hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

4008 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
4e80abbfa9 Python: Fixup wording in comment 
where you place a not is not without significance :D
 2020-04-27 17:03:01 +02:00
Taus
de08433bd3 Merge pull request #3212 from RasmusWL/python-fix-tests-filter 
Python: Fix (some) shortcomings of tests filter
 2020-04-27 11:26:35 +02:00
Taus
bcb980b3d5 Merge pull request #3302 from RasmusWL/python-str-taint-add-methods 
Python: Add taint for string methods
 2020-04-24 16:29:11 +02:00
Rasmus Wriedt Larsen
b2b0296120 Merge pull request #3242 from BekaValentine/python-objectapi-to-valueapi-incorrectlyoverridenmethod 
Python: ObjectAPI to ValueAPI: IncorrectlyOverriddenMethod
 2020-04-24 16:28:11 +02:00
semmle-qlci
4c7a5007d8 Merge pull request #3314 from RasmusWL/python-model-stdlib-http.server 
Approved by tausbn
 2020-04-24 15:27:21 +01:00
Taus
1d6b6a48ae Merge pull request #2924 from BekaValentine/python-objectapi-to-valueapi-wrongnumberargumentsincall 
Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall
 2020-04-23 17:56:39 +02:00
Rasmus Wriedt Larsen
fe50811bbf Python: In taint test, list comprehension => for loop 
Apparently they're not the same thing :(
 2020-04-23 14:13:00 +02:00
Rasmus Wriedt Larsen
1fe0040086 Python: Don't use six in urllib.parse string related tests 
Since this test inheriently has `--max-import-depth=1`, by using six, we would
never look at the actual source-code of urllib.parse/urlparse and therefore the
test would never show if we understood the library code good enough that we
could propagate taint out-of-the-box.

All tests moved by one line... that is why the diff is so big
 2020-04-23 13:00:45 +02:00
Rasmus Wriedt Larsen
94ae2febe5 Python: Propagate taint through parse_qsl 2020-04-23 12:14:22 +02:00
Taus
54d1991a9d Merge pull request #3300 from RasmusWL/python-pointsto-regression-open 
Python: Add points-to regression for uncalled function
 2020-04-23 11:50:30 +02:00
Rasmus Wriedt Larsen
86630f1d6c Python: Handle readline, readlines for ExternalFileObject 2020-04-23 10:40:16 +02:00
Rasmus Wriedt Larsen
7385ea5024 Python: Add tests for ExternalFileObject 2020-04-23 10:36:51 +02:00
Rebecca Valentine
89752f4b55 Merge branch 'master' into python-objectapi-to-valueapi-wrongnumberargumentsincall 2020-04-22 09:52:33 -07:00
Rebecca Valentine
9cd2171fb8 Merge branch 'master' into python-objectapi-to-valueapi-incorrectlyoverridenmethod 2020-04-22 09:40:33 -07:00
Rasmus Wriedt Larsen
22096c36b9 Python: Add standard HttpSources tests for BaseHTTPRequestHandler 2020-04-22 17:28:49 +02:00
Rasmus Wriedt Larsen
51a9094064 Python: Add sinks for http.server.BaseHTTPRequestHandler 2020-04-22 17:28:27 +02:00
Rasmus Wriedt Larsen
6b84137a92 Python: Model cgi.FieldStorage (parsing of submitted forms) 2020-04-22 11:37:47 +02:00
Rasmus Wriedt Larsen
26ed911bb2 Python: Add modeling of http.server.BaseHTTPRequestHandler 2020-04-22 09:52:10 +02:00
Rasmus Wriedt Larsen
30e2592701 Python: Propagate taint through parse_qs 2020-04-22 08:55:35 +02:00
Taus
5af351eacd Merge pull request #3275 from RasmusWL/python-fix-points-to-deprecations 
Python: Remove deprecated annotation for old PointsTo::points_to
 2020-04-21 18:18:07 +02:00
Rasmus Wriedt Larsen
32a97266cf Python: Fix deprecation warnings in test output 2020-04-21 11:39:44 +02:00
Rasmus Wriedt Larsen
b7145af447 Python: Handle all methods in StringKind.getTaintOfMethodResult 2020-04-20 16:07:30 +02:00
Rasmus Wriedt Larsen
10b36bb7a8 Python: Taint of string method reference isn't handled 2020-04-20 15:01:40 +02:00
Rasmus Wriedt Larsen
1631787336 Python: Fix points-to regressions Test.ql 
Only being able to debug missing pointsTo for NameNode was quite limiting ...
 2020-04-20 14:41:55 +02:00
Rasmus Wriedt Larsen
8746876377 Python: Add points-to regression for uncalled function 2020-04-20 14:41:45 +02:00
Taus
964a619450 Merge pull request #3211 from RasmusWL/python-unused-import-small-fix 
Python: Fix FN in unused import
 2020-04-16 14:22:50 +02:00
Rasmus Wriedt Larsen
5a51d2cc4c Merge pull request #3245 from BekaValentine/python-objectapi-to-valueapi-wrongnameforargumentinclassinstantiation 
Python: ObjectAPI to ValueAPI: WrongNameForArgumentInClassInstantiation
 2020-04-15 16:48:26 +02:00
Taus
8402e6a2e1 Merge pull request #3243 from BekaValentine/python-objectapi-to-valueapi-incorrectlyspecifiedoverriddenmethod 
Python: ObjectAPI to ValueAPI: IncorrectlySpecifiedOverriddenMethod
 2020-04-14 18:55:42 +02:00
Taus
3e46604fa5 Merge pull request #3223 from BekaValentine/python-objectapi-to-valueapi-iterreturnsnoniterator 
Python: ObjectAPI to ValueAPI: IterReturnsNonIterator
 2020-04-14 12:55:21 +02:00
Rebecca Valentine
339758fa70 Python: ObjectAPI to ValueAPI: WrongNameForArgumentInClassInstantiation: Adds preliminary modernization 2020-04-09 15:04:44 -07:00
Rebecca Valentine
8dc1933a02 Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInClassInstantiation: Adds preliminary modernization 2020-04-09 14:58:30 -07:00
Rebecca Valentine
336e48c5c6 Python: ObjectAPI to ValueAPI: IncorrectlySpecifiedOverriddenMethod: Adds preliminary modernization 2020-04-09 14:50:26 -07:00
Rebecca Valentine
be00d71b99 Python: ObjectAPI to ValueAPI: IncorrectlyOverriddenMethod: Adds preliminary modernization 2020-04-09 14:41:22 -07:00
Pavel Avgustinov
6737e99d65 Merge pull request #3209 from hmakholm/baselib-extractor 
Add extractor field in base language QL packs
 2020-04-09 15:24:49 +01:00
Rebecca Valentine
c2443f2342 Python: ObjectAPI to ValueAPI: OverlyComplexDelMethod: Adds preliminary modernization 2020-04-07 21:31:35 -07:00
Rebecca Valentine
0d65db148f Python: ObjectAPI to ValueAPI: IterReturnsNonIterator: Adds preliminary modernization 2020-04-07 21:14:25 -07:00
Rasmus Wriedt Larsen
befe73df14 Python: supress non-useful results (w/ tests) for iter str/seq query 
Fixes https://github.com/Semmle/ql/issues/3207
 2020-04-07 11:46:36 +02:00
Rasmus Wriedt Larsen
94ccc16f85 Python: iter str/seq query gives non-useful results with tests 2020-04-07 11:46:35 +02:00
Rasmus Wriedt Larsen
2871eb307a Python: Fix (some) shortcomings of tests filter 2020-04-07 11:24:06 +02:00
Rasmus Wriedt Larsen
6ed7b3dd92 Python: Add tests to illustrate shortcomings of current tests filter 2020-04-07 11:22:16 +02:00
Rasmus Wriedt Larsen
75e6470009 Python: Fix FN in py/unused-import 2020-04-07 09:41:42 +02:00
Rasmus Wriedt Larsen
1077ce3a35 Python: Add FN for py/unused-import 2020-04-07 09:26:14 +02:00
Henning Makholm
d1ff3211ef Add extractor fields to test qlpack.yml files. 2020-04-06 19:21:41 +02:00
Rebecca Valentine
01aac8273c Python: ObjAPI to ValAPI: WrongNumArgsInCall: Update queries to use objectapi 2020-04-04 03:11:25 -07:00
Rebecca Valentine
8c1aeb24cb Python: ObjAPI to ValAPI: WrongNumArgsInCall: Updates query expected results 2020-04-04 00:57:09 -07:00
Rebecca Valentine
88be3359ac Python: ObjAPI to ValAPI: WrongNumForArgsInCall: Update affected queries to use objectapi 2020-04-04 00:15:10 -07:00
Rebecca Valentine
1e76720a92 Merge branch 'master' into python-objectapi-to-valueapi-wrongnumberargumentsincall 2020-04-03 20:25:53 -07:00
Rebecca Valentine
e0f26d4f7e Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: Updates expected results 2020-04-03 20:11:42 -07:00
Taus
d540bf6ce5 Merge pull request #3039 from BekaValentine/python-objectapi-to-valueapi-returnvalueignored 
Python: ObjectAPI to ValueAPI: ReturnValueIgnored
 2020-04-02 11:42:01 +02:00
Taus
bd41bb59ec Merge pull request #3032 from BekaValentine/python-objectapi-to-valueapi-signatureoverriddenmethod 
Python: ObjectAPI to ValueAPI: SignatureOverriddenMethod
 2020-04-01 23:03:27 +02:00