hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

555 Commits

Author SHA1 Message Date
Geoffrey White
795f16ba56 Swift: Model 'printf' variants as cleartext logging sinks. 2023-11-20 18:15:06 +00:00
Geoffrey White
06c2c423b3 Swift: Clean up the test logic slightly. 2023-11-20 18:12:15 +00:00
Geoffrey White
b348dc2a32 Swift: Extend cleartext logging tests (test cases). 2023-11-20 18:11:52 +00:00
Geoffrey White
2a69b03092 Swift: Extend cleartext logging tests (stubs). 2023-11-20 18:11:41 +00:00
Geoffrey White
c49f05aa2b Swift: Fix false positive / result overlap. 2023-11-16 09:00:35 +00:00
Geoffrey White
96b4a12af7 Swift: Add heuristic sinks. 2023-11-16 09:00:35 +00:00
Geoffrey White
697c3df74a Swift: Model C printf variants. 2023-11-16 09:00:34 +00:00
Geoffrey White
1040561ec1 Swift: Model formatting append methods. 2023-11-16 09:00:34 +00:00
Geoffrey White
a6fe620bcb Swift: Fix Swift warnings in the test. 2023-11-15 18:06:38 +00:00
Geoffrey White
3a38f3b947 Swift: Add test cases. 2023-11-15 18:06:37 +00:00
Geoffrey White
0ae04de7f0 Swift: Test stubs / classes. 2023-11-15 17:23:22 +00:00
Geoffrey White
3a13759f10 Swift: Clean up the test. 2023-11-15 13:35:18 +00:00
Geoffrey White
6783707e2c Swift: Add heuristic sink. We don't catch everything, but the simple heuristic was better than anything else I tried. 2023-11-14 10:07:12 +00:00
Geoffrey White
80cfb934ce Swift: Add some tests. 2023-11-14 09:52:53 +00:00
Geoffrey White
c327f0f0a7 Merge branch 'main' into pathinjectionsinks 2023-11-10 16:04:56 +00:00
Geoffrey White
5a09a325f2 Swift: Add heuristic path injection sinks. 2023-11-10 15:13:51 +00:00
Geoffrey White
ebf7231be7 Swift: Make the 'completePath' models work. 2023-11-09 18:21:12 +00:00
Geoffrey White
9b5556e245 Swift: Test 'completePath' more carefully. 2023-11-09 18:21:12 +00:00
Geoffrey White
2d313ef4c7 Swift: Add some path injection sink models. 2023-11-09 18:21:12 +00:00
Geoffrey White
cd147038cd Swift: Fill some gaps in the URL, NSURL models. 2023-11-09 11:51:18 +00:00
Geoffrey White
a86862d578 Swift: Add test cases (heuristic). 2023-11-09 11:33:10 +00:00
Geoffrey White
04016ebd20 Swift: Add test cases (more library functions). 2023-11-09 11:31:58 +00:00
Geoffrey White
f99df55e94 Swift: Add test stubs. 2023-11-09 11:28:33 +00:00
Mathias Vorreiter Pedersen
68e7f84c23 Merge pull request #14661 from geoffw0/commandinject4 
Swift: Fix defaultImplicitTaintRead on fields
 2023-11-08 15:52:18 +00:00
Geoffrey White
6b434d10ce Merge pull request #14701 from geoffw0/promotecmdline 
Swift: Promote the command injection query out of experimental
 2023-11-08 15:46:29 +00:00
Geoffrey White
4ce8d953d2 Merge pull request #14698 from geoffw0/realmswift 
Swift: Fix an issue with Realm sinks for swift/cleartext-storage-database
 2023-11-07 08:37:27 +00:00
Geoffrey White
1c6a4b8cbf Swift: Update the test .qlref. 2023-11-06 17:32:25 +00:00
Geoffrey White
77e48f72ec Swift: Detect Realm sinks more reliably. 2023-11-06 15:54:17 +00:00
Geoffrey White
424046d238 Swift: Add test case. 2023-11-06 15:54:17 +00:00
Geoffrey White
b99e44c3ca Swift: Fix the Data test. 2023-11-06 09:18:27 +00:00
Geoffrey White
431d9d58f1 Merge pull request #14639 from geoffw0/anchorquery 
Swift: New query for Missing Regular Expression Anchor
 2023-11-02 09:20:19 +00:00
Geoffrey White
206acea41c Swift: Fix defaultImplicitTaintRead for sinks that are field accesses on a subclass of the type containing the field. 2023-11-01 17:49:25 +00:00
Geoffrey White
554007b305 Swift: Add a couple more test cases close to the failures. 2023-10-31 17:19:28 +00:00
Geoffrey White
c82eb4dff3 Swift: Test spacing. 2023-10-31 17:18:08 +00:00
Geoffrey White
b259a0ff6a Swift: get rid of getRemoteData() in the tests, it's obfuscating results. 2023-10-30 17:48:51 +00:00
Geoffrey White
c8706e2ad7 Swift: Add some annotations to the clarify UnsafeJSEval.swift test. 2023-10-30 17:43:37 +00:00
Geoffrey White
c09df2e3f1 Swift: Add test cases for the isLineAnchoredHostnameRegExp query case. 2023-10-30 14:33:42 +00:00
Geoffrey White
8f115bfd06 Swift: Implement 'isUsedAsReplace'. 2023-10-30 14:33:42 +00:00
Geoffrey White
435638a5bb Swift: Port the JS tests to Swift. 2023-10-30 13:08:11 +00:00
Geoffrey White
954b0612d5 Swift: Initial state of the existing test. 2023-10-30 13:08:10 +00:00
Geoffrey White
14db0dfcc7 Swift: Fairly minimal fix to get the query and test working for Swift. 2023-10-30 13:08:10 +00:00
Geoffrey White
c040d4847b Swift: Copy MissingRegexAnchor query from JS. 2023-10-30 13:08:10 +00:00
Mathias Vorreiter Pedersen
6062fbb475 Merge pull request #14383 from geoffw0/nsstringregex 
Swift: Add regular expression evaluation models for StringProtocol and NSString methods
 2023-10-27 15:49:23 +01:00
Mathias Vorreiter Pedersen
4aed638066 Merge pull request #14577 from MathiasVP/capture-flow-swift 
Swift: Add variable-capture flow
 2023-10-27 14:09:04 +01:00
Mathias Vorreiter Pedersen
93234c0b5c Swift: Add model for 'withVaList' and accept test changes. 2023-10-27 10:21:12 +01:00
Mathias Vorreiter Pedersen
9e2dd09ddc Swift: Accept test regression (caused by no model for 'withVaList'). 2023-10-27 10:20:07 +01:00
Geoffrey White
06b1cd939c Merge pull request #14502 from geoffw0/xmlquery 
Swift: Model RawRepresentable
 2023-10-24 16:25:15 +01:00
Mathias Vorreiter Pedersen
6f37d7c374 Swift: Accept changes in paths. 2023-10-24 15:39:19 +01:00
Nora Dimitrijević
af49a3aa64 Swift: accept new results in old tests 2023-10-24 13:56:31 +01:00
Geoffrey White
990c40c8c8 Swift: Barrier for duplicate results in constant queries, resulting from sources like [1, 2, 3]. 2023-10-16 18:28:51 +01:00