9613 Commits

Author	SHA1	Message	Date
Mark Shannon	fc2c46fe4a	Python: Fix error in update Module to use new points-to API.	2019-04-26 16:21:46 +01:00
Mark Shannon	782311f805	Python: Update taint-tracking to use new points-to API.	2019-04-26 16:21:46 +01:00
Mark Shannon	3c30480845	Python: Extend API a bit.	2019-04-26 16:21:46 +01:00
Mark Shannon	31a95ceeec	Python points-to: Use strongly typed version of CfgOrigin.	2019-04-26 16:21:46 +01:00
Mark Shannon	162bf5143b	Python points-to: Assorted improvements to performance and better compatibility.	2019-04-26 16:21:46 +01:00
Mark Shannon	ef0a6b6713	Python points-to: Rationalize handling of expressions and conditions. Tweak API to be a bit more backward-compatible.	2019-04-26 16:21:46 +01:00
Mark Shannon	54c27e1d4b	Python points-to: Various minor performance tweaks.	2019-04-26 16:21:46 +01:00
Mark Shannon	23ca403728	Python points-to: Understand callable and hasattr.	2019-04-26 16:21:46 +01:00
Mark Shannon	8af6cb6644	Python points-to: Use objects, not booleans when doing evaluation of tests.	2019-04-26 16:21:46 +01:00
Mark Shannon	610a35c187	Python points-to: Improve backwards compatibility for comparisons.	2019-04-26 16:21:45 +01:00
Mark Shannon	f7edbcc6d9	Python points-to: Clean up interface, and deprecate old interface.	2019-04-26 16:21:45 +01:00
Mark Shannon	d3762ac5a1	Rename 'points_to' to 'pointsTo'.	2019-04-26 16:21:45 +01:00
Mark Shannon	931100c772	Python points-to: Add float objects for better backwards compatibility.	2019-04-26 16:21:45 +01:00
Mark Shannon	e9f58ba3a7	Python: refactor ConstantObjects.	2019-04-26 16:21:45 +01:00
Mark Shannon	0b0a6337f3	Python points-to: Support descriptor protocols, particularly functions.	2019-04-26 16:21:45 +01:00
Mark Shannon	dbf228d005	Python points-to: Better handling of *args, **kwargs and procedures.	2019-04-26 16:21:45 +01:00
Mark Shannon	f5c32421f4	Python points-to: Handle list, dict and float literals as instances.	2019-04-26 16:21:45 +01:00
Mark Shannon	48297e299e	Python points-to: Improve handling of 'type' object.	2019-04-26 16:21:45 +01:00
Mark Shannon	85a9016c8c	Python points-to: make 'self' instances distinct from other instances.	2019-04-26 16:21:45 +01:00
Mark Shannon	12853ccf30	Python points-to: Add support for tuples.	2019-04-26 16:21:45 +01:00
Mark Shannon	dd83149cc3	Python points-to: Port old API classes to use new points-to.	2019-04-26 16:21:45 +01:00
Mark Shannon	aa30745492	Python points-to: Further types and flow.	2019-04-26 16:21:45 +01:00
Mark Shannon	e3ed8c6abf	Python points-to: Simplify handling of booleans and comparisons.	2019-04-26 16:21:45 +01:00
Mark Shannon	84c9866c50	Python points-to: Add generic instances and handle returns for builtin functions. Move attribute lookup handling to objects.	2019-04-26 16:21:45 +01:00
Mark Shannon	ce9d0f1a06	Python points-to: Add support for some more ESSA definitions.	2019-04-26 16:21:45 +01:00
Mark Shannon	ec151e9b02	Python points-to: Convert two pairs of predicates to methods on booleans.	2019-04-26 16:21:45 +01:00
Mark Shannon	39b9723054	Python: Add support for bound-methods.	2019-04-26 16:21:45 +01:00
Mark Shannon	bf692f4aad	Python: Add better class support, including inheritance.	2019-04-26 16:21:45 +01:00
Mark Shannon	5a46df2132	Python: Add ADTs for ints and strings. Add some global data-flow.	2019-04-26 16:21:45 +01:00
Mark Shannon	051683fadf	Python: Break-up internal object modules.	2019-04-26 16:21:45 +01:00
Mark Shannon	c48d63f2ec	Python: First draft of ADT based objects and attendant points-to.	2019-04-26 16:21:45 +01:00
Taus	7d2c17f27c	Merge pull request #1271 from markshannon/python-fix-fp-http-prefix ... Python: Fix false positive in 'Incomplete URL substring sanitization' query	2019-04-26 15:23:04 +02:00
Mark Shannon	28799441af	Python: Fix false positive in 'Incomplete URL substring sanitization' query.	2019-04-25 18:11:01 +01:00
Taus Brock-Nannestad	c8cbae37d9	Python: Add missing override annotations.	2019-04-25 16:48:47 +02:00
Mark Shannon	6a9bb5c5c9	Add test confirming correct handling of zope.interface.Interface in query.	2019-04-23 12:52:50 +01:00
Esben Sparre Andreasen	c80ee3df01	Mergeback: rc/1.20 into Semmle/master	2019-04-16 08:46:15 +02:00
Mark Shannon	d6ba729dce	Python: Fix semantic merge conflict between #1206 and #1240.	2019-04-12 12:32:41 +01:00
Taus	707b73c3d0	Merge pull request #1240 from markshannon/python-avoid-ssa-defns-in-tests ... Python: Remove callsite refinement ESSA definition in tests	2019-04-12 12:05:40 +02:00
Taus	607b5fb077	Merge pull request #1206 from markshannon/python-taint-flow-classless ... Python taint-tracking: Better flow for "generic" taint.	2019-04-12 11:54:52 +02:00
Mark Shannon	ca6e03f597	Python: Remove callsite refinement ESSA definition when call in a test defining a pi-node.	2019-04-11 16:08:29 +01:00
Mark Shannon	97a9954e72	Merge pull request #1222 from taus-semmle/python-unify-old-and-new-query-suites ... Python: Make old query suites point to new query suites.	2019-04-09 14:04:21 +01:00
Taus	adf8cdcde5	Merge pull request #1203 from markshannon/python-taint-tracking-configuration-2 ... Python: Use taint tracking configuration for queries.	2019-04-09 10:01:35 +02:00
Taus Brock-Nannestad	98e9edc27c	Delete unnecessary files.	2019-04-08 18:27:30 +02:00
Taus Brock-Nannestad	e227078953	Add note about backwards compatibility.	2019-04-08 17:55:48 +02:00
Mark Shannon	52b3f77f4f	Fix typo.	2019-04-08 15:47:49 +01:00
Taus Brock-Nannestad	2e6291270b	Python: Make old query suites point to new.	2019-04-08 14:02:34 +02:00
Mark Shannon	df2000ea8e	Python: Fix up dataflow configuration to act as expected. Keep undocumented for now.	2019-04-05 09:05:13 +01:00
Mark Shannon	2ba122373a	Merge pull request #1128 from taus-semmle/python-paramiko-unsafe-host-key-validation ... Python: Add query for insecure SSH host key policies in Paramiko.	2019-04-04 16:57:13 +01:00
Mark Shannon	c2e814a11a	Fix CWE tag for Code injection query.	2019-04-04 15:09:12 +01:00
Mark Shannon	3bcd445a32	Python change 'SimpleHttpResponseTaintSink' to 'HttpResponseTaintSink'.	2019-04-04 14:45:37 +01:00