3977 Commits

Author	SHA1	Message	Date
Mark Shannon	992ee2f150	Python points-to: Fix up some test results.	2019-05-10 16:03:27 +01:00
Mark Shannon	2db0bd9483	Python: Remove obsolete tests.	2019-05-10 13:04:43 +01:00
Mark Shannon	39861597e5	Python points-to: Fix up handiling of metaclasses, new-style and type-heirarchy failure analysis.	2019-05-10 13:02:36 +01:00
Mark Shannon	bbf7ff9a3f	Python: do pruning in QL.	2019-05-09 17:58:36 +01:00
Rasmus Lerchedahl Petersen	b5b2d56bfa	Add pythagorean query	2019-05-01 13:16:40 +02:00
Mark Shannon	65a30ab392	Adjust a couple of query tests to work with latest points-to.	2019-04-29 14:28:51 +01:00
Mark Shannon	abf0347fce	Python points-to: Split strings into bytes and unicode.	2019-04-26 16:21:47 +01:00
Mark Shannon	48c0cbe51a	Python: improve handling of __all__	2019-04-26 16:21:47 +01:00
Mark Shannon	3bb61e7410	Python points-to: Improve handling of subscripts and sequence inequalities.	2019-04-26 16:21:47 +01:00
Mark Shannon	f51a2d9ec4	Python points-to: Fix up test-evaluate for ABCs and tests involving type().	2019-04-26 16:21:47 +01:00
Mark Shannon	2ea204f7f9	Python points-to: Fix up failedInference predicate.	2019-04-26 16:21:47 +01:00
Mark Shannon	2aa967ae8e	Remove redundant tests.	2019-04-26 16:21:47 +01:00
Mark Shannon	4145b19671	Python points-to: update some test results.	2019-04-26 16:21:47 +01:00
Mark Shannon	ddc4ada130	Python points-to: Handle subclassing of ABCs.	2019-04-26 16:21:47 +01:00
Mark Shannon	989d587617	Python points-to: Fix support for backwards compatible extensions.	2019-04-26 16:21:46 +01:00
Mark Shannon	90bbfd3b16	Python: Add library tests for django.	2019-04-26 16:21:46 +01:00
Mark Shannon	4a03fd03cd	Update test to reflect new true positive.	2019-04-26 16:21:46 +01:00
Mark Shannon	e82b2c422e	Python: Update test to use new API.	2019-04-26 16:21:46 +01:00
Mark Shannon	a442695ad0	Python points-to: Improve handling of len(), sequences and comparisons.	2019-04-26 16:21:46 +01:00
Mark Shannon	e21a863db9	Python points-to: Update sanity check.	2019-04-26 16:21:46 +01:00
Mark Shannon	03159bb31c	Python points-to: Track 'unknown' value through simple iteration.	2019-04-26 16:21:46 +01:00
Mark Shannon	662aedcb13	Python points-to: Fix up module attributes and classmethods.	2019-04-26 16:21:46 +01:00
Mark Shannon	ef0a6b6713	Python points-to: Rationalize handling of expressions and conditions. Tweak API to be a bit more backward-compatible.	2019-04-26 16:21:46 +01:00
Mark Shannon	e3ed8c6abf	Python points-to: Simplify handling of booleans and comparisons.	2019-04-26 16:21:45 +01:00
Mark Shannon	39b9723054	Python: Add support for bound-methods.	2019-04-26 16:21:45 +01:00
Mark Shannon	bf692f4aad	Python: Add better class support, including inheritance.	2019-04-26 16:21:45 +01:00
Mark Shannon	5a46df2132	Python: Add ADTs for ints and strings. Add some global data-flow.	2019-04-26 16:21:45 +01:00
Mark Shannon	051683fadf	Python: Break-up internal object modules.	2019-04-26 16:21:45 +01:00
Mark Shannon	c48d63f2ec	Python: First draft of ADT based objects and attendant points-to.	2019-04-26 16:21:45 +01:00
Taus	7d2c17f27c	Merge pull request #1271 from markshannon/python-fix-fp-http-prefix ... Python: Fix false positive in 'Incomplete URL substring sanitization' query	2019-04-26 15:23:04 +02:00
Mark Shannon	28799441af	Python: Fix false positive in 'Incomplete URL substring sanitization' query.	2019-04-25 18:11:01 +01:00
Mark Shannon	6a9bb5c5c9	Add test confirming correct handling of zope.interface.Interface in query.	2019-04-23 12:52:50 +01:00
Esben Sparre Andreasen	c80ee3df01	Mergeback: rc/1.20 into Semmle/master	2019-04-16 08:46:15 +02:00
Mark Shannon	d6ba729dce	Python: Fix semantic merge conflict between #1206 and #1240.	2019-04-12 12:32:41 +01:00
Taus	707b73c3d0	Merge pull request #1240 from markshannon/python-avoid-ssa-defns-in-tests ... Python: Remove callsite refinement ESSA definition in tests	2019-04-12 12:05:40 +02:00
Taus	607b5fb077	Merge pull request #1206 from markshannon/python-taint-flow-classless ... Python taint-tracking: Better flow for "generic" taint.	2019-04-12 11:54:52 +02:00
Mark Shannon	ca6e03f597	Python: Remove callsite refinement ESSA definition when call in a test defining a pi-node.	2019-04-11 16:08:29 +01:00
Mark Shannon	df2000ea8e	Python: Fix up dataflow configuration to act as expected. Keep undocumented for now.	2019-04-05 09:05:13 +01:00
Mark Shannon	2ba122373a	Merge pull request #1128 from taus-semmle/python-paramiko-unsafe-host-key-validation ... Python: Add query for insecure SSH host key policies in Paramiko.	2019-04-04 16:57:13 +01:00
Mark Shannon	e2a3d91a7d	Python taint-tracking: If taint has no class allow it flow through both branches of isinstance test.	2019-04-04 14:29:34 +01:00
Jonas Jensen	eae2fe5a16	Merge pull request #1190 from Semmle/rc/1.20 ... Merge 1.20 into master	2019-04-02 15:29:12 +02:00
Arthur Baars	ba7fdddafb	Change @kind to 'table' for test and sanity checks queries that don't select problems	2019-04-01 11:20:12 +02:00
Taus	702fc80054	Merge pull request #1166 from Semmle/rc/1.20 ... Merge rc/1.20 into master	2019-03-26 13:09:40 +01:00
Mark Shannon	2edde1fed8	Python taint-tracking. Handle early exit and 'not' correctly for 'falsey' taints.	2019-03-22 11:58:23 +00:00
Taus	36c7a8430a	Merge pull request #1112 from markshannon/python-forward-compatible-points-to-extensions ... Python: Allow points-to extensions to specify just the object.	2019-03-21 19:20:44 +01:00
Taus Brock-Nannestad	5eb63ae048	Fix false positive and add test.	2019-03-21 14:10:05 +01:00
Taus Brock-Nannestad	9cb35a8ca9	Use correct named argument for ssl.SSLContext.	2019-03-21 14:09:25 +01:00
Taus Brock-Nannestad	c7c6c83627	Address review comments.	2019-03-19 15:44:11 +01:00
Max Schaefer	6fbf487524	Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-2019-03-19	2019-03-19 14:09:03 +00:00
Taus Brock-Nannestad	52278b25d9	Python: Add query for insecure SSH host key policies in Paramiko.	2019-03-18 16:45:54 +01:00