hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,672 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

4639 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
86e97c32d6 fix all ql/use-string-compare 2022-05-17 14:11:05 +02:00
Taus
ba8d73c2be Python: Use API::CallNode 2022-05-17 12:00:17 +00:00
Mathias Vorreiter Pedersen
1280d43e36 Merge pull request #9141 from github/post-release-prep/codeql-cli-2.9.2 
Post-release preparation for codeql-cli-2.9.2
 2022-05-17 10:01:37 +01:00
Alex Ford
bda1c21562 BrokenCryptoAlgorithm block mode change notes 2022-05-16 15:49:19 +01:00
yoff
2822ed9594 Merge remote-tracking branch 'upstream/main' into python-dataflow/flow-summaries-from-scratch 2022-05-16 08:10:15 +00:00
Alex Ford
bc073eb460 python: update py/weak-cryptographic-algorithm to flag use of ECB block mode 2022-05-13 16:32:36 +01:00
github-actions[bot]
b7cbd8fd75 Post-release preparation for codeql-cli-2.9.2 2022-05-12 18:21:38 +00:00
Taus
a0f8e2f0b1 Python: Modernise py/jinja2/autoescape-false 
A simple rewrite to use API graphs instead.

The handling of falsy values is potentially a bit more restrictive now,
as it only accounts for local flow. We should probably figure out a
better way of capturing this pattern, but I felt that this was out of
scope for the present PR.
 2022-05-12 12:55:42 +00:00
Rasmus Wriedt Larsen
795adf0566 Python: Fix API::moduleImport("foo.bar") 2022-05-12 13:33:00 +02:00
github-actions[bot]
ee9980b31c Release preparation for version 2.9.2 2022-05-12 10:17:28 +00:00
Rasmus Wriedt Larsen
044829c3bb Python: Add @security-severity to py/pam-auth-bypass 
The value 8.1 was calculated by our internal tool. This corresponds to a
'High' severity, which from my gut feeling seems reasonable for
authorization bypass.
 2022-05-11 14:57:21 +02:00
yoff
4445cf152a python: various fixes 
- compilation
- alerts
- some review comments
 2022-05-11 12:28:58 +00:00
Rasmus Wriedt Larsen
cff950f5f7 Python: Fix select of py/insecure-cookie 2022-05-11 14:06:30 +02:00
Rasmus Wriedt Larsen
0956d506de Python: Actually promote py/pam-auth-bypass 
🤦
 2022-05-11 13:44:47 +02:00
Rasmus Wriedt Larsen
fc8633cc01 Python: Fix select for py/cookie-injection 2022-05-11 13:18:14 +02:00
Rasmus Wriedt Larsen
27b99c51e9 Python: Add placeholder precision for py/insecure-cookie 2022-05-11 11:36:06 +02:00
Rasmus Wriedt Larsen
a902d3d8f0 Python: Add security-severity for py/insecure-cookie 
Matching the Java query
7d4767a4f5/java/ql/src/Security/CWE/CWE-614/InsecureCookie.ql (L7)
 2022-05-11 11:34:16 +02:00
Rasmus Wriedt Larsen
84ad45c665 Python: Fix Django import 2022-05-11 11:33:35 +02:00
Rasmus Wriedt Larsen
d127d2164a Merge branch 'main' into jorgectf/python/insecure-cookie 2022-05-11 11:13:47 +02:00
Erik Krogh Kristensen
f5329a3d1b PY: fix ql/field-only-used-in-charpred warning 2022-05-11 09:54:55 +02:00
Erik Krogh Kristensen
94a9b3e873 fix all ql/counting-to-zero in some languages 2022-05-11 09:54:53 +02:00
Rasmus Wriedt Larsen
c890f9c4ac Python: Fix change-note 2022-05-10 18:08:43 +02:00
Rasmus Wriedt Larsen
f68b281762 Python: Add change-note 2022-05-10 18:04:52 +02:00
Rasmus Wriedt Larsen
7e87e18b32 Python: Adjust name/description/select of PamAuthorization.ql 
Thought that calling out the actual vulnerability would make things
easier for our end users :)
 2022-05-10 18:02:17 +02:00
Rasmus Wriedt Larsen
c84f693151 Python: Adjust PamAuthorization examples 
They did not have proper formatting (only 2 spaces), and I restructured
them a bit more so they look like code in the wild
 2022-05-10 18:00:20 +02:00
Rasmus Wriedt Larsen
0c534444ad Python: Format .qhelp file 
99% of our .qhelp files have manually wrapped lines, so just wanted to
keep things consistent
 2022-05-10 17:59:21 +02:00
yoff
da3634188d python: variaous fixes 
- sync summary files
- format files
- fix compilation
 2022-05-10 12:48:42 +00:00
yoff
f14ee0e794 python: Flow summaries based on type tracking 
Two classes have been inserted into the hierarchies:

- `NonLibraryDataFlowCallable` with a method `getACall2`.
This method implements "get a call, not considering flow summaries".
For `NonLibraryDataFlowCallable`s, `getACall` will defer to `getACall2`.
While you could have a synthesised call to such a callable,
it would not correspond to a `CallNode`.

- `NonLibraryDataFlowSourceCall` with methods
`getArg2` and `getCallable2`. These also refer to a call graph that
does not consider flow summaries.

`getArg2` is used to synthesise pre-update nodes for arguments.

`getCallable2` is used in `connects` to compute argument passing.
This is used to define data flow nodes for overflow arguments.

`getACall2` ensures that `LibraryCallableValue::getACall` is not called
when the charpred of `FunctionCall` is evaluated.
 2022-05-10 12:48:42 +00:00
Rasmus Lerchedahl Petersen
80175a9af5 Python: Compiles and mostly pass tests 
- add flowsummaries shared files
- register in indentical files
- fix initial non-monotonic recursions
  - add DataFlowSourceCall
  - add resolvedCall
  - add SourceParameterNode

failing tests:
- 3/library-tests/with/test.ql
 2022-05-10 12:48:42 +00:00
Rasmus Wriedt Larsen
2b6e0cfb44 Merge pull request #8340 from yoff/python/simple-csrf 
python: minimal CSRF implementation
 2022-05-10 13:36:38 +02:00
Rasmus Wriedt Larsen
cb17e2a649 Merge pull request #8595 from porcupineyhairs/pypam 
Python : Add query to detect PAM authorization bypass
 2022-05-10 13:35:12 +02:00
Rasmus Wriedt Larsen
2421076d2f Merge pull request #8696 from RasmusWL/new-nosql-examples 
Python: Improve experimental modeling for `pymongo`
 2022-05-10 11:03:05 +02:00
yoff
6c3e2db7fd Merge branch 'main' into python/simple-csrf 2022-05-10 10:55:28 +02:00
yoff
b6605bc330 Merge pull request #8634 from RasmusWL/promote-xxe 
Python: Promote XXE and XML-bomb queries
 2022-05-09 21:54:55 +02:00
Rasmus Lerchedahl Petersen
1c7e533144 python: format 2022-05-09 21:22:27 +02:00
Rasmus Lerchedahl Petersen
2a5908ff49 python: require all settings be vulnerable 
at least all thos not in tests
 2022-05-09 17:08:49 +02:00
Rasmus Wriedt Larsen
c218162104 Merge branch 'main' into pypam 2022-05-09 14:20:05 +02:00
Rasmus Wriedt Larsen
ab1252d196 Python: Add @precision high for py/pam-auth-bypass 2022-05-09 14:19:40 +02:00
Rasmus Wriedt Larsen
f5854f33da Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-05-09 10:53:25 +02:00
github-actions[bot]
1a25457178 Post-release preparation for codeql-cli-2.9.1 2022-05-05 19:05:50 +00:00
Rasmus Wriedt Larsen
5f01fc24e4 Merge branch 'main' into promote-xxe 2022-05-02 11:25:55 +02:00
Rasmus Wriedt Larsen
3c1a37e7e1 Merge branch 'main' into new-nosql-examples 2022-05-02 11:21:36 +02:00
github-actions[bot]
8e4cf190e9 Release preparation for version 2.9.1 2022-04-28 11:59:05 +00:00
yoff
39753d5a0b Merge pull request #8693 from erik-krogh/pyApi 
PY: more API-graphs refactorings
 2022-04-27 13:19:50 +02:00
Erik Krogh Kristensen
e1c7d369be Merge pull request #8796 from erik-krogh/redundantImport 
Remove redundant imports
 2022-04-27 12:39:51 +02:00
yoff
9d774463f5 Merge pull request #8859 from tausbn/python-fix-bad-essa-joins 
Python: Fix a bunch of bad joins
 2022-04-27 12:27:50 +02:00
Erik Krogh Kristensen
7dba2b5868 PY: revert deletion of redundant-import in ClientSuppliedIpUsedInSecurityCheckLib.qll 2022-04-26 14:51:21 +02:00
Erik Krogh Kristensen
d389012b75 Merge branch 'main' into redundantImport 2022-04-26 14:24:51 +02:00
yoff
76f2eca1ee Merge pull request #8560 from erik-krogh/movePolyTest 
PY: move the polynomialbacktracking-test to the test folder
 2022-04-26 14:21:30 +02:00
Mathias Vorreiter Pedersen
aca4c8727f Merge pull request #8802 from github/post-release-prep/codeql-cli-2.9.0 
Post-release preparation for codeql-cli-2.9.0
 2022-04-25 22:52:55 +01:00