hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

4639 Commits

Author SHA1 Message Date
Mark Shannon
8909c3d6ab Python: Fix tags and message for CWE-312 queries. 2019-08-23 15:20:19 +01:00
Mark Shannon
20fc64c673 Python: Prevent bad magic in one predicate. 2019-08-23 15:08:19 +01:00
Mark Shannon
4759044ee4 Python tests: Fix up tests for CWE-312 to not use external locations. 2019-08-22 15:27:49 +01:00
Mark Shannon
6cd0087d9d Python: Use Value API for sensitive data analysis. 2019-08-22 15:27:48 +01:00
Mark Shannon
81c65cd37c Add missing html tag 2019-08-22 15:27:48 +01:00
Mark Shannon
15bb8b5f70 Python add new queries for clear-text logging and storage. 2019-08-22 15:27:48 +01:00
Mark Shannon
79ebd5652a Python: Add library support for cookies. Update and extend sensitive data library. 2019-08-22 15:27:48 +01:00
Taus Brock-Nannestad
b9ef8a0526 Python: Extend hasAttribute to unknown-but-defined module variables. 2019-08-22 16:22:53 +02:00
Taus Brock-Nannestad
f9c002e441 Python: Support short mode flags (e.g. re.M) in regexes. 2019-08-22 14:53:58 +02:00
Taus
c595d0f27b Merge pull request #1784 from markshannon/python-move-essa-together 
Python: Move all ESSA related code into one folder.
 2019-08-21 17:51:45 +02:00
Taus Brock-Nannestad
a58c16f91c Python: Prevent bad magic during pruning. 
Fixes the performance regression seen on `uncompyle2` and similar projects.
 2019-08-20 16:18:42 +02:00
Mark Shannon
d8531c46e7 Python ESSA: Move variable definitions into new file and unify 'generic' and 'python specific' parts. 2019-08-20 11:55:41 +01:00
Mark Shannon
523c5b1e1e Python ESSA: Remove unnecessary intermediate class. 2019-08-20 11:41:53 +01:00
Mark Shannon
2ab3bf46cf Python ESSA: Move definition sub-classes from points-to folder to essa folder. 2019-08-20 11:41:53 +01:00
Mark Shannon
e34ccae1fc Python ESSA: Move all Essa code to semmle.python.essa folder. 2019-08-20 11:41:46 +01:00
Mark Shannon
453ae19881 Python points-to: Add .getAstNode() method to TaintedNode for forward compatibility with upcoming taint-tracking enhancements. 2019-08-16 09:54:11 +01:00
Mark Shannon
45f5825b47 Python API: Add ClassValue.getABaseType() 2019-08-15 11:35:14 +01:00
Mark Shannon
6c6e35f541 Python: Enhance points-to to support type-hint analysis. 2019-08-15 11:35:14 +01:00
Taus
ee06c4021f Merge pull request #1727 from markshannon/python-no-rhs-tuple-points-to 
Python points-to: Do not track tuples on lhs of assignment or in deletions.
 2019-08-13 10:53:40 +02:00
Taus
5f55cb046d Merge pull request #1691 from markshannon/python-fewer-missing-edges 
Python: Make a few more expressions point-to the 'unknown' value.
 2019-08-12 16:15:09 +02:00
Mark Shannon
96ba9a2dfd Python points-to. Do not track tuples on lhs of assignment or in deletions. 2019-08-12 11:04:28 +01:00
Rebecca Valentine
8823cdfdbc Merge pull request #1713 from markshannon/python-remove-parents 
Python taint-tracking: Remove 'parents' query from path-queries.
 2019-08-08 10:01:40 -07:00
Rebecca Valentine
56c3a4d6e5 Merge pull request #1632 from markshannon/python-account-for-dynamically-defined-builtin-instances 
Python points-to: track more instances.
 2019-08-08 09:59:11 -07:00
Mark Shannon
e6b27b37b2 Python: Update incorrect comparison queries to use new API. WORK IN PROGRESS. 2019-08-08 12:06:22 +01:00
Mark Shannon
c2f9189286 Python: Make a few more expressions point-to the 'unknown' value to improve reachability by about 1%. 2019-08-08 12:01:41 +01:00
Mark Shannon
4b242ddc86 Python: Port a few queries to new API. 2019-08-08 11:58:23 +01:00
Mark Shannon
cb719a8998 Python points-to: track instances of int, float or str without a specific value, and calls to bool(). 2019-08-08 10:49:58 +01:00
Mark Shannon
6bd5158f9e Python taint-tracking: Remove 'parents' query from path-queries, as it unused by the tooling. 2019-08-08 10:15:06 +01:00
Rebecca Valentine
fc4bb028b7 Merge pull request #1636 from markshannon/python-api-odds-and-ends 
Python: Assorted improvements to API.
 2019-08-07 09:50:44 -07:00
Mark Shannon
44a27c39b1 Python: Add a few addition qldoc comments. 2019-08-07 10:06:01 +01:00
Rebecca Valentine
5fdf6a8e11 Merge pull request #1640 from markshannon/python-update-all-taint-tracking-to-use-config 
Python: Update all remaining taint-tracking queries to use configurations
 2019-08-05 14:30:30 -07:00
Mark Shannon
63f24dfe18 Python: Add some more utility predicates and classes to the new 'Value' API. 2019-08-02 10:50:51 +01:00
Mark Shannon
4a6f385feb Python objects: Add clarify comments on callResult predicates. 2019-08-02 10:10:47 +01:00
Mark Shannon
ebd5829bfb Python: Treat the result of calling a missing module member as 'unknown'. 2019-08-01 10:37:41 +01:00
Mark Shannon
5496fa41c8 Python: Add a way to easily specify constant values for in new Value API. 2019-07-31 12:41:51 +01:00
Mark Shannon
6b2938a387 Python: Extends new Value API a bit to support callable subclasses and sequences. 2019-07-29 16:25:31 +01:00
Mark Shannon
3e5fddd776 Python: Update all remaining taint-tracking queries to use configurations. 2019-07-26 16:39:10 +01:00
Mark Shannon
f0bb07fc24 Python: Assorted improvements to API. 2019-07-26 15:11:47 +01:00
Taus
8443f68a33 Merge pull request #1624 from markshannon/python-fix-pruning-for-constants 
Python: Fix up pruning in QL to better handle constraints from constants.
 2019-07-26 16:05:14 +02:00
Taus
0258f799df Merge pull request #1591 from markshannon/python-fix-property-setter-handling 
Python: fix property setter handling in points-to.
 2019-07-26 14:01:41 +02:00
Mark Shannon
59ea825bbc Python objects: Add explanatory comment. 2019-07-26 12:07:16 +01:00
Mark Shannon
159b111aa8 Python: remove some unnecessary pragmas. 2019-07-26 11:07:39 +01:00
Taus
a557c6a3ea Merge pull request #1627 from markshannon/python-points-to-from-comprehensions 
Python points-to: Infer types for comprehensions.
 2019-07-25 16:09:33 +02:00
Taus
76fe36aa48 Merge pull request #1618 from markshannon/python-refine-module-names 
Python refine module naming.
 2019-07-25 15:29:47 +02:00
Mark Shannon
27c0571a86 Python points-to: Infer types for comprehensions. 2019-07-25 14:18:05 +01:00
Taus
85a0566c43 Merge pull request #1597 from markshannon/python-tracking-special-variable-attributes-through-phis 
Python points-to: Track implicit module attributes through phi-nodes.
 2019-07-25 11:43:16 +02:00
Taus
cca1593ea4 Merge pull request #1598 from markshannon/python-better-parameter-api 
Python: Better API for parameters.
 2019-07-25 11:35:51 +02:00
Mark Shannon
2e8c7a9d20 Python points-to: Support property setters and deleters. 2019-07-25 09:35:56 +01:00
Mark Shannon
90475fa7ef Python: Do not give module names to folders without __init__.py unless specified during extraction. 2019-07-24 15:35:57 +01:00
Mark Shannon
05e498dfdc Python: Clarify pruning code. 2019-07-24 14:47:46 +01:00