hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,676 Commits 1,671 Branches 157 Tags
yo-h/java15
Commit Graph

1252 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
f17720f587 Python: Add test and fix filename 2020-10-19 10:58:57 +02:00
Taus Brock-Nannestad
60fcb5e7d5 Python: Add PEP-328 test example 
Based on https://www.python.org/dev/peps/pep-0328/#guido-s-decision

Original "code" is in the Public Domain.
 2020-10-16 12:03:43 +02:00
Rasmus Wriedt Larsen
86798063a3 Python: Model tainted attributes of django HttpRequest 2020-10-16 11:12:20 +02:00
Rasmus Wriedt Larsen
a3cdbf2052 Python: Basic modeling of Django HttpRequest 2020-10-16 11:12:19 +02:00
Rasmus Wriedt Larsen
f547b6010b Python: Implement routed parameter for django.urls.re_path 2020-10-16 11:12:17 +02:00
Rasmus Wriedt Larsen
ff8708df67 Python: Implement routed parameter for django.urls.path 
Matching current implementation in
f07a7bf8cf/python/ql/src/semmle/python/web/django/General.qll (L125-L133)
 2020-10-16 11:12:16 +02:00
Rasmus Wriedt Larsen
44683f2959 Python: Identify route handlers for django 
Not including class based handlers
 2020-10-16 11:12:14 +02:00
Rasmus Wriedt Larsen
c0d71f767a Python: Add taint test for django v2/v3 2020-10-16 11:12:13 +02:00
Rasmus Wriedt Larsen
09a2a6cdfd Python: Fix django re_path kwarg test 
Since it was using the wrong keyword argument name before :D
 2020-10-16 11:12:12 +02:00
Rasmus Wriedt Larsen
b28d022be9 Python: Add simpel model of a django path/re_path route setup 
Also had to change the annotation to not include the `r` prefix for the
raw-string... not sure why that isn't replicated, but ¯\_(ツ)_/¯
 2020-10-16 11:12:11 +02:00
Rasmus Wriedt Larsen
979dc471ac Python: Port old routing tests 2020-10-16 11:12:09 +02:00
Rasmus Wriedt Larsen
ca60132e24 Python: Django test: Add simple route handler and annotations 2020-10-16 11:12:09 +02:00
Rasmus Wriedt Larsen
44b9b7f084 Python: Django test: Enable app 
and add a bits of use docs
 2020-10-16 11:12:08 +02:00
Rasmus Wriedt Larsen
6506e5d646 Python: Django test: Add testapp 2020-10-16 11:12:07 +02:00
Rasmus Wriedt Larsen
c71c41b759 Python: Django test: Disable DB (for now) 2020-10-16 11:12:06 +02:00
Rasmus Wriedt Larsen
f704c566b9 Python: Add real django 3.1 project as base of tests 2020-10-16 11:12:05 +02:00
Rasmus Lerchedahl Petersen
cced335284 Python: Switch tests to path queries 2020-10-16 09:59:30 +02:00
Tom Hvitved
27fc610c0d Python: Update expected test output 2020-10-16 09:09:06 +02:00
Rasmus Lerchedahl Petersen
41b8877579 Python: Improve test configuration 2020-10-16 08:32:05 +02:00
Rasmus Wriedt Larsen
5142bfaf01 Merge pull request #4453 from yoff/python-port-unsafe-deserialization 
Python: port unsafe deserialization
 2020-10-15 17:26:31 +02:00
Rasmus Wriedt Larsen
58baec5b06 Merge pull request #4364 from yoff/SharedDataflow_ArgumentPassing 
Python: Shared dataflow, argument passing
 2020-10-15 17:10:59 +02:00
Rasmus Lerchedahl Petersen
ef32488596 Merge branch 'main' of github.com:github/codeql into python-port-unsafe-deserialization 2020-10-15 15:45:35 +02:00
Erik Krogh Kristensen
1d2ca42d49 update expected output 2020-10-15 13:42:13 +02:00
Rasmus Lerchedahl Petersen
172e058438 Python: unsafe -> mayExecuteInput 2020-10-15 12:56:29 +02:00
Rasmus Lerchedahl Petersen
9c8e968cba Python: Fix bad merge 2020-10-15 11:47:34 +02:00
Rasmus Wriedt Larsen
ce967e1249 Merge branch 'main' into python-model-python2-specific-command-execution 2020-10-15 10:00:02 +02:00
Rasmus Lerchedahl Petersen
0766eef49b Merge branch 'main' of github.com:github/codeql into SharedDataflow_ArgumentPassing 2020-10-15 09:49:21 +02:00
Taus
466c22f4a8 Merge pull request #4435 from RasmusWL/python-port-code-injection 
Python: port code injection query
 2020-10-14 16:41:42 +02:00
Rasmus Lerchedahl Petersen
352418cb5d Python: track safe loaders 2020-10-14 16:33:55 +02:00
yoff
5f6f85c998 Merge pull request #4465 from tausbn/python-remove-essa-flow 
Python: Remove flow between ESSA variables
 2020-10-14 15:37:39 +02:00
Rasmus Lerchedahl Petersen
b8cba381cf Merge branch 'main' of github.com:github/codeql into python-port-unsafe-deserialization 2020-10-14 15:01:30 +02:00
Rasmus Lerchedahl Petersen
3a281a1bd6 Python: Adjust comments and tests 2020-10-14 14:40:11 +02:00
Rasmus Wriedt Larsen
5db4f906d0 Merge branch 'main' into python-port-code-injection 2020-10-14 14:22:02 +02:00
yoff
ffe79f688d Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-14 14:08:16 +02:00
Taus
92ccb795fd Merge pull request #4415 from RasmusWL/python-flask-routed-parameter 
Python: Add support for routed parameters in flask
 2020-10-14 13:29:51 +02:00
Rasmus Wriedt Larsen
61ecec7d17 Merge pull request #4467 from tausbn/python-fix-import-type-tracking 
Python: Fix unwanted module type tracking
 2020-10-14 13:08:57 +02:00
Taus Brock-Nannestad
f3c07e3849 Python: Fix up import helper tests 2020-10-14 11:58:14 +02:00
Rasmus Wriedt Larsen
7d600e4e8e Merge branch 'main' into python-port-code-injection 2020-10-14 10:48:38 +02:00
Rasmus Wriedt Larsen
4597ba64d0 Merge branch 'main' into python-model-invoke 2020-10-14 10:41:37 +02:00
Rasmus Wriedt Larsen
ecf70c5f30 Merge branch 'main' into python-model-python2-specific-command-execution 2020-10-14 10:36:43 +02:00
Rasmus Wriedt Larsen
49d2e68d12 Merge branch 'main' into python-flask-routed-parameter 2020-10-14 10:16:00 +02:00
Rasmus Lerchedahl Petersen
b0ebb5b6d1 Python: Adjust tag format 2020-10-14 09:51:24 +02:00
Rasmus Lerchedahl Petersen
93383747bd Python: Use more common name for concept 2020-10-14 09:28:58 +02:00
Rasmus Lerchedahl Petersen
a76d276b48 Python: Adjust getARelevantTag 2020-10-14 08:44:04 +02:00
yoff
3b9ea3a958 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-14 08:24:26 +02:00
Taus Brock-Nannestad
7d86b53b71 Python: Fix unwanted module type tracking 2020-10-13 22:47:57 +02:00
Taus Brock-Nannestad
76e5b59dab Python: Add test case for unwanted module type tracking 2020-10-13 22:47:03 +02:00
Rasmus Lerchedahl Petersen
5d66c485d5 Python: IPA type for arguemnt mappings 
Not sure how arg2 in line 118 is achieved
 2020-10-13 19:12:52 +02:00
Taus Brock-Nannestad
fdb489fc93 Python: Remove flow between ESSA variables 
This required a minor change in the type tracker implementation, but
apart from that no other changes appear to be needed. Seems to clean
up the test output quite a bit.
 2020-10-13 16:35:41 +02:00
Rasmus Wriedt Larsen
76c9b8c49f Python: Expose importNode instead of importModule/importMember 
Since predicate name `import` is not allowed, I adopted `importNode` as it sort
of matches what `exprNode` does.

---

Due to only using `importMember` in `os_attr` we previously didn't handle
`import os.path as alias` :|

I did creat a hotfix for this (https://github.com/github/codeql/pull/4446), but
in doing so I realized the core of the problem: We're exposing ourselves to
making these kinds of mistakes by having BOTH importModule and importMember, and
we don't really gain anything from doing this!

We do loose the ability to easily only modeling `from mod import val` and not
`import mod.val`, but I don't think that will ever be relevant.

This change will also make us to recognize some invalid code, for example in

    import os.system as runtime_error

we would now model that `runtime_error` is a reference to the `os.system`
function (although the actual import would result in a runtime error).

Overall these are tradeoffs I'm willing to make, as it does makes things simpler
from a QL modeling point of view, and THAT sounds nice 👍
 2020-10-13 15:03:22 +02:00