumentForCall 
Also fixed a bug for BoundMethodValue, as highlighted in the expected diff 👍
 2020-05-04 20:51:23 +02:00
Rasmus Wriedt Larsen
bc92c26e12 Python: Add BoundMethodValue 2020-05-04 20:51:12 +02:00
Rasmus Wriedt Larsen
96fdb7a5b6 Python: Add tests for getParameter[byName] 
These already have results for BoundMethodValue, although

1) it's a bit strange that `getParameter(-1)` has results
2) why does `Method(Function C.n, class C)` exists? this would only be relevant
if `n` was a classmethod, but it isn't. It's not a problem that it exsits per
se, but curious.
 2020-05-04 20:51:04 +02:00
Rasmus Wriedt Larsen
e9859ad96d Python: Fix getArgumentForCall when using keyword arguments 
Yikes :|
 2020-05-04 20:50:56 +02:00
Rasmus Wriedt Larsen
acb506db21 Python: Add test for getNamedArgumentForCall 
and rename the one for getArgumentForCall
 2020-05-04 20:50:32 +02:00
Rasmus Wriedt Larsen
9ec32ee1c1 Python: Add test-cases using keyword arguments 2020-05-04 20:50:19 +02:00
Rasmus Wriedt Larsen
fc0b0221f0 Python: Add test-cases for BuiltinFunction and BuiltinMethod 2020-05-04 20:50:14 +02:00
Rasmus Wriedt Larsen
f624754390 Python: Use Value in GetACAll test 
That was not possible when using the old Object-API, but in Value-API getACall
is defined on all Values.
 2020-05-04 20:50:06 +02:00
Rasmus Wriedt Larsen
06b67e0d32 Python: Modernise test/library-tests/PointsTo/calls/* 2020-05-04 20:49:57 +02:00