hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-26 04:43:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,826 Commits 1,688 Branches 158 Tags
1e3306d341a52bf93c534fc60fa063d94de4a912
Commit Graph

57 Commits

Author SHA1 Message Date
Geoffrey White
36f410b9f7 Swift: Move taint logic from isAdditionalTaintStep to defaultAdditionalTaintStep. 2022-08-09 17:42:28 +01:00
Mathias Vorreiter Pedersen
24c9ab8015 Swift: Fix MaD for methods 2022-08-05 10:52:28 +01:00
Mathias Vorreiter Pedersen
1c8090fa04 Merge pull request #9964 from geoffw0/cwe95 
Swift: Query for CWE-79 / CWE-95
 2022-08-05 10:38:33 +01:00
Geoffrey White
997068a9cb Swift: Fix a suggestion merge conflict. 2022-08-03 18:16:31 +01:00
Geoffrey White
873c62ef78 Swift: Apply another code review suggestion. 2022-08-03 18:16:01 +01:00
Geoffrey White
e4dab17318 Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-08-03 18:14:14 +01:00
Geoffrey White
9d49986345 Swift: Make QL-for-QL happy. 2022-08-03 17:18:57 +01:00
Geoffrey White
39f1352847 Swift: Complete the rename. 2022-08-03 14:45:20 +01:00
Geoffrey White
81bd61288c Swift: I think CWE-079 is the more accurate CWE for this query. 2022-08-03 14:45:19 +01:00
Geoffrey White
c635895644 Swift: Documentation. 2022-08-03 14:45:18 +01:00
Geoffrey White
8d9653a999 Swift: Generated security-severity tag. 2022-08-03 09:54:54 +01:00
Geoffrey White
651b73e21e Swift: Check for tainted baseURL. 2022-08-03 09:42:48 +01:00
Geoffrey White
53ea65b045 Swift: Implement query. 2022-08-03 09:41:28 +01:00
Geoffrey White
bada5bf7c1 Swift: Placeholder query + docs for CWE-95. 2022-08-02 10:47:06 +01:00
Geoffrey White
6cd6f74be9 Swift: Repair predicate lost in merge. 2022-07-28 10:13:04 +01:00
Geoffrey White
72fd7179f6 Merge branch 'main' into stringlengthconflation6 2022-07-28 10:01:28 +01:00
Geoffrey White
e5342867c6 Swift: Add a note to the qhelp. 2022-07-28 09:52:33 +01:00
Geoffrey White
fe69bbf17c Swift: It turns out NSString.length always exactly matches String.utf16.count. 2022-07-27 17:54:57 +01:00
Geoffrey White
70ca37a3d0 Swift: Model utf8, utf16 a\nd unicodeScalars sources. 2022-07-27 17:39:04 +01:00
Geoffrey White
89d5bbb8e0 Swift: Generalize the flow states in this query. 2022-07-27 17:39:01 +01:00
Geoffrey White
541df9b550 Swift: Remove TODO comment. We have a test for this problem now. 2022-07-18 14:26:12 +01:00
Geoffrey White
336548f746 Swift: Improve comments. 2022-07-18 14:24:16 +01:00
Geoffrey White
9474e63faf Swift: Clean up isSink (4 - move common code out). 2022-07-18 14:24:15 +01:00
Geoffrey White
b136790efd Swift: Clean up isSink (3 - rename f -> funcDecl and move that out as well; in the other two cases this variable didn't exist, now it does). 2022-07-18 14:24:14 +01:00
Geoffrey White
0bd94a6307 Swift: Clean up isSink (2 - rename methodName -> funcName and move that out as well). 2022-07-18 14:24:13 +01:00
Geoffrey White
4854679a40 Swift: Clean up isSink (1 - move common variables to an outer exists). 2022-07-18 14:24:13 +01:00
Geoffrey White
e38254c05e Swift: Fix typo. 2022-07-01 17:00:36 +01:00
Geoffrey White
34ffd1aac5 Swift: Support String.Index and flow through * /. 2022-07-01 14:59:50 +01:00
Geoffrey White
d60d2457c2 Swift: Add String.Index.init as a source as as well. 2022-07-01 14:59:50 +01:00
Geoffrey White
bc03f6959c Swift: Detect String -> NSString results. 2022-07-01 14:59:50 +01:00
Geoffrey White
68c76006bd Swift: Allow trivial taint-like flow. 2022-06-30 11:52:57 +01:00
Geoffrey White
2bd25fc589 Swift: Add QLDoc. 2022-06-30 11:52:17 +01:00
Mathias Vorreiter Pedersen
cc25e2644f Swift: Don't join on index in 'swift/string-length-conflation'. 2022-06-29 11:40:46 +01:00
Mathias Vorreiter Pedersen
c2e57c3c9b Swift: Fix 'kind' in 'swift/string-length-conflation'. 2022-06-28 22:33:28 +01:00
Mathias Vorreiter Pedersen
1a7f5db8e2 Swift: Set 'swift/string-length-conflation' to precision high and delete the placeholder query. 2022-06-28 17:01:06 +01:00
Geoffrey White
9013d56f37 Swift: Strengthen claim about severity in the qhelp. 2022-06-24 17:09:37 +01:00
Geoffrey White
ef283d9b7a Swift: Metadata. 2022-06-24 16:20:16 +01:00
Geoffrey White
f2ae2dbe1f Swift: Consistency. 2022-06-24 12:28:10 +01:00
Geoffrey White
ef3d4f3242 Swift: Add qhelp and example. 2022-06-24 12:27:10 +01:00
Geoffrey White
1a980c94a0 Swift: Query description. 2022-06-23 18:13:48 +01:00
Geoffrey White
911d30bd9a Swift: Proper query message. 2022-06-23 17:12:02 +01:00
Geoffrey White
64d7296847 Swift: Remove redundant cast. 2022-06-23 16:04:26 +01:00
Geoffrey White
3291029e6d Swift: Address further review comments. 2022-06-23 16:00:56 +01:00
Geoffrey White
ebcb1e9448 Swift: Clean up other uses of toString. 2022-06-23 15:53:55 +01:00
Geoffrey White
3b48cb02bc Swift: Add Type.getName(). 2022-06-23 12:54:56 +01:00
Geoffrey White
01f697abe9 Swift: Rename argName -> paramName. 2022-06-23 12:16:04 +01:00
Geoffrey White
5222ba9073 Swift: Suggestions from review. 2022-06-23 12:02:32 +01:00
Geoffrey White
07b89b89d7 Swift: Clean up a bit. 2022-06-22 19:35:37 +01:00
Geoffrey White
19026e9ed5 Swift: Work around toString change. 2022-06-22 19:16:09 +01:00
Geoffrey White
da7f49155d Swift: Use dataflow. 2022-06-22 19:16:09 +01:00