hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,676 Commits 1,671 Branches 157 Tags
yo-h/java15
Commit Graph

1252 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
bd32faf934 Python: annotate new test 2020-10-02 10:06:54 +02:00
Rasmus Lerchedahl Petersen
2a4d21a989 Python: Test method call 2020-10-02 10:02:29 +02:00
Rasmus Lerchedahl Petersen
0841e92a6b Python: Test for method call 2020-10-01 16:26:12 +02:00
Rasmus Lerchedahl Petersen
5326125b70 Python: Handle positional construtor arguments 2020-10-01 15:28:26 +02:00
Rasmus Wriedt Larsen
3247b300ae Python: Fix problem with missing use-use flow 2020-10-01 12:55:11 +02:00
Rasmus Wriedt Larsen
9b3509f0ba Python: Highlight problem with missing use-use flow 2020-10-01 12:51:44 +02:00
Rasmus Lerchedahl Petersen
2187389da1 Python: Show constructor keyword arg problem 
Also make tests runnable
 2020-10-01 12:48:38 +02:00
Rasmus Lerchedahl Petersen
db23dad6ec Python: Allow callables to connect to calls freely 2020-10-01 12:33:42 +02:00
Rasmus Lerchedahl Petersen
29a162bc9c Python: Proper flow **arg -> **param 2020-09-30 23:55:02 +02:00
Rasmus Wriedt Larsen
428c2a3fda Merge branch 'main' into python-command-execution-modeling 2020-09-30 17:38:59 +02:00
Rasmus Lerchedahl Petersen
b0ed7af897 Python: Approximate **arg -> **param 2020-09-30 15:54:12 +02:00
Rasmus Lerchedahl Petersen
4ae422ce16 Python: Add test for extraneous overflow arguments 2020-09-30 15:28:29 +02:00
Rasmus Wriedt Larsen
4adc26eb62 Python: Fix command injection example code 
`subprocess.Popen(["ls", "-la"], shell=True)` correspond to running `sh -c "ls" -la`

So it doesn't follow the pattern of the rest of the test file.
 2020-09-30 13:38:37 +02:00
Rasmus Wriedt Larsen
9c1253c8af Python: Remove flow out of CommandInjection sinks 2020-09-30 13:29:40 +02:00
Rasmus Lerchedahl Petersen
00966bba0d Python: update test expectations 2020-09-30 13:11:23 +02:00
Rasmus Wriedt Larsen
a2d12f0440 Python: Update CommandInjection.expected 2020-09-30 13:00:10 +02:00
Rasmus Lerchedahl Petersen
30d048f9d4 Python: Support unpacking of keyword arguments. 2020-09-30 11:55:27 +02:00
Rasmus Lerchedahl Petersen
e02cfbf6b0 Python: Support keyword overflow arguments 2020-09-30 11:55:27 +02:00
Rasmus Lerchedahl Petersen
27af9bbae8 Python: Support overflow positional arguments 
Currently ignoring starred arguments
 2020-09-30 11:55:26 +02:00
Rasmus Lerchedahl Petersen
8f2ef94b3e Python: Hook up keyword arguments 2020-09-30 11:55:26 +02:00
Rasmus Lerchedahl Petersen
f5244aab8c Python: Add testfiles 2020-09-30 11:54:40 +02:00
Rasmus Wriedt Larsen
1595fed2d6 Python: Add preliminary taint tests for pathlib 2020-09-30 11:44:37 +02:00
Rasmus Wriedt Larsen
0542c3b91e Python: Model os.path.join and add taint-step 2020-09-30 11:42:36 +02:00
Rasmus Wriedt Larsen
efa2484718 Python: Add taint test for os.path.join 
Surprisingly the first two just worked, due to our very general handling of any
`join` methods :D
 2020-09-30 11:35:21 +02:00
Rasmus Wriedt Larsen
aa6fad558c Python: Minor cleanup in taint-step tests 2020-09-30 11:15:53 +02:00
Rasmus Wriedt Larsen
6cb2ca63a6 Python: tests to show modeling is very syntactical 2020-09-28 11:23:06 +02:00
Rasmus Wriedt Larsen
3af5c720cc Python: Add test of more indirect command injection sinks 2020-09-28 11:16:52 +02:00
Rasmus Wriedt Larsen
f7f6564189 Python: Model subprocess.Popen (and helpers) 2020-09-28 11:13:04 +02:00
Rasmus Wriedt Larsen
62dc0dd263 Python: Model os.exec* os.spawn* and os.posix_spawn* 
I also had to exclude the inline expectation tests from files outside the test
repo.
 2020-09-28 11:05:33 +02:00
Rasmus Wriedt Larsen
c440fd0c09 Python: Adjust expectations for system command executions 
I mostly did this to show my reviewers that the tests actually run and do
something ;)
 2020-09-28 11:05:33 +02:00
Rasmus Wriedt Larsen
060720aae7 Python: Add tests for all SystemCommandExecution from stdlib 
Overall idea is that `test/experimental/meta/ConceptsTest.qll` will set up
inline expectation tests for all the classes defined in `Concepts.qll`, so any
time you model a new instance of Concepts, you simply just import that
file. That makes the tests a little verbose, but allows us to share test-setup
between all the different frameworks we model.

Note that since the definitions of SystemCommandExecution subclasses are
scattered across multieple framework modeling qll files, it think it makes the
most sense to have the tests for each framework in one location.

I'm not 100% convinced about if this is the right choice or not (especially when
we want to write tests for sanitizers), but for now I'm going to try it out at
least.
 2020-09-28 11:05:32 +02:00
Rasmus Wriedt Larsen
2acfd4cdb1 Python: Show we're able to handle example with __init__.py files 2020-09-25 18:28:31 +02:00
Taus
fc84286b56 Merge pull request #3830 from yoff/SharedDataflow_FieldFlow 
Python: Shared dataflow: Field flow
 2020-09-25 14:53:57 +02:00
Rasmus Lerchedahl Petersen
4621e6d8c0 Python: fix QL format 2020-09-25 13:37:39 +02:00
Rasmus Lerchedahl Petersen
88bba46698 Python: Modify tests based on review 
The extra hist in `test.py` seen in `globalStep.expected`
are due to the removal of manual filtering code.
(That code was from when dataflow had many strange things in it.)
 2020-09-25 13:35:30 +02:00
yoff
c56ff986d4 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2020-09-25 11:56:50 +02:00
Rasmus Wriedt Larsen
85607fe2d5 Python: Adjust location for .expected output 2020-09-25 11:56:45 +02:00
Rasmus Wriedt Larsen
3d5511221e Python: Add test for implicit __init__.py files 2020-09-25 11:48:38 +02:00
Rasmus Wriedt Larsen
120a569c6f Python: Explain how CallGraph test.py even works 
Also remove options file, since it did nothing at all (and blocked
experimental/library-tests/options from taking effect)
 2020-09-25 11:42:59 +02:00
Rasmus Wriedt Larsen
624cdd339a Python: Fix grammar 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2020-09-23 11:18:12 +02:00
Rasmus Wriedt Larsen
71a75ce596 Python: Handle bound methods in flask modeling 2020-09-22 16:33:35 +02:00
Rasmus Wriedt Larsen
5709189c2a Python: Expand flask test 2020-09-22 16:33:34 +02:00
Rasmus Wriedt Larsen
e614365963 Python: Adopt new approach in flask modeling 
Removed all the dict-like stuff, not sure that is how we should do things.
 2020-09-22 16:33:33 +02:00
Rasmus Wriedt Larsen
a82fa04d8a Python: Add worked example of taint step modeling of external libs 
This can't be seen on the example, but I went through quite a lot of iterations
before arriving at this fairly simple solution.
 2020-09-22 16:28:26 +02:00
Rasmus Wriedt Larsen
00ea0cebc3 Python: More Flask modeling kinda works 
It "kinda" works now, but it really is not a pretty solution. Adding all these
"tracked" objects is SUPER annoying... it _would_ be possible to skip them, but
that seems like it will give the wrong edges for dataflow/taintflow queries :|

A good chunk of it should be able to be removed with access-paths like C# does
for library modeling. Some of it could be solved by better type-tracking API
like API Graphs... but it seems like we generally are just lacking the
nice-to-have features like `.getAMemberCall` and the like. See
https://github.com/github/codeql/pull/4082/files#diff-9aa94c4d713ef9d8da73918ff53db774L33
 2020-09-22 16:28:25 +02:00
Rasmus Wriedt Larsen
3c08590ee4 Python: Expand flask tests a bit 2020-09-22 16:28:24 +02:00
Rasmus Wriedt Larsen
2bdd0284dc Python: Port py-command-line-injection with new dataflow 2020-09-22 16:28:23 +02:00
Rasmus Wriedt Larsen
7c205dd3fc Python: First attempt at modeling Flask 2020-09-22 16:28:21 +02:00
Rasmus Wriedt Larsen
0265f26301 Python: Add importModule and importMember DataFlow helpers 2020-09-22 16:28:19 +02:00
Rasmus Lerchedahl Petersen
3e2331c87f Merge branch 'main' of github.com:github/codeql into SharedDataflow_FieldFlow 2020-09-22 13:32:36 +02:00