hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,676 Commits 1,671 Branches 157 Tags
yo-h/java15
Commit Graph

2409 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
b0cfa1d92d Python: Make "..Call" modeling classes extend DataFlow::CfgNode 2020-10-14 10:53:18 +02:00
Rasmus Wriedt Larsen
bfa5d18476 Python: Use new importNode 2020-10-14 10:49:38 +02:00
Rasmus Wriedt Larsen
7d600e4e8e Merge branch 'main' into python-port-code-injection 2020-10-14 10:48:38 +02:00
Rasmus Wriedt Larsen
4d9d2155fc Python: Make "..Call" modeling classes extend DataFlow::CfgNode 2020-10-14 10:44:58 +02:00
Rasmus Wriedt Larsen
b0e79890e6 Python: Use new importNode 2020-10-14 10:43:22 +02:00
Rasmus Wriedt Larsen
4597ba64d0 Merge branch 'main' into python-model-invoke 2020-10-14 10:41:37 +02:00
Rasmus Wriedt Larsen
eff47457bf Python: Refactor argument matching 2020-10-14 10:37:38 +02:00
Rasmus Wriedt Larsen
2ea71f574c Python: Make "..Call" modeling classes extend DataFlow::CfgNode 2020-10-14 10:37:37 +02:00
Rasmus Wriedt Larsen
2e30f58aa2 Python: Use new importNode 2020-10-14 10:37:36 +02:00
Rasmus Wriedt Larsen
ecf70c5f30 Merge branch 'main' into python-model-python2-specific-command-execution 2020-10-14 10:36:43 +02:00
Rasmus Wriedt Larsen
74bd045488 Python: Make "..Call" modeling classes extend DataFlow::CfgNode 2020-10-14 10:24:46 +02:00
Rasmus Wriedt Larsen
ba158f3317 Python: Use new importNode 2020-10-14 10:17:35 +02:00
Rasmus Wriedt Larsen
49d2e68d12 Merge branch 'main' into python-flask-routed-parameter 2020-10-14 10:16:00 +02:00
Rasmus Lerchedahl Petersen
b0ebb5b6d1 Python: Adjust tag format 2020-10-14 09:51:24 +02:00
Rasmus Lerchedahl Petersen
93383747bd Python: Use more common name for concept 2020-10-14 09:28:58 +02:00
Rasmus Lerchedahl Petersen
a76d276b48 Python: Adjust getARelevantTag 2020-10-14 08:44:04 +02:00
yoff
3b9ea3a958 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-14 08:24:26 +02:00
Taus Brock-Nannestad
7d86b53b71 Python: Fix unwanted module type tracking 2020-10-13 22:47:57 +02:00
Taus Brock-Nannestad
76e5b59dab Python: Add test case for unwanted module type tracking 2020-10-13 22:47:03 +02:00
yoff
1f2390455c Update python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 19:15:33 +02:00
Rasmus Lerchedahl Petersen
5d66c485d5 Python: IPA type for arguemnt mappings 
Not sure how arg2 in line 118 is achieved
 2020-10-13 19:12:52 +02:00
Taus
83937bacae Merge pull request #4448 from RasmusWL/python-simplify-import-modeling 
Python: simplify import modeling
 2020-10-13 18:08:07 +02:00
Rasmus Wriedt Larsen
2c5996f694 Python: Refactor subprocess_attr type-tracker 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 17:21:21 +02:00
Taus Brock-Nannestad
fdb489fc93 Python: Remove flow between ESSA variables 
This required a minor change in the type tracker implementation, but
apart from that no other changes appear to be needed. Seems to clean
up the test output quite a bit.
 2020-10-13 16:35:41 +02:00
yoff
05b744701e Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 15:31:50 +02:00
Rasmus Wriedt Larsen
76c9b8c49f Python: Expose importNode instead of importModule/importMember 
Since predicate name `import` is not allowed, I adopted `importNode` as it sort
of matches what `exprNode` does.

---

Due to only using `importMember` in `os_attr` we previously didn't handle
`import os.path as alias` :|

I did creat a hotfix for this (https://github.com/github/codeql/pull/4446), but
in doing so I realized the core of the problem: We're exposing ourselves to
making these kinds of mistakes by having BOTH importModule and importMember, and
we don't really gain anything from doing this!

We do loose the ability to easily only modeling `from mod import val` and not
`import mod.val`, but I don't think that will ever be relevant.

This change will also make us to recognize some invalid code, for example in

    import os.system as runtime_error

we would now model that `runtime_error` is a reference to the `os.system`
function (although the actual import would result in a runtime error).

Overall these are tradeoffs I'm willing to make, as it does makes things simpler
from a QL modeling point of view, and THAT sounds nice 👍
 2020-10-13 15:03:22 +02:00
Rasmus Wriedt Larsen
4bfd55f1af Python: Show problem with os.path modeling 
This is not a very good test for showing that we don't handle direct imports,
but it was the best I had available without inventing something new. It's very
fragile, since any of these would propagate taint (due to handling all `join`
calls as if the qualifier was a string):

    ospath_alias.join(ts)
    ospath_alias.join(ts, "foo", "bar")

But this test DOES serve the purpose of illustrating that my fix works :D
 2020-10-13 14:50:00 +02:00
Rasmus Lerchedahl Petersen
b7e8b48e9e Python: Move concept tests out 
These tests should be fleshed out at some point, but currently
they test all that we model.
 2020-10-13 13:06:47 +02:00
Taus Brock-Nannestad
1829126230 Python: Get rid of DataFlowCfgNode 
Should make modelling data flow nodes that are also specific
subclasses of `ControlFlowNode` a bit smoother.
 2020-10-13 13:04:59 +02:00
Rasmus Lerchedahl Petersen
4685f2d5f2 Python: Address many review comments 
still need to move concept tests
 2020-10-13 12:03:23 +02:00
Rasmus Wriedt Larsen
662235bad8 Python: Use classRef instead of class_ 
Discussed offline with Taus
 2020-10-13 11:56:37 +02:00
CodeQL CI
d3f8fb5e53 Merge pull request #4423 from tausbn/python-add-attribute-access-interface 
Approved by RasmusWL
 2020-10-13 02:56:21 -07:00
Rasmus Wriedt Larsen
dcd103ea73 Python: Fix grammar 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 10:31:35 +02:00
Rasmus Wriedt Larsen
ce85ac3ce1 Python: Remove solved TODO 2020-10-13 10:15:03 +02:00
Rasmus Wriedt Larsen
2e430325be Python: Refactor argument matching to use set literals 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-13 10:05:35 +02:00
Erik Krogh Kristensen
9604705f64 remove pretty printing of bytes (unstable between minor versions) 2020-10-12 22:32:37 +02:00
Erik Krogh Kristensen
9b7c59f4b4 implement printAst for Python 2020-10-12 21:17:46 +02:00
Taus Brock-Nannestad
3288cf1a75 Python: Hopefully final changes to documentation. 2020-10-12 16:38:21 +02:00
yoff
433a36225b Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-12 15:26:53 +02:00
Taus Brock-Nannestad
b07c7abacc Python: Clear up attribute name access QLDoc 2020-10-12 13:49:08 +02:00
Anders Schack-Mulligen
091e3a2931 Dataflow: Adjust test output. 2020-10-09 16:25:14 +02:00
Rasmus Lerchedahl Petersen
4bd56fdbe4 Python: Implement framework sinks 2020-10-09 16:13:47 +02:00
Rasmus Lerchedahl Petersen
0d8bd01e10 Python: Port query and add test 2020-10-09 16:11:37 +02:00
Anders Schack-Mulligen
1c043447e8 Dataflow: Introduce consistency check for flow targeting PostUpdateNodes. 2020-10-09 14:29:52 +02:00
Taus
60eec7b136 Python: Update python/ql/src/experimental/dataflow/internal/Attributes.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-08 18:14:20 +02:00
Taus Brock-Nannestad
d46453caaa Python: Support named imports as attribute reads 
Required a small change in `DataFlow::importModule` to get the desired
behaviour (cf. the type trackers defined in `moduleattr.ql`, but this
should be harmless. The node that is added doesn't have any flow
anywhere.
 2020-10-08 18:08:55 +02:00
Taus Brock-Nannestad
df447c0af9 Python: Remove flow from getAttributeName 2020-10-08 15:01:24 +02:00
Taus Brock-Nannestad
ceb249680e Python: Reuse existing node fields 
Also changes `x = TCfgNode(y)` to `x.asCfgNode() = y` where applicable.
 2020-10-08 15:00:14 +02:00
Taus Brock-Nannestad
31596ef569 Python: Clean up and extend built-in call node classes 2020-10-08 14:57:39 +02:00
Taus Brock-Nannestad
e9ecc00b37 Python: Implement and use mayHaveAttributeName 2020-10-08 14:53:54 +02:00