hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 12:16:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,347 Commits 1,672 Branches 157 Tags
hmac-cli-injection-from-library-inputs
Commit Graph

33347 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
a6360215f3 Merge pull request #7304 from michaelnebel/csharp-mad-as-csv2 
C#: Convert flow summaries to CSV format.
 2021-12-13 08:56:06 +01:00
Harry Maclean
0ca9852cc8 Merge pull request #7325 from github/hmac/action-controller-private-methods 
Ruby: Don't count private methods as Rails actions
 2021-12-13 20:47:22 +13:00
Harry Maclean
6223b166c2 Update test fixtures 
At the same time, rename some classes in `private.rb` so they don't
interact with identically-named modules in `calls.rb`.
 2021-12-13 16:24:25 +13:00
Harry Maclean
e1d290d4c0 Ruby: Don't count private methods as Rails actions 
Private instance methods on ActionController classes aren't valid
request handlers. Routing to them will raise an exception.
 2021-12-13 15:36:55 +13:00
liangjinhuang
77b5f422ba change PasswordFnSink to RandomFnSink 2021-12-11 12:31:20 +08:00
Aditya Sharad
1857de1f33 JS: Speed up detection of jQuery marker comments 
Combine two regexes into a single one.
This saves up to 5s on large databases by reducing the number
of separate scans of the comments table before regex matching.

The combined regex is slightly more permissive than the
original two, since it allows a combination of the two
matched formats. A string that matches one of the original
regexes will match the combined regex.
 2021-12-10 15:30:02 -08:00
Nick Rolfe
b80a84c156 Merge pull request #7341 from github/nickrolfe/cookies 2021-12-10 19:52:23 +00:00
Aditya Sharad
6a1aea740f JS: Avoid scanning individual comment lines to find generated code markers 
Some subclasses of GeneratedCodeMarkerComment regex match against `getLine(_)`.
When evaluated, this results in multiple scans (one per subclass that uses it)
of all comment lines in the database, before regex matching against those lines.

To make these scans smaller, regex match against the entire comment text
without splitting them into lines.
This is achieved using `?m` (multiline) and line boundaries in the regexes.
 2021-12-10 11:41:54 -08:00
Aditya Sharad
c9a87234ef JS: Factor helper predicate to improve SensitiveWrite performance 2021-12-10 11:41:53 -08:00
Andrew Eisenberg
66c1629974 Merge pull request #7285 from github/post-release-prep-2.7.3-ddd4ccbb 
Post-release preparation 2.7.3
 2021-12-10 09:59:45 -08:00
Tony Torralba
43a10457dd [Java] Query for Log4j JNDI Injection 2021-12-10 17:37:43 +01:00
Nick Rolfe
b6c5b4d213 Ruby: define ActionViewCookiesCall 2021-12-10 16:36:26 +00:00
yoff
d8857c7ce8 Merge pull request #7246 from tausbn/python/import-star-flow 
Python: Support flow through `import *`
 2021-12-10 16:34:32 +01:00
Henry Mercer
a46787ea07 Merge pull request #7351 from github/henrymercer/js-atm-heuristic-sinks-improvements 
JS: Improve handling of heuristic sinks in endpoint filters
 2021-12-10 14:56:45 +00:00
Rasmus Wriedt Larsen
bd9b96e154 Merge pull request #7331 from tausbn/python-fix-bad-callsite-points-to-join 
Python: Fix bad `callsite_points_to` join
 2021-12-10 15:39:49 +01:00
Rasmus Wriedt Larsen
8ee020f79c Merge pull request #7332 from tausbn/python-fix-bad-scope-entry-points-to-join 
Python: Fix bad `scope_entry_points_to` join
 2021-12-10 15:33:13 +01:00
Esben Sparre Andreasen
13288be7fc make ATM anti sink model for dojo.require 2021-12-10 15:07:51 +01:00
Esben Sparre Andreasen
9ffc02944d add file write model for express-fileupload mv 2021-12-10 15:05:34 +01:00
Esben Sparre Andreasen
cfd2dcffa0 recognize more modelled database accesses 2021-12-10 14:54:59 +01:00
Esben Sparre Andreasen
b0f6cf1491 expose more marsdb calls as database accesses 2021-12-10 13:46:19 +01:00
Esben Sparre Andreasen
9df1ac7f75 treat redis and ioredis usage as database access 2021-12-10 13:26:26 +01:00
Esben Sparre Andreasen
10498c3643 treat jQuery as fully modelled 2021-12-10 12:51:45 +01:00
Nick Rolfe
a4da528812 Ruby: query to find user-controlled bypass of sensitive actions 2021-12-10 11:41:09 +00:00
Esben Sparre Andreasen
a1ee900f50 treat Base64 manipulations as non-sinks 2021-12-10 12:37:44 +01:00
Henry Mercer
6e167040f5 Merge pull request #7307 from adityasharad/atm/perf-debugging 
JS/ATM: Various compilation fixes and performance improvements
 2021-12-10 11:00:27 +00:00
Anders Schack-Mulligen
464b9c3991 Dataflow: Sync. 2021-12-10 11:20:01 +01:00
Anders Schack-Mulligen
32cb8f362b Dataflow: Add test for FlowState. 2021-12-10 11:20:01 +01:00
Anders Schack-Mulligen
219bf51ec2 Dataflow: Add support for flow state. 2021-12-10 11:20:01 +01:00
Tom Hvitved
657cd89286 Merge pull request #7347 from hvitved/cfg/more-consistency-tests 
Shared CFG: Add two more consistency queries
 2021-12-10 10:50:39 +01:00
Tamas Vajk
d2822c2acc Rework semantic model caching 2021-12-10 10:42:30 +01:00
Tamas Vajk
704a5e4bbf Revert "C#: Avoid NPE in Parameter.Populate" 
This reverts commit 08eb7e207d1e12c9578e07ee0a1d79bf6b62f60f.
 2021-12-10 10:42:30 +01:00
Tom Hvitved
8ccbcf1bf8 C#: Avoid NPE in Parameter.Populate 2021-12-10 10:42:29 +01:00
Tom Hvitved
563b771163 C#: Update expected test output 2021-12-10 10:42:29 +01:00
Tom Hvitved
0a0657ada1 C#: Adapt to new Roslyn representation of implicit Main methods 2021-12-10 10:42:29 +01:00
Tom Hvitved
1c230d0888 C#: Update nuget packages 2021-12-10 10:42:29 +01:00
Michael Nebel
afa58f5676 C#: Ensure bi-directional importing of external flow for System.Text. 2021-12-10 10:28:35 +01:00
Arthur Baars
13f7fd88f1 Merge pull request #7283 from aibaars/ruby-pattern-matching-cfg 
Ruby: pattern matching: CFG
 2021-12-10 10:24:38 +01:00
Anders Schack-Mulligen
634ed91904 Merge pull request #7346 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-12-10 10:12:23 +01:00
Tom Hvitved
cf42427f54 Merge pull request #7321 from hvitved/csharp/cil/unique-type 
C#: Avoid CIL instructions with multiple types
 2021-12-10 09:58:06 +01:00
Tom Hvitved
f7f3890b40 Merge pull request #7320 from hvitved/csharp/unknown-type 
C#: Populate `UnknownType`
 2021-12-10 09:57:55 +01:00
Tom Hvitved
70f76d06c7 Shared CFG: Add two more consistency queries 2021-12-10 09:56:50 +01:00
Tom Hvitved
45c0d4a3b2 Merge pull request #7343 from hvitved/cfg/consistency-test 
Shared CFG: Add another consistency test
 2021-12-10 09:49:05 +01:00
Asger Feldthaus
b336c29283 JS: Track functions with methods 2021-12-10 09:38:29 +01:00
Asger Feldthaus
4ef2a5f4f1 JS: Add test 2021-12-10 09:38:29 +01:00
github-actions[bot]
7e5bfa5aa0 Add changed framework coverage reports 2021-12-10 00:09:34 +00:00
Aditya Sharad
271b23ba8f JS: Expand explanatory comment about version placeholders 2021-12-09 13:43:08 -08:00
Aditya Sharad
0c3daabc51 JS: Fix broken regex matching predicate 
The receiver string and the regex were in the wrong order,
leading to test failures when looking for matching comments.
 2021-12-09 13:42:33 -08:00
Chris Smowton
753d886b0d Merge pull request #6319 from haby0/java/MyBatisSqlInjection 
[Java] CWE-089 MyBatis Mapper Sql Injection
 2021-12-09 19:57:18 +00:00
Taus
6d247bfdf9 Merge pull request #7330 from tausbn/python-fix-bad-adjacentuseuse-join 
Python: Fix bad join in SSA
 2021-12-09 20:55:45 +01:00
Erik Krogh Kristensen
e7209d1ee1 Merge pull request #7216 from erik-krogh/ts45 
JS: Add support for TypeScript 4.5
 2021-12-09 20:33:52 +01:00