hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-11 01:39:28 +02:00
Code Issues Packages Projects Releases Wiki Activity
15,505 Commits 1,754 Branches 167 Tags
2b2fb83cdc20ea5f8257ba3cda26f1485f4cbe63
Commit Graph

143 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
18e946d4aa Python: Small rearrangement 2020-08-19 17:56:02 +02:00
Rasmus Lerchedahl Petersen
bd53a711d3 Merge branch 'main' of github.com:github/codeql into SharedDataflow_SequenceFlow 2020-08-19 11:42:41 +02:00
Rasmus Lerchedahl Petersen
176aa06fad Python: Address review comments 2020-08-19 09:21:16 +02:00
yoff
5e84754f73 Update python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-08-19 08:03:47 +02:00
yoff
06bd436aea Update python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-08-19 08:02:53 +02:00
yoff
8fbb447f4c Update python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Taus <tausbn@github.com>
 2020-08-19 08:02:29 +02:00
yoff
1c3b945e55 Update python/ql/src/experimental/dataflow/internal/DataFlowPublic.qll 
Co-authored-by: Taus <tausbn@github.com>
 2020-08-19 08:01:54 +02:00
yoff
43a5e74c65 Update python/ql/src/experimental/dataflow/internal/DataFlowPublic.qll 
Co-authored-by: Taus <tausbn@github.com>
 2020-08-19 08:01:42 +02:00
Rasmus Lerchedahl Petersen
aab603d261 Python: QL doc 2020-08-18 14:37:59 +02:00
Rasmus Lerchedahl Petersen
d0eaa13974 Python: Magic -> Special and reaarange classes 2020-08-18 14:14:38 +02:00
Anders Schack-Mulligen
f75f5ab125 Merge pull request #3838 from hvitved/dataflow/flow-fwd-ctx 
Data flow: Use precise call contexts in `flowFwd()`
 2020-08-18 13:06:11 +02:00
yoff
571520602d Update python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-08-18 12:59:20 +02:00
yoff
59cee284b5 Update python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-08-18 12:59:04 +02:00
Tom Hvitved
a2fc92b9db Data flow: Address review comments 2020-08-17 15:46:43 +02:00
Rasmus Lerchedahl Petersen
bfdb580206 Python: Experiemntal cleanup strategy 2020-08-17 11:37:52 +02:00
Rasmus Lerchedahl Petersen
e808d3033a Python: Add magic to DataFlowCall 2020-08-14 14:19:18 +02:00
Tom Hvitved
e518cbabd6 Python: Sync data flow files 2020-08-14 11:04:45 +02:00
Rasmus Lerchedahl Petersen
ce86a8b72e Python: format ql 2020-08-06 14:42:56 +02:00
Rasmus Lerchedahl Petersen
e77ceaf4b8 Python: Track dictionary keys 
Also, less hacky comprehension,
but I think we still want to fix the extractor
 2020-08-06 13:31:54 +02:00
Rasmus Lerchedahl Petersen
7c235597de Python: More precise dataflow for tuples 
(and dictionaries, but that is not fleshed out)
 2020-08-05 19:22:54 +02:00
Rasmus Lerchedahl Petersen
a89624698d Python: format ql 2020-08-05 14:28:28 +02:00
Rasmus Lerchedahl Petersen
2639e68a0d Python: format ql 2020-08-05 14:16:50 +02:00
Rasmus Lerchedahl Petersen
9312b42e79 Python: More easy-to-get content flow 
There are some things that should be rewritten, though,
but it may involve the extractor
 2020-08-04 13:54:50 +02:00
Rasmus Lerchedahl Petersen
9d09b4c811 Python: Comprehension stores 2020-08-03 08:53:22 +02:00
Rasmus Lerchedahl Petersen
f21777c6ce Python: Simplyfy sequence stores 2020-08-03 08:16:43 +02:00
Rasmus Lerchedahl Petersen
b21da86ac1 Python: Field flow for sequence elements 
only from displays so far
 2020-07-31 15:45:20 +02:00
Rasmus Lerchedahl Petersen
38acea633f Python: Dataflow, expand callable to classes 2020-07-27 17:58:21 +02:00
Rasmus Wriedt Larsen
03d22fa8e3 Python: Fix filenames in qhelp 2020-07-23 17:32:01 +02:00
Rasmus Wriedt Larsen
e283d289fd Python: Update TemplateInjection.qhelp 
Moved things around so there is only a single `<example>` tag (and had to rewrite contents a bit).
 2020-07-23 17:23:26 +02:00
Porcupiney Hairs
1e7921e575 add qhelp and fix tests. 2020-07-23 20:04:32 +05:30
porcupineyhairs
8e85dc755a Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-07-23 19:37:40 +05:30
Rasmus Wriedt Larsen
a97f942a17 Python: Autoformat 2020-07-23 11:38:34 +02:00
Rasmus Wriedt Larsen
91e6222662 Python: Fix SSTI query by importing UntrustedStringKind 
Without a concrete ExternalStringKind class, there will be no flow for
ExternalStringKind by default.
 2020-07-21 18:01:27 +05:30
Porcupiney Hairs
49df4169cf Python : Add query to detect Server Side Template Injection 2020-07-21 18:01:27 +05:30
Taus Brock-Nannestad
cec3694c89 Python: Add type tracker and step summary implementation. 2020-07-17 16:36:56 +02:00
Rasmus Wriedt Larsen
7306f58e57 Python: Fix experimental tests 2020-07-07 19:44:43 +02:00
Taus Brock-Nannestad
f07a7bf8cf Python: Autoformat everything using qlformat. 
Will need subsequent PRs fixing up test failures (due to deprecated
methods moving around), but other than that everything should be
straight-forward.
 2020-07-07 15:43:52 +02:00
Rasmus Lerchedahl Petersen
fe9520b50b Python: correct doc for toString 2020-07-03 15:04:54 +02:00
Rasmus Lerchedahl Petersen
33cf96ccb8 Python: Address review comments 2020-07-03 14:11:58 +02:00
yoff
d201eb2c12 Update python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-07-03 13:33:27 +02:00
yoff
59d611ddd5 Update python/ql/src/experimental/dataflow/internal/DataFlowPublic.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-07-03 13:32:03 +02:00
yoff
8891fbf006 Update python/ql/src/experimental/dataflow/internal/DataFlowPublic.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-07-03 13:31:38 +02:00
yoff
40a6728748 Update python/ql/src/experimental/dataflow/internal/TaintTrackingPrivate.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-07-03 13:30:10 +02:00
Rasmus Lerchedahl Petersen
e3666004cf Python: add some links to readme 2020-07-03 10:37:38 +02:00
Rasmus Lerchedahl Petersen
a9e0288e5b Python: exclude global vars from local flow 2020-07-03 08:41:10 +02:00
Rasmus Lerchedahl Petersen
bdc68ce6b6 Python: refactor Node class 2020-07-03 08:01:44 +02:00
Rasmus Lerchedahl Petersen
5f18fb427a Python: update TODO 2020-07-02 16:20:38 +02:00
Rasmus Lerchedahl Petersen
0b11e77457 Python: make compile 2020-07-01 16:55:44 +02:00
Rasmus Lerchedahl Petersen
0175d5be0c Sync dataflow files 2020-07-01 16:44:11 +02:00
Rasmus Lerchedahl Petersen
7787900bed Python: make compile and simplify 2020-07-01 07:36:00 +02:00