hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
24,978 Commits 1,741 Branches 165 Tags
3c647c65bf8328d6964d87fffce33675ed4fb511
Commit Graph

830 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
00a71a1c41 Python: Port sensitive data modeling 
No longer using points-to 🎉
 2021-06-04 11:28:07 +02:00
Rasmus Wriedt Larsen
3b68c87b6c Python: Add sensitive data test-cases 2021-06-03 13:38:29 +02:00
Rasmus Wriedt Larsen
d5f2846394 Merge branch 'main' into jorgectf/python/ldapInjection 2021-05-26 11:01:48 +02:00
Rasmus Wriedt Larsen
1b3f857a2f Python: Promote ClickHouse SQL models 2021-05-25 16:27:23 +02:00
Rasmus Wriedt Larsen
eb1da152a0 Python: Rewrite ClickHouse SQL lib modeling 
This did turn into a few changes, that maybe could have been split into
separate PRs 🤷

* Rename `ClickHouseDriver` => `ClickhouseDriver`, to better follow
  import name in `.qll` name
* Rewrote modeling to use API graphs
* Split modeling of `aioch` into separate `.qll` file, which does re-use
  the `getExecuteMethodName` predicate. I feel that sharing code between
  the modeling like this was the best approach, and stuck the
  `INTERNAL: Do not use.` labels on both modules.
* I also added handling of keyword arguments (see change in .py files)
 2021-05-25 16:13:31 +02:00
Rasmus Wriedt Larsen
c9a9535dbc Python: Use ConceptsTests for ClickHouse SQL libs 
This did reveal a few places where we do not detect the incoming SQL
 2021-05-25 16:10:06 +02:00
Rasmus Wriedt Larsen
35793a10bb Merge pull request #5889 from japroc/python-clickhouse-driver 
Python: Implement module ClickHouseDriver.qll
 2021-05-25 14:25:28 +02:00
jorgectf
37d6ff76a3 Update tests and .expected 2021-05-21 17:47:53 +02:00
Rasmus Wriedt Larsen
c4e244eb80 Python: Add getAwaited to API::Node 
I _really_ wanted to call this `.await()`, but that did not fit in with
the convention, or the corresponding `getPromised` in JS.

54f191cfe3/javascript/ql/src/semmle/javascript/ApiGraphs.qll (L184)
 2021-05-21 17:11:20 +02:00
Rasmus Wriedt Larsen
2408573a0a Python: Add API graph test for calling coroutines 2021-05-21 16:08:15 +02:00
Rasmus Wriedt Larsen
7a5fd02442 Python: API graph tests: add --max-import-depth=1 
Before this, I ended up extracting 454 modules locally 😱
 2021-05-21 15:58:15 +02:00
Rasmus Wriedt Larsen
9a4709c134 Python: API graph tests: Disallow results outside project 
Running the tests locally would result in thousands of results before
this 😱
 2021-05-21 15:57:10 +02:00
Evgenii Protsenko
1e40213abb use <class> instead of <class>::Range 2021-05-20 22:56:08 +03:00
Rasmus Wriedt Larsen
0292ca6b67 Merge pull request #5880 from tausbn/python-limit-builtins 
Python: Limit set of globals that may be built-ins
 2021-05-20 14:47:22 +02:00
CodeQL CI
17afbdf258 Merge pull request #5635 from RasmusWL/port-weak-crypto-algorithm 
Approved by yoff
 2021-05-20 01:22:32 -07:00
Rasmus Wriedt Larsen
61ad5d0673 Python: Allow printing PostUpdateNode in ConceptsTest.qll 
See how this works in `test_json.py`
 2021-05-19 17:10:33 +02:00
Rasmus Wriedt Larsen
9dbb364cca Python: Move json tests to be part of stdlib 
This is better, since the modeling is also part of Stdlib.qll
 2021-05-19 17:10:33 +02:00
Rasmus Wriedt Larsen
51a25e45fe Python: Use shared prettyExpr in ConceptsTest.qll 
This required quite some changes in the expected output. I think it's much more
clear what the selected nodes are now 👍 (but it was a bit boring work to fix
this up)
 2021-05-19 17:10:33 +02:00
Rasmus Wriedt Larsen
f66dccafda Python: Rename prettyExp => prettyExpr 
So we're consistenly using `expr` and not leaving our the `r`.
 2021-05-19 17:10:33 +02:00
Rasmus Wriedt Larsen
c4987e94e0 Python: Re-introduce syntactic handling of str/bytes/unicode 
I don't want to loose results on this, so until type-tracking/API graphs
can handle this, I want to keep our syntactic handling.
 2021-05-19 13:00:11 +02:00
Rasmus Wriedt Larsen
aa8b7306a3 Python: Use more API graphs in TaintTrackingPrivate 
But now we suddenly don't handle the call to `unicode` :O -- at least
not when I run the test locally (using Python 3).
 2021-05-19 12:59:58 +02:00
CodeQL CI
23e8092452 Merge pull request #5864 from RasmusWL/some-framework-modeling 
Approved by tausbn
 2021-05-19 02:31:06 -07:00
Evgenii Protsenko
af75d85b2e ClickHouseSQLInjection.qll : add tests 2021-05-18 22:49:11 +03:00
Rasmus Wriedt Larsen
97fadd9970 Merge branch 'main' into port-weak-crypto-algorithm 2021-05-18 14:04:18 +02:00
Taus
fe12e620dd Python: Avoid clobbering range in test 
This was an unwanted interaction between two unrelated tests, so I
switched to a different built-in in the second test. I also added a test
case that shows an unfortunate side effect of this more restricted
handling of built-ins.
 2021-05-12 18:42:10 +00:00
yoff
0e5a2c4573 Merge pull request #5442 from jorgectf/jorgectf/python/redos 
Python: Add Regular Expression Injection query
 2021-05-11 12:11:35 +02:00
thank_you
3ace49549a Add tests for SqlAlchemy modeling library 
After researching SqlAlchemy and it's various query methods, I discovered several types of SQL injection possibilities.

The SQLExecution.py file contains these examples and can be broken up into two types of injections. Injections requiring the text() taint-step and injections NOT requiring the text() taint step.
 2021-05-10 16:12:15 -04:00
Rasmus Wriedt Larsen
72d08f4d6e Python: Model json load/dump 2021-05-10 15:10:30 +02:00
Rasmus Wriedt Larsen
63f28d7d9b Python: Model keyword args to json loads/dumps 2021-05-10 15:10:29 +02:00
Rasmus Wriedt Larsen
784e0cdb96 Python: Improve tests of json module 
Inspired by the work on previous commit
 2021-05-10 15:10:28 +02:00
Jorge
ae806cd445 Merge branch 'github:main' into jorgectf/python/ldapimproperauth 2021-05-07 20:46:09 +02:00
jorgectf
12ccd7e3b6 Update .expected 2021-04-27 19:54:39 +02:00
jorgectf
05ee853c4e Remove wrong comment 2021-04-27 19:54:39 +02:00
jorgectf
d968eea914 Move expected to /test 2021-04-27 19:54:38 +02:00
jorgectf
81d23c066c Move tests and qlref from /src to /test 2021-04-27 19:54:37 +02:00
Rasmus Wriedt Larsen
499adc26a3 Python: Extend SensitiveDataSource tests 
Now it contains all the sort of things we actually support 👍
 2021-04-22 15:23:40 +02:00
Rasmus Wriedt Larsen
794a86a6b0 Python: Add SensitiveDataSource 2021-04-22 15:23:39 +02:00
Rasmus Wriedt Larsen
59edd18c34 Python: Move framework test-files out of experimental 
This PR was rebased on newest main, but was written a long time ago when all the
framework test-files were still in experimental. I have not re-written my local
git-history, since there are MANY updates to those files (and I dare not risk
it).
 2021-04-22 15:23:37 +02:00
Rasmus Wriedt Larsen
1616975e06 Python: Model hashlib from standard library 2021-04-22 15:23:37 +02:00
Rasmus Lerchedahl Petersen
5a4e661e60 Merge branch 'main' of github.com:github/codeql into python-support-pathlib 2021-04-22 15:04:21 +02:00
Rasmus Wriedt Larsen
7ffbfa8043 Python: Expand stdlib md5 tests with keyword-arguments 2021-04-22 14:51:20 +02:00
Rasmus Wriedt Larsen
fa88f22453 Python: Model hashing operations in cryptography package 2021-04-22 14:51:20 +02:00
Rasmus Wriedt Larsen
c5f826580b Python: Model encrypt/decrypt in cryptography package 
I introduced a InternalTypeTracking module, since the type-tracking code got so
verbose, that it was impossible to get an overview of the relevant predicates.
(this means the "first" type-tracking predicate that is usually private, cannot
be marked private anymore, since it needs to be exposed in the private module.
 2021-04-22 14:51:19 +02:00
Rasmus Wriedt Larsen
bf6f5074c2 Python: Port cryptodome tests to crypto 
I don't know if this is really a smart test-setup... I feel a bit stupid when
doing this xD
 2021-04-22 14:51:19 +02:00
Rasmus Wriedt Larsen
23140dfb76 Python: Add CryptographicOperation modeling for Cryptodome 2021-04-22 14:51:17 +02:00
Rasmus Wriedt Larsen
1b2ed9d99a Python: Align cryptodome tests 2021-04-22 14:51:16 +02:00
Rasmus Wriedt Larsen
2c0df8e656 Python: Add MD5 tests 2021-04-22 14:51:16 +02:00
Rasmus Wriedt Larsen
65c8d9605e Python: Add CryptographicOperation Concept 
I considered using `getInput` like in JS, but things like signature verification
has multiple inputs (message and signature).

Using getAnInput also aligns better with Decoding/Encoding.
 2021-04-22 14:51:14 +02:00
Rasmus Wriedt Larsen
d18fbb7f07 Python: Add working tests of AES and RC4 2021-04-22 14:51:14 +02:00
CodeQL CI
30d7f0dc98 Merge pull request #5687 from RasmusWL/inline-taint-tests 
Approved by yoff
 2021-04-21 06:24:12 -07:00