hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

4639 Commits

Author SHA1 Message Date
Taus
1d28c63703 Merge pull request #810 from markshannon/python-hide-magic-variables 
Python hide magic variables
 2019-01-28 23:21:31 +01:00
Taus
0f5b21e392 Merge pull request #807 from markshannon/python-insecure-file-permission 
Python: Weak file permissions query.
 2019-01-28 23:21:10 +01:00
Taus
15643d1bb6 Merge pull request #814 from markshannon/python-fix-tornado-request-path 
Python: Fix tornado and twisted request attribute tracking.
 2019-01-28 17:38:34 +01:00
Taus
c503ec4608 Merge pull request #806 from markshannon/python-points-to-remove-some-negation 
Python: Remove some negation from points-to, in preparation for ADT Objects.
 2019-01-28 16:25:18 +01:00
Mark Shannon
39705cf733 Python: Clarify predicate a bit. 2019-01-28 14:33:39 +00:00
Mark Shannon
6d553ae2be Python: Check os.open as well as os.chmod for weak file permissions. 2019-01-28 14:26:16 +00:00
Mark Shannon
3992346add Python: Fix up mutating-descriptor query to only flag mutation when they occur during descriptor protocol. 2019-01-28 12:57:18 +00:00
Mark Shannon
53fbf51ee8 Python: Fix handling of enum members in python/ql/src/Expressions/IsComparisons.qll. 2019-01-28 12:20:31 +00:00
Mark Shannon
b841ecbb7c Python: Fix tornado and twisted request attribute tracking; 'path' attribute can be trusted, but 'uri' and 'arguments' cannot. 2019-01-28 11:26:00 +00:00
Mark Shannon
3850f87879 Make qhelp for 'Incomplete URL substring sanitization' consistent across languages. 2019-01-25 16:47:23 +00:00
Taus
fc00e0a64a Merge pull request #796 from markshannon/python-import-used-in-doctest 
Python: Fix 'unused import' for doctests and typehints.
 2019-01-25 16:14:08 +01:00
Mark Shannon
6ddbed7d95 Python: Minor tweaks to qldoc and release note. 2019-01-25 11:34:41 +00:00
Mark Shannon
88d8cb514c Python: Two new queries for URL and hostname sanitization (CWE-020). 2019-01-24 12:57:14 +00:00
Mark Shannon
4ef3f461a4 Python: Fix typo and use infix casts. 2019-01-23 14:07:50 +00:00
Taus
ffa8b12d48 Merge pull request #782 from markshannon/python-add-more-tests 
Python: Add more tests
 2019-01-23 14:04:23 +01:00
Mark Shannon
0ea2d56945 Python tests: Move helper predicate into TestUtils.qll 2019-01-23 11:20:04 +00:00
Taus
d735c363e8 Merge pull request #797 from markshannon/python-hide-check-class 
Python: Hide 'CheckClass' class
 2019-01-23 12:04:01 +01:00
Mark Shannon
547b3eb973 Python: Fix 'unused import' to no longer give alerts for imported modules used in typehints. 2019-01-22 17:38:09 +00:00
Mark Shannon
a3b5769c2c Python: Weak file permissions query. 2019-01-22 11:33:19 +00:00
Mark Shannon
28bea69882 Python: ESSA definitions; make '*' special variable into its own class. 2019-01-22 10:51:36 +00:00
Mark Shannon
01a2add73b Python: Internal points-to extension enhancement. Use it handle re module constants. 2019-01-21 14:38:07 +00:00
Mark Shannon
6bbbb85a73 Python: Remove some negation from points-to, in preparation for ADT Objects. 2019-01-21 11:56:39 +00:00
Mark Shannon
261cd36b8c Merge pull request #781 from kevinbackhouse/HashedButNoHash 
Python: fix false positive result.
 2019-01-18 21:56:12 +00:00
Kevin Backhouse
9e79e1bc8c Simplify the logic with theTypeErrorType(). 2019-01-18 16:33:48 +00:00
Taus
bcc65dbad3 Merge pull request #554 from markshannon/python-named-module-utility 
Python: named module utility
 2019-01-18 16:01:36 +01:00
Taus
92d2e18bf2 Merge pull request #712 from markshannon/python-fix-odasa-7307 
Python: Detect a wider range of generated files.
 2019-01-18 14:38:08 +01:00
Mark Shannon
ad2481f498 Python: Hide 'CheckClass' class which is old and should only be used by those queries it is specifically designed for. 2019-01-18 12:31:19 +00:00
Mark Shannon
c1a549ddff Python. Improve grammar in qldoc comment. 2019-01-18 11:49:59 +00:00
Mark Shannon
9f93bf8d17 Python: Fix 'unused import' to no longer give alerts for imported modules used in doctests. 2019-01-18 11:08:53 +00:00
Kevin Backhouse
56efe3adb7 Fix false positive result. 2019-01-17 16:22:48 +00:00
Taus Brock-Nannestad
7c3dc929ac Add query and qhelp. 2019-01-17 14:45:25 +01:00
Taus Brock-Nannestad
e8c092ad72 Python: Support the dill pickling library. 2019-01-16 14:53:42 +01:00
Mark Shannon
b4e8808582 Python, Exec used query: Remove restriction that call to exec function must be Python 3. For upcoming unified parser. 2019-01-16 10:19:35 +00:00
Taus Brock-Nannestad
9ac50186f6 Add a few more insecure versions 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
1af503ab84 Address documentation comments. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
46973f4305 Support from ssl import PROTOCOL_.... 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
e8a41f719c Add documentation. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
dfe3fc6d5c Pass pyOpenSSL method as parameter instead of keyword argument. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
d604f5c9c9 Fix insecure_version_name comments. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
a893dca06e Add support for ssl.SSLContext. 2019-01-07 15:24:15 +01:00
Taus Brock-Nannestad
0a839f8468 Python: Check for insecure versions of SSL and TLS. 2019-01-07 15:24:15 +01:00
Mark Shannon
6b5ad0d928 Python: Detect a wider range of generated files. 2018-12-27 15:01:10 +00:00
Taus
cb93017d98 Merge pull request #606 from markshannon/python-fix-regex-fp 
Python: Fix off-by-one error in regex parsing.
 2018-12-06 12:59:44 +01:00
Taus
08b1431fc5 Merge pull request #600 from markshannon/python-fix-performance-refinement-edge 
Python ESSA: Fix performance of PythonSsaSourceVariable.hasRefinementEdge()
 2018-12-04 18:07:21 +01:00
Taus
8493518135 Merge pull request #599 from markshannon/python-fix-essa-nonlocal 
Python ESSA: Fix definition of ESSA non-local variables.
 2018-12-04 17:06:30 +01:00
Taus
3b6c7d6f2e Merge pull request #582 from markshannon/python-faster-points-to-2 
Python points-to: Improve performance of subclass test predicates on large DBs
 2018-12-04 16:51:21 +01:00
Taus
5c3ff8aadd Merge pull request #604 from markshannon/python-faster-essa-computation 
Python : Speed up ESSA computation
 2018-12-04 16:20:49 +01:00
Taus
a23f7a6b0e Merge pull request #592 from markshannon/python-windows-import-root 
Python: Fix up computation of import root path
 2018-12-04 11:11:59 +01:00
Mark Shannon
8cd497890a Merge pull request #546 from adityasharad/python/vs-workspace-settings 
Python: Add QL for VS workspace settings file.
 2018-12-04 10:00:09 +00:00
Mark Shannon
a5b79e92a5 Python: Fix off-by-one error in regex parsing. 2018-12-03 16:50:47 +00:00