2331 Commits

Author	SHA1	Message	Date
Rasmus Lerchedahl Petersen	211345c010	python: remove more annotations	2022-01-31 11:20:59 +01:00
Rasmus Lerchedahl Petersen	cac3862659	python: remove library annotation ... to clean up QL warnings. Should put these in a private module instead?	2022-01-31 08:50:37 +01:00
Rasmus Lerchedahl Petersen	0c3bce1415	python: deprecation ... I am slightly concerned that the test now generates many more intermediate results. I suppose that maes the analysis heavy. Should the new library get a new name instead, so the old code does not get evaluated?	2022-01-31 08:32:24 +01:00
Rasmus Wriedt Larsen	3e71d7f9bb	Python: Add note about / for Django upload_to ... I did a test locally, something like import requests req = requests.Request( "POST", "http://127.0.0.1:8000/app/upload-test/", data={"name": "foo"}, files={"upload" : ("wat/haha|!#$%^&", open("foo.txt", "rb"))}, ) # print(req.prepare().body.decode('ascii')) requests.session().send(req.prepare()) and the `wat/` part was stripped from the filename	2022-01-28 12:17:46 +01:00
yoff	74d57bbb1a	Update python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll ... Co-authored-by: Taus <tausbn@github.com>	2022-01-28 11:38:29 +01:00
Rasmus Lerchedahl Petersen	a026120c52	Python: Move configuration over and refine it ... The original configuration did not match sinks with sanitizers. Here it is resolved using flow state, it could also be done by using two configurations.	2022-01-28 09:00:40 +01:00
Rasmus Lerchedahl Petersen	d539920661	Python: Update list of frameworks	2022-01-28 08:58:30 +01:00
Rasmus Wriedt Larsen	4338c06b0d	Python: Support Django FileField.upload_to	2022-01-27 17:20:16 +01:00
Rasmus Lerchedahl Petersen	b93c04bb79	python: Add reverse flow in some patterns ... Particularly in value and literal patterns. This is getting a little bit into the guards aspect of matching. We could similarly add reverse flow in terms of sub-patterns storing to a sequence pattern, a flow step from alternatives to an-or-pattern, etc.. It does not seem too likely that sources are embedded in patterns to begin with, but for secrets perhaps? It is illustrated by the literal test. The value test still fails. I believe we miss flow in general from the static attribute.	2022-01-27 15:20:23 +01:00
Rasmus Lerchedahl Petersen	cb52ab669e	python: address review comments ... The comment about `py_scopes` was simply removed	2022-01-27 11:17:00 +01:00
yoff	e28669e487	Apply suggestions from code review ... Co-authored-by: Taus <tausbn@github.com>	2022-01-27 10:31:43 +01:00
Rasmus Lerchedahl Petersen	163c888781	python: port concepts and implementations	2022-01-26 19:05:37 +01:00
Rasmus Lerchedahl Petersen	47af3a69a5	Merge branch 'main' of github.com:github/codeql into python/support-match	2022-01-26 11:39:46 +01:00
Rasmus Wriedt Larsen	301318020f	Merge pull request #7455 from haby0/py/add-shutil-module-path-injection-sinks ... Python: Add shutil module sinks for path injection query	2022-01-24 20:06:36 +01:00
Rasmus Lerchedahl Petersen	41908cbf9f	python: add missing qldoc	2022-01-21 13:55:08 +01:00
Rasmus Lerchedahl Petersen	49d4b1480d	python: Do not remove ChainedConfigs12.qll ... since it was clearly already used. Add deprecation message instead.	2022-01-21 12:27:29 +01:00
Erik Krogh Kristensen	a235f8f023	remove redundant inline type casts	2022-01-21 11:46:33 +01:00
Erik Krogh Kristensen	ddfc3bc00f	use set literals instead of big disjunctions	2022-01-21 11:46:33 +01:00
yoff	5b9ae9cede	Merge pull request #7659 from RasmusWL/move-regex-injection-files ... Python: Move regex injection configuration files	2022-01-21 11:42:06 +01:00
yoff	4fd0ada9a8	Merge pull request #7652 from RasmusWL/cleartext-remove-fps ... Python: Remove usernames as sensitive source for cleartext queries	2022-01-21 11:30:40 +01:00
Rasmus Lerchedahl Petersen	a5bc5373d0	python: Rewrite path injection to use flow state ... This removes the FP cause by chaining This PR also removes `ChainedConfigs12.qll`, as we hope to solve future problems via flow states.	2022-01-21 09:26:48 +01:00
Erik Krogh Kristensen	4e8e3a7420	simplify expressions that could be type-casts	2022-01-20 10:41:35 +01:00
Rasmus Wriedt Larsen	aa10ad6a8a	Python: Fix RegexInjection query, add old deprecated versions	2022-01-19 17:22:44 +01:00
Rasmus Wriedt Larsen	e82ea7ad17	Python: move regex injection configuration files ... I did not notice that these went to the wrong location in https://github.com/github/codeql/pull/6693. They should be in the dataflow folder with the rest of the data-flow configurations files, the injection folder is for old points-to based modeling.	2022-01-19 17:21:46 +01:00
Rasmus Wriedt Larsen	e82e648ca1	Python: Remove usernames as sensitive source for cleartext queries ... Closes #6363, #6927, #6726, #7497, #7116	2022-01-19 15:25:21 +01:00
Rasmus Lerchedahl Petersen	36e18d5d80	python: dataflow for match ... - also update `validTest.py`, but commented out for now otherwise CI will fail until we force it to run with Python 3.10 - added debug utility for dataflow (`dataflowTestPaths.ql`)	2022-01-19 14:29:58 +01:00
Rasmus Lerchedahl Petersen	bb210f4172	pythos: SSA for match ... - new SSA definition `PatternCaptureDefinition` - new SSA definition `PatternAliasDefinition` - implement `hasDefiningNode`	2022-01-19 14:29:58 +01:00
Rasmus Lerchedahl Petersen	de8ecb214f	python: Wrappers for database classes ... - new syntactic category `Pattern` (in `Patterns.qll`) - subpatterns available on statments - new statements `MatchStmt` and `Case` (`Match` would conflict with the shared ReDoS library) - new expression `Guard` - support for pattern lists	2022-01-19 14:29:58 +01:00
Rasmus Lerchedahl Petersen	b17f844f35	python: New generated files	2022-01-19 13:36:32 +01:00
Rasmus Wriedt Larsen	95e935e9c1	Python: Support SQLAlchemy scoped_session	2022-01-18 14:34:31 +01:00
Anders Schack-Mulligen	fff3b5c5b4	Dataflow: Add qldoc.	2022-01-18 10:39:55 +01:00
Anders Schack-Mulligen	71e39353ca	Dataflow: Sync.	2022-01-18 10:36:52 +01:00
Anders Schack-Mulligen	dfa79f6119	Dataflow: Sync.	2022-01-18 10:30:09 +01:00
Chris Smowton	2c37885f6e	Sync dataflow	2022-01-18 10:30:09 +01:00
Anders Schack-Mulligen	0b24af901d	Merge pull request #7349 from aschackmull/dataflow/state ... Dataflow: Add support for flow state	2022-01-14 09:12:38 +01:00
Anders Schack-Mulligen	c44cf29992	Merge pull request #7587 from owen-mc/add-default-taint-sanitizer-guard ... Dataflow: Add default taint sanitizer guard	2022-01-13 14:44:55 +01:00
Anders Schack-Mulligen	f7cf327e71	Dataflow: Sync	2022-01-13 13:28:43 +01:00
Owen Mansel-Chan	8e8278764b	Add predicate defaultTaintSanitizerGuard for each language ... This was done manually, as these files are not synced by sync-files.py.	2022-01-12 14:44:56 +00:00
Owen Mansel-Chan	c112980b81	Sync TaintTrackingImpl.qll ... Done automatically using sync-files.py	2022-01-12 14:44:55 +00:00
Erik Krogh Kristensen	f7a63d5ea0	remove duplicated line	2022-01-07 18:38:02 +01:00
Erik Krogh Kristensen	1a8b6d7414	recognize ranges without upper bounds	2022-01-07 18:38:01 +01:00
Erik Krogh Kristensen	acaf294bee	support a limited number of regexp ranges	2022-01-07 18:36:30 +01:00
haby0	05b0daa0b7	Add the test of shutil module in FileSystemAccess.py	2022-01-06 14:14:42 +08:00
Anders Schack-Mulligen	ef714f7328	Dataflow: Sync	2022-01-05 14:25:35 +01:00
Erik Krogh Kristensen	fe1107ccac	remove duplicated spaces in qldoc	2022-01-04 21:03:06 +01:00
Erik Krogh Kristensen	b9964799f3	Merge pull request #7458 from erik-krogh/modelling ... QL: add "modelling/modeling" to `ql/non-us-spelling`	2022-01-04 13:33:54 +01:00
Alex Ford	3da98ecb73	Bump a date	2021-12-22 16:38:16 +00:00
Alex Ford	a2104de8a0	Move CryptoAlgorithms::AlgorithmsName into a separate internal/CryptoAlgorithmNames.qll	2021-12-22 16:38:15 +00:00
Alex Ford	f16d77615d	Remove unused isStrongBlockMode predicate from CryptoAlgorithms.qll	2021-12-22 16:38:15 +00:00
Alex Ford	d3af687767	Add more encryption algorithms and modes to CryptoAlgorithms::AlgorithmNames ... Strong encryption algorithms: ARIA, IDEA, SEED, SM4 Strong block modes: CBC, CFB, CTR, OFB	2021-12-22 16:38:15 +00:00