hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,333 Commits 1,672 Branches 157 Tags
ginsbach/NewOverlayLocalJava
Commit Graph

553 Commits

Author SHA1 Message Date
Mark Shannon
28799441af Python: Fix false positive in 'Incomplete URL substring sanitization' query. 2019-04-25 18:11:01 +01:00
Mark Shannon
2ba122373a Merge pull request #1128 from taus-semmle/python-paramiko-unsafe-host-key-validation 
Python: Add query for insecure SSH host key policies in Paramiko.
 2019-04-04 16:57:13 +01:00
Taus Brock-Nannestad
5eb63ae048 Fix false positive and add test. 2019-03-21 14:10:05 +01:00
Taus Brock-Nannestad
9cb35a8ca9 Use correct named argument for ssl.SSLContext. 2019-03-21 14:09:25 +01:00
Taus Brock-Nannestad
c7c6c83627 Address review comments. 2019-03-19 15:44:11 +01:00
Taus Brock-Nannestad
52278b25d9 Python: Add query for insecure SSH host key policies in Paramiko. 2019-03-18 16:45:54 +01:00
Mark Shannon
38a5fb715a Python: Avoid cross-talk between unrelated sources in py/stack-trace-exposure query. 2019-03-05 16:52:28 +00:00
Mark Shannon
6c82be8bda Python: CherryPy web framework support -- requests. 2019-02-28 15:24:58 +00:00
Taus
b8b4216352 Merge pull request #979 from markshannon/python-falcon 
Python: Add support for falcon web API framework.
 2019-02-28 15:47:35 +01:00
Mark Shannon
f7d7b8eef2 Merge pull request #785 from taus-semmle/python-unsafe-use-of-mktemp 
Python: Add query for unsafe use of `tempfile.mktemp`.
 2019-02-27 15:01:06 +00:00
Mark Shannon
742c1d0fa7 Python: Add test skeleton for falcon web framework. 2019-02-27 09:53:20 +00:00
Taus Brock-Nannestad
e47b391329 Fix interpolation. 2019-02-26 16:27:04 +01:00
Taus Brock-Nannestad
7daaf77183 Make query alert refer to AST nodes rather than CFG nodes. 2019-02-26 15:56:37 +01:00
Taus Brock-Nannestad
8d774cd354 Merge branch 'master' into python-unsafe-use-of-mktemp 2019-02-26 13:23:38 +01:00
Mark Shannon
26c5ebde54 Python: Basic support for TurboGears: requests and responses. 2019-02-26 10:15:36 +00:00
Mark Shannon
aab0a243dc Python: Add redirects to bottle framework support. 2019-02-12 14:26:06 +00:00
Mark Shannon
8d525e5295 Python: Add support for bottle framework routing and requests. 2019-02-12 14:26:06 +00:00
Taus Brock-Nannestad
edd4468d08 Fix tests by stubbing relevant os functions. 2019-01-29 17:27:14 +01:00
Taus
6f7c96db54 Merge branch 'master' into python-unsafe-use-of-mktemp 2019-01-29 16:12:53 +01:00
Taus Brock-Nannestad
9a9d902cfb Add support for os.tempnam and os.tmpnam. 2019-01-29 16:08:32 +01:00
Taus
9adb19f3a9 Merge branch 'master' into python-incomplete-url-sanitize 2019-01-29 14:17:37 +01:00
Mark Shannon
6d553ae2be Python: Check os.open as well as os.chmod for weak file permissions. 2019-01-28 14:26:16 +00:00
Mark Shannon
88d8cb514c Python: Two new queries for URL and hostname sanitization (CWE-020). 2019-01-24 12:57:14 +00:00
Mark Shannon
a3b5769c2c Python: Weak file permissions query. 2019-01-22 11:33:19 +00:00
Taus Brock-Nannestad
ad429f5ae1 Add tests. 2019-01-17 14:45:25 +01:00
Taus Brock-Nannestad
e8c092ad72 Python: Support the dill pickling library. 2019-01-16 14:53:42 +01:00
Taus Brock-Nannestad
46973f4305 Support from ssl import PROTOCOL_.... 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
dfe3fc6d5c Pass pyOpenSSL method as parameter instead of keyword argument. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
a893dca06e Add support for ssl.SSLContext. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
0a839f8468 Python: Check for insecure versions of SSL and TLS. 2019-01-07 15:24:15 +01:00
Mark Shannon
b3eaa46f14 Python: Use consistent abbreviations in weak-crypto query message. 2018-11-28 16:58:22 +00:00
Mark Shannon
1065ad0ce7 Python: Weak crypto query. 2018-11-28 16:57:34 +00:00
Mark Shannon
eefb45c94b Python: jinja2-without-escaping query: Clean up query and account for Template class in tests. 2018-11-28 10:46:44 +00:00
Mark Shannon
1080525d7d Python: Add missing test stub. 2018-11-28 10:45:48 +00:00
Mark Shannon
243280dc00 Python: New query to check for use of jinja2 templates without auto-escaping. 2018-11-28 10:45:19 +00:00
Mark Shannon
31ac33e723 Merge pull request #528 from taus-semmle/python-flask-debug 
Python: Implement check for flask debug mode.
 2018-11-27 19:42:26 +00:00
Taus
2b340b4804 Merge pull request #530 from markshannon/python-no-cert-validation 
New query to check for making a request without cert verification.
 2018-11-27 19:01:10 +01:00
Taus Brock-Nannestad
6ebf504d97 Update test results after stub change. 2018-11-27 16:59:19 +01:00
Taus Brock-Nannestad
8d341ab467 Fix stub file. 2018-11-27 16:56:09 +01:00
Taus Brock-Nannestad
a4da245809 Python: Implement check for flask debug mode. 2018-11-27 15:14:38 +01:00
Taus
f0fbed76e7 Merge pull request #539 from markshannon/python-path-fix-siblings 
Python: Fix parents relation for path queries.
 2018-11-23 17:59:04 +01:00
Mark Shannon
3190b12544 Python: Fix parent relation for path-queries. 2018-11-23 15:04:01 +00:00
Mark Shannon
6588606739 Python: Account for other 'falsey' values in query. 2018-11-23 14:42:45 +00:00
Mark Shannon
45e864a395 Python: New query to test for requests without validation. 2018-11-23 14:42:45 +00:00
Mark Shannon
f0206a2ff4 Python: Tests for new query: requests called with verify=False. 2018-11-23 14:42:45 +00:00
Mark Shannon
b94493aec3 Python: Add extra sinks for command-injection query. 2018-11-23 14:29:02 +00:00
Mark Shannon
61bd8682df Python: Improve API and representation of taint tracking nodes. Update queries and tests accordingly. 2018-11-23 12:32:14 +00:00
Mark Shannon
c01db23f58 Python: Fix up expected results of SqlInjection.ql 2018-11-22 11:05:09 +00:00
Mark Shannon
f3fedcdf38 Python tests: Move security test stubs to correct location. 2018-11-22 11:05:09 +00:00
Mark Shannon
04e5b8927a Python tests: use a more accurate form os os.path.join() in test lib. 2018-11-22 11:05:09 +00:00