hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,734 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.0
Commit Graph

549 Commits

Author SHA1 Message Date
Geoffrey White
cf7f355fc4 Swift: Additional test cases. 2023-10-12 17:11:56 +01:00
Geoffrey White
e2a8569940 Swift: Clean up indentation. 2023-10-12 13:05:20 +01:00
Geoffrey White
8f852f2e7d Swift: Turn sink models into flow summary models, where appropriate. 2023-10-12 12:57:05 +01:00
Geoffrey White
09974b5176 Swift: Extend sink models. 2023-10-12 09:17:04 +01:00
Geoffrey White
0e4cd7f52f Swift: Additional test cases. 2023-10-11 18:37:24 +01:00
Geoffrey White
48ee4add08 Merge branch 'main' into sqlpathinject3 2023-10-10 08:54:44 +01:00
Geoffrey White
62b0ebf2fe Merge pull request #14407 from geoffw0/grdbsinks 
Swift: Add sinks for the GRDB database library to swift/hardcoded-key
 2023-10-09 12:58:17 +01:00
Geoffrey White
c492b5f2dd Swift: Model sinks. 2023-10-07 23:19:09 +01:00
Geoffrey White
8bf6fd67d1 Swift: Add a test for GRDB hardcoded key sinks. 2023-10-07 23:07:32 +01:00
Geoffrey White
676179620a Swift: Get sqlite3 C API results (model Data.withUnsafeBytes, Data.withUnsafeMutableBytes, permit flow out of collections at the query sink) 2023-10-06 18:26:20 +01:00
Geoffrey White
bc9d8cc40f Swift: Get another SQLite.swift result. 2023-10-06 18:26:20 +01:00
Geoffrey White
691665fca8 Swift: Add models for SQLite.swift. 2023-10-06 18:26:19 +01:00
Geoffrey White
9a628d4165 Swift: Add test for sqlite3 C API. 2023-10-06 18:26:18 +01:00
Geoffrey White
8006996f46 Swift: Add test for SQLite.swift. 2023-10-06 18:26:18 +01:00
Geoffrey White
7ddece1560 Swift: Update .expected after merge. 2023-10-05 16:20:56 +01:00
Geoffrey White
6bea7f89a8 Merge branch 'main' into sqlpathinject2 2023-10-05 16:15:37 +01:00
Geoffrey White
b5ff104a00 Swift: Naive model for regular expression evaluations through NSString and StringProtocol methods. 2023-10-04 19:19:29 +01:00
Geoffrey White
0f1711fe1e Swift: Test insertMany. 2023-10-02 23:04:07 +01:00
Geoffrey White
bbd3c66d5a Swift: Update for CollectionContent. 2023-10-02 20:32:24 +01:00
Geoffrey White
81b358a711 Swift: Replace a similar additional taint step in another query. 2023-10-02 20:19:40 +01:00
Geoffrey White
27bdee8058 Swift: Replace additional taint step with implict read. 
Now that we have array content, this is a more principled approach than having a special case data step.
 2023-10-02 20:19:30 +01:00
Geoffrey White
49d47a3da4 Merge pull request #14209 from geoffw0/regexport 
Swift: Port regex mode flag fix from Python to Swift
 2023-09-26 15:41:10 +01:00
Geoffrey White
51ed824adf Swift: Add more SQLite.swift models. 2023-09-25 20:30:59 +01:00
Geoffrey White
6be01eac04 Swift: Add implict read steps for dictionary content. 2023-09-25 20:30:59 +01:00
Geoffrey White
4350060b0f Swift: Add SQLite.swift models. 2023-09-25 20:30:59 +01:00
Geoffrey White
839b9635b9 Swift: Effect of fixing string interpolation bug. 2023-09-25 20:30:58 +01:00
Geoffrey White
16ae637238 Swift: Add sqlite3 models. 2023-09-25 20:30:48 +01:00
Geoffrey White
4245a38de9 Swift: Add SQLite.swift and sqlite3 C API test cases for swift/cleartext-storage-database. 2023-09-25 20:30:48 +01:00
Geoffrey White
32a2930c2f Swift: Accept bad tag filter test fixes. 2023-09-19 14:47:56 +01:00
Geoffrey White
2983295ba3 Swift: Add numeric barrier for uncontrolled format string query. 2023-09-19 14:33:23 +01:00
Geoffrey White
903b0f5bab Swift: Add numeric barrier for the SQL Injinjection query. 2023-09-19 14:33:23 +01:00
Geoffrey White
ee9a5c751c Swift: Add numeric barrier for to the JS eval query. 2023-09-19 14:33:22 +01:00
Geoffrey White
158008ac4f Swift: New results in tests. 2023-09-19 13:08:08 +01:00
Geoffrey White
535a69cd8b Merge branch 'main' into logfix 2023-09-13 19:01:52 +01:00
Geoffrey White
e109892388 Merge pull request #14189 from geoffw0/protocol2 
Swift: Consistent additional taint steps between the cleartext-* queries
 2023-09-13 18:44:20 +01:00
Geoffrey White
200d9a4dfb Swift: Port regex mode flag character fix from Python. 2023-09-13 18:19:02 +01:00
Geoffrey White
df60f560a2 Swift: Add demonstrative test case. 2023-09-13 18:11:40 +01:00
Geoffrey White
3bf0d66d6c Merge pull request #13906 from geoffw0/commandinject2 
Swift: Add tests and develop command injection query
 2023-09-13 08:59:06 +01:00
Geoffrey White
ae0fcf791b Swift: Expand the additional taint step from the cleartext storage database query to the other sensitive data queries. 2023-09-11 22:25:17 +01:00
Geoffrey White
aa5820c061 Swift: Add some test cases. 2023-09-11 19:33:37 +01:00
Geoffrey White
1cde183005 Merge branch 'main' into logfix 2023-09-11 13:14:58 +01:00
Geoffrey White
3fd5de83cb Merge branch 'main' into sqlpathinject 2023-09-11 12:42:49 +01:00
Mathias Vorreiter Pedersen
6a21fa04cd Merge pull request #14034 from geoffw0/hostname 
Swift: New query: Incomplete regular expression for hostnames
 2023-08-30 11:33:36 +01:00
Geoffrey White
1805b070dc Swift: Adapt the IncompleteHostnameRegex test for Swift. 2023-08-23 13:04:48 +01:00
Geoffrey White
6fb1058e73 Swift: Copy IncompleteHostnameRegex query from JS. 2023-08-23 08:46:13 +01:00
Geoffrey White
f7776f812c Swift: 'good enough' fix for UnsafeJsEval flow. 2023-08-21 18:30:30 +01:00
Geoffrey White
6ef6be7291 Swift: UnsafeJSEval regression. 2023-08-21 11:28:48 +01:00
Geoffrey White
8f2e2a6155 Swift: Fix array content sinks for swift/cleartext-logging. 2023-08-16 08:43:50 +01:00
Geoffrey White
b4595d8b92 Swift: Model getVaList, correct NSLogv sink for swift/cleartext-logging. 2023-08-15 22:05:58 +01:00
Geoffrey White
b2d3d465f0 Swift: Add more missing details to the URL model (along with a change from the SetContent PR, this fixes the test failures we were getting). 2023-08-07 20:15:50 +01:00