hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-19 05:56:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,264 Commits 1,716 Branches 162 Tags
143256e6732fe24fac150fead1903d9715ea6a10
Commit Graph

1264 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Rolfe
143256e673 Fix filenames in source archives 2021-09-20 22:17:45 +01:00
Nick Rolfe
c183e05c49 Merge pull request #300 from github/fix_tests 
Fix tests
 2021-09-20 16:19:40 +01:00
Nick Rolfe
d27f8a6d24 Add empty subpaths section to expected test output 2021-09-20 15:56:58 +01:00
Tom Hvitved
8aaabe8b1e Merge pull request #299 from github/hvitved/actions-reuse 
Add two 'composite' actions for reusing logic
 2021-09-20 15:55:28 +02:00
Nick Rolfe
6f7d4fef70 Merge pull request #287 from github/unsafe-deserialization 
rb/unsafe-deserialization query
 2021-09-20 14:23:30 +01:00
Nick Rolfe
8af12a164a Merge pull request #298 from github/trap_extension 
Fix trap extension for source files without extensions
 2021-09-20 14:23:01 +01:00
Tom Hvitved
e201dae672 Add two 'composite' actions for reusing logic 2021-09-20 14:52:02 +02:00
Nick Rolfe
c30c7b380d Replace if let with match. 2021-09-20 12:22:55 +01:00
Nick Rolfe
0936c4cd7b Fix trap extension for source files without extensions 
We were writing files with names like `Gemfile..trap.gz`. Now fixed to
`Gemfile.trap.gz`.
 2021-09-20 12:11:00 +01:00
Tom Hvitved
4bfbf62e13 Merge pull request #296 from github/hvitved/empty-location 
Extract a special empty location
 2021-09-20 13:05:27 +02:00
Tom Hvitved
1393dc9eb4 Update extractor/src/main.rs 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-09-20 12:50:24 +02:00
Harry Maclean
916b844557 Merge pull request #280 from github/hmac-cli-injection 
Add CLI Injection query
 2021-09-20 08:54:01 +01:00
Tom Hvitved
b2d0c60a02 Replace hasLocationInfo with getLocation in API::Node 2021-09-20 09:52:26 +02:00
Tom Hvitved
58d06715fc Extract a special empty location 2021-09-20 09:52:26 +02:00
Alex Ford
36289aa9d9 Merge pull request #255 from github/reflected-xss 
rb/reflected-xss query
 2021-09-17 18:32:48 +01:00
Harry Maclean
739661eb10 Test that KernelMethodCall is specific enough 
Calls to `UnknownModule.system`, where `UnknownModule` is a module that
we know nothing about, should not be identified as instances of
`KernelMethodCall`.
 2021-09-17 17:02:17 +01:00
Harry Maclean
64a8cedaa7 Generalise the concept of a Kernel method call 2021-09-17 17:02:17 +01:00
Harry Maclean
599dc28ffa Add another test for shell interpretation 2021-09-17 17:02:17 +01:00
Harry Maclean
f8359767bc Exclude non-shell interpreted args 
Update the CommandInjection query to only consider sinks where the
argument is interpreted by a shell. If the argument is passed directly
to a subprocess then it's not vulnerable to shell injection.
 2021-09-17 17:02:17 +01:00
Harry Maclean
c8e9a592f0 Update CLI injection tests 
Cover more cases, like sinks after (but not guarded by) barrier guards.
 2021-09-17 17:02:17 +01:00
Harry Maclean
d046fb0591 Separate open3 pipeline methods 
These have a slightly different structure than the other open3 methods.
 2021-09-17 17:02:17 +01:00
Harry Maclean
174ba25c66 Update SystemCommandExecution to new pattern 
The new pattern is to use the new instanceof keyword in the class
definition, instead of constraining the "superclass" via a member field.
 2021-09-17 17:02:17 +01:00
Harry Maclean
cbc14ccda9 Make KernelSystemCall more specific 
Test that calls to`system` on modules other than `Kernel` are excluded,
such as in this example:

    module Foo
      def self.system(*args); end
    end

    # This is not a call to Kernel.system
    Foo.system("bar")
 2021-09-17 17:02:17 +01:00
Harry Maclean
fb23a2e3bf Add SubshellHeredocExecution 
This is a form of command execution:

    result = <<`EOF`
    echo foo bar #{baz}
    EOF
 2021-09-17 17:02:17 +01:00
Harry Maclean
799ef4e4c9 Add barrier guards for CLI injection 2021-09-17 17:02:17 +01:00
Harry Maclean
4ecc78effc Kernel#system -> Kernel.system 2021-09-17 17:02:17 +01:00
Harry Maclean
8f65d78cb5 Add Shellwords.escape as CLI injection sanitizer 2021-09-17 17:02:17 +01:00
Harry Maclean
fe8fc0697b Add qhelp for CLI Injection query 2021-09-17 17:02:17 +01:00
Harry Maclean
4a0d7c528a Add top-level CLI injection query and tests 2021-09-17 17:02:17 +01:00
Harry Maclean
8440fe2ba9 Add CommandInjection dataflow config 2021-09-17 17:02:17 +01:00
Harry Maclean
a8f0bce1d1 Add SystemCommandExecution concept 
A SystemCommandExecution is a method call or builtin that executes a
system command, either directly or via a subshell.
 2021-09-17 17:02:17 +01:00
Nick Rolfe
3c05101961 Merge pull request #290 from github/extract_gemfile 
Automatically extract Gemfiles
 2021-09-17 16:42:30 +01:00
Nick Rolfe
3d23575a38 Merge pull request #292 from github/regexp_slash_az 
Don't parse `\A` and `\Z` as `RegExpConstant`
 2021-09-17 16:42:13 +01:00
Tom Hvitved
1fd91ab9bd Merge pull request #295 from github/hvitved/remove-numlines 
No longer create redundant `numlines` relation
 2021-09-16 13:21:20 +02:00
Tom Hvitved
464b50231b DB upgrade script 2021-09-16 12:57:32 +02:00
Tom Hvitved
fd04baa9fe No longer create redundant numlines relation 2021-09-16 11:43:13 +02:00
Alex Ford
e89d485bc0 update test output (subpaths) 2021-09-15 20:51:14 +01:00
Alex Ford
773291e4c3 Put exprNodeReturnedFrom predicate in DataFlowDispatch.qll 2021-09-15 20:50:46 +01:00
Alex Ford
e80faa017c Fix rb/reflected-xss flow from helper method return values 2021-09-15 20:50:46 +01:00
Alex Ford
35da921deb format 2021-09-15 20:50:46 +01:00
Alex Ford
50b0bb8b36 Restrict rb/reflected-xss instance variable taint edges 2021-09-15 20:50:46 +01:00
Alex Ford
5cfefb1027 Add some more test cases for rb/reflected-xss 2021-09-15 20:50:46 +01:00
Alex Ford
6cc82d46f3 Fix LinkToCallArgumentAsSink matching when link_to is passed a block 2021-09-15 20:50:46 +01:00
Alex Ford
200c8f2493 Add some HTMLEscaping implementations for Rails 2021-09-15 20:50:46 +01:00
Alex Ford
2e65f9b80e update some comments referencing view components 2021-09-15 20:50:46 +01:00
Alex Ford
98fd0e1c24 Update ql/src/queries/security/cwe-079/ReflectedXSS.qhelp 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-09-15 20:50:46 +01:00
Alex Ford
0689e6095e make a type more specific 2021-09-15 20:50:46 +01:00
Alex Ford
ed708c1903 Update ql/src/queries/security/cwe-079/ReflectedXSS.qhelp 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-09-15 20:50:46 +01:00
Alex Ford
eed87b3319 Apply suggestions from code review 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-09-15 20:50:46 +01:00
Alex Ford
205b141482 format 2021-09-15 20:50:46 +01:00