hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,672 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

4539 Commits

Author SHA1 Message Date
jorgectf
3be916e82b Polish FlaskHeaderCall 2021-04-09 01:02:01 +02:00
jorgectf
46c5cb1136 Polish WerkzeugHeaderCall 2021-04-09 01:02:00 +02:00
jorgectf
6f89b3f3d9 Init Header Injection query 2021-04-09 01:02:00 +02:00
jorgectf
cd75433e39 Fix qhelp examples extension 2021-04-09 00:52:50 +02:00
jorgectf
5787406a0d Add .expected 2021-04-09 00:51:26 +02:00
jorgectf
1320eeee53 Add qlref 2021-04-09 00:51:15 +02:00
jorgectf
015d203fcb Improve tests, move them and create qhelp examples 2021-04-09 00:50:47 +02:00
jorgectf
2392be08c7 Improve sink 2021-04-09 00:50:04 +02:00
jorgectf
20fc5db49e Polish query file 2021-04-09 00:49:30 +02:00
jorgectf
63bd32359a Improve qhelp 2021-04-09 00:48:57 +02:00
jorgectf
82f47f8571 Polish metadata 2021-04-08 23:55:34 +02:00
jorgectf
b405c675c2 Add qhelp last newline 2021-04-08 23:49:33 +02:00
jorgectf
7819d1a30b Generate .expected 2021-04-08 23:45:26 +02:00
jorgectf
4f85de87de Add qlref 2021-04-08 23:45:12 +02:00
jorgectf
95bfdc4955 Move tests to /test 2021-04-08 23:45:03 +02:00
jorgectf
1554f4f48d Create qhelp examples 2021-04-08 23:44:46 +02:00
jorgectf
3c1ca72324 Improve qhelp 2021-04-08 23:44:30 +02:00
jorgectf
7296879bc9 Polish tests 2021-04-08 23:11:20 +02:00
jorgectf
8661cb0719 Polish LDAP3Query 2021-04-08 22:56:12 +02:00
jorgectf
a1850ddad4 Change LDAP config (qll) filename 2021-04-08 22:55:48 +02:00
Dilan
d73ba13b28 autoformat fix 2021-04-08 11:41:58 -07:00
Rasmus Wriedt Larsen
c738f387b1 Merge pull request #5624 from tausbn/python-make-callcfgnode-a-localsourcenode 
Python: Improve `CallCfgNode` interface
 2021-04-08 13:38:24 +02:00
Taus
cf5f760ecd Merge pull request #5582 from RasmusWL/all-tuple 
Python: Add support for `__all__` assigned to tuple
 2021-04-08 13:03:27 +02:00
Rasmus Wriedt Larsen
83477439a1 Python: Make django views/fields/forms class modeling extensible 
This also requires that we make this part of the modeling public, which I guess
is step we want to take eventually anyway!

I'm not quite sure whether the modules `Django::Views` and `Django::Forms` are
actually helpful, or whether we should just have their modules available as
`Django::View`, `Django::Form`, and `Django::Field`...
 2021-04-08 12:45:37 +02:00
Rasmus Wriedt Larsen
b7483a5394 Python: Add modeledSubclassRef for Django views/fields/forms 2021-04-08 12:45:36 +02:00
Rasmus Wriedt Larsen
322bdcb703 Python: Port Django view modeling to API graphs 2021-04-08 12:45:35 +02:00
Rasmus Wriedt Larsen
8ce5c46e05 Python: Minor refactor 
modName/clsName _is_ shorter, but also looks way worse :D
 2021-04-08 12:45:34 +02:00
jorgectf
33423eaef3 Optimize calls 2021-04-08 00:31:53 +02:00
jorgectf
7e456494ef Set up taint config and custom sink 2021-04-08 00:20:04 +02:00
jorgectf
8ca6e84268 Refactor Calls to use ApiGraphs 2021-04-08 00:19:46 +02:00
jorgectf
aa7763b3d2 Set up Concepts 2021-04-08 00:19:14 +02:00
jorgectf
db1f54a5f3 Polish query file 2021-04-08 00:19:00 +02:00
Dilan
675de07c3e autoformat ql 2021-04-07 15:04:18 -07:00
thank_you
83f28bfdda Catch any keyword argument passed to MongoEngine's objects method 
After some research, we discovered that any keyword argument passed to the objects method will result in NoSQL injection. This includes scenarios where we have the following:

objects(name_of_model_attribute=unsanitized_user_input)
 2021-04-07 16:45:48 -04:00
thank_you
719c30bd92 Fix file name and adjust where the test points to 2021-04-07 16:42:51 -04:00
yoff
38daeb4df2 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-04-07 15:50:51 +02:00
Taus
903f364dab Python: Improve CallCfgNode interface 
Call nodes are always local sources (specifically sources of the return
value of the call), and so inheriting from `LocalSourceNode` will have
no effect on results, but _should_ make it a bit more smooth to use the
API.
 2021-04-07 13:31:12 +00:00
Taus
6c69c1aeeb Python: Minor cleanup 2021-04-07 10:47:21 +00:00
Rasmus Lerchedahl Petersen
a006a92f8d Python: Expand commentary 2021-04-07 08:32:40 +02:00
Rasmus Lerchedahl Petersen
f22db2a30b Python: One family to rule them all... 2021-04-07 08:32:21 +02:00
Rasmus Lerchedahl Petersen
a0e3e3afaf Python: adjust test expectations 2021-04-07 08:22:36 +02:00
Rasmus Lerchedahl Petersen
fb95c488e8 Python: format 2021-04-07 08:20:52 +02:00
Rasmus Lerchedahl Petersen
094d2f3b7d Python: clean up tests 2021-04-06 22:59:58 +02:00
Rasmus Lerchedahl Petersen
a44490b470 Python: remove unused file 2021-04-06 22:56:07 +02:00
Rasmus Lerchedahl Petersen
0626684442 Python: small cleanups enabled by review 2021-04-06 22:55:32 +02:00
yoff
acf8fd0f03 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-04-06 22:45:03 +02:00
Taus
b44db460f6 Python: Only track modules that are imported 2021-04-06 19:55:43 +00:00
thank_you
4e98348411 Remove comment 2021-04-06 13:57:03 -04:00
thank_you
dc274ecf36 Improve sentence structure and grammar 2021-04-06 13:51:59 -04:00
thank_you
520e65e3c3 Remove unnecessary example code 2021-04-06 13:46:51 -04:00