hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,000 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.3
Commit Graph

39 Commits

Author SHA1 Message Date
Michael Nebel
2321ca59f6 Python: Update all test util paths to point to the new location. 2024-12-12 13:54:30 +01:00
Jeroen Ketema
c3ea883b11 Python: Update expected test results 2024-12-03 19:18:57 +01:00
Marcono1234
1ad08efe08 Python: Support a (ASCII) inline regex flag 2024-01-26 22:18:49 +01:00
Rasmus Wriedt Larsen
55f5b26ba6 Python: Accept new ordering of query predicates in .expected 2023-11-15 10:09:54 +01:00
Rasmus Lerchedahl Petersen
68cd422788 Python: Fix test expectations 2023-08-25 11:27:53 +02:00
Geoffrey White
f07f97a94e Python: Accept test changes. I think these reflect the 'parse mode chars should not be considered chars' issue. 2023-08-24 10:52:52 +01:00
Jeroen Ketema
dba4460526 Python: Update more inline expectation tests to use the paramterized module 2023-06-20 10:16:15 +02:00
erik-krogh
ffa3425195 rename away from deprecated alias in test-files 2023-05-01 10:42:14 +02:00
Calum Grant
a1d229e445 Python: Remove references to LGTM 2022-12-19 15:15:32 +00:00
Arthur Baars
5044f89105 Ruby/Python re-introduce normalCharacterSequence 2022-02-25 18:43:43 +01:00
Arthur Baars
69ed121ecb Ruby/Python: regex parser: group sequences of 'normal' characters 2022-02-22 16:15:33 +01:00
Nick Rolfe
df6ba43cca Python: treat \A, \Z, \b, \B as special chars, not escapes 2021-11-19 15:49:53 +00:00
Rasmus Lerchedahl Petersen
c08f94ec04 Python: Fix parsing of octal escapes 2021-08-11 15:01:26 +02:00
Rasmus Lerchedahl Petersen
34b054ff53 Python: Add consistency checks 2021-08-11 14:58:27 +02:00
Rasmus Lerchedahl Petersen
651f8abba0 Python: Avoid multiple results for toString 2021-06-30 14:39:49 +02:00
yoff
c19522e921 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-06-30 11:49:45 +02:00
Rasmus Lerchedahl Petersen
fbfe415162 Python: Limit test files 2021-06-29 11:18:24 +02:00
Rasmus Lerchedahl Petersen
21007d21f4 Python: track if qualifiers allow unbounded 
repeats. This in preparation for ReDoS
 2021-06-28 17:04:48 +02:00
Rasmus Lerchedahl Petersen
74ca1d00b9 Python: More precise regex parsing 2021-06-28 17:04:48 +02:00
Rasmus Lerchedahl Petersen
e5f07cc4d3 Python: inline test of regex components 
- Added naive implementation of `charRange` so the test can run.
- Made predicates public as needed.
 2021-06-28 17:04:48 +02:00
Taus Brock-Nannestad
404649d5f1 Python: Get rid of superfluous options file 2021-02-24 11:24:43 +01:00
Taus Brock-Nannestad
af644a0adb Python: Decrease import depth in regex tests 
These were increased because of the indirection needed to get to the
regex flags, but as we no longer rely on this, we can make do with a
smaller import depth.
 2021-02-24 10:23:01 +01:00
Taus Brock-Nannestad
e812eb777d Python: Port URL sanitisation queries to API graphs 
Really, this boils down to "Port `re` library model to use API graphs
instead of points-to", which is what this PR actually does.

Instead of using points-to to track flags, we use a type tracker. To
handle multiple flags at the same time, we add additional flow from

`x` to `x | y` and `y | x`

and, as an added bonus, the above with `+` instead of `|`, neatly
fixing https://github.com/github/codeql/issues/4707

I had to modify the `Qualified.ql` test slightly, as it now had a
result stemming from the standard library (in `warnings.py`) that
points-to previously ignored.

It might be possible to implement this as a type tracker on
`LocalSourceNode`s, but with the added steps for the above operations,
this was not obvious to me, and so I opted for the simpler
"`smallstep`" variant.
 2021-02-23 22:02:35 +01:00
Rasmus Wriedt Larsen
014fbfa86b Python: Add regex FP with + for flags 
Notice that there is no new results for line 54

I also added a test for the short-named version of a flag, just since I didn't
see any of those already. That just works out of the box (due to points-to).
 2020-11-27 14:57:11 +01:00
Taus Brock-Nannestad
f07a7bf8cf Python: Autoformat everything using qlformat. 
Will need subsequent PRs fixing up test failures (due to deprecated
methods moving around), but other than that everything should be
straight-forward.
 2020-07-07 15:43:52 +02:00
Rasmus Lerchedahl Petersen
f6c59abcd9 Merge branch 'master' of github.com:github/codeql into UnmatchableDollar 
to make CodeScan happy
 2020-06-24 11:04:07 +02:00
Rasmus Wriedt Larsen
c0043eb9db Python: Don't treat re.escape(...) as a regex 
Fixes https://github.com/github/codeql/issues/3712
 2020-06-15 11:54:14 +02:00
Rasmus Wriedt Larsen
7601bd497e Python: Add tests for re.escape FP 2020-06-15 11:34:42 +02:00
Rasmus Lerchedahl Petersen
4d6ad32f04 Python: Update test expectations. 
As ar as I can tell, all these are improvements
 2020-05-20 08:11:03 +02:00
Taus Brock-Nannestad
87a9f51c78 Python: Autoformat all .ql files. 2020-03-30 11:59:10 +02:00
Rasmus Wriedt Larsen
f10a86d3ac Python: Remove --optimize: true from options files 
Tests will be run with optimizations on by default now.
 2020-02-25 15:52:00 +01:00
Taus Brock-Nannestad
f9c002e441 Python: Support short mode flags (e.g. re.M) in regexes. 2019-08-22 14:53:58 +02:00
Mark Shannon
88f9685d40 Merge rc/1.21 into master 2019-07-18 16:40:32 +01:00
Mark Shannon
c6ae06f1df Python: modernize regex library to use new points-to. 2019-07-18 14:16:57 +01:00
Mark Shannon
347e3f3bd0 Python regex: Fix handling of character sets where first character in set is '['. 2019-06-26 10:55:47 +01:00
Mark Shannon
01a2add73b Python: Internal points-to extension enhancement. Use it handle re module constants. 2019-01-21 14:38:07 +00:00
Mark Shannon
33a2315ba0 Python tests: Increase import depth to ensure sre_constants module is imported. 2019-01-11 12:15:56 +00:00
Mark Shannon
a5b79e92a5 Python: Fix off-by-one error in regex parsing. 2018-12-03 16:50:47 +00:00
Mark Shannon
05b69a1c0f QL tests for Python queries and libraries. 2018-11-19 15:15:54 +00:00