hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-24 00:16:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,344 Commits 1,714 Branches 163 Tags
0819090fcbc78c0487370d0683d9449a2ad8f183
Commit Graph

1752 Commits

Author SHA1 Message Date
jorgectf
68c683189a Polish documentation, mongoCollectionMethod() and update .expected 2021-06-28 20:55:49 +02:00
jorgectf
3fd1129895 Delete trivial tests 2021-06-28 20:18:31 +02:00
jorgectf
0ca4f240d9 Merge tests and update .expected 2021-06-28 20:13:53 +02:00
jorgectf
eb16018446 Update .expected 2021-06-17 15:45:05 +02:00
jorgectf
8e3d5ff3f9 Rename mongoclient tests 2021-06-17 15:43:01 +02:00
jorgectf
8527ccc6d6 Update .expected 2021-06-16 23:19:14 +02:00
jorgectf
81505fbd76 Normalize tests 2021-06-16 23:18:38 +02:00
jorgectf
5123b8f4e3 Update .expected 2021-06-15 20:29:33 +02:00
jorgectf
e61cf9a58d Simplify tests 2021-06-15 19:32:02 +02:00
jorgectf
c948970181 resolve merge conflicts 2021-06-15 01:24:04 +02:00
Rasmus Wriedt Larsen
53f7633662 Python: Model await request.post() as MultiDictProxy 
as highlight as being quite easy to do by @yoff 👍
 2021-06-11 14:53:30 +02:00
Rasmus Wriedt Larsen
df67028a1d Python: Model aiohttp.StreamReader 2021-06-11 12:06:53 +02:00
Rasmus Wriedt Larsen
2d31ef7016 Python: Fix last TODOs in aiohttp tests 2021-06-11 12:00:02 +02:00
Rasmus Wriedt Larsen
64a0e3fd0a Merge branch 'main' into aiohttp-modeling 2021-06-11 11:42:24 +02:00
Taus
e7b9603c5b Merge pull request #6053 from RasmusWL/fix-tests 
Python: Fix tests
 2021-06-10 16:55:45 +02:00
Rasmus Wriedt Larsen
dd457f9641 Python: Fix tests 2021-06-10 15:58:56 +02:00
CodeQL CI
a241c114da Merge pull request #5836 from RasmusWL/ec-class-improvement 
Approved by tausbn
 2021-06-10 06:20:56 -07:00
yoff
716627c1dd Merge pull request #5878 from RasmusWL/fix-concept-tests-pretty-print 
Python: Fix concept tests pretty print
 2021-06-10 11:21:08 +02:00
Rasmus Wriedt Larsen
aaddd36236 Python: Add another type-tracking attr test 
This one just works out of the box 💪
 2021-06-09 14:20:50 +02:00
Rasmus Wriedt Larsen
89cba216ca Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-06-09 14:15:59 +02:00
Rasmus Wriedt Larsen
3d2de03674 Python: Add type-tracking test for attr set in function 2021-06-08 19:03:53 +02:00
Rasmus Wriedt Larsen
dcd448b743 Python: Refactor formatting 2021-06-08 19:03:53 +02:00
Rasmus Wriedt Larsen
09de1bcf44 Python: Add tests for type-tracking attrs on instances 2021-06-08 19:03:53 +02:00
Rasmus Wriedt Larsen
e9acea8643 Python: Improve multidict modeling 2021-06-03 11:50:49 +02:00
Rasmus Wriedt Larsen
2e851cd5f0 Python: Improve yarl.URL modeling 2021-06-03 11:38:15 +02:00
Rasmus Wriedt Larsen
3c47e583d8 Python: Add test for missing data-flow step in aiohttp.web 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
2dbbf52903 Python: Model HTTP responses in aiohttp.web 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
735df4597f Python: Aiohttp add response tests 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
5d4140d3e2 Python: Handle more complicated route-setup in aiohttp 
Since we want to be able to easy select request-handlers that are not
set up as part of a view-class, we need to easily be able to identify
those. To handle cases like the one below, we _can't_ just define these
to be all the async functions that are not methods on a class :(

```py
    # see https://docs.aiohttp.org/en/stable/web_quickstart.html#organizing-handlers-in-classes

    class MyCustomHandlerClass:

        async def foo_handler(self, request):  # $ MISSING: requestHandler
            return web.Response(text="MyCustomHandlerClass.foo")

    my_custom_handler = MyCustomHandlerClass()
    app.router.add_get("/MyCustomHandlerClass/foo", my_custom_handler.foo_handler)   # $ routeSetup="/MyCustomHandlerClass/foo"
```

So it seemed easiest to narrow down the route-setups, but that means we
want both refinement and extensibility... so `::Range` pattern to the
rescue 🎉

The important piece of code that still works after this commit, but
which hasn't been changed, is the one below:

```codeql
  /**
   * A parameter that will receive a `aiohttp.web.Request` instance when a request
   * handler is invoked.
   */
  class AiohttpRequestHandlerRequestParam extends Request::InstanceSource, RemoteFlowSource::Range,
    DataFlow::ParameterNode {
    AiohttpRequestHandlerRequestParam() {
      exists(Function requestHandler |
        requestHandler = any(AiohttpCoroutineRouteSetup setup).getARequestHandler() and
```
 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
919a0b6b84 Python: aiohttp route setup is more complicated than expected 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
c69b857662 Python: Add self.request as RemoteFlowSource for aiohttp View 
Just like we do for Django in
7393443f8c/python/ql/src/semmle/python/frameworks/Django.qll (L1786-L1804)
 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
c4b618dcf5 Python: Model view-classes in aiohttp.web 
No taint modeling of them yet though
 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
8c039d5688 Python: Add more aiohttp view routing tests 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
1aa222d7cc Python: Add taint-test for class-based view 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
fb21bc04fa Python: Add taint-steps for yarl.URL 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
72e6a1489c Python: Add taint-steps for MultiDictProxy 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
dd131e6bf7 Python: Add taint-step for methods on aiohttp.web.Request 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
63c7fa0c2c Python: aiohttp match_info should be tainted 
Whoops
 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
597a9dfc80 Python: Don't consider has_body tainted 
Although it technically is, I think it belong in the section of things
that are unlikely to be exploitable
 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
d953ea47d4 Python: Basic handling of tainted attributes in aiohttp 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
88158e7414 Python: Add basic model setup for aiohttp.web.Request 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
2b992a635a Python: Add aiohttp taint tests 2021-06-03 10:55:34 +02:00
Rasmus Wriedt Larsen
3cbb909a3a Python: Add modeling of coroutine routes in aiohttp.web 2021-06-03 10:55:33 +02:00
Rasmus Wriedt Larsen
85d9483c7b Python: Add basic aiohttp tests 2021-06-03 10:55:33 +02:00
Taus
d9911a016e Merge pull request #5933 from RasmusWL/expand-use-of-input-test 
Python: Expand test of py/use-of-input
 2021-05-31 11:39:33 +02:00
Rasmus Wriedt Larsen
d5f2846394 Merge branch 'main' into jorgectf/python/ldapInjection 2021-05-26 11:01:48 +02:00
Rasmus Wriedt Larsen
35793a10bb Merge pull request #5889 from japroc/python-clickhouse-driver 
Python: Implement module ClickHouseDriver.qll
 2021-05-25 14:25:28 +02:00
jorgectf
37d6ff76a3 Update tests and .expected 2021-05-21 17:47:53 +02:00
Evgenii Protsenko
1e40213abb use <class> instead of <class>::Range 2021-05-20 22:56:08 +03:00
Rasmus Wriedt Larsen
f17fe442a2 Python: Expand test of py/use-of-input 2021-05-20 14:52:10 +02:00