hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
32,907 Commits 1,672 Branches 157 Tags
codeql-cli-2.8.2
Commit Graph

3152 Commits

Author SHA1 Message Date
Taus Brock-Nannestad
f05313435d Python: Move typePreservingStep into Private 2021-03-12 14:06:39 +01:00
Taus Brock-Nannestad
9b8056371f Python: Make the type tracking implementation shareable 2021-03-12 13:51:24 +01:00
Taus Brock-Nannestad
978200e2ad Python: Distinguish between Python 2 and 3 
Also moves the filtering on `name` to before the big disjunction in
`MkModuleImport`.
 2021-03-12 12:35:23 +01:00
Taus Brock-Nannestad
c7b2b719cf Python: Support builtins in API graphs 2021-03-11 23:03:18 +01:00
Anders Schack-Mulligen
674886a17d Dataflow: Sync. 2021-03-10 16:53:51 +01:00
Rasmus Lerchedahl Petersen
fe975f25f9 Merge branch 'python-port-insecure-default-protocol' of github.com:yoff/codeql into python-port-insecure-default-protocol 2021-03-10 15:59:13 +01:00
Rasmus Lerchedahl Petersen
e726ff425c Python: simplify query code as suggested by review 2021-03-10 15:58:44 +01:00
Tom Hvitved
fc5158c41c Merge pull request #5338 from hvitved/dataflow/performance-tweaks 
Data flow: Performance tweaks
 2021-03-10 13:56:57 +01:00
Rasmus Lerchedahl Petersen
91c0066b8b Python: Make the documentation not lie 2021-03-09 18:17:51 +01:00
yoff
dfdf0344de Update python/ql/src/Security/CWE-327/InsecureDefaultProtocol.qhelp 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2021-03-09 16:44:08 +01:00
Tom Hvitved
fe6efde449 Address review comments 2021-03-09 14:30:12 +01:00
Rasmus Lerchedahl Petersen
8b25806a2c Python: Attempt to clarify help 2021-03-09 13:29:33 +01:00
Rasmus Lerchedahl Petersen
a16de26799 Python: add linebreak to qhelp file 
hopefully this will generate better markdown
 2021-03-09 13:27:44 +01:00
yoff
fd5ac13828 Update python/ql/src/Security/CWE-327/InsecureDefaultProtocol.ql 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2021-03-09 13:23:44 +01:00
yoff
88784fbd31 Update python/ql/src/Security/CWE-327/InsecureDefaultProtocol.qhelp 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2021-03-09 13:23:35 +01:00
yoff
b6257edc9e Update python/ql/src/Security/CWE-327/InsecureDefaultProtocol.qhelp 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2021-03-09 13:20:19 +01:00
Anders Schack-Mulligen
aeb13146d2 Merge pull request #5275 from Marcono1234/marcono1234/included-qhelp-files 
Use `.inc.qhelp` extension for included help files
 2021-03-08 16:26:32 +01:00
Rasmus Lerchedahl Petersen
4a9023b989 Python: add comment with ref 2021-03-08 08:17:23 +01:00
Rasmus Lerchedahl Petersen
7142ddcb25 Python: add taint step for __traceback__ 2021-03-08 08:13:07 +01:00
Rasmus Lerchedahl Petersen
b36e0d0be7 Python: target SSA variable rather than Cfg node 
also add "INTERNAL: Do not use."
also give test functions different names
 2021-03-08 08:04:42 +01:00
Rasmus Wriedt Larsen
99c1b2039c Pyhton: Extract vulnerable hostnames into own predicate 
Which makes the code a bit cleaner (and made testing out back-tracking easier).
 2021-03-05 17:14:32 +01:00
Rasmus Wriedt Larsen
4804a0a9f8 Python: Minor refactor addressArg 2021-03-05 17:12:45 +01:00
Rasmus Wriedt Larsen
024a586a7d Python: Remove tags for old query copy 
Co-authored-by: Taus <tausbn@github.com>
 2021-03-05 17:08:55 +01:00
Rasmus Wriedt Larsen
66c9cfad85 Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-03-05 17:08:37 +01:00
Rasmus Wriedt Larsen
83539928e6 Python: Fix grammar 
Co-authored-by: Taus <tausbn@github.com>
 2021-03-05 17:08:20 +01:00
Tom Hvitved
6e5af1a9f8 Data flow: Sync files 2021-03-05 14:56:40 +01:00
CodeQL CI
a55246c9f4 Merge pull request #5330 from RasmusWL/fix-flask-taint-prop-to-methods 
Approved by yoff
 2021-03-05 03:17:41 -08:00
yoff
d17246ce2b Merge pull request #5255 from RasmusWL/port-flask-debug 
Python: port py/flask-debug query
 2021-03-05 09:39:14 +01:00
Taus
0b446258f5 Merge pull request #5279 from RasmusWL/ensure-old-queries-not-used 
Python: Ensure old dataflow queries are not used
 2021-03-04 23:29:35 +01:00
Marcono1234
5a8ffa5a85 Use .inc.qhelp extension for included help files 2021-03-04 22:04:48 +01:00
Anders Schack-Mulligen
45f52289ea Merge branch 'main' into java/merge-5226 2021-03-04 11:36:16 +01:00
Anders Schack-Mulligen
fe07630e40 Merge pull request #5219 from smowton/smowton/feature/backward-dataflow-for-fluent-methods 
Java: Add backward dataflow edges through fluent function invocations.
 2021-03-04 11:13:32 +01:00
Rasmus Lerchedahl Petersen
de9469bbfc Python: complete ssl.create_default_context 2021-03-04 00:01:44 +01:00
Rasmus Lerchedahl Petersen
ee03837357 Python: small refactor 2021-03-03 23:46:18 +01:00
Rasmus Lerchedahl Petersen
cbbc7b2bcd Python: support unrestrictions 
Also pyOpenSSL allows SSL 2 and SSL 3 on `SSLv23`
 2021-03-03 23:42:48 +01:00
Rasmus Wriedt Larsen
3dc0c2081e Python: Fix taint-propagation to methods 
Before we would add a step from _any_ request instance to _any_ method (CP).
 2021-03-03 21:55:33 +01:00
Rasmus Lerchedahl Petersen
97d26687fe Python: Improve logic of bit fields 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
60525ec301 Python: Also track offending call 
update test expectations at this point
 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
d5171fc043 Python: Comment everything 2021-03-03 17:50:47 +01:00
Rasmus Lerchedahl Petersen
3b856010f2 Python: add TODO comment 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
ea8c6f04e2 Python: Update old test and qlhelp 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
186db7f43e Python: factor into modules and files 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
7ed018aff6 Python: refactor into modules 
and turn on the pyOpenSSL module
 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
72b37a5b1b Python: factor out barrier 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
86dde6eab1 Python: start of port 2021-03-03 17:50:46 +01:00
Rasmus Lerchedahl Petersen
3dd34c9ba9 Python: rewrite comment 2021-03-03 17:41:20 +01:00
Rasmus Lerchedahl Petersen
dcf8c881ff Python: correct mistake in example 2021-03-03 16:54:36 +01:00
Rasmus Lerchedahl Petersen
fafc36a9cb Python: remove (do not introduce) unused import 2021-03-03 16:49:35 +01:00
Rasmus Lerchedahl Petersen
f02a19669f Python: Make exception info concept local 2021-03-03 16:47:31 +01:00
Marcono1234
b9c0193022 Sync .qhelp file renaming to other languages 2021-03-03 15:38:08 +01:00