hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,459 Commits 1,671 Branches 157 Tags
revert-4738-feature/revert-relational-pattern
Commit Graph

2522 Commits

Author SHA1 Message Date
CodeQL CI
e266cedc84 Merge pull request #4700 from RasmusWL/python-add-code-injection-FP 
Approved by tausbn
 2020-12-02 16:29:21 +00:00
CodeQL CI
6017f25106 Merge pull request #4740 from RasmusWL/fix-json-modeling 
Approved by tausbn
 2020-12-02 16:29:00 +00:00
Taus
9eeaceac2a Merge pull request #4739 from RasmusWL/recrete-regex-fp 
Python: Add regex FP with + for flags
 2020-12-02 13:01:47 +01:00
Anders Schack-Mulligen
8f2094f0bf Autoformat. 2020-11-30 14:42:38 +01:00
Anders Schack-Mulligen
931322e4c5 Merge pull request #4668 from aschackmull/dataflow/refactor-pruning 
Dataflow: Refactor pruning stages.
 2020-11-30 09:37:04 +01:00
Rasmus Wriedt Larsen
a0c7365ae6 Python: Proper models of json.loads and json.dumps 2020-11-27 15:57:56 +01:00
Rasmus Wriedt Larsen
014fbfa86b Python: Add regex FP with + for flags 
Notice that there is no new results for line 54

I also added a test for the short-named version of a flag, just since I didn't
see any of those already. That just works out of the box (due to points-to).
 2020-11-27 14:57:11 +01:00
yoff
346a007bf6 Merge pull request #4720 from RasmusWL/python-better-open-models 
Python: better models of `open` function
 2020-11-27 14:47:10 +01:00
Rasmus Wriedt Larsen
e6319e5d84 Python: Rewrite StringConstCompare to use IterableNode 2020-11-27 13:37:03 +01:00
Rasmus Wriedt Larsen
098f8c4f21 Python: Add IterableNode 
I'm specifically not using an abstract class, since that is an anti-pattern:
https://github.com/github/codeql/pull/4357#discussion_r520526275 (I'm still
trying to wrap my head fully aroudn this)
 2020-11-27 13:36:55 +01:00
Rasmus Wriedt Larsen
33e46e168f Python: Add QLDoc for SetNode 2020-11-27 13:29:16 +01:00
Anders Schack-Mulligen
fec9758252 Dataflow: Sync. 2020-11-27 12:16:43 +01:00
Rasmus Wriedt Larsen
cc9a7fe4fe Python: Move BarrierGuards to own file 2020-11-27 12:09:57 +01:00
CodeQL CI
d3cded330e Merge pull request #4693 from RasmusWL/python-add-import-test-shadowing-stdlib-v2 
Approved by tausbn
 2020-11-27 10:32:21 +00:00
Rasmus Wriedt Larsen
7b4e890e7b Python: Fix grammar 
Co-authored-by: Taus <tausbn@github.com>
 2020-11-27 11:00:30 +01:00
Cornelius Riemenschneider
3bfb398516 Autoformat XML.qll. 2020-11-25 18:20:50 +01:00
Cornelius Riemenschneider
7eec988fb5 XML.qll: Remove abstract from class hierarchy. 2020-11-25 17:22:03 +01:00
Rasmus Wriedt Larsen
e2c4af3031 Python: Add change note for improved open modeling 2020-11-25 11:39:02 +01:00
Rasmus Wriedt Larsen
cafe55f5c7 Merge pull request #4701 from yoff/python-fix-return-node-enclosing-callable 
Python: Use default `getEnclosingCallable` for `RetrunNode`
 2020-11-25 10:36:41 +01:00
Rasmus Lerchedahl Petersen
88643da01f Python: Use default getEnclosingCallable 
for `RetrunNode`
 2020-11-25 08:19:07 +01:00
Rasmus Lerchedahl Petersen
36d9097d03 Python: Add test for inner return 2020-11-25 07:09:27 +01:00
Rasmus Lerchedahl Petersen
34896ae0d7 Python: Fix failing test 2020-11-25 07:09:27 +01:00
Rasmus Wriedt Larsen
d88e5bdb3a Python: Model io.open as FileSystemAccess 2020-11-24 18:27:33 +01:00
Rasmus Wriedt Larsen
e39bb56078 Python: Model builtin open function better 2020-11-24 18:27:31 +01:00
Rasmus Wriedt Larsen
5af1fdd06f Python: Expand tests of open 2020-11-24 18:27:30 +01:00
Rasmus Wriedt Larsen
caf73e4b9b Python: Wrap all Stdlib modeling consistently 
Some of these predicates had fallen outside the `private module Stdlib`
 2020-11-24 18:27:29 +01:00
Rasmus Wriedt Larsen
aa4345ac76 Merge pull request #4710 from yoff/python-dataflow-variable-capture 
Python: Dataflow, variable capture
 2020-11-24 15:04:38 +01:00
yoff
215986bce5 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-11-24 14:12:23 +01:00
Rasmus Lerchedahl Petersen
05d156ba0f Python: add comments 2020-11-24 14:11:14 +01:00
CodeQL CI
2277242196 Merge pull request #4692 from yoff/python-psycopg 
Approved by RasmusWL
 2020-11-24 10:59:04 +00:00
Rasmus Lerchedahl Petersen
39c5e0d487 Python: update test expectations 2020-11-23 16:46:35 +01:00
Rasmus Lerchedahl Petersen
38bb06a207 Merge remote-tracking branch 'upstream/main' into python-dataflow-variable-capture 2020-11-23 16:40:20 +01:00
Rasmus Wriedt Larsen
f35ffa5632 Python: Add support for x in ["safe", "also_safe"] (and not in) 2020-11-23 10:42:24 +01:00
Rasmus Wriedt Larsen
431aab45f7 Python: Add support for x != "safe" BarrierGuard 2020-11-23 10:36:55 +01:00
Rasmus Wriedt Larsen
18041fd059 Python: Expand string-const-compare tests 
Also moved file to reflect that. Added tests of

+ `!=`
+ `in`
+ `not in`
 2020-11-23 10:36:49 +01:00
Rasmus Lerchedahl Petersen
777100f25c Python: rename file, package, and class 2020-11-23 09:17:40 +01:00
Henning Makholm
a2a4938f60 Remove unit tests for duplicate-code detection, take II 
In #4689 I forgot to remove the `.expected` files too, but they are
now of course useless.
 2020-11-20 21:07:42 +01:00
Rasmus Wriedt Larsen
08bcba98e6 Python: Add BarrierGuard test with exception inside unsafe branch 2020-11-20 11:55:07 +01:00
Rasmus Wriedt Larsen
34f78d4211 Python: Add BarrierGuard test with return inside unsafe branch 2020-11-20 11:52:36 +01:00
yoff
b478a51d4e Apply suggestions from code review 
Thanks for doing the work for me :-)

Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-11-20 10:46:04 +01:00
Rasmus Wriedt Larsen
6c8937c5a9 Python: Add StringConstCompare to new data-flow queries 
In the future, I could imagine we would have something like this, but for now,
I'm just keeping it simple.

```codeql
  /**
   * A collection of common guards that ensure the checked value cannot have arbitrary
   * values.
   *
   * Currently only supports comparison with constant string value, but could also
   * include checking whether all characters are alphanumeric, or whether a regex is
   * matched against the value.
   *
   * Such guards will be useful for many taint-tracking queries, but not necessarily
   * all, which is why you need to opt into these manually.
   */
  class CommonNonArbitraryGuard extends BarrierGuard {
    CommonNonArbitraryGuard() {
      this instanceof StringConstCompare
    }

    override predicate checks(ControlFlowNode node, boolean branch) {
      this.(StringConstCompare).checks(node, branch)
    }
  }
```
 2020-11-20 10:44:50 +01:00
Rasmus Wriedt Larsen
12b36b2245 Python: Highlight that safe or also_safe doesn't clear taint :( 2020-11-20 10:43:46 +01:00
Rasmus Wriedt Larsen
1a52f17da3 Python: Add StringConstCompare BarrierGuard 2020-11-20 10:40:04 +01:00
Rasmus Wriedt Larsen
a82936c904 Python: Enable test for sanitizer-guard and logic expressions 
`not` is not working properly, but otherwise pretty good
 2020-11-20 10:06:25 +01:00
Rasmus Wriedt Larsen
b3d3d6e142 Python: Move logical test of sanitizers 
Don't know why it would ever have been under default sanitizers :D
 2020-11-19 16:46:07 +01:00
Rasmus Lerchedahl Petersen
7cbbf3bbf7 Python: slightly nicer test 2020-11-19 16:20:57 +01:00
Rasmus Wriedt Larsen
4c7c940273 Python: Add example of Code Injection FP 2020-11-19 15:05:51 +01:00
Rasmus Wriedt Larsen
7e407d43d2 Python: Change (single) test to match codeql database create 2020-11-19 14:56:18 +01:00
Rasmus Wriedt Larsen
8ffcff0824 Python: Add example of top-level module shadowing stdlib 
Although this test is added under the `wrong` folder, the current results from
this CodeQL test is actually correct (compared with the Python
interpreter). However, they don't match what the extractor does when invoked
with `codeql database create`.

Since I deemed it "more than an easy fix" to change the extractor behavior for
`codeql database create` to match the real python behavior, and it turned out to
be quite a challenge to change the extractor behavior for all tests, I'm just
going to make THIS ONE test-case behave like the extractor will with `codeql
database create`...

This is a first commit, to show how the extractor works with qltest by default.

Inspired by the debugging in https://github.com/github/codeql/issues/4640
 2020-11-19 14:56:17 +01:00
Rasmus Lerchedahl Petersen
6cc8e5acf1 Python: support psycopg 2020-11-19 12:13:20 +01:00