784 Commits

Author	SHA1	Message	Date
Rasmus Lerchedahl Petersen	e147e59652	Merge branch 'master' of github.com:github/codeql into SharedDataflow ... To sync files	2020-06-26 12:01:01 +02:00
Rasmus Wriedt Larsen	22ad8f717f	Python: Remove usage of .getASuccessor() in XSLT.qll	2020-06-25 12:07:45 +02:00
Rasmus Wriedt Larsen	3cc566f703	Merge branch 'master' into python-3521-revived	2020-06-25 12:02:21 +02:00
Rasmus Wriedt Larsen	994db060c7	Python: Use CWE-091 for XSLT ... As indicated here https://www.zaproxy.org/docs/alerts/90017/	2020-06-25 11:53:12 +02:00
Rasmus Lerchedahl Petersen	c70cf6d780	Python: better (if imperfect) handling of phi node	2020-06-23 17:25:33 +02:00
Rasmus Lerchedahl Petersen	a55b4660d4	Python: support for with-definitions	2020-06-23 07:45:30 +02:00
Rasmus Lerchedahl Petersen	aa04a2a476	Python: sync dataflow files	2020-06-22 14:56:11 +02:00
Rasmus Lerchedahl Petersen	13bb971b05	Python: sort out some enclosing callable confusion	2020-06-22 14:26:25 +02:00
Rasmus Lerchedahl Petersen	8d564e06d7	Python: sync data flow files	2020-06-22 12:16:11 +02:00
Rasmus Lerchedahl Petersen	cc8367bff2	Python: update readme with lessons learned	2020-06-22 11:22:32 +02:00
Rasmus Lerchedahl Petersen	47819bbcda	Python: obtain remaining expected flows ... - implement encosing callable for more nodes - implement extra flow for ESSA global variables	2020-06-22 07:36:09 +02:00
Porcupiney Hairs	a519132407	add support for libxml2	2020-06-22 02:01:07 +05:30
Rasmus Lerchedahl Petersen	5a864aab87	Python: override genEnclosingCallable ... achieved flow out of functions!	2020-06-19 07:29:46 +02:00
Rasmus Lerchedahl Petersen	9669a6a4dc	Python: test for getASuccessor ... also align test names	2020-06-18 15:10:45 +02:00
Rasmus Lerchedahl Petersen	03b26f7ebe	Python: Remove excessive type pruning	2020-06-18 13:58:47 +02:00
Rasmus Lerchedahl Petersen	1562f5c69a	Python: General comment on dataflow ... between SSA variables and control flow nodes	2020-06-18 07:52:29 +02:00
Rasmus Lerchedahl Petersen	d283919b92	Python: implemented ParameterNode, updated test	2020-06-18 07:45:16 +02:00
Rasmus Lerchedahl Petersen	c20219c2b9	Python: more local flow and more tests	2020-06-17 20:48:06 +02:00
Rasmus Lerchedahl Petersen	ce57a28c8f	Python: Use CallableValue and improve tests	2020-06-17 19:12:10 +02:00
Rasmus Lerchedahl Petersen	f24dc69e1d	Python: add flow from ArgumentNodes	2020-06-17 18:36:50 +02:00
Rasmus Lerchedahl Petersen	a45b5a7d3c	Python: Implemented return node ... but I think they receive no flow	2020-06-17 17:41:43 +02:00
Rasmus Lerchedahl Petersen	25d624d64b	Python: Implement parameter nodes	2020-06-17 16:59:19 +02:00
Rasmus Lerchedahl Petersen	71f364eef3	Python: Implement OutNode ... Also, fix test for local flow	2020-06-17 16:24:44 +02:00
Rasmus Lerchedahl Petersen	52898f16f5	Python: update paths after move	2020-06-17 08:34:45 +02:00
Rasmus Lerchedahl Petersen	47f5b04e87	Python: fix identical-files.json after move ... also more grouping	2020-06-17 07:08:46 +02:00
Rasmus Lerchedahl Petersen	e192b66116	Python: move shared dataflow to experimental	2020-06-17 06:46:46 +02:00
Rasmus Wriedt Larsen	a24974b194	Python: Add missing <p> to qhelp	2020-06-11 11:45:38 +02:00
Rasmus Wriedt Larsen	33a9fb6034	Python: Reorder XSLT qhelp to be valid	2020-06-11 11:30:54 +02:00
Rasmus Wriedt Larsen	ce1f0a39ac	Python: Minor fixup of qhelp for XPath injection	2020-06-10 16:59:40 +02:00
porcupineyhairs	6dd9106301	Update XSLT.qll	2020-06-08 03:12:23 +05:30
Porcupiney Hairs	424e88d318	include sugestions from review	2020-06-08 02:52:11 +05:30
Porcupiney Hairs	1ceb963d4c	Python : Add support for detecting XSLT Injection ... This PR adds support for detecting XSLT injection in Python. I have included the ql files as well as the tests with this.	2020-06-07 03:05:50 +05:30
Porcupiney Hairs	8c5a97170d	Python : Add Xpath injection query ... This PR adds support for detecting XPATH injection in Python. I have included the ql files as well as the tests with this.	2020-05-28 03:15:12 +05:30
yo-h	43bcd5b26c	Add guidelines for experimental CodeQL queries and libraries	2020-02-24 15:08:31 -05:00