hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-19 03:41:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
8,083 Commits 1,781 Branches 169 Tags
0040c9fb4c1defdc206d9558b4e87925f8ca2ce0
Commit Graph

10 Commits

Author SHA1 Message Date
Sauyon Lee
0040c9fb4c Update links to OWASP cheat sheet 2019-11-06 20:21:47 -08:00
Rasmus Wriedt Larsen
471318369b Python: Don't quote %s in django example 
This is vulnerable to SQL injection because of the quotes around %s -- added
some code that highlights this in test.py

Since our examples did this in the safe query, I ended up rewriting them
completely, causing a lot of trouble for myself :D
 2019-10-29 13:58:07 +01:00
Mark Shannon
91aefab7aa Python: Reorganise code a bit to minimize diff for PR. 2019-08-29 10:31:50 +01:00
Mark Shannon
78ce19678a Python taint-tracking: Fix up SQL injection query. 2019-08-29 10:31:50 +01:00
Mark Shannon
35e82dca68 Python revert .getNode() to .getSink()/.getSource() to keep expected test output the same. 2019-04-04 10:56:45 +01:00
Mark Shannon
7fc5d690cd Python: Use new taint-tracking query in SQL-injection query. 2019-04-04 10:56:44 +01:00
Mark Shannon
61bd8682df Python: Improve API and representation of taint tracking nodes. Update queries and tests accordingly. 2018-11-23 12:32:14 +00:00
Mark Shannon
722d89fc75 Upgrade taint-tracking security queries to path-problem queries. 2018-11-22 11:05:01 +00:00
Mark Shannon
e930b43bf3 Python security queries. Choose a precision reflecting actual precision for Security queries. 2018-11-19 17:10:40 +00:00
Mark Shannon
5f58824d1b Initial commit of Python queries and QL libraries. 2018-11-19 15:10:42 +00:00