hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,999 Commits 1,671 Branches 157 Tags
query-help-tests-lgtm
Commit Graph

1781 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
8e27904f65 Python: Add explanatory comment. 2020-10-04 15:34:25 +02:00
Rasmus Lerchedahl Petersen
3463889010 Python: Add comments 2020-10-04 09:40:06 +02:00
Rasmus Lerchedahl Petersen
385e213fcf Python: Fix comments 2020-10-04 09:33:30 +02:00
Rasmus Lerchedahl Petersen
ce18bff274 Python: Support method calls 2020-10-03 23:34:39 +02:00
Arthur Baars
78c58c2415 Merge pull request #4384 from tausbn/python-fix-package-locations 
Python: Fix `hasLocationInfo` for packages
 2020-10-02 20:48:43 +02:00
Alexander Eyers-Taylor
30ed6a0dac Merge pull request #4385 from aibaars/drop-queries 
Drop 'tech-inventory' and 'code duplication' queries from the standard query suites
 2020-10-02 18:31:25 +01:00
Arthur Baars
daa1bcc06e Also mark 'tech inventory' queries as deprecated 2020-10-02 17:23:11 +02:00
Arthur Baars
fc45b6cd3c Drop 'tech-inventory' and 'code duplication' queries from the standard query suites 2020-10-02 17:22:04 +02:00
Taus
fce76e2799 Merge pull request #4354 from RasmusWL/python-command-execution-modeling 
Python: Better command execution modeling
 2020-10-02 16:14:34 +02:00
Rasmus Wriedt Larsen
eb67986916 Python: Exlucde only command injection sinks in os and subprocess 2020-10-02 14:11:07 +02:00
Rasmus Wriedt Larsen
68eacef23c Python: Refactor OsExecCall and friends for better readability 2020-10-02 13:38:54 +02:00
Rasmus Wriedt Larsen
de07d9e5d9 Python: Highlight that os.popen is not only problem for extra alerts 2020-10-02 13:34:33 +02:00
Taus Brock-Nannestad
75f4051cb5 Python: Fix hasLocationInfo for packages 2020-10-01 17:21:53 +02:00
Rasmus Lerchedahl Petersen
5326125b70 Python: Handle positional construtor arguments 2020-10-01 15:28:26 +02:00
Chris Smowton
578ea1ae43 Fix OWASP broken links 2020-10-01 13:09:52 +01:00
Rasmus Wriedt Larsen
3247b300ae Python: Fix problem with missing use-use flow 2020-10-01 12:55:11 +02:00
Rasmus Lerchedahl Petersen
db23dad6ec Python: Allow callables to connect to calls freely 2020-10-01 12:33:42 +02:00
Rasmus Lerchedahl Petersen
b092df48a5 Python: Location and toString for KwUnpacked 2020-10-01 10:15:19 +02:00
Rasmus Lerchedahl Petersen
29a162bc9c Python: Proper flow **arg -> **param 2020-09-30 23:55:02 +02:00
Rasmus Wriedt Larsen
428c2a3fda Merge branch 'main' into python-command-execution-modeling 2020-09-30 17:38:59 +02:00
Rasmus Wriedt Larsen
c4a2e1d6d1 Python: Rewrite attribute lookup helpers for better performance 
Not that they actually had a huge problem right now, just that using the old
pattern HAS lead to bad performance in the past. See
https://github.com/github/codeql/pull/4361
 2020-09-30 17:31:20 +02:00
Taus
32bf7d6bdf Merge pull request #4256 from fatenhealy/Noblowfish 
CWE-327 BrokenCryptoAlgorithm recommendation to AES instead of Blowfish
 2020-09-30 16:15:46 +02:00
Rasmus Lerchedahl Petersen
b0ed7af897 Python: Approximate **arg -> **param 2020-09-30 15:54:12 +02:00
Faten Healy
03d8fc7296 changed to AES 2020-09-30 22:18:36 +10:00
Rasmus Wriedt Larsen
9c1253c8af Python: Remove flow out of CommandInjection sinks 2020-09-30 13:29:40 +02:00
Rasmus Lerchedahl Petersen
30d048f9d4 Python: Support unpacking of keyword arguments. 2020-09-30 11:55:27 +02:00
Rasmus Lerchedahl Petersen
e02cfbf6b0 Python: Support keyword overflow arguments 2020-09-30 11:55:27 +02:00
Rasmus Lerchedahl Petersen
27af9bbae8 Python: Support overflow positional arguments 
Currently ignoring starred arguments
 2020-09-30 11:55:26 +02:00
Rasmus Lerchedahl Petersen
8f2ef94b3e Python: Hook up keyword arguments 2020-09-30 11:55:26 +02:00
Rasmus Wriedt Larsen
0542c3b91e Python: Model os.path.join and add taint-step 2020-09-30 11:42:36 +02:00
Rasmus Wriedt Larsen
efa2484718 Python: Add taint test for os.path.join 
Surprisingly the first two just worked, due to our very general handling of any
`join` methods :D
 2020-09-30 11:35:21 +02:00
Rasmus Wriedt Larsen
b3efa28277 Merge branch 'main' into python-command-execution-modeling 2020-09-30 10:24:11 +02:00
Rasmus Wriedt Larsen
fee279f952 Python: Hotfix performance problem with flask methods 
This improves runtime for command injection query on
https://lgtm.com/projects/g/alibaba/funcraft from +200 seconds (I did not care
to wait more) down to ~55 seconds on my machine.

This type of tracking predicate with string as additional argument apparently
causes trouble :|
 2020-09-29 11:00:57 +02:00
Rasmus Wriedt Larsen
f7f6564189 Python: Model subprocess.Popen (and helpers) 2020-09-28 11:13:04 +02:00
Rasmus Wriedt Larsen
62dc0dd263 Python: Model os.exec* os.spawn* and os.posix_spawn* 
I also had to exclude the inline expectation tests from files outside the test
repo.
 2020-09-28 11:05:33 +02:00
Taus
fc84286b56 Merge pull request #3830 from yoff/SharedDataflow_FieldFlow 
Python: Shared dataflow: Field flow
 2020-09-25 14:53:57 +02:00
yoff
c56ff986d4 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2020-09-25 11:56:50 +02:00
CodeQL CI
4deb43f361 Merge pull request #4323 from RasmusWL/python-new-command-injection-query 
Approved by tausbn
 2020-09-25 02:39:46 -07:00
Rasmus Wriedt Larsen
66815c9d3d Python: Suppress unused variable warnings in DataFlowPrivate 2020-09-23 14:33:10 +02:00
Rasmus Wriedt Larsen
6aec2ec673 Python: Fix os.popen modeling 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2020-09-23 11:18:32 +02:00
Rasmus Lerchedahl Petersen
ef4461ce54 Python: Address review comments 2020-09-22 23:48:28 +02:00
yoff
aece0ff652 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2020-09-22 22:33:46 +02:00
Rasmus Wriedt Larsen
71a75ce596 Python: Handle bound methods in flask modeling 2020-09-22 16:33:35 +02:00
Rasmus Wriedt Larsen
e614365963 Python: Adopt new approach in flask modeling 
Removed all the dict-like stuff, not sure that is how we should do things.
 2020-09-22 16:33:33 +02:00
Rasmus Wriedt Larsen
00ea0cebc3 Python: More Flask modeling kinda works 
It "kinda" works now, but it really is not a pretty solution. Adding all these
"tracked" objects is SUPER annoying... it _would_ be possible to skip them, but
that seems like it will give the wrong edges for dataflow/taintflow queries :|

A good chunk of it should be able to be removed with access-paths like C# does
for library modeling. Some of it could be solved by better type-tracking API
like API Graphs... but it seems like we generally are just lacking the
nice-to-have features like `.getAMemberCall` and the like. See
https://github.com/github/codeql/pull/4082/files#diff-9aa94c4d713ef9d8da73918ff53db774L33
 2020-09-22 16:28:25 +02:00
Rasmus Wriedt Larsen
2bdd0284dc Python: Port py-command-line-injection with new dataflow 2020-09-22 16:28:23 +02:00
Rasmus Wriedt Larsen
7c205dd3fc Python: First attempt at modeling Flask 2020-09-22 16:28:21 +02:00
Rasmus Wriedt Larsen
cdc5ca7aec Python: Model os.system and os.popen 2020-09-22 16:28:20 +02:00
Rasmus Wriedt Larsen
0265f26301 Python: Add importModule and importMember DataFlow helpers 2020-09-22 16:28:19 +02:00
Rasmus Wriedt Larsen
2551173156 Python: Update example in QLDoc for TypeTracker 2020-09-22 16:28:18 +02:00