hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,010 Commits 1,672 Branches 157 Tags
updateExterns
Commit Graph

13 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
5aa2c2f9d4 Python: Add command injection regex restricted FP 2020-12-07 15:26:56 +01:00
Rasmus Wriedt Larsen
32b547b3f2 Python: Add example of bad command injection sanitizer 2020-12-07 15:26:55 +01:00
Rasmus Wriedt Larsen
8444654117 Python: Adjust whitespace in command injection test 2020-12-07 15:26:54 +01:00
Taus Brock-Nannestad
7a395bf7c8 Python: Fixup CWE-078 tests. 2020-11-02 11:44:42 +01:00
Rasmus Wriedt Larsen
4adc26eb62 Python: Fix command injection example code 
`subprocess.Popen(["ls", "-la"], shell=True)` correspond to running `sh -c "ls" -la`

So it doesn't follow the pattern of the rest of the test file.
 2020-09-30 13:38:37 +02:00
Rasmus Wriedt Larsen
9151a7e433 Python: Always enable legacy taint tracking configuration 
If the legacy configuration is only enabled if there are no other
configurations, defining a configuration in an imported library can lead to
unwanted results. For example, code that uses `any(MyTaintKind t).taints(node)`
would *stop* working, if it did not define its own configuration. (this actually
happened to us)

We performed a dist-compare to ensure there is not a performance deg ration by
doing this. Results at https://git.semmle.com/gist/rasmuswl/a1eca07f3a92f5f65ee78d733e5d260e

Tests that were affected by this:

- RockPaperScissors + Simple: new edges because no configuration was defined for
  SqlInjectionTaint or CommandInjectionTaint
- CleartextLogging + CleartextStorage: new edges because no configuration was
  defined before, AND duplicate deges.
- TestNode: new edges because no configuration was defined before

- PathInjection: Duplicate edges
- TarSlip: Duplicate edges
- CommandInjection: Duplicate edges
- ReflectedXss: Duplicate edges
- SqlInjection: Duplicate edges
- CodeInjection: Duplicate edges
- StackTraceExposure: Duplicate edges
- UnsafeDeserialization: Duplicate edges
- UrlRedirect: Duplicate edges
 2019-11-11 11:17:21 +01:00
Mark Shannon
7c4a18eee3 Python taint-tracking: Fix up handling of legacy (config-less) taint-tracking 2019-08-29 10:31:50 +01:00
Mark Shannon
6bd5158f9e Python taint-tracking: Remove 'parents' query from path-queries, as it unused by the tooling. 2019-08-08 10:15:06 +01:00
Mark Shannon
918bdecba5 Python: Don't record taint past sinks. 2019-06-18 16:34:23 +01:00
Mark Shannon
b94493aec3 Python: Add extra sinks for command-injection query. 2018-11-23 14:29:02 +00:00
Mark Shannon
61bd8682df Python: Improve API and representation of taint tracking nodes. Update queries and tests accordingly. 2018-11-23 12:32:14 +00:00
Mark Shannon
2a24723cc3 Python: Update test results for path queries. 2018-11-22 11:05:08 +00:00
Mark Shannon
05b69a1c0f QL tests for Python queries and libraries. 2018-11-19 15:15:54 +00:00