hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,672 Branches 157 Tags
remove-javascript
Commit Graph

26405 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
d388dd547e Python: Model HTTPMessage from Stdlib 2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen
f3ce3933d1 Python: Add AdditionalTaintStep to type-tracking class snippet 
I know that the TODO about not having the tools to handling
`meth = obj.meth; meth()` is outdated now that we `DataFlow::MethodCallNode`,
but I'm planning to deal with that later on ;)
 2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen
dac71ded9d Python: Add Authorization modeling in Flask 2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen
133632119d Python: Model werkzeug Headers 
Also removed a misleading comment link to method on wrong class :D
 2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen
4d9c86a252 Python: Model Werkzeug FileStorage.save as FileSystemAccess 2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen
9cb4899c5c Python: Add FileStorage modeling in Flask 2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen
09b0c300d9 Python: Rewrite werkzeug to avoid InstanceSourceApiNode 
InstanceSourceApiNode is a really good idea, but it just happened too
soon. I can't do what I need if I have to supply an API-node. So to
avoid confusion between deprecating to/from InstanceSource in those
classes, I opted to do some major reorganizing as well 👍

Due to aliasing restrictions, I had to use a little trick with the
`WerkzeugOld` module.
 2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen
04190ea308 Python: Add file-like modeling to werkzeug FileStorage 2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen
5f5c0b11c7 Python: Refactor Werkzeugmodeling 
Having the additional taint step just next to the other definitions, so
everything is together.
 2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen
4f4dec50f2 Python: Model ResovlerMatch in Django 
Like before, omitted ClassInstantiation
 2021-07-22 10:43:13 +02:00
Anders Schack-Mulligen
dcfc027b5f Java: Fix bad magic. 2021-07-22 10:12:49 +02:00
jorgectf
edb273ace5 Merge remote-tracking branch 'origin/jorgectf/python/ldapimproperauth' into jorgectf/python/ldapinsecureauth 2021-07-22 02:51:19 +02:00
Chris Smowton
c568a9463a Remove <> qualifier from ResponseEntity name 
This was an extractor bug that was fixed recently
 2021-07-21 17:58:06 +01:00
Geoffrey White
fa0f5d08a2 Merge branch 'main' into toctou2 2021-07-21 16:21:29 +01:00
Rasmus Wriedt Larsen
6f0a622252 Python: Remove ClassInstantiation from Django UploadedFile 
since UploadedFile is the abstract base class, all real usage would be
of one of the subclasses, so removing this to not provide a false hope
that it actually works.

I don't think investing the time into making this work would give any
value, so that's why I didn't do it ;)
 2021-07-21 16:35:09 +02:00
Rasmus Wriedt Larsen
7dc6518350 Python: Add FileLikeObject modeling 
Such that the result of `request.FILES["key"].file.read()` is tainted
 2021-07-21 16:35:09 +02:00
Rasmus Wriedt Larsen
18c0d13efd Python: Model most of UploadedFile in Django 2021-07-21 16:35:09 +02:00
Rasmus Wriedt Larsen
5ec5557203 Python: Model MultiValueDict in Django 2021-07-21 16:35:09 +02:00
Rasmus Wriedt Larsen
95e88c18b9 Python: Minor cleanup 2021-07-21 16:35:09 +02:00
Rasmus Wriedt Larsen
51b543c67c Python: Model taint for django request methods 2021-07-21 16:35:09 +02:00
Rasmus Wriedt Larsen
bced467a88 Python: Refactor django additional step handling 
So it matches the new style we're using in aiohttp/twisted/...
 2021-07-21 16:35:09 +02:00
Rasmus Wriedt Larsen
ce4b192caa Python: Improve usefulness of RemoteFlowSourcesReach meta query 
Before, results from `dca` would look something like

    ## + py/meta/alerts/remote-flow-sources-reach

    - django/django@c2250cf_cb8f: tests/messages_tests/urls.py:38:16:38:48
        reachable with taint-tracking from RemoteFlowSource
    - django/django@c2250cf_cb8f: tests/messages_tests/urls.py:38:9:38:12
        reachable with taint-tracking from RemoteFlowSource

now it should make it easier to spot _what_ it is that actually changed,
since we pretty-print the node.
 2021-07-21 16:35:09 +02:00
Ethan P
3a048a1cdd Add `qlpack.yml` information 2021-07-21 09:27:41 -04:00
Rasmus Wriedt Larsen
6aabbf0b9a Python: Add some alert meta queries 
Intended for use with dca
 2021-07-21 14:53:01 +02:00
Mathias Vorreiter Pedersen
73ee7409f6 Merge pull request #6342 from MathiasVP/fix-fp-in-uninitialized-local 
C++: Fix FP in `cpp/uninitialized-local`
 2021-07-21 14:46:57 +02:00
Ethan P
2cdf404e05 Create "About CodeQL packs" and add to ToC 2021-07-21 08:10:46 -04:00
Anders Schack-Mulligen
22f6b021ba Merge pull request #6338 from aschackmull/java/cleanup-deprecated 
Java: Remove deprecated ParExpr.
 2021-07-21 11:36:40 +02:00
Geoffrey White
daed988108 Merge pull request #6341 from MathiasVP/mergeback-2021-07-21 
Mergeback `rc/3.2`
 2021-07-21 10:35:07 +01:00
Mathias Vorreiter Pedersen
e536cecefe C++: Fix FP caused by a variable missing type information. 2021-07-21 11:04:23 +02:00
Mathias Vorreiter Pedersen
6d0290809d Merge branch 'rc/3.2' into mergeback-2021-07-21 2021-07-21 10:23:58 +02:00
Pavel Avgustinov
2d9600de4a Merge pull request #6340 from MathiasVP/revert-path-sensitive-stackvariablereachability 
C++: Revert #6004
 2021-07-21 09:17:56 +01:00
Tony Torralba
76905c47b4 Formatting 2021-07-21 09:47:45 +02:00
ihsinme
8aac5b339e Update FindIncorrectlyUsedExceptions.expected 2021-07-21 09:49:19 +03:00
ihsinme
4202759bcc Update test.cpp 2021-07-21 09:48:36 +03:00
ihsinme
2d1924ac0e Update test.cpp 2021-07-21 08:32:18 +03:00
ihsinme
cf689b83a9 Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-07-21 08:29:42 +03:00
Ethan P
0eb2f903a3 add procedural information for publishing and using CodeQL packs 2021-07-20 23:21:36 -04:00
Ethan P
e586765cbe add new articles to ToC 2021-07-20 22:33:06 -04:00
p0wn4j
f0d5520976 Add Spring URL Redirect ResponseEntity sink 
Copyedit qhelp
 2021-07-21 03:16:16 +04:00
Ethan P
96de32bd2a Add conceptual information "Creating and working with CodeQL packs" 2021-07-20 14:01:30 -04:00
Geoffrey White
473198a6ef C++: Accept any check followed by a 'sensitive' use such as 'chmod'. 2021-07-20 18:11:05 +01:00
Aditya Sharad
46fbb2a3cc Merge pull request #6334 from github/security-severity-docs 
Update CodeQL docs for security-severity levels
 2021-07-20 09:58:19 -07:00
Geoffrey White
c6d8abc9b1 C++: Add a couple more testcases. 2021-07-20 17:52:59 +01:00
Mathias Vorreiter Pedersen
a006a7fb24 Revert "Merge pull request #6004 from MathiasVP/path-sensitive-stack-variable-reachability-analysis" 
This reverts commit e3e7b00986, reversing
changes made to 8ccdd4fb9f.
 2021-07-20 18:06:49 +02:00
Tony Torralba
4622d8590b Fix change note 2021-07-20 17:50:58 +02:00
Tony Torralba
26999c7ac4 Decouple UnsafeAndroidAccess.qll to reuse the taint tracking configuration 2021-07-20 17:46:35 +02:00
Tony Torralba
99e66cffa2 Merge branch 'main' into atorralba/promote-unsafe-android-webview-fetch 2021-07-20 17:30:56 +02:00
Tony Torralba
ed0db7c7b4 Fix release note 2021-07-20 17:24:24 +02:00
Tony Torralba
7a898a04f3 Fix release note 2021-07-20 17:23:47 +02:00
Tony Torralba
3259ead946 Decouple OgnlInjection.qll to reuse the taint tracking configuration 2021-07-20 17:21:10 +02:00