hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,347 Commits 1,671 Branches 157 Tags
hmac/command-injection-from-library-inputs
Commit Graph

33347 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Harry Maclean
9afdab917e Ruby: Only use library inputs for libraries 
Use the application heuristics to control whether we consider public
method parameters to all be sources of remote flow.
 2022-03-10 16:35:13 +13:00
Harry Maclean
1915fce2d1 Ruby: Add heuristic to guess app or library 
This uses the presence of various gem-related files to guess whether the
codebase is a Ruby application or a Ruby gem.
 2022-03-10 16:34:01 +13:00
Harry Maclean
7a5b72b8f1 Ruby: Library input sources for Command Injection 
Consider parameters of any public method to be remote flow sources for
the command injection vulnerability. This has the potential to be
noisy, but it does find several new TPs in mechanize.
 2022-03-10 16:16:31 +13:00
Harry Maclean
02794d95d4 Ruby: Model Kernel.open as a command execution 
If the argument to Kernel.open begins with "|", the rest of the string
is executed as a shell command.
 2022-03-10 16:15:14 +13:00
Mathias Vorreiter Pedersen
dfb20f7721 Merge pull request #8368 from MathiasVP/add-must-flow-lib 
C++: Factor must-flow predicates out of two queries
 2022-03-09 17:07:23 +00:00
Taus
7b877fb317 Merge pull request #8336 from tausbn/python-fix-a-bunch-of-ql-warnings 
Python: Fix a bunch of QL warnings
 2022-03-09 16:31:28 +01:00
Mathias Vorreiter Pedersen
17cec52af8 Merge pull request #8385 from erik-krogh/orderByConst 
QL: add query detecting ordering by a constant
 2022-03-09 14:18:35 +00:00
Michael Nebel
fbe8f75903 Merge pull request #8038 from michaelnebel/csharp/gvn-cfecomparison 
C#: Refactor Structural Comparison for Control Flow Elements.
 2022-03-09 13:36:42 +01:00
Michael Nebel
d0cb984f9e Merge pull request #6 from hvitved/csharp/gvn-cfecomparison 
C#: Code review suggestions
 2022-03-09 12:11:23 +01:00
Tom Hvitved
c51ddd0d35 C#: Code review suggestions 2022-03-09 10:50:53 +01:00
Tom Hvitved
275902d558 Merge pull request #8373 from hvitved/ruby/regex-multiples-parse-fix 
Ruby: Fix incorrect parsing of ranges
 2022-03-09 10:30:01 +01:00
Tom Hvitved
f5fbf50d7d Ruby: Fix incorrect parsing of ranges 2022-03-08 19:53:17 +01:00
Tom Hvitved
89c3d0535a Ruby: Add regex test that outputs all RegExpTerms 2022-03-08 19:53:17 +01:00
Tom Hvitved
073302f196 Ruby: Add another regex consistency test 2022-03-08 19:53:17 +01:00
Tom Hvitved
a70ed71c01 Merge pull request #8370 from hvitved/ruby/regex-group-name-off-by-one 
Ruby: Fix off-by-one error in `getGroupName`
 2022-03-08 19:52:32 +01:00
Tom Hvitved
5f48cc06bb Ruby: Fix off-by-one error in getGroupName 2022-03-08 15:59:47 +01:00
Tom Hvitved
6dd126b6e3 Ruby: Add regex group tests 2022-03-08 15:59:28 +01:00
Mathias Vorreiter Pedersen
d8bad778ed C++: Fix QLDoc 2022-03-08 14:38:39 +00:00
Tom Hvitved
86121164c5 Merge pull request #8364 from hvitved/ruby/fix-regex-parse 
Ruby: Fix regex parsing of `/[|]/`
 2022-03-08 15:26:29 +01:00
Taus
063a8bbc43 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-03-08 15:20:35 +01:00
Michael Nebel
ec75bbc748 Merge pull request #8203 from michaelnebel/csharp/extractor-option-buildless 
C#: Refactoring - Move some of the standalone extractor code to the Standalone project.
 2022-03-08 14:32:59 +01:00
Mathias Vorreiter Pedersen
69417e150a C++: Address review comments. 2022-03-08 13:15:02 +00:00
Mathias Vorreiter Pedersen
1bf430529b Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/MustFlow.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-03-08 13:07:17 +00:00
Mathias Vorreiter Pedersen
edf629f5aa Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/MustFlow.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-03-08 13:07:09 +00:00
Mathias Vorreiter Pedersen
bfa0714577 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/MustFlow.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-03-08 13:06:53 +00:00
Mathias Vorreiter Pedersen
9e7b0925c6 Merge pull request #8366 from jketema/code-duplication-deprecated 
C++: Mark everything in CodeDuplication.qll as deprecated
 2022-03-08 12:47:50 +00:00
Jeroen Ketema
3877598c12 C++: Remove cpp/duplicated-lines-in-files which was deprecated over a year ago 2022-03-08 12:58:19 +01:00
Mathias Vorreiter Pedersen
7106fe35aa C++: Accept test changes. This is just a change in the names of the path nodes. These names are actually better as they don't refer to the name of IR instructions. 2022-03-08 11:40:56 +00:00
Mathias Vorreiter Pedersen
8c5b3368e1 C++: Make the two must-flow queries use the new must-flow library 2022-03-08 11:40:56 +00:00
Mathias Vorreiter Pedersen
ee9c0dcb83 C++: Add library for must-flow. 2022-03-08 11:40:56 +00:00
Jeroen Ketema
b039b91fd8 C++: Add change note 2022-03-08 12:36:11 +01:00
Jeroen Ketema
df1e810f13 C++: Remove duplicate code queries that were deprecated over a year ago 2022-03-08 12:28:41 +01:00
Jeroen Ketema
d2e2866276 C++: Also deprecate TDuplicationOrSimilarity 2022-03-08 12:26:07 +01:00
Jeroen Ketema
55351ce835 Update cpp/ql/src/external/CodeDuplication.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-08 11:57:05 +01:00
Jeroen Ketema
2e73e35747 Update cpp/ql/src/external/CodeDuplication.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-08 11:56:55 +01:00
Jeroen Ketema
81783e828e C++: Mark everything in CodeDuplication.qll as deprecated 
Although we earlier added a comment to the classes in noting that
they are deprecated, we did not properly mark the classes as actually
being deprecated.

All predicates - except for 3 - depend on the classes being functional,
which they no longer are, so mark those a deprecated as well. The three
remaining predicates (`FunctionDeclarationEntry`, `numberOfSourceMethods`,
and `whitelistedLineForDuplication`) seem to be helpers, and are likely
not used when the library is not used, so mark those as deprecated as
well.
 2022-03-08 11:38:01 +01:00
Erik Krogh Kristensen
4734f1916e Merge pull request #7598 from erik-krogh/fieldOnlyUsedInCharPred 
QL: field only used in charPred
 2022-03-08 11:25:57 +01:00
Rasmus Wriedt Larsen
cbe3964a87 Merge pull request #8275 from haby0/py/add-ssrf-sinks 
Python: Add Server-side Request Forgery sinks
 2022-03-08 11:06:52 +01:00
Tom Hvitved
3bc8d0878f Ruby: Add regex consistency queries 2022-03-08 10:10:14 +01:00
Tom Hvitved
6d4eecff14 Ruby: Fix regex parsing of /[|]/ 2022-03-08 09:52:06 +01:00
Tom Hvitved
a7442b7a2b Ruby: Add regex test case for /[|]/ 2022-03-08 09:51:39 +01:00
Taus
5a8ba6a7af Python: Fix use of singleton set 2022-03-07 18:59:49 +00:00
Taus
d2603884ca Python: Fix a bunch of class QLDoc 2022-03-07 18:59:49 +00:00
Taus
af7f532212 Python: Fix up a bunch of function QLDoc 2022-03-07 18:59:49 +00:00
Tom Hvitved
6aad8d6897 Merge pull request #8302 from aibaars/type-tracking-smallstep 
Ruby: TypeTracker: add smallstep for functions that return their arguments
 2022-03-07 17:26:45 +01:00
Mathias Vorreiter Pedersen
c7d624d314 Merge pull request #8247 from ihsinme/ihsinme-patch-80 
CPP: Add query for CWE-190: Integer Overflow or Wraparound when using transform after operation
 2022-03-07 11:00:29 +00:00
Geoffrey White
e7dca435a9 Merge pull request #6950 from ihsinme/ihsinme-patch-078 
CPP: Add query for CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
 2022-03-07 10:55:29 +00:00
Arthur Baars
200a965fda Update expected output 2022-03-07 11:51:54 +01:00
Arthur Baars
95027e746c Ruby: TypeTracker: add smallstep for functions that return their arguments 2022-03-07 11:51:54 +01:00
Tom Hvitved
9c4c35141a Ruby: Update type tracker test 2022-03-07 11:51:54 +01:00