hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

4008 Commits

Author SHA1 Message Date
AlexTereshenkov
3e6f8fb6be Add bind-socket-all-network-interfaces Python query (#2048) 
Add bind-socket-all-network-interfaces Python query
 2019-10-03 11:23:11 +01:00
Taus Brock-Nannestad
384013e0dc Python: Add tests for reachability when using nonlocal. 2019-10-02 17:13:00 +02:00
Taus
fb20cab4c8 Merge pull request #2012 from RasmusWL/python-modernise-cls-self-checks 
Python: modernise cls self argument name checks
 2019-09-30 15:50:32 +02:00
Taus
04f14f1fe7 Merge pull request #2040 from RasmusWL/python-modernise-cherrypy 
Python: Modernise cherrypy library
 2019-09-30 11:53:59 +02:00
Taus Brock-Nannestad
aa16d20d5a Python: Fix false positive for cyclic imports guarded by if False:. 2019-09-27 15:22:12 +02:00
Taus Brock-Nannestad
25985e901b Python: Remove a few false positives from py/unused-import. 2019-09-27 11:46:59 +02:00
Rasmus Wriedt Larsen
ff28b3f1b4 Python: Modernise cherrypy library 2019-09-27 11:23:33 +02:00
Rasmus Wriedt Larsen
457794e030 Python: Consistenly use parameter instead of argument in docs 
The Python 3 FAQ states that this is the right thing [0]

It sadly doesn't align 100% with PEP8, which calls them for "arguments" [1], but
after discussion with Taus, we decided to go with "parameter" everywhere to be
consistent.

[0] https://docs.python.org/3/faq/programming.html#faq-argument-vs-parameter
[1] https://www.python.org/dev/peps/pep-0008/#function-and-method-arguments
 2019-09-26 16:31:09 +02:00
Rasmus Wriedt Larsen
12c49031e8 Python: Modernise bottle library 2019-09-26 15:03:47 +02:00
Rasmus Wriedt Larsen
546405a379 Python: Add more tests for cls/self argument names 2019-09-26 13:25:14 +02:00
Rasmus Wriedt Larsen
a81bf720f5 Python: Modernise the py/not-named-self query. 2019-09-26 13:25:14 +02:00
Rasmus Wriedt Larsen
c6d9eb9254 Python: Move more tests for argument names into own file 
Plus fixup of expected output from unrelated tests
 2019-09-26 13:25:14 +02:00
Taus
594a50e066 Merge pull request #1955 from RasmusWL/python-modernise-explicit-return-in-init 
Python: Modernise the `py/explicit-return-in-init` query.
 2019-09-24 16:23:37 +02:00
Taus Brock-Nannestad
e1012d8d5a Python: Add __aiter__ as a recognised iterator method. 2019-09-23 12:26:16 +02:00
Rasmus Wriedt Larsen
d273974045 Python: Don't flag return procedure_call() in __init__ as error 
This commit fixes the results for
0d8a429b7e/files/mayaTools/cgm/lib/classes/AttrFactory.py (L90)

```
def __init__(...):
    if error_case:
        return guiFactory.warning(...)
```

that was wrongly reporting _Explicit return in __init__ method._ as an error.
 2019-09-23 11:22:55 +02:00
Rasmus Wriedt Larsen
6e50a0ef84 Python: Modernise the py/explicit-return-in-init query. 
Add explicit test case to show that we don't doulbe report this problem.
 2019-09-23 11:22:55 +02:00
Rasmus Wriedt Larsen
3c33e863ad Python: split tests for Functions into more files 
Makes it easier to see what the testcases are relevant for what queries.
 2019-09-19 11:54:28 +02:00
Rebecca Valentine
f503e042fc Merge pull request #1877 from taus-semmle/python-modernise-non-iterator-query 
Python: Modernise the `py/non-iterable-in-for-loop` query.
 2019-09-12 11:14:40 -07:00
Taus Brock-Nannestad
1013fb7b25 Update .expected file for Python 3 tests. 2019-09-11 14:13:05 +02:00
Rebecca Valentine
9eebe00b33 Merge pull request #1869 from taus-semmle/python-fix-typehint-divergence 
Python: Prevent divergence in type-hint analysis. (ODASA-8075)
 2019-09-06 14:33:20 -07:00
Taus Brock-Nannestad
8882f1410a Add test cases for nested subscripts. 2019-09-06 12:01:18 +02:00
Taus Brock-Nannestad
2d45c23d19 Comment out diverging example for now. 
Otherwise it'll keep timing out until the fix has been pushed to LGTM.com
 2019-09-05 13:18:01 +02:00
Taus Brock-Nannestad
d336140c19 Python: Modernise the py/non-iterable-in-for-loop query. 
Also adds a small test case exhibiting the same false positive seen in
ODASA-8042.
 2019-09-05 12:24:51 +02:00
Taus Brock-Nannestad
4440e02fa5 Add test case for divergence. 2019-09-04 13:23:06 +02:00
Taus
f8bd3770d6 Merge pull request #1848 from markshannon/python-rationalize-taint-tracking 
Python: Move TaintTracking.qll
 2019-08-30 16:21:49 +02:00
Mark Shannon
637677d515 Python: Move TaintTracking.qll from semmle.python.security to semmle.python.dataflow, for consistency with other code. 2019-08-30 12:57:47 +01:00
Mark Shannon
3f740d6efe Python: Update CWE-312 queries to use new taint-tracking configuration. 2019-08-30 11:21:04 +01:00
Mark Shannon
811815aa4e Merge branch 'master' into python-cwe-312 2019-08-30 10:39:04 +01:00
Mark Shannon
989d7aeace Merge branch 'master' into python-cwe-312 2019-08-29 15:57:49 +01:00
Mark Shannon
22f55d25c2 Python taint-tracking. Reorder columns in some tests for easier comprehension of expected output. 2019-08-29 14:36:10 +01:00
Mark Shannon
e51b797c03 Python taint-tracking. Add an adapter for old 'dataflow config'. 2019-08-29 14:30:09 +01:00
Mark Shannon
179f4ee88f Python taint-tracking: Add documented example test. 2019-08-29 13:03:58 +01:00
Mark Shannon
10fddbc19b Python new taint-tracking: Fix some typos and clarify documentation. 2019-08-29 11:03:35 +01:00
Mark Shannon
76c11c4575 Python: Update a test result. 2019-08-29 10:31:50 +01:00
Mark Shannon
e5900921e7 Python taint-tracking: Remove warnings from test output. 2019-08-29 10:31:50 +01:00
Mark Shannon
c7ec5690a5 Python taint-tracking: make sure all features of legacy extensions are supported. 2019-08-29 10:31:50 +01:00
Mark Shannon
64c160b75c Python taint-tracking: Fix ambiguous flow through class instantiation. Tweak the path query to ensure edge to sink is always present. 2019-08-29 10:31:50 +01:00
Mark Shannon
d31e55f88e Python taint-tracking: Avoid ambiguous flows through calls. Fix up tests. 2019-08-29 10:31:50 +01:00
Mark Shannon
78ce19678a Python taint-tracking: Fix up SQL injection query. 2019-08-29 10:31:50 +01:00
Mark Shannon
3f8066878a Python taint-tracking: Fix up handling of contexts for __init__ and for context-free taints. 2019-08-29 10:31:50 +01:00
Mark Shannon
fe9c9d479d Python taint-tracking. Fix bug in legacy API. 2019-08-29 10:31:50 +01:00
Mark Shannon
7c4a18eee3 Python taint-tracking: Fix up handling of legacy (config-less) taint-tracking 2019-08-29 10:31:50 +01:00
Mark Shannon
2d9d292ee4 Python: Fix up pi-node handling in taint-tracking. 2019-08-29 10:31:50 +01:00
Mark Shannon
24b4a4102c Python taint-tracking: Further enhancements to new implementation for better debugging and backwards compatibility. 2019-08-29 10:31:50 +01:00
Mark Shannon
1addfaac1a Python taint-tracking: update test results. 2019-08-29 10:31:50 +01:00
Mark Shannon
a7845ae0e1 Python taint-tracking: Remove old implementation. 2019-08-29 10:31:50 +01:00
Mark Shannon
74f1dd3ec0 Python taint-tracking. Add some tests and fix up various parts of the implementation. 2019-08-29 10:31:50 +01:00
Rebecca Valentine
36f99c19bc Merge pull request #1840 from markshannon/python-better-hasattribute-handling 
Python: Add 'hasAttribute' predicate to ObjectInternal and Value.
 2019-08-28 10:45:44 -07:00
Mark Shannon
1c8ce418d9 Python: Add test to confirm #1212 is fixed. 2019-08-28 12:01:04 +01:00
Pavel Avgustinov
b3081154fa Merge pull request #1823 from markshannon/python-dont-prune-in-ql 
Python: removing pruning in QL.
 2019-08-27 11:32:23 +01:00