hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 15:22:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
112 Commits 1,684 Branches 159 Tags
32fa033a55898f2df129b5ee62a6f43484dfa5f6
Commit Graph

66 Commits

Author SHA1 Message Date
Sauyon Lee
aa9489ea28 Merge pull request #218 from max/field-refs 
Fix handling of references to fields and methods
 2020-01-16 14:26:55 -08:00
Max Schaefer
b7a830593d Correctly create extract nodes for returns where we cannot infer the type of the returned expression, but know from context that it must be a tuple type. 2020-01-15 10:22:29 +00:00
Max Schaefer
86708f7867 Merge pull request #212 from sauyon/dependency-update 
Dependency update
 2020-01-15 09:18:14 +00:00
Sauyon Lee
f32a785127 Merge pull request #217 from max/issue-24 
Switch RedundantExpr query back to using AST instead of global value numbering.
 2020-01-14 13:05:44 -08:00
Max Schaefer
3d508d44e7 Fix global value numbering. 2020-01-14 20:44:13 +00:00
Max Schaefer
2fdd45255c Add two new tests. 2020-01-14 17:06:42 +00:00
Max Schaefer
61976d8dea Fix code that does not account for the fact that Field is a subtype of ValueEntity. 2020-01-14 15:52:48 +00:00
Max Schaefer
0c254f8cd1 Fix a typo. 2020-01-14 15:35:18 +00:00
Max Schaefer
c96cebb022 Make reads(ValueEntity) and writes(ValueEntity) work for fields. 2020-01-14 15:35:18 +00:00
Max Schaefer
efc72fa01a Remove Entity.getAUse() and replace uses with getAReference(). 
The former had result type `Ident`, so it wouldn't pick up references to methods and fields. Apart from that, it is subsumed by the latter anyway.
 2020-01-14 07:15:43 +00:00
Max Schaefer
d55ebd731d Autoformat. 2020-01-13 08:37:32 +00:00
Max Schaefer
36c620d1dd Add tests and change note. 2020-01-13 08:37:01 +00:00
Ricter Zheng
a6e0dcaefc Add sql.Tx.Exec/Query... support 
Ref: https://golang.org/pkg/database/sql/#Tx.ExecContext
 2020-01-13 15:17:55 +08:00
Sauyon Lee
00dd464697 Update stats 2020-01-10 19:27:47 -08:00
Max Schaefer
384d21b0e9 Switch RedundantExpr query back to using AST instead of global value numbers. 
Most current alerts (https://lgtm.com/rules/1510380685982/alerts/), while technically correct, are likely intentional and harmless. This change keeps only the interesting ones: https://lgtm.com/query/2999122885894714237
 2020-01-10 14:46:54 +00:00
Max Schaefer
c60ddb0f7c Model Header.Get as a source of untrusted input. 2020-01-10 12:29:18 +00:00
Max Schaefer
3d7046e38c Apply suggestions from code review 
Co-Authored-By: Shati Patel <shati@semmle.com>
 2020-01-07 20:07:44 +00:00
Max Schaefer
0d2fe473d7 Add IncompleteUrlSchemeCheck query. 2020-01-07 14:46:49 +00:00
Max Schaefer
9cff56b975 Rename StringConcatenation.qll to StringOps.qll and add HasPrefix class. 2020-01-07 14:46:49 +00:00
Max Schaefer
aeb9840144 Add SliceNode class. 2020-01-06 15:36:54 +00:00
Max Schaefer
638fe07da0 Move getReceiver from MethodCallNode to CallNode. 2020-01-03 14:14:18 +00:00
Max Schaefer
bb4052a574 Generalise result type of getACallee. 2020-01-03 14:14:18 +00:00
Max Schaefer
59498f53f0 Move FuncDec.getACall into FuncDecl. 
Also changes the result from a `CallExpr` to a `CallNode` for consistency with `Function.getACall`.
 2020-01-03 14:13:38 +00:00
Max Schaefer
6f82310a9e Alert suppression through single-line /* */ style comments. 2020-01-02 14:34:11 +00:00
Max Schaefer
1df3585c92 Merge pull request #204 from Semmle/rc/1.23 
Merge rc/1.23 into master
 2019-12-11 10:28:00 +00:00
Max Schaefer
75d78b3f62 Reduce precision of HardcodedCredentials to "medium". 2019-12-10 16:12:48 +00:00
Max Schaefer
46c4670796 Make HardcodedCredentials query less noisy. 
Considering "cert" and "account" to be sensitive leads to a massive number of false positives, especially on cockroach and kubernetes.
 2019-12-10 14:14:36 +00:00
Sauyon Lee
10907c8b04 IncompleteHostnameRegexp: disallow unescaped dot before TLD 2019-12-09 08:47:17 -08:00
Sauyon Lee
bc8974d32d Merge pull request #201 from max/update-data-flow 
Update data flow and taint-tracking libraries
 2019-12-06 18:26:27 -08:00
Henning Makholm
7bc68c4302 Adapt Go tests to codeql test 
These changes make the tests work with the coming `codeql test` support.

The `queries.xml` file defines which extractor the `codeql test`
runner will use to extract databases for the tests. In the future one
will be able to write this information in `qlpack.yml`, but we can't
do that immediately because the _existing_ CodeQL tooling would refuse
to parse a `qlpack.yml` that has the new field in it.
 2019-12-06 18:27:47 +01:00
Max Schaefer
62a50bac2a Update taint-tracking libraries. 
This brings `TaintTrackingImpl.qll` up-to-date with the other languages as of https://github.com/Semmle/ql/pull/2480.
 2019-12-06 14:07:35 +00:00
Max Schaefer
53f5e13af1 Update data-flow libraries. 
This brings `DataFlowImpl.qll` and `DataFlowImplCommon.qll` up-to-date with the other languages as of https://github.com/Semmle/ql/pull/2480.
 2019-12-06 12:14:53 +00:00
Max Schaefer
594824f19c Add test for handling of expressions without extracted type. 2019-12-06 09:21:55 +00:00
Max Schaefer
80e7376189 Merge pull request #198 from sauyon/hardcoded-cred-fix 
HardcodedCredentials: Exclude passwords that include '0123456789'
 2019-12-06 09:02:17 +00:00
Max Schaefer
6bda80a47b Merge pull request #197 from Semmle/rc/1.23 
Merge rc/1.23 into master
 2019-12-06 09:01:18 +00:00
Sauyon Lee
2de7c6f5fc HardcodedCredentials: Exclude passwords that include '0123456789' 2019-12-05 15:37:50 -08:00
Max Schaefer
8364ba3d38 Make Expr.getType() robust against incomplete type_of table. 2019-12-05 17:05:02 +00:00
Shati Patel
e4346a17de Merge pull request #195 from max/impossible-interface-nil-check 
Add new query ImpossibleInterfaceNilCheck
 2019-11-27 11:15:05 +00:00
Max Schaefer
ba54cde86e Add two references. 2019-11-27 10:47:42 +00:00
Max Schaefer
e5a12e9738 Add new query ImpossibleInterfaceNilCheck. 2019-11-26 20:28:53 +00:00
Max Schaefer
f4a24b0353 Improve type information for tuple elements. 
We would previously rely on the type information of the target variable into which the element is stored, but that could be a more general type.

For example, in the assignment

```go
x, y := f()
```

the type of `x` might be an interface while the type of `f()[0]` is a concrete type implementing that interface.
 2019-11-26 16:19:17 +00:00
Max Schaefer
ee723d8a4f Fix DeadStoreOfField false positive. 
We should look into properly desugaring embedded types in the IR, but for now this workaround should suffice.
 2019-11-25 20:21:16 +00:00
Max Schaefer
adf9764085 Don't flag header injection as XSS. 
All results I have seen from this are uninteresting.
 2019-11-25 15:06:53 +00:00
Max Schaefer
db4e6789bb Address doc review comment. 
Co-Authored-By: Shati Patel <shati@semmle.com>
 2019-11-25 10:44:41 +00:00
Max Schaefer
e16a81cba9 Apply review suggestions. 2019-11-25 09:15:57 +00:00
Max Schaefer
cdb843516a Introduce DataFlow::Node.getBasicBlock() and use it. 2019-11-25 09:14:15 +00:00
Max Schaefer
1ff032d11e Add new query ConstantLengthComparison. 2019-11-22 20:55:14 +00:00
Max Schaefer
26a656b838 Merge pull request #189 from sauyon/use-taint-split 
Use split taint predicates to emulate taint
 2019-11-22 17:51:09 +00:00
Max Schaefer
e367a48f6e Mark isEmptyInterface as noinline. 2019-11-22 09:19:34 +00:00
Sauyon Lee
4ea45dbf34 Use data-flow API in stringConcatStep 2019-11-21 23:48:23 -08:00