hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,672 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

1617 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
10eb548156 Merge pull request #10699 from MathiasVP/swift-mad-summaries 2022-10-06 17:44:35 +01:00
Mathias Vorreiter Pedersen
0065a5af96 Swift: Accept path-explanation test changes. 2022-10-06 10:30:18 +01:00
Mathias Vorreiter Pedersen
1edd4d855a Swift: Add an example with flow through a callback function. 2022-10-06 10:30:11 +01:00
Mathias Vorreiter Pedersen
0b6ea703ea Swift: Create explicit parameter nodes for source parameters and MaD parameters. 2022-10-06 10:29:52 +01:00
Geoffrey White
d4742d22a0 Swift: 'Data' should be a struct. 2022-10-04 15:10:41 +01:00
Mathias Vorreiter Pedersen
2593120300 Merge pull request #10597 from geoffw0/swifttaintsource 
Swift: URL taint sources
 2022-10-04 09:22:27 +01:00
Karim Ali
9e3d5f49c5 add interprocedural cases to the tests 2022-10-02 15:54:39 +02:00
Karim Ali
72ba77d900 Add rule that checks for using the insecure ECB block mode for encryption 2022-10-02 15:53:39 +02:00
Karim Ali
2080f0dd36 address style violation in generated alerts 2022-10-02 15:50:26 +02:00
Karim Ali
21d5e417d1 add interprocedural cases to the tests 2022-10-02 15:50:25 +02:00
Karim Ali
746f535ee5 Add rule that checks for using the insecure ECB block mode for encryption 2022-10-02 15:50:25 +02:00
Geoffrey White
1248810e35 Swift: Add model for URL.resourceBytes and URL.lines. 2022-09-27 18:58:56 +01:00
Geoffrey White
fa5e03a53d Swift: Add tests of URL.resourceBytes and URL.lines. 2022-09-27 18:58:56 +01:00
Geoffrey White
69dd2c0eec Swift: Add a test of taint sources. 2022-09-27 18:58:56 +01:00
Geoffrey White
3ffb2a3ee6 Swift: Fix. 2022-09-27 18:39:03 +01:00
Geoffrey White
286fcb672c Swift: Additional test results. 2022-09-27 18:31:43 +01:00
Geoffrey White
d2c74913c8 Swift: Repair UnsafeWebViewFetch query via taint summary. 2022-09-27 18:25:32 +01:00
Geoffrey White
13b2b1f304 Swift: Repair CleartextTransmission query. 2022-09-27 18:25:32 +01:00
Geoffrey White
62aa5de781 Swift: URL is a struct not a class. 2022-09-27 18:25:31 +01:00
Geoffrey White
ed3d3e4ff0 Swift: fix regression. 2022-09-23 21:01:25 +01:00
erik-krogh
1fe76ecc0a update expected output 2022-09-23 12:27:06 +02:00
Alex Denisov
44f4ff18dd Swift: accept regression 2022-09-22 11:17:07 +02:00
Alex Denisov
b364647d76 Swift: add stubs for new exprs 2022-09-22 11:17:07 +02:00
Alex Denisov
d937234f83 Swift: add stubs for new types 2022-09-22 11:17:07 +02:00
Alex Denisov
13fe02edfa Swift: NestedArchetypeType was removed 2022-09-22 11:17:04 +02:00
Paolo Tranquilli
69dfdf5a34 Swift: fix IfConfigDecl in QL libraries 
This fixes `IfConfigDecl` for both the AST printer and control flow
libraries.

It turns out that the active lements of an `IfConfigDecl` are already
listed in the enclosing scope (like a `BraceStmt`), so they should not
be listed as children, and `IfConfigDecl` can be jsut a leaf in the
control flow.
 2022-09-21 12:12:55 +02:00
Paolo Tranquilli
b4df557c5a Merge branch 'main' into redsun82/swift-do-not-extract-inactive-ifconfig-clauses 2022-09-20 15:41:34 +02:00
Paolo Tranquilli
3fd8136dc7 Swift: accept test results 2022-09-20 15:37:09 +02:00
Mathias Vorreiter Pedersen
90f24d3e82 Merge pull request #10430 from geoffw0/cleartextmissing 
Swift: Fix missing results in swift/cleartext-storage-database
 2022-09-20 14:23:29 +01:00
Paolo Tranquilli
72a4bd3f1e Swift: group unresolved elements and remove their tests 2022-09-20 15:22:20 +02:00
Paolo Tranquilli
7ae68fcc03 Swift: rework IfConfigDecl schema 2022-09-20 15:11:58 +02:00
Geoffrey White
213cd94047 Swift: Update the test. 2022-09-16 13:24:37 +01:00
Geoffrey White
dc47771937 Swift: Fix locationless results. 2022-09-14 20:43:24 +01:00
Geoffrey White
25840996f6 Swift: Use a slightly different approach to fix false positive. 2022-09-14 20:43:23 +01:00
Geoffrey White
7b96cb071a Swift: Remove the original sink cases as they are no longer required. 2022-09-14 20:43:22 +01:00
Geoffrey White
e0100d7b98 Swift: Expand sinks and fix issue with post-update notes to catch the missing test results. 2022-09-14 20:43:22 +01:00
Geoffrey White
eb2a0af4cc Swift: Additional test case. 2022-09-14 20:43:21 +01:00
Mathias Vorreiter Pedersen
6074f22d3f Merge pull request #10335 from github/redsun82/swift-weak-hashing-phase-1 
Swift: first version of query targeting weak hashing
 2022-09-14 08:29:47 +01:00
AlexDenisov
be21b26d46 Merge pull request #10045 from github/alexdenisov/swift-cwe-757 
Swift: CWE-757: insecure TLS configuration
 2022-09-12 15:25:15 +02:00
Paolo Tranquilli
776df33f55 Swift: fix typos and comments in testCrypto.swift 2022-09-12 08:47:43 +02:00
Paolo Tranquilli
a8a34addde Merge branch 'main' into redsun82/swift-weak-hashing-phase-1 2022-09-09 11:07:41 +02:00
Paolo Tranquilli
6223103bbd Swift: add more testing to WeakSensitiveDataHashing 2022-09-09 11:02:08 +02:00
Paolo Tranquilli
c739bbb051 Swift: bake in isProbablySafe in SensitiveExpr 
Also restructured the code a bit in the weak hashing query.
 2022-09-09 11:00:02 +02:00
Alex Denisov
d455a557be Swift: CWE-757: update docs and user facing text 2022-09-08 10:31:23 +02:00
Alex Denisov
d18ad665b6 Swift: CWE-757: Insecure TLS configuration 2022-09-08 09:34:04 +02:00
Mathias Vorreiter Pedersen
417b2152d8 Merge pull request #10319 from geoffw0/cleartextbarrier 2022-09-08 00:30:57 +01:00
Paolo Tranquilli
19b13ee4e3 Swift: first draft of query targeting weak hashing 2022-09-07 15:58:35 +02:00
Geoffrey White
d1867b9716 Merge pull request #10284 from geoffw0/stringlengthcleanup 
Swift: Improve swift/string-length-conflation
 2022-09-06 14:07:02 +01:00
Geoffrey White
0741266cea Swift: Switch from isSanitizerIn to isSanitizer. 2022-09-06 13:37:49 +01:00
Geoffrey White
8281d92e71 Swift: Add barriers for encryption. 2022-09-06 13:37:49 +01:00