hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

4612 Commits

Author SHA1 Message Date
jorgectf
33423eaef3 Optimize calls 2021-04-08 00:31:53 +02:00
jorgectf
7e456494ef Set up taint config and custom sink 2021-04-08 00:20:04 +02:00
jorgectf
8ca6e84268 Refactor Calls to use ApiGraphs 2021-04-08 00:19:46 +02:00
jorgectf
aa7763b3d2 Set up Concepts 2021-04-08 00:19:14 +02:00
jorgectf
db1f54a5f3 Polish query file 2021-04-08 00:19:00 +02:00
Dilan
675de07c3e autoformat ql 2021-04-07 15:04:18 -07:00
thank_you
83f28bfdda Catch any keyword argument passed to MongoEngine's objects method 
After some research, we discovered that any keyword argument passed to the objects method will result in NoSQL injection. This includes scenarios where we have the following:

objects(name_of_model_attribute=unsanitized_user_input)
 2021-04-07 16:45:48 -04:00
thank_you
719c30bd92 Fix file name and adjust where the test points to 2021-04-07 16:42:51 -04:00
yoff
38daeb4df2 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-04-07 15:50:51 +02:00
Taus
903f364dab Python: Improve CallCfgNode interface 
Call nodes are always local sources (specifically sources of the return
value of the call), and so inheriting from `LocalSourceNode` will have
no effect on results, but _should_ make it a bit more smooth to use the
API.
 2021-04-07 13:31:12 +00:00
Taus
6c69c1aeeb Python: Minor cleanup 2021-04-07 10:47:21 +00:00
Rasmus Lerchedahl Petersen
a006a92f8d Python: Expand commentary 2021-04-07 08:32:40 +02:00
Rasmus Lerchedahl Petersen
f22db2a30b Python: One family to rule them all... 2021-04-07 08:32:21 +02:00
Rasmus Lerchedahl Petersen
a0e3e3afaf Python: adjust test expectations 2021-04-07 08:22:36 +02:00
Rasmus Lerchedahl Petersen
fb95c488e8 Python: format 2021-04-07 08:20:52 +02:00
Rasmus Lerchedahl Petersen
094d2f3b7d Python: clean up tests 2021-04-06 22:59:58 +02:00
Rasmus Lerchedahl Petersen
a44490b470 Python: remove unused file 2021-04-06 22:56:07 +02:00
Rasmus Lerchedahl Petersen
0626684442 Python: small cleanups enabled by review 2021-04-06 22:55:32 +02:00
yoff
acf8fd0f03 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-04-06 22:45:03 +02:00
Taus
b44db460f6 Python: Only track modules that are imported 2021-04-06 19:55:43 +00:00
thank_you
4e98348411 Remove comment 2021-04-06 13:57:03 -04:00
thank_you
dc274ecf36 Improve sentence structure and grammar 2021-04-06 13:51:59 -04:00
thank_you
520e65e3c3 Remove unnecessary example code 2021-04-06 13:46:51 -04:00
thank_you
ac31260fed Made grammar changes 2021-04-06 13:42:57 -04:00
Taus Brock-Nannestad
8e11abca40 Revert "Merge pull request #5552 from RasmusWL/revert-import-change" 
This reverts commit 49d1937dc4, reversing
changes made to d4877a9038.
 2021-04-06 17:39:41 +02:00
jorgectf
bfd4280d35 Fix imports and begin refactor 2021-04-06 15:51:37 +02:00
jorgectf
2f874c5c0b Precision warn and Remove CWE (broken) reference 2021-04-06 15:47:42 +02:00
jorgectf
809bf2377e Move to experimental folder 2021-04-06 15:47:41 +02:00
jorgectf
8715d29a44 Upload LDAP Improper authentication query, qhelp and tests 2021-04-06 15:47:41 +02:00
jorgectf
1bcb9cd7c0 Simplify query 2021-04-06 15:42:56 +02:00
Rasmus Wriedt Larsen
bc49bc7095 Python: Add variable with underscore to __all__ tests 2021-04-06 11:54:25 +02:00
Rasmus Wriedt Larsen
224d3790b5 Python: Highlight all_indirect.py is not super important 
At least not in my mind
 2021-04-06 11:50:04 +02:00
Rasmus Wriedt Larsen
b11703cc74 Python: all_dybamic2 => all_indirect 2021-04-06 11:49:55 +02:00
Rasmus Lerchedahl Petersen
c777f1d8d7 Merge branch 'main' of github.com:github/codeql into python-api-enhancements 2021-04-06 09:31:26 +02:00
yoff
a23d8deb10 Merge pull request #5483 from RasmusWL/minor-fixup-django 
Python: Better text for getSourceType in Django
 2021-04-06 08:30:58 +02:00
thank_you
6ade120983 Add check for mongoengine raw queries 
After initial research on our end, we believe that the only vulnerability within the objects() method is passing a query into the __raw__ keyword argument. More info can be found below:

http://docs.mongoengine.org/guide/querying.html?highlight=inc__#raw-queries
 2021-04-05 20:44:16 -04:00
thank_you
759fa2cd01 Update query to search for more pymongo sink methods 2021-04-05 20:42:18 -04:00
thank_you
3f0c758622 Add required __raw__ keyword 
This __raw__ keyword is required for the actual mongoengine vulnerability. More info can be found below:

http://docs.mongoengine.org/guide/querying.html?highlight=inc__#raw-queries
 2021-04-05 19:07:13 -04:00
Your Name
80216f6974 Rename classes 2021-04-05 14:41:08 -04:00
Your Name
be9a3a95b1 Add relevant PyMongo sink methods 2021-04-05 14:23:56 -04:00
Your Name
9072d19cda Update qhelp file 2021-04-05 13:56:43 -04:00
jorgectf
d22da880e7 Fix verifiesSignature() 2021-04-04 20:31:07 +02:00
jorgectf
198f8dcc1f Improve predicates 2021-04-03 23:01:50 +02:00
jorgectf
7ed7809a60 Use LocalSourceNode and flowsTo() for better performance 2021-04-02 21:17:18 +02:00
jorgectf
513055cae5 Change old comments 2021-04-01 18:45:39 +02:00
jorgectf
ee70eb709c Remove old comment 2021-04-01 18:34:54 +02:00
jorgectf
5edb3b1153 Query upload 2021-04-01 18:31:45 +02:00
jorgectf
15e176a3b8 Polish query select 2021-04-01 13:00:12 +02:00
jorgectf
f980d0694b Fix taint configs 2021-04-01 12:50:25 +02:00
jorgectf
c8740a2031 Update naming 2021-04-01 12:41:11 +02:00