hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 07:12:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,416 Commits 1,684 Branches 159 Tags
31cd26fded4946a3bf46d72d69bebe3eaa9d79dd
Commit Graph

855 Commits

Author SHA1 Message Date
Owen Mansel-Chan
f49ff279b8 Merge pull request #375 from owen-mc/spew 
Model Spew logging framework
 2020-10-16 13:20:13 +01:00
Owen Mansel-Chan
4b76966a49 Model Spew logging framework 2020-10-14 14:47:22 +01:00
Chris Smowton
0afa0e75c4 Merge pull request #374 from smowton/smowton/feature/more-accurate-allocation-overflow 
Improve accuracy of allocation-size-overflow by excluding len(...) calls that never see a large operand
 2020-10-14 13:25:45 +01:00
Chris Smowton
83a7411a05 Improve accuracy of allocation-size-overflow by excluding len(...) calls that never see a large operand 
This is achieved by splitting the query into two pieces: (1) trace flow from indefinitely large object creation to len(...) calls, then (2) considering those particular len(...) calls as taint propagators, trace taint from the same sources all the way to an allocation call. This is more accurate than the previous solution, which considered any len(...) call to propagate taint, potentially confusing an array that stored a large value in one of its cells for an array which is itself of large size.
 2020-10-14 10:16:08 +01:00
Chris Smowton
40869480e1 Extend context models to cover its old golang.org/x/net/context home. 2020-10-12 12:27:19 +01:00
Chris Smowton
024e8ef715 Merge pull request #368 from sauyon/xpath-fix 
Update XPathExpressionString to match the Range pattern
 2020-10-08 09:24:04 +01:00
Sauyon Lee
43de6ea836 Update XPathExpressionString to match the Range pattern 
Fixes #367
 2020-10-07 14:29:05 -07:00
Chris Smowton
c8a2d30e39 Merge pull request #360 from smowton/smowton/feature/stack-trace-exposure 
Add stack-trace exposure query
 2020-10-07 11:08:37 +01:00
Chris Smowton
d7dcf27f57 Merge pull request #362 from smowton/smowton/admin/refactor-function-node 
Refactor DataFlow::FunctionNode as a concrete class
 2020-10-06 15:08:54 +01:00
Chris Smowton
0eb7ac94cc Add stack-trace exposure query 
This is a port of `java/stack-trace-exposure`, and does the same job: warn that a stack dump is written to an HTTP response.
 2020-10-06 14:42:59 +01:00
Chris Smowton
68bb7b02fe Refactor DataFlow::FunctionNode as a concrete class 
This makes it easier to refine FunctionNode without having to define abstract members.
 2020-10-06 14:02:57 +01:00
Chris Smowton
4af5765275 Fix OWASP broken links 2020-10-01 13:06:03 +01:00
Chris Smowton
1cfad846c8 Improve variable names in example code 
These were inherited from the JS version of the example, which concerns HTML.
 2020-09-29 16:37:06 +01:00
Max Schaefer
56f295f741 Add a few useful shortcuts. 2020-09-25 16:58:28 +01:00
Max Schaefer
8667b64a1c Make result variables aware of their index. 2020-09-25 10:51:32 +01:00
Chris Smowton
88c740bbbc Merge pull request #353 from gagliardetto/remove-duplicate-models 
Remove duplicate models (the end)
 2020-09-24 13:31:18 +01:00
Arthur Baars
575c56c426 Merge pull request #354 from github/aibaars/lgtm-go-lines-of-comment 
LGTM: add Metrics/FLinesOfComment.ql to go-lgtm-full.qls
 2020-09-24 12:22:07 +02:00
Arthur Baars
240f3ed7dc LGTM: add Metrics/FLinesOfComment.ql to go-lgtm-full.qls 2020-09-24 11:04:15 +02:00
Max Schaefer
907ae20a16 Merge pull request #350 from smowton/smowton/feature/bad-regex-escape-query 
Add query spotting probably-bad escapes in regular expressions.
 2020-09-24 09:49:16 +01:00
Slavomir
8b397c1eff Remove this. from the generated method and interface models 2020-09-23 17:28:44 +02:00
Slavomir
539127b1d1 Remove models for methods for which there already is a models for the interface they implement. 2020-09-23 17:16:01 +02:00
Chris Smowton
59138048bb Add query spotting probably-bad escapes in regular expressions. 
Inspired by js/useless-regexp-character-escape, but much much simpler because the Go source code parser forbids unrecognised escapes and its regex engine refuses to compile \\x where x is not a character class or other special token (e.g. start-of-word).
 2020-09-23 15:07:22 +01:00
Chris Smowton
a094ddb988 Merge pull request #349 from gagliardetto/stdlib-339-340-342-346-347 
Merge #339 #340 #342 #346 #347
 2020-09-23 14:38:04 +01:00
Chris Smowton
1a3589ac06 Merge pull request #352 from smowton/smowton/feature/http-newrequest 
Add model for net/http.NewRequest
 2020-09-23 09:56:17 +01:00
Max Schaefer
6130720e00 Merge pull request #348 from max-schaefer/functioninput_entrynode 
Ensure `FunctionInput`s corresponding to results have an entry node
 2020-09-23 09:15:18 +01:00
Chris Smowton
c1fbbfb05a Add model for net/http.NewRequest noting that if the URL is tainted then the response should be considered tainted also. 2020-09-23 08:46:36 +01:00
Slavomir
364b6810ce Sort stdlib imports 2020-09-22 18:50:12 +02:00
Slavomir
a7148638aa Merge branch 'standard-lib-pt-6' into stdlib-339-340-342-346-347 2020-09-22 18:44:14 +02:00
Slavomir
61a0cfa06a Merge branch 'standard-lib-pt-4' into stdlib-339-340-342-346-347 2020-09-22 18:43:30 +02:00
Slavomir
315514085f Merge branch 'standard-lib-pt-9' into stdlib-339-340-342-346-347 2020-09-22 18:43:14 +02:00
Slavomir
0510404112 Merge branch 'standard-lib-pt-12' into stdlib-339-340-342-346-347 2020-09-22 18:42:46 +02:00
Slavomir
1a5d582750 Remove Regexp 2020-09-22 13:37:39 +02:00
Slavomir
e742525be5 Fix (*Logger).Writer() model 2020-09-22 13:35:55 +02:00
Slavomir
bff19d5a37 Move and extend Log module for package log with taint-tracking 2020-09-22 13:35:55 +02:00
Slavomir
3a7406b14c Remove redundant Read and Write method models 2020-09-22 13:33:37 +02:00
Slavomir
3abf0e8d29 Add taint-tracking for crypto/x509 package 2020-09-22 13:33:37 +02:00
Slavomir
3acb7a5311 Add taint-tracking for crypto/tls package 2020-09-22 13:33:37 +02:00
Slavomir
5e0e3cc2cc Add taint-tracking for crypto/rsa package 2020-09-22 13:33:37 +02:00
Slavomir
742319c071 Move to stdlib and expand crypto/cypher package taint-tracking 2020-09-22 13:33:37 +02:00
Slavomir
434c4bca9c Add taint-tracking for crypto package 2020-09-22 13:33:37 +02:00
Max Schaefer
c61881acb3 Merge pull request #344 from smowton/smowton/feature/echo-models 
Add models for the Echo framework
 2020-09-22 10:45:02 +01:00
Max Schaefer
2d4f17c91c Ensure result inputs always have an entry node. 2020-09-22 09:08:17 +01:00
Max Schaefer
4b56581122 Fix input nodes for results that are not assigned to an SSA variable. 2020-09-22 09:06:16 +01:00
Max Schaefer
c905149579 Merge pull request #341 from gagliardetto/standard-lib-pt-10 
Move to stdlib and extend the models for `fmt` package
 2020-09-21 22:10:56 +01:00
Chris Smowton
7b917f9dd7 Add utility functions for getting FunctionInputs and FunctionOutputs. 2020-09-21 17:35:40 +01:00
Chris Smowton
397282f41a Add models for the Echo framework 2020-09-21 17:35:40 +01:00
Chris Smowton
b6b7bd2717 Generalise model of HTTP libraries 
* Allow for HTTP response methods that define a content-type without a corresponding header write
* Factor out stdlib-http-specific classification of fields that aren't vulnerable to an open-redirect exploit
 2020-09-21 16:26:39 +01:00
Slavomir
0005775e2b Apply suggestions from code review 
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-09-21 16:23:21 +02:00
Slavomir
dedeb7bbf1 Add taint-tracking for container/ring package 2020-09-21 12:34:00 +02:00
Slavomir
75e3ee6e77 Add taint-tracking for container/list package 2020-09-21 12:32:39 +02:00