hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

1271 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
4fc3cae646 Python: Add test for how arguments to *args and **kwargs are handled 2020-05-25 10:16:10 +02:00
Rasmus Lerchedahl Petersen
4d6ad32f04 Python: Update test expectations. 
As ar as I can tell, all these are improvements
 2020-05-20 08:11:03 +02:00
Rasmus Wriedt Larsen
3774310985 Python: Reduce FPs in Django due to bad XSS taint-sinks 
Fixes https://github.com/github/codeql-python-team/issues/38
 2020-05-18 19:14:43 +02:00
Rasmus Wriedt Larsen
fa08676a1d Python: Proper redirect taint sinks for Django 
Also a major restructuring of the code. A bit controversial since it
renames/moves classes that are already public.

Fixes https://github.com/github/codeql/issues/3466
 2020-05-18 19:14:29 +02:00
Rasmus Wriedt Larsen
72ea4ff0dc Python: Add more tests of django responses 
They clearly shouldn't all be XSS sinks
 2020-05-18 16:56:47 +02:00
Rasmus Wriedt Larsen
8150c78ae0 Python: In flask, taint routed prameters for variable rules 
Fixes https://github.com/github/codeql-python-team/issues/79
 2020-05-12 15:02:32 +02:00
Rasmus Wriedt Larsen
7d5e35a7aa Python: Expand flask tests to use "variable rules" 
which is what flask calls them. wildcard rules in bottle, django doesn't even
give them a proper term :(
 2020-05-12 14:23:24 +02:00
Rasmus Wriedt Larsen
07ae40206f Python: Don't allow getParameter(-1) for BoundMethodValue 
As per discussion in the PR
 2020-05-05 11:37:10 +02:00
Rasmus Wriedt Larsen
affca1a728 Python: Add test-cases using keyword arguments for builtin function 2020-05-05 10:26:25 +02:00
Rasmus Wriedt Larsen
838106d49c Python: Refactor get[Named]ArgumentForCall 
Also fixed a bug for BoundMethodValue, as highlighted in the expected diff 👍
 2020-05-04 20:51:23 +02:00
Rasmus Wriedt Larsen
bc92c26e12 Python: Add BoundMethodValue 2020-05-04 20:51:12 +02:00
Rasmus Wriedt Larsen
96fdb7a5b6 Python: Add tests for getParameter[byName] 
These already have results for BoundMethodValue, although

1) it's a bit strange that `getParameter(-1)` has results
2) why does `Method(Function C.n, class C)` exists? this would only be relevant
if `n` was a classmethod, but it isn't. It's not a problem that it exsits per
se, but curious.
 2020-05-04 20:51:04 +02:00
Rasmus Wriedt Larsen
e9859ad96d Python: Fix getArgumentForCall when using keyword arguments 
Yikes :|
 2020-05-04 20:50:56 +02:00
Rasmus Wriedt Larsen
acb506db21 Python: Add test for getNamedArgumentForCall 
and rename the one for getArgumentForCall
 2020-05-04 20:50:32 +02:00
Rasmus Wriedt Larsen
9ec32ee1c1 Python: Add test-cases using keyword arguments 2020-05-04 20:50:19 +02:00
Rasmus Wriedt Larsen
fc0b0221f0 Python: Add test-cases for BuiltinFunction and BuiltinMethod 2020-05-04 20:50:14 +02:00
Rasmus Wriedt Larsen
f624754390 Python: Use Value in GetACAll test 
That was not possible when using the old Object-API, but in Value-API getACall
is defined on all Values.
 2020-05-04 20:50:06 +02:00
Rasmus Wriedt Larsen
06b67e0d32 Python: Modernise test/library-tests/PointsTo/calls/* 2020-05-04 20:49:57 +02:00
Rasmus Wriedt Larsen
a5289bd708 Python: Use Object in CallRefersTo test 
Since other things than FunctionObject can be called ;)
 2020-05-04 20:49:47 +02:00
Rasmus Wriedt Larsen
7b8b4af6d2 Python: Add test for call.getFunction().refersTo 
Showing that
`call.getFunction().refersTo(func)` gives different results from
`call = func.getACall()`
 2020-05-04 20:49:19 +02:00
Rasmus Wriedt Larsen
e569d7ae41 Merge branch 'master' into python-parse_qs 2020-04-30 17:05:17 +02:00
Rasmus Wriedt Larsen
e0b4518a3e Merge branch 'master' into python-improve-file-taint 2020-04-30 11:24:29 +02:00
Taus
de08433bd3 Merge pull request #3212 from RasmusWL/python-fix-tests-filter 
Python: Fix (some) shortcomings of tests filter
 2020-04-27 11:26:35 +02:00
Taus
bcb980b3d5 Merge pull request #3302 from RasmusWL/python-str-taint-add-methods 
Python: Add taint for string methods
 2020-04-24 16:29:11 +02:00
semmle-qlci
4c7a5007d8 Merge pull request #3314 from RasmusWL/python-model-stdlib-http.server 
Approved by tausbn
 2020-04-24 15:27:21 +01:00
Taus
1d6b6a48ae Merge pull request #2924 from BekaValentine/python-objectapi-to-valueapi-wrongnumberargumentsincall 
Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall
 2020-04-23 17:56:39 +02:00
Rasmus Wriedt Larsen
fe50811bbf Python: In taint test, list comprehension => for loop 
Apparently they're not the same thing :(
 2020-04-23 14:13:00 +02:00
Rasmus Wriedt Larsen
1fe0040086 Python: Don't use six in urllib.parse string related tests 
Since this test inheriently has `--max-import-depth=1`, by using six, we would
never look at the actual source-code of urllib.parse/urlparse and therefore the
test would never show if we understood the library code good enough that we
could propagate taint out-of-the-box.

All tests moved by one line... that is why the diff is so big
 2020-04-23 13:00:45 +02:00
Rasmus Wriedt Larsen
94ae2febe5 Python: Propagate taint through parse_qsl 2020-04-23 12:14:22 +02:00
Taus
54d1991a9d Merge pull request #3300 from RasmusWL/python-pointsto-regression-open 
Python: Add points-to regression for uncalled function
 2020-04-23 11:50:30 +02:00
Rasmus Wriedt Larsen
86630f1d6c Python: Handle readline, readlines for ExternalFileObject 2020-04-23 10:40:16 +02:00
Rasmus Wriedt Larsen
7385ea5024 Python: Add tests for ExternalFileObject 2020-04-23 10:36:51 +02:00
Rebecca Valentine
89752f4b55 Merge branch 'master' into python-objectapi-to-valueapi-wrongnumberargumentsincall 2020-04-22 09:52:33 -07:00
Rasmus Wriedt Larsen
22096c36b9 Python: Add standard HttpSources tests for BaseHTTPRequestHandler 2020-04-22 17:28:49 +02:00
Rasmus Wriedt Larsen
51a9094064 Python: Add sinks for http.server.BaseHTTPRequestHandler 2020-04-22 17:28:27 +02:00
Rasmus Wriedt Larsen
6b84137a92 Python: Model cgi.FieldStorage (parsing of submitted forms) 2020-04-22 11:37:47 +02:00
Rasmus Wriedt Larsen
26ed911bb2 Python: Add modeling of http.server.BaseHTTPRequestHandler 2020-04-22 09:52:10 +02:00
Rasmus Wriedt Larsen
30e2592701 Python: Propagate taint through parse_qs 2020-04-22 08:55:35 +02:00
Rasmus Wriedt Larsen
32a97266cf Python: Fix deprecation warnings in test output 2020-04-21 11:39:44 +02:00
Rasmus Wriedt Larsen
b7145af447 Python: Handle all methods in StringKind.getTaintOfMethodResult 2020-04-20 16:07:30 +02:00
Rasmus Wriedt Larsen
10b36bb7a8 Python: Taint of string method reference isn't handled 2020-04-20 15:01:40 +02:00
Rasmus Wriedt Larsen
1631787336 Python: Fix points-to regressions Test.ql 
Only being able to debug missing pointsTo for NameNode was quite limiting ...
 2020-04-20 14:41:55 +02:00
Rasmus Wriedt Larsen
8746876377 Python: Add points-to regression for uncalled function 2020-04-20 14:41:45 +02:00
Rasmus Wriedt Larsen
2871eb307a Python: Fix (some) shortcomings of tests filter 2020-04-07 11:24:06 +02:00
Rasmus Wriedt Larsen
6ed7b3dd92 Python: Add tests to illustrate shortcomings of current tests filter 2020-04-07 11:22:16 +02:00
Rebecca Valentine
88be3359ac Python: ObjAPI to ValAPI: WrongNumForArgsInCall: Update affected queries to use objectapi 2020-04-04 00:15:10 -07:00
Taus Brock-Nannestad
554bb76746 Python: Fix up (hopefully) the last file that needs autoformatting. 2020-04-01 14:16:35 +02:00
Taus
e31143c9f8 Merge pull request #2889 from RasmusWL/python-add-custom-sanitizer-example 
Python: Add example for how to write your own sanitizer
 2020-03-30 22:59:56 +02:00
Rasmus Wriedt Larsen
6127d8b8f4 Python: Fixup comment alignment 2020-03-30 18:32:31 +02:00
Rasmus Wriedt Larsen
fad03e77cc Python: Move helper predicate outside of class 
otherwise the helper predicate can (and sometimes will) be evaluated once _per_
instance of that class.
 2020-03-30 18:31:16 +02:00