hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,688 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.0
Commit Graph

551 Commits

Author SHA1 Message Date
Geoffrey White
cdcee5cc75 Swift: Add high-level CryptoSwift sinks. 2023-04-11 19:59:43 +01:00
Geoffrey White
539f8f0f70 Swift: Add mid-level CryptoSwift sinks and prevent duplication that results. Overall this doesn't give us any new results in tests, but makes paths shorter, and in the real world I expect it to add reliability. 2023-04-11 19:54:55 +01:00
Geoffrey White
51a62b54ee Swift: Add low-level CryptoSwift sinks. 2023-04-11 19:54:48 +01:00
Geoffrey White
d299d92025 Swift: Prevent potentially misleading duplicate results. 2023-04-11 19:39:09 +01:00
Geoffrey White
4995f13234 Swift: Add tests for swift/weak-sensitive-data-hashing on CryptoSwift. 2023-04-11 18:46:38 +01:00
Jeroen Ketema
cb8568f6fd Swift: Rewrite PathInjection to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
a45f381ab9 Swift: Rewrite CleartextLogging to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
0ff607c930 Swift: Rewrite XXEQuery to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
70d0e987c4 Swift: Rewrite PredicateInjection to use DataFlow::ConfigSig 2023-04-03 16:19:30 +02:00
Geoffrey White
4d3fc02d7e Merge pull request #11965 from geoffw0/realmfix 
Swift: Test and fix missing swift/cleartext-storage-database results
 2023-04-03 14:02:18 +01:00
Geoffrey White
33b041242d Swift: Recognize Core Data + Realm sources via type aliases. 2023-03-31 10:44:01 +01:00
Paolo Tranquilli
33b4d2d653 Swift: add SuccessfullyExtractedLines query 
This counts how many lines we have extracted some entity in. If we test
changes in this, we can have a more fine grained look into how much we
actually extract than looking at the extracted files.
 2023-03-31 10:02:19 +02:00
Geoffrey White
daa8141414 Swift: Add test case. 2023-03-30 16:16:40 +01:00
Geoffrey White
beb7d9d7a1 Swift: Test layout change. 2023-03-30 16:13:42 +01:00
Mathias Vorreiter Pedersen
e3e68b7753 Merge pull request #12642 from geoffw0/modernstring 
Swift: Modernize the swift/string-length-conflation query
 2023-03-29 14:55:40 +01:00
Geoffrey White
28998ccafe Merge pull request #12471 from geoffw0/dbsinks2 
Swift: Better sinks for swift/cleartext-storage-database
 2023-03-27 12:51:13 +01:00
Geoffrey White
9529bc5f09 Swift: The regressed test is not realistic, update it to be more like what really happens. 2023-03-23 10:52:58 +00:00
Geoffrey White
e266132f0a Swift: Replace sinks with (extendable) CSV. 2023-03-23 10:45:29 +00:00
Geoffrey White
879dea2984 Swift: Additional test cases. 2023-03-23 10:38:52 +00:00
Geoffrey White
a4e9d38abb Swift: Fix the test regression. 2023-03-22 16:44:29 +00:00
Geoffrey White
cbe5243c89 Swift: Accept test regressions. :( 2023-03-22 16:24:32 +00:00
Geoffrey White
1f8a165611 Swift: Add a couple of extra test cases. 2023-03-20 10:58:58 +00:00
Alex Denisov
7c15527300 Swift: add a query showing successfully extracted files 2023-03-17 11:27:03 +01:00
Geoffrey White
170fde5bc0 Swift: Add some more test cases. 2023-03-16 12:53:06 +00:00
Geoffrey White
bfbd3d95f9 Swift: Clean up the result message. 2023-03-14 16:03:55 +00:00
Geoffrey White
ffa279e87b Swift: Add additional taint steps into fields. 
ed
 2023-03-09 17:17:42 +00:00
Geoffrey White
da338c26ba Swift: Add a few more test cases for sensitive data. 2023-03-09 11:39:22 +00:00
Geoffrey White
2d889304bb Swift: Some cases in the SqlInjection test are fixed by this. 2023-03-03 16:49:13 +00:00
Geoffrey White
417d175ff2 Merge branch 'main' into nsstring 2023-02-17 11:32:40 +00:00
Geoffrey White
c692a316b0 Swift: Add new results found in UncontrolledFormatString test. 2023-02-17 10:07:32 +00:00
Geoffrey White
cb11524dde Merge pull request #12154 from geoffw0/pathinjectionext 
Swift: More path injection sinks
 2023-02-16 16:00:31 +00:00
Geoffrey White
ad85b37585 Swift: Tidy up indenting. 2023-02-10 18:06:56 +00:00
Geoffrey White
d0efbbf5b8 Swift: More path injection models. 2023-02-10 18:02:50 +00:00
Geoffrey White
82f09b8511 Swift: More path injection test cases. 2023-02-10 17:55:06 +00:00
Geoffrey White
15b8aa1979 Swift: Effect on other tests :) 2023-02-10 14:16:48 +00:00
Geoffrey White
996536b08e Swift: Remove a no-longer-needed special case from swift/unsafe-js-eval. 2023-02-06 17:35:21 +00:00
Geoffrey White
364c173fc3 Swift: Accept additional taint flow in UnsafeJsEval test. 2023-02-03 19:21:10 +00:00
Geoffrey White
794ba428a7 Merge pull request #11942 from geoffw0/rncrypt4 
Swift: add RNCryptor sinks to swift/static-initialization-vector
 2023-01-27 14:33:06 +00:00
Geoffrey White
e92a5eb467 Merge pull request #11911 from geoffw0/rncrypt2 
Swift: Add RNCryptor sinks to swift/hardcoded-key
 2023-01-25 15:11:16 +00:00
Geoffrey White
f6fe627f4b Merge pull request #11914 from geoffw0/rncrypt3 
Swift: Add RNCryptor sinks to swift/constant-salt
 2023-01-25 13:05:33 +00:00
Geoffrey White
f05be77a0b Swift: Recognize more array sources. 2023-01-20 15:25:00 +00:00
Geoffrey White
7648e8f6a3 Swift: Recognize more sources. 2023-01-20 15:08:12 +00:00
Geoffrey White
581c478872 Swift: Model RNCryptor. 2023-01-20 14:50:23 +00:00
Geoffrey White
bb59d055ff Swift: Add tests for RNCryptor library. 2023-01-20 14:50:21 +00:00
Geoffrey White
5d6f2436e4 Merge branch 'main' into coredata 2023-01-18 13:39:02 +00:00
Geoffrey White
71c1ca53a9 Merge branch 'main' into rncrypt 2023-01-18 11:09:09 +00:00
Geoffrey White
a568d0af7f Swift: Remove unused variable. 2023-01-17 18:10:02 +00:00
Geoffrey White
b3d30bfc4f Swift: Add NumberLiteral sources as well. 2023-01-17 18:04:26 +00:00
Geoffrey White
d1cfdb97ee Swift: Model RNCryptor. 2023-01-17 17:55:52 +00:00
Geoffrey White
a92e1c7ea0 Swift: Add tests for RNCryptor library. 2023-01-17 17:31:49 +00:00