hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,347 Commits 1,673 Branches 157 Tags
hmac-cli-injection-from-library-inputs
Commit Graph

33347 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin Muskalla
50518b5622 Fix sum of rows 2021-11-23 10:42:24 +01:00
James Fletcher
b8e8ddf9ae fix link 2021-11-23 08:38:39 +00:00
Anders Schack-Mulligen
a68b55b099 Merge pull request #7208 from hvitved/ruby/restrict-use-use 
Ruby: Restrict use-use flow
 2021-11-23 09:33:43 +01:00
ihsinme
88634b81bf Update IncorrectPrivilegeAssignment.expected 2021-11-23 10:23:20 +03:00
ihsinme
6e8d56f044 Update IncorrectPrivilegeAssignment.ql 2021-11-23 10:22:26 +03:00
ihsinme
70081defdc Update FindIncorrectlyUsedExceptions.expected 2021-11-23 09:56:02 +03:00
ihsinme
62ae702e07 Update FindIncorrectlyUsedExceptions.ql 2021-11-23 09:55:43 +03:00
luchua-bc
ed78d39d61 Move duplicate code to the shared library and update qldoc 2021-11-23 03:06:26 +00:00
Henry Mercer
245edd41ff Merge pull request #7186 from github/henrymercer/rename-available-models-predicate 
JS: [Internal only] Rename the available ML models external predicate
 2021-11-22 18:26:46 +00:00
Nick Rolfe
13459c8afc Ruby: add Regexp.compile as sink for regexp injection query 2021-11-22 17:43:55 +00:00
Nick Rolfe
4b42c4447b Ruby: handle Regexp.quote wherever we handle Regexp.escape 2021-11-22 17:12:01 +00:00
Nick Rolfe
5b11cfe006 Ruby: fix up import path 2021-11-22 17:10:46 +00:00
Nick Rolfe
752b126862 Merge remote-tracking branch 'origin/main' into nickrolfe/regex_injection 2021-11-22 17:05:27 +00:00
Rasmus Wriedt Larsen
eaed870b31 Python: Fix performance problem in PoorMansFunctionResolution 
Before these changes:

[2021-11-22 12:02:50] (8s) Tuple counts for PoorMansFunctionResolution::getSimpleMethodReferenceWithinClass#ff/2@cbddf257 after 8.6s:
                      387565   ~0%     {3} r1 = JOIN Attributes::AttrRead#class#f WITH Attributes::AttrRef::accesses_dispred#bff ON FIRST 1 OUTPUT Rhs.2, Lhs.0 'result', Rhs.1
                      6548632  ~0%     {3} r2 = JOIN r1 WITH Function::Function::getName_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'func', Lhs.1 'result', Lhs.2
                      5640480  ~0%     {4} r3 = JOIN r2 WITH Class::Class::getAMethod_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'result', Lhs.2, Lhs.0 'func'
                      55660458 ~0%     {5} r4 = JOIN r3 WITH Class::Class::getAMethod_dispred#ff ON FIRST 1 OUTPUT Rhs.1, 0, Lhs.1 'result', Lhs.2, Lhs.3 'func'
                      55621412 ~0%     {4} r5 = JOIN r4 WITH AstGenerated::Function_::getArg_dispred#fff ON FIRST 2 OUTPUT Rhs.2, Lhs.2 'result', Lhs.3, Lhs.4 'func'
                      54467144 ~0%     {4} r6 = JOIN r5 WITH DataFlowPublic::ParameterNode::getParameter_dispred#fb_10#join_rhs ON FIRST 1 OUTPUT Lhs.2, Rhs.1, Lhs.1 'result', Lhs.3 'func'
                      20928    ~0%     {2} r7 = JOIN r6 WITH LocalSources::Cached::hasLocalSource#ff ON FIRST 2 OUTPUT Lhs.3 'func', Lhs.2 'result'
                                       return r7

With these changes:

[2021-11-22 11:54:25] (415s) Tuple counts for PoorMansFunctionResolution::getSimpleMethodReferenceWithinClass_helper#fff/3@14db70a8 after 75ms:
                      388306 ~0%     {2} r1 = JOIN Attributes::AttrRead#class#f WITH Attributes::AttrRef::getObject_dispred#bf ON FIRST 1 OUTPUT Rhs.1, Lhs.0 'read'
                      379420 ~4%     {2} r2 = JOIN r1 WITH LocalSources::Cached::hasLocalSource#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'read'
                      175082 ~0%     {2} r3 = JOIN r2 WITH DataFlowPublic::ParameterNode#class#fff ON FIRST 1 OUTPUT Rhs.2, Lhs.1 'read'
                      175082 ~2%     {3} r4 = JOIN r3 WITH Essa::ParameterDefinition::getParameter_dispred#ff ON FIRST 1 OUTPUT 0, Rhs.1, Lhs.1 'read'
                      166798 ~0%     {2} r5 = JOIN r4 WITH AstGenerated::Function_::getArg_dispred#fff_120#join_rhs ON FIRST 2 OUTPUT Rhs.2 'func', Lhs.2 'read'
                      162096 ~0%     {3} r6 = JOIN r5 WITH Class::Class::getAMethod_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.0 'func', Rhs.1 'cls', Lhs.1 'read'
                                     return r6

[2021-11-22 11:54:25] (415s) Tuple counts for PoorMansFunctionResolution::getSimpleMethodReferenceWithinClass_helper2#ffff/4@2b60f0s9 after 63ms:
                      162046 ~0%     {3} r1 = SCAN PoorMansFunctionResolution::getSimpleMethodReferenceWithinClass_helper#fff OUTPUT In.2 'read', In.0 'func', In.1 'cls'
                      162046 ~0%     {3} r2 = JOIN r1 WITH Attributes::AttrRead#class#f ON FIRST 1 OUTPUT Lhs.1 'func', Lhs.2 'cls', Lhs.0 'read'
                      162046 ~1%     {3} r3 = JOIN r2 WITH py_Functions ON FIRST 1 OUTPUT Lhs.1 'cls', Lhs.2 'read', Lhs.0 'func'
                      162046 ~0%     {3} r4 = JOIN r3 WITH py_Classes ON FIRST 1 OUTPUT Lhs.1 'read', Lhs.2 'func', Lhs.0 'cls'
                      161935 ~5%     {4} r5 = JOIN r4 WITH Attributes::AttrRef::getAttributeName_dispred#bf ON FIRST 1 OUTPUT Rhs.1, Lhs.0 'read', Lhs.1 'func', Lhs.2 'cls'
                      688526 ~1%     {4} r6 = JOIN r5 WITH Function::Function::getName_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.2 'func', Lhs.3 'cls', Lhs.1 'read', Rhs.1 'readFunction'
                                     return r6

[2021-11-22 11:54:25] (415s) Tuple counts for PoorMansFunctionResolution::getSimpleMethodReferenceWithinClass#ff/2@f73ae6dq after 58ms:
                      688526 ~0%     {4} r1 = SCAN PoorMansFunctionResolution::getSimpleMethodReferenceWithinClass_helper2#ffff OUTPUT In.1, In.0, In.3 'func', In.2 'result'
                      688526 ~0%     {3} r2 = JOIN r1 WITH Class::Class::getAMethod_dispred#ff ON FIRST 2 OUTPUT Rhs.0, Lhs.2 'func', Lhs.3 'result'
                      20913  ~0%     {2} r3 = JOIN r2 WITH Class::Class::getAMethod_dispred#ff ON FIRST 2 OUTPUT Lhs.1 'func', Lhs.2 'result'
                                     return r3

We need the `pragma[only_bind_into]` in getSimpleMethodReferenceWithinClass_helper2, otherwise the tuple counts would look like, which is needlessly big.

[2021-11-22 17:14:34] (2s) Tuple counts for PoorMansFunctionResolution::getSimpleMethodReferenceWithinClass_helper2#ffff/4@5f0505h7 after 711ms:
                      13570510 ~3%     {2} r1 = JOIN Function::Function::getName_dispred#ff_10#join_rhs WITH Attributes::AttrRef::getAttributeName_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'read', Lhs.1 'readFunction'
                      688526   ~1%     {4} r2 = JOIN r1 WITH PoorMansFunctionResolution::getSimpleMethodReferenceWithinClass_helper#fff_201#join_rhs ON FIRST 1 OUTPUT Rhs.1 'func', Rhs.2 'cls', Lhs.0 'read', Lhs.1 'readFunction'
                                       return r2
 2021-11-22 17:22:39 +01:00
Arthur Baars
f6baab6399 Merge pull request #7211 from dbartol/dbartol/ruby-workspace 
Merge Ruby workspace into root workspace
 2021-11-22 16:22:12 +01:00
Alex Ford
68c3c16ab3 Ruby: enable forgery protection checks for development environments 2021-11-22 15:00:32 +00:00
Dave Bartolomeo
186e3755c0 Remove unnecessary path options 2021-11-22 09:50:01 -05:00
Tom Hvitved
da39f15a9d Ruby: Move localFlowStepCommon into LocalFlow and make localSsaFlowStep private 2021-11-22 15:24:24 +01:00
Dave Bartolomeo
522074940d Merge Ruby workspace into root workspace 2021-11-22 09:10:59 -05:00
AlonaHlobina
b60fef88b5 Merge pull request #7206 from github/AlonaHlobina-patch-2 
Update query-metadata-style-guide.md
 2021-11-22 14:48:46 +01:00
Mathias Vorreiter Pedersen
21167f4b67 C++: Accept test changes. 2021-11-22 13:04:23 +00:00
Mathias Vorreiter Pedersen
f308be7382 C++: Restore the missing flow. This has a couple of side-effects: First, it gives us some new good flow (yay). Second, it causes some duplication of results that uses 'argv' as a taint source. The duplication isn't very bad, though. And since it is only for paths that start at 'argv', I think we can live with it for now. 2021-11-22 13:04:07 +00:00
Mathias Vorreiter Pedersen
74221f4aba Merge pull request #7209 from geoffw0/experimental-tests 
C++: Move experimental test.
 2021-11-22 13:01:52 +00:00
Harry Maclean
6f22867af9 Merge pull request #7015 from github/hmac/ssrf 
Ruby: Add Server-Side Request Forgery query
 2021-11-22 12:41:39 +00:00
CodeQL CI
ddeb700fd6 Merge pull request #7207 from github/asgerf/document-template-language-extensions 
Approved by esbena
 2021-11-22 04:16:19 -08:00
Tom Hvitved
fc64faefcf Ruby: Restrict use-use flow 2021-11-22 13:05:17 +01:00
Erik Krogh Kristensen
e9df860431 refactor implementation to make Label implementations private 2021-11-22 12:17:19 +01:00
Geoffrey White
6f2b528a32 C++: Move experimental test. 2021-11-22 11:02:06 +00:00
Asger F
8322a44379 JS: Mention .hbs, .ejs, and .njk file extensions 
Also fixes a typo `.xhm` -> `.xhtm`
 2021-11-22 11:53:55 +01:00
Rasmus Wriedt Larsen
f09f1c4c50 Python: Minor refactor in PoorMansFunctionResolution 2021-11-22 11:11:29 +01:00
Tom Hvitved
39e3254fe0 Merge pull request #7182 from hvitved/csharp/self-assignment-bad-magic 
C#: Fix bad magic `Element::fromSource` in context of `SelfAssignment.ql`
 2021-11-22 10:57:48 +01:00
AlonaHlobina
0de6511dff Update query-metadata-style-guide.md 2021-11-22 10:17:57 +01:00
Erik Krogh Kristensen
6060f2e3e3 remove unused alias edge 2021-11-22 09:03:40 +01:00
Erik Krogh Kristensen
c369b28a2a optimizations in global data flow 2021-11-22 09:03:40 +01:00
Erik Krogh Kristensen
f39872e649 cache more predicates 2021-11-22 09:03:36 +01:00
Erik Krogh Kristensen
089d030bc2 make ApiLabel into a IPA type, and cache the public API of ApiGraphs 2021-11-22 09:03:33 +01:00
Erik Krogh Kristensen
9f08acab7e Merge pull request #7170 from erik-krogh/qldocStyle 
Ruby: use A/An/The to start qlDoc for classes
 2021-11-19 17:34:35 +01:00
Nick Rolfe
df6ba43cca Python: treat \A, \Z, \b, \B as special chars, not escapes 2021-11-19 15:49:53 +00:00
Anders Schack-Mulligen
344f7bca5b Merge pull request #7187 from aschackmull/java/dont-clear-in-summary-store 
Java: Don't clear content in store steps in summaries.
 2021-11-19 16:12:37 +01:00
Harry Maclean
06000781e9 Ruby: Document PairCfgNode::getKey/getValue 2021-11-19 14:54:06 +00:00
Nick Rolfe
f63c768d9f Ruby: parse \G, \b, and \B anchors as special characters, not escapes 2021-11-19 14:20:51 +00:00
Anders Schack-Mulligen
fc43220864 Java: bugfix 2021-11-19 15:01:29 +01:00
ihsinme
6d27585b92 Update FindIncorrectlyUsedExceptions.ql 2021-11-19 16:59:00 +03:00
Anders Schack-Mulligen
2b1f34ed9b Java: Don't clear content in store steps in summaries. 2021-11-19 14:22:28 +01:00
ihsinme
418adb824c Update FindIncorrectlyUsedExceptions.ql 2021-11-19 16:04:04 +03:00
Henry Mercer
8ba864e897 JS: Rename the available ML models external predicate 2021-11-19 12:56:03 +00:00
Tom Hvitved
47fd64fc44 Merge pull request #7130 from hvitved/cfg/dead-end-consistency 
Shared CFG: Add "dead end" consistency query
 2021-11-19 13:49:53 +01:00
Tom Hvitved
2b2ff7717e Merge pull request #7179 from hvitved/ruby/shared-ssa-consistency 
Ruby: Move SSA consistency queries into shared SSA library
 2021-11-19 13:49:25 +01:00
Erik Krogh Kristensen
e25f03fb56 Merge pull request #137 from github/erik-krogh/even-more-consistency 
even more consistency
 2021-11-19 13:39:36 +01:00
Erik Krogh Kristensen
172684ce6e QL: Merge pull request #137 from github/erik-krogh/even-more-consistency 
even more consistency
 2021-11-19 13:39:36 +01:00