hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 14:52:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
491 Commits 1,684 Branches 159 Tags
407493094de3d6bc3be7e5f1065fb765f760ed09
Commit Graph

491 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Schaefer
487b1e3f80 Merge pull request #76 from max-schaefer/even-more-qldoc 
Add Qldoc for the last few remaining predicates.
 2020-03-30 11:58:28 +01:00
Max Schaefer
28ed803fae Data flow: Add module doc comment for TaintTrackingImpl.qll 
cf https://github.com/Semmle/ql/pull/3155
 2020-03-30 11:21:53 +01:00
Max Schaefer
bb34c91b38 Add Qldoc for the last few remaining predicates. 
Apart from a missing module doc comment for `TaintTrackingImpl.qll` which we'll need to synchronize with the other languages (https://github.com/Semmle/ql/pull/3155), this gets us to 100% Qldoc coverage.
 2020-03-30 10:38:25 +01:00
intrigus
26cfa93947 Ignore type incompatible sinks 2020-03-27 21:32:53 +01:00
intrigus
8278dd358e Try to fix test 2020-03-27 16:13:00 +01:00
intrigus
21feb9d996 Add byte slice type 2020-03-27 15:37:36 +01:00
intrigus
d609c0ca43 Shorten example code 2020-03-27 15:31:20 +01:00
intrigus
c5a1185939 Apply style suggestions 2020-03-27 15:29:21 +01:00
intrigus
b24c23389c Don't match unexported functions 2020-03-27 15:21:00 +01:00
Max Schaefer
cf6e255a6d Merge pull request #74 from sauyon/http-formvalue 
HTTP Library Improvements
 2020-03-27 14:07:30 +00:00
intrigus-lgtm
5eaaa4264a Apply suggestions from code review 
Co-Authored-By: Sauyon Lee <sauyon@github.com>
 2020-03-27 13:42:30 +01:00
Sauyon Lee
080d14ea50 Add a test for the Read taint step 2020-03-27 04:22:13 -07:00
Sauyon Lee
4747524fee Address review comments 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-03-27 04:15:30 -07:00
Sauyon Lee
05761bc2cd Address review comments 2020-03-27 04:03:30 -07:00
Sauyon Lee
a4f1e2b527 Add a model for Read methods on io.Reader 2020-03-26 18:57:44 -07:00
intrigus
be50db1cc7 Move XPath injection query to supported query 
The XPath injection query is moved to the supported queries.
Removed unnecessary code from the go test file
 2020-03-26 20:19:58 +01:00
intrigus
03023e8205 Add XPath model to default imports 2020-03-26 20:19:19 +01:00
intrigus
35a6fdb589 Add XPath framework models 2020-03-26 20:18:16 +01:00
Sauyon Lee
1f4d67b77b OpenUrlRedirect: Whitelist some more fields and methods 2020-03-26 07:20:51 -07:00
Sauyon Lee
541c82a7f3 HTTP: Add some more untrusted fields and methods 
Also, fix up broken tests.
 2020-03-26 07:20:14 -07:00
Sauyon Lee
e1b0bed6b3 Merge pull request #72 from max-schaefer/improve-virtual-call-resolution 
Refine virtual call targets by local reasoning where possible
 2020-03-26 06:00:59 -07:00
Max Schaefer
46a1a4e010 Add a test. 2020-03-25 20:34:34 +00:00
Max Schaefer
e6bdc1809b Update ql/src/semmle/go/dataflow/internal/DataFlowDispatch.qll 
Co-Authored-By: Sauyon Lee <sauyon@github.com>
 2020-03-25 15:04:48 +00:00
Max Schaefer
13b61383e2 Merge pull request #65 from sauyon/openredirect-fps 
OpenUrlRedirect: Expand safe URL flow configuration
 2020-03-25 15:04:21 +00:00
Sauyon Lee
fbc2499118 OpenUrlRedirect: Add change note for fixed FPs 2020-03-25 04:01:17 -07:00
Sauyon Lee
f77d46f296 Address review comments. 2020-03-25 04:01:15 -07:00
Sauyon Lee
bd5f0b01cf Fix tests 2020-03-25 04:01:14 -07:00
Sauyon Lee
9321ff9110 OpenUrlRedirect: Add support for url.Host reassignments 2020-03-25 04:01:14 -07:00
Sauyon Lee
5f83dbd07b OpenUrlRedirect: Exclude header sources 2020-03-25 04:01:13 -07:00
Sauyon Lee
49aa43bd49 Make header Get and Values calls into taint steps 2020-03-25 04:01:12 -07:00
Sauyon Lee
83a417f52e OpenUrlRedirect: Use a taint-tracking safe URLs 2020-03-25 04:01:11 -07:00
Sauyon Lee
932840b0a3 Address review comments. 2020-03-25 04:01:10 -07:00
Sauyon Lee
fd88d913f7 Fix tests 2020-03-25 04:01:09 -07:00
Sauyon Lee
cc13a5d618 OpenUrlRedirect: Expand safe URL flow configuration 
Also add some more tests
 2020-03-25 04:01:08 -07:00
Max Schaefer
6edbe74c09 Revert "Add queries to inspect and measure dispatch differences." 
This reverts commit 752ee3909a.
 2020-03-25 10:43:05 +00:00
Max Schaefer
4ca87b84db Merge pull request #68 from adityasharad/go/request-forgery 
Add experimental query for request forgery.
 2020-03-25 09:09:34 +00:00
Aditya Sharad
c44e5379df Experimental: Remove query precision for now. 
Address review comment.
 2020-03-24 10:57:51 -07:00
Aditya Sharad
4f32d6651c Experimental: Add sanitiser edge for request forgery. 
Consider a URL string sanitised if the hostname cannot be controlled.
This approach is used by URL redirection queries.
 2020-03-24 10:57:51 -07:00
Aditya Sharad
f984532236 Experimental: Add query for request forgery. 
Tracks the flow of tainted data from untrusted input to the URL of an HTTP request.
Ported from the corresponding query for JavaScript, though currently limited in scope.
Includes companion libraries for customisation.
 2020-03-24 10:57:51 -07:00
Aditya Sharad
d41e6a9d85 Model HTTP request functions in net/http package. 2020-03-24 10:57:51 -07:00
Aditya Sharad
b057ce8d46 Concepts: Add HTTP::ClientRequest class and module. 
Extensible model of client requests to a URL.
Ported from the CodeQL JavaScript library.
 2020-03-24 10:57:51 -07:00
Max Schaefer
330f11c2a3 Merge pull request #71 from intrigus-lgtm/patch-1 
Fix error in Qldoc
 2020-03-24 16:55:22 +00:00
intrigus-lgtm
24b3133e0c Fix error in Qldoc 2020-03-24 17:53:51 +01:00
Max Schaefer
8dda4bd97f Merge pull request #66 from intrigus-lgtm/CWE-643 
CWE-643 XPathInjection on Go
 2020-03-24 10:53:57 +00:00
Sauyon Lee
81e13473db Merge pull request #69 from max-schaefer/issue-72 
Track taint through element writes.
 2020-03-24 03:41:05 -07:00
Max Schaefer
752ee3909a Add queries to inspect and measure dispatch differences. 2020-03-24 09:34:42 +00:00
Max Schaefer
084fa80a57 Refine virtual call targets by local reasoning where possible. 2020-03-24 09:34:42 +00:00
intrigus
1f635806b3 Fix copy-paste errors, remove debugging code 2020-03-23 16:49:45 +01:00
intrigus-lgtm
9187bacd3c Apply suggestion from code review 
Use getUnderlyingType() to account for named aliases.

Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-03-23 16:45:56 +01:00
Sauyon Lee
4ff3177fae Merge pull request #67 from max-schaefer/more-qldoc 
Add missing Qldoc for modules.
 2020-03-23 05:29:40 -07:00