hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

549 Commits

Author SHA1 Message Date
Geoffrey White
24c6bb4c52 Swift: More modern (?) phrasing. 2022-10-14 14:41:02 +01:00
Geoffrey White
3da3a278ab Swift: Query metadata. 2022-10-14 14:31:38 +01:00
Geoffrey White
76ff593cc5 Swift: Bring it all together into a query. 2022-10-13 16:06:44 +01:00
Geoffrey White
7d78df25bf Swift: Define SQL sinks. 2022-10-13 15:50:57 +01:00
Geoffrey White
ce5631e7cb Swift: Complete the rename. 2022-10-13 15:22:36 +01:00
Geoffrey White
12cb099376 Swift: Rename to match other languages (except Java). 2022-10-13 15:21:39 +01:00
Geoffrey White
398b2a392f Swift: Add more test variants. 2022-10-13 15:13:29 +01:00
Geoffrey White
5496b11153 Swift: Update tests based on feedback. 2022-10-12 14:52:14 +01:00
Nora Dimitrijević
b7ad287cb1 Swift: rename stub parameters to match docs. 2022-10-10 18:46:39 +02:00
Geoffrey White
4258147edf Swift: Test SQL injection via the SQLite.swift library. 2022-10-10 17:40:22 +01:00
Geoffrey White
964c92418c Swift: Test SQL injection via the C API. 2022-10-10 17:40:22 +01:00
Geoffrey White
bcab9d8e7c Swift: Add framework for SQL Injection query. 2022-10-10 17:25:08 +01:00
Nora Dimitrijević
8664017fe4 Swift: Working tests 2022-10-10 14:08:04 +02:00
Mathias Vorreiter Pedersen
10eb548156 Merge pull request #10699 from MathiasVP/swift-mad-summaries 2022-10-06 17:44:35 +01:00
Mathias Vorreiter Pedersen
0065a5af96 Swift: Accept path-explanation test changes. 2022-10-06 10:30:18 +01:00
Geoffrey White
d4742d22a0 Swift: 'Data' should be a struct. 2022-10-04 15:10:41 +01:00
Karim Ali
9e3d5f49c5 add interprocedural cases to the tests 2022-10-02 15:54:39 +02:00
Karim Ali
72ba77d900 Add rule that checks for using the insecure ECB block mode for encryption 2022-10-02 15:53:39 +02:00
Karim Ali
2080f0dd36 address style violation in generated alerts 2022-10-02 15:50:26 +02:00
Karim Ali
21d5e417d1 add interprocedural cases to the tests 2022-10-02 15:50:25 +02:00
Karim Ali
746f535ee5 Add rule that checks for using the insecure ECB block mode for encryption 2022-10-02 15:50:25 +02:00
Geoffrey White
d2c74913c8 Swift: Repair UnsafeWebViewFetch query via taint summary. 2022-09-27 18:25:32 +01:00
Geoffrey White
13b2b1f304 Swift: Repair CleartextTransmission query. 2022-09-27 18:25:32 +01:00
Geoffrey White
62aa5de781 Swift: URL is a struct not a class. 2022-09-27 18:25:31 +01:00
Geoffrey White
ed3d3e4ff0 Swift: fix regression. 2022-09-23 21:01:25 +01:00
erik-krogh
1fe76ecc0a update expected output 2022-09-23 12:27:06 +02:00
Alex Denisov
44f4ff18dd Swift: accept regression 2022-09-22 11:17:07 +02:00
Mathias Vorreiter Pedersen
90f24d3e82 Merge pull request #10430 from geoffw0/cleartextmissing 
Swift: Fix missing results in swift/cleartext-storage-database
 2022-09-20 14:23:29 +01:00
Geoffrey White
213cd94047 Swift: Update the test. 2022-09-16 13:24:37 +01:00
Geoffrey White
dc47771937 Swift: Fix locationless results. 2022-09-14 20:43:24 +01:00
Geoffrey White
25840996f6 Swift: Use a slightly different approach to fix false positive. 2022-09-14 20:43:23 +01:00
Geoffrey White
7b96cb071a Swift: Remove the original sink cases as they are no longer required. 2022-09-14 20:43:22 +01:00
Geoffrey White
e0100d7b98 Swift: Expand sinks and fix issue with post-update notes to catch the missing test results. 2022-09-14 20:43:22 +01:00
Geoffrey White
eb2a0af4cc Swift: Additional test case. 2022-09-14 20:43:21 +01:00
Mathias Vorreiter Pedersen
6074f22d3f Merge pull request #10335 from github/redsun82/swift-weak-hashing-phase-1 
Swift: first version of query targeting weak hashing
 2022-09-14 08:29:47 +01:00
AlexDenisov
be21b26d46 Merge pull request #10045 from github/alexdenisov/swift-cwe-757 
Swift: CWE-757: insecure TLS configuration
 2022-09-12 15:25:15 +02:00
Paolo Tranquilli
776df33f55 Swift: fix typos and comments in testCrypto.swift 2022-09-12 08:47:43 +02:00
Paolo Tranquilli
a8a34addde Merge branch 'main' into redsun82/swift-weak-hashing-phase-1 2022-09-09 11:07:41 +02:00
Paolo Tranquilli
6223103bbd Swift: add more testing to WeakSensitiveDataHashing 2022-09-09 11:02:08 +02:00
Paolo Tranquilli
c739bbb051 Swift: bake in isProbablySafe in SensitiveExpr 
Also restructured the code a bit in the weak hashing query.
 2022-09-09 11:00:02 +02:00
Alex Denisov
d455a557be Swift: CWE-757: update docs and user facing text 2022-09-08 10:31:23 +02:00
Alex Denisov
d18ad665b6 Swift: CWE-757: Insecure TLS configuration 2022-09-08 09:34:04 +02:00
Mathias Vorreiter Pedersen
417b2152d8 Merge pull request #10319 from geoffw0/cleartextbarrier 2022-09-08 00:30:57 +01:00
Paolo Tranquilli
19b13ee4e3 Swift: first draft of query targeting weak hashing 2022-09-07 15:58:35 +02:00
Geoffrey White
0741266cea Swift: Switch from isSanitizerIn to isSanitizer. 2022-09-06 13:37:49 +01:00
Geoffrey White
8281d92e71 Swift: Add barriers for encryption. 2022-09-06 13:37:49 +01:00
Geoffrey White
9683a95162 Swift: Add a few more test cases. 2022-09-06 13:37:48 +01:00
Geoffrey White
a14efcfb69 Merge branch 'main' into stringlengthcleanup 2022-09-02 19:26:28 +01:00
Geoffrey White
c3a8da4570 Swift: Use getABaseTypeDecl() to improve StringLengthConflation.ql. 2022-09-02 19:21:50 +01:00
Geoffrey White
129ed426a0 Swift: Use allowImplicitRead as a better solution replacing one of the special flow cases. 2022-08-31 17:58:18 +01:00