hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,252 Commits 1,671 Branches 157 Tags
revert-4653-feature/csharp9-relational-pattern
Commit Graph

2489 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
2c5996f694 Python: Refactor subprocess_attr type-tracker 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 17:21:21 +02:00
Taus Brock-Nannestad
fdb489fc93 Python: Remove flow between ESSA variables 
This required a minor change in the type tracker implementation, but
apart from that no other changes appear to be needed. Seems to clean
up the test output quite a bit.
 2020-10-13 16:35:41 +02:00
yoff
05b744701e Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 15:31:50 +02:00
Rasmus Wriedt Larsen
76c9b8c49f Python: Expose importNode instead of importModule/importMember 
Since predicate name `import` is not allowed, I adopted `importNode` as it sort
of matches what `exprNode` does.

---

Due to only using `importMember` in `os_attr` we previously didn't handle
`import os.path as alias` :|

I did creat a hotfix for this (https://github.com/github/codeql/pull/4446), but
in doing so I realized the core of the problem: We're exposing ourselves to
making these kinds of mistakes by having BOTH importModule and importMember, and
we don't really gain anything from doing this!

We do loose the ability to easily only modeling `from mod import val` and not
`import mod.val`, but I don't think that will ever be relevant.

This change will also make us to recognize some invalid code, for example in

    import os.system as runtime_error

we would now model that `runtime_error` is a reference to the `os.system`
function (although the actual import would result in a runtime error).

Overall these are tradeoffs I'm willing to make, as it does makes things simpler
from a QL modeling point of view, and THAT sounds nice 👍
 2020-10-13 15:03:22 +02:00
Rasmus Wriedt Larsen
4bfd55f1af Python: Show problem with os.path modeling 
This is not a very good test for showing that we don't handle direct imports,
but it was the best I had available without inventing something new. It's very
fragile, since any of these would propagate taint (due to handling all `join`
calls as if the qualifier was a string):

    ospath_alias.join(ts)
    ospath_alias.join(ts, "foo", "bar")

But this test DOES serve the purpose of illustrating that my fix works :D
 2020-10-13 14:50:00 +02:00
Rasmus Lerchedahl Petersen
b7e8b48e9e Python: Move concept tests out 
These tests should be fleshed out at some point, but currently
they test all that we model.
 2020-10-13 13:06:47 +02:00
Taus Brock-Nannestad
1829126230 Python: Get rid of DataFlowCfgNode 
Should make modelling data flow nodes that are also specific
subclasses of `ControlFlowNode` a bit smoother.
 2020-10-13 13:04:59 +02:00
Rasmus Lerchedahl Petersen
4685f2d5f2 Python: Address many review comments 
still need to move concept tests
 2020-10-13 12:03:23 +02:00
Rasmus Wriedt Larsen
662235bad8 Python: Use classRef instead of class_ 
Discussed offline with Taus
 2020-10-13 11:56:37 +02:00
CodeQL CI
d3f8fb5e53 Merge pull request #4423 from tausbn/python-add-attribute-access-interface 
Approved by RasmusWL
 2020-10-13 02:56:21 -07:00
Rasmus Wriedt Larsen
dcd103ea73 Python: Fix grammar 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 10:31:35 +02:00
Rasmus Wriedt Larsen
ce85ac3ce1 Python: Remove solved TODO 2020-10-13 10:15:03 +02:00
Rasmus Wriedt Larsen
2e430325be Python: Refactor argument matching to use set literals 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 10:05:35 +02:00
Erik Krogh Kristensen
9604705f64 remove pretty printing of bytes (unstable between minor versions) 2020-10-12 22:32:37 +02:00
Erik Krogh Kristensen
9b7c59f4b4 implement printAst for Python 2020-10-12 21:17:46 +02:00
Taus Brock-Nannestad
3288cf1a75 Python: Hopefully final changes to documentation. 2020-10-12 16:38:21 +02:00
yoff
433a36225b Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-12 15:26:53 +02:00
Taus Brock-Nannestad
b07c7abacc Python: Clear up attribute name access QLDoc 2020-10-12 13:49:08 +02:00
Anders Schack-Mulligen
091e3a2931 Dataflow: Adjust test output. 2020-10-09 16:25:14 +02:00
Rasmus Lerchedahl Petersen
4bd56fdbe4 Python: Implement framework sinks 2020-10-09 16:13:47 +02:00
Rasmus Lerchedahl Petersen
0d8bd01e10 Python: Port query and add test 2020-10-09 16:11:37 +02:00
Anders Schack-Mulligen
1c043447e8 Dataflow: Introduce consistency check for flow targeting PostUpdateNodes. 2020-10-09 14:29:52 +02:00
Taus
60eec7b136 Python: Update python/ql/src/experimental/dataflow/internal/Attributes.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-08 18:14:20 +02:00
Taus Brock-Nannestad
d46453caaa Python: Support named imports as attribute reads 
Required a small change in `DataFlow::importModule` to get the desired
behaviour (cf. the type trackers defined in `moduleattr.ql`, but this
should be harmless. The node that is added doesn't have any flow
anywhere.
 2020-10-08 18:08:55 +02:00
Taus Brock-Nannestad
df447c0af9 Python: Remove flow from getAttributeName 2020-10-08 15:01:24 +02:00
Taus Brock-Nannestad
ceb249680e Python: Reuse existing node fields 
Also changes `x = TCfgNode(y)` to `x.asCfgNode() = y` where applicable.
 2020-10-08 15:00:14 +02:00
Taus Brock-Nannestad
31596ef569 Python: Clean up and extend built-in call node classes 2020-10-08 14:57:39 +02:00
Taus Brock-Nannestad
e9ecc00b37 Python: Implement and use mayHaveAttributeName 2020-10-08 14:53:54 +02:00
Rasmus Wriedt Larsen
0b0763953e Python: Update description of CodeInjection 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-10-08 11:15:36 +02:00
yoff
7d086b23ff Update python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-08 10:53:52 +02:00
Rasmus Lerchedahl Petersen
19796a4c9c Python: Improve tests and make validTest happy 2020-10-08 10:35:01 +02:00
Rasmus Lerchedahl Petersen
cc0661bce1 Python: More/better comments 2020-10-08 10:11:00 +02:00
Rasmus Wriedt Larsen
46ec7fbf6e Python: Make builtin compile function additional taint step 2020-10-07 21:17:39 +02:00
Rasmus Wriedt Larsen
c69a61bac5 Python: Model exec and eval calls as CodeExecution 2020-10-07 21:14:19 +02:00
Rasmus Wriedt Larsen
73971cff76 Python: Model exec statement (Python 2 only) as CodeExecution 2020-10-07 21:12:35 +02:00
Rasmus Wriedt Larsen
453c391bb0 Python: Add CodeExecution tests for stdlib 2020-10-07 21:12:31 +02:00
Rasmus Wriedt Larsen
0af86cba50 Python: Port CodeInjection query 
and the dummy test-case we already have
 2020-10-07 18:47:23 +02:00
Rasmus Wriedt Larsen
5f6e4d47ca Python: Add CodeExecution concept 2020-10-07 18:22:45 +02:00
Rasmus Lerchedahl Petersen
8196cfd21a Python: Attempt at clearer naming of parameters 2020-10-07 15:56:35 +02:00
yoff
35b0b6b472 Update python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-07 15:48:44 +02:00
Rasmus Lerchedahl Petersen
27a75c0bd1 Merge branch 'main' of github.com:github/codeql into SharedDataflow_ArgumentPassing 2020-10-07 15:43:31 +02:00
yoff
7e6f0b0bc3 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-07 15:11:15 +02:00
Rasmus Wriedt Larsen
bec33b745e Python: Use range instead of self for ::Range pattern 
Following the suggestions from https://github.com/github/codeql/pull/4357
 2020-10-07 14:54:51 +02:00
Rasmus Wriedt Larsen
c09695af7d Python: Properly handle invoke.task decorator 2020-10-07 12:29:19 +02:00
Rasmus Wriedt Larsen
67c5c590d2 Python: Expose getParameter on ParameterNode 2020-10-07 12:28:35 +02:00
Rasmus Wriedt Larsen
6d7f4a048b Python: Attempt to model invoke.task decorator 2020-10-07 12:26:49 +02:00
Rasmus Wriedt Larsen
c9219b3744 Clean module imports 2020-10-07 12:21:30 +02:00
Rasmus Wriedt Larsen
ebff1794fc Python: Model invoke.context.Context 2020-10-07 12:16:53 +02:00
Rasmus Wriedt Larsen
4ef5202382 Python: Add simple model for invoke.run and invoke.sudo 
and I sorted the list in Frameworks.qll, that kinda makes sense :)
 2020-10-07 12:13:59 +02:00
Rasmus Wriedt Larsen
300a8cdf7d Python: Add tests for the 'invoke' package 2020-10-07 11:55:26 +02:00