hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-11 07:51:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
62,197 Commits 1,779 Branches 169 Tags
45ca301593d511fc6d67dc85b5e6863644cace19
Commit Graph

11078 Commits

Author SHA1 Message Date
Max Schaefer
45ca301593 Rename a predicate. 2024-01-12 13:18:05 +00:00
Max Schaefer
ea26e21454 Extend negative characteristics for exceptions to source models. 2024-01-12 12:20:22 +00:00
Max Schaefer
06ba5ea9f8 Eliminate GetCallable modules and use getCallable instead. 2024-01-12 12:03:49 +00:00
Max Schaefer
76b84301e3 Share some code. 2024-01-12 12:03:49 +00:00
Max Schaefer
9f443d4f83 Make Unexploitable*Characteristic more precise. 2024-01-12 12:03:41 +00:00
Max Schaefer
6e9c90a6bb Properly distinguish negative source and sink characteristics. 
In particular, `IsSanitizerCharacteristic` is a negative _source_ characteristic (not a negative sink characteristic), while `NeutralModelCharacteristic` is both.

This eliminates the erroneous test results.
 2024-01-11 12:36:48 +00:00
Max Schaefer
ff4555ac5b Get rid of negative sink types. 
Instead of positively implying the negative sink type, negative sink characteristics now negatively imply all sink types (but not source types). This is simpler and sice we will never have a huge number of sink types it doesn't impact performance either.

Changes to test results:

- The call to `createDirectories` at `Test.java:87` is now correctly classified as a source candidate, having previously been erroneously excluded by a negative _sink_ characteristic.
- The call to `compareTo` at `Test.java:48` is now erroneously classified as a source candidate; it should be suppressed by `IsSanitizerCharacteristic`, which is a negative sink characteristic, but should really be a negative source characteristic.
- In framework mode, several endpoints are now erroneously classified as source candidates even though they have neutral models, because `NeutralModelCharacteristic` is currently only a negative sink characteristic and not a negative source characteristic.
 2024-01-11 12:19:53 +00:00
Max Schaefer
bcf4f4febd Drop a conjunct which is now spurious. 2024-01-11 11:56:59 +00:00
Max Schaefer
03ca244df2 Associate endpoints with their potential endpoint types and check these when determining candidates. 
This prevents us from associating a sink candidate with a source type and vice versa.

However, this does not fix the problem of negative characteristics for sink types excluding source candidates.
 2024-01-11 11:44:14 +00:00
Max Schaefer
a6d996b478 Add an example of a missed source candidate. 
`Files.list` has a taint step from its first argument to its result, so that first argument should not be considered a sink candidate (and it is not). However, due to a bug in `IsMaDTaintStepCharacteristic` it is also not considered a source candidate, which is wrong: as the example shows, if that argument is a call we do very much want to consider it as a source candidate.
 2024-01-11 11:27:34 +00:00
Max Schaefer
8e429bd399 Rename isSinkCandidate (and a related predicate) to isCandidate. 
This reflects the fact that these predicates also deal with source candidates.
 2024-01-11 11:20:51 +00:00
Max Schaefer
9b7cfd88cd Clarify relationship of isFromSource and Element::fromSource. 2024-01-09 16:21:36 +00:00
Max Schaefer
3e8775daaa Automodel: Do not generate features for compiler-generated program elements. 
These have dummy locations, which breaks certain invariants that break downstream processing.
 2024-01-09 13:39:46 +00:00
Tony Torralba
1b9f59efa7 Merge pull request #14646 from github/java/update-mad-decls-after-triage-2023-10-31T15-52-01 
Java: Update MaD Declarations after Triage
 2023-12-20 15:37:19 +01:00
Tony Torralba
e744d974e8 Merge pull request #14580 from github/java/update-mad-decls-after-triage-2023-10-24T15-42-01 
Java: Update MaD Declarations after Triage
 2023-12-20 15:01:24 +01:00
Tony Torralba
2df8bcb9dc Update java/ql/lib/change-notes/2023-10-31-new-models.md 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-12-20 14:59:07 +01:00
Ed Minnix
a93d6dd956 Change note 2023-12-19 10:28:23 -05:00
Ed Minnix
ce130c6ed5 Add replace to MapMutator 2023-12-19 10:23:06 -05:00
Tony Torralba
c8a369d9ef Update java/ql/lib/ext/jakarta.persistence.model.yml 2023-12-19 14:58:07 +01:00
Edward Minnix III
56921a6e21 Merge pull request #14040 from egregius313/egregius313/weak-hashing-properties 
Java: Add support for algorithm names specified in `.properties` files to `java/potentially-weak-cryptographic-algorithm`
 2023-12-18 09:38:58 -05:00
Tony Torralba
9446249e94 Merge pull request #15012 from atorralba/atorralba/java/fix-missing-pinning-fp 
Java: Fix FPs in Missing certificate pinning
 2023-12-18 09:37:18 +01:00
Tony Torralba
0524289a73 Update java/ql/src/Security/CWE/CWE-327/MaybeBrokenCryptoAlgorithm.ql 2023-12-18 08:50:10 +01:00
Ed Minnix
09a0730491 QLdoc fix 2023-12-15 11:13:09 -05:00
Ed Minnix
02581a3850 Move class for getProperty method call to Properties.qll 2023-12-15 11:09:08 -05:00
Ed Minnix
73cb01fc89 Remove integration test (ported to query test) 
The `.properties` file extractor has been enabled by default, so the
test about sources from `getProperty` calls can be ported to a query test.
 2023-12-15 11:09:08 -05:00
Ed Minnix
fc53727b9d Bump change note date 2023-12-15 11:09:08 -05:00
Ed Minnix
8826eaf1a3 Move test case to query tests 2023-12-15 11:09:08 -05:00
Ed Minnix
afefccf8f7 Update change note 2023-12-15 11:09:08 -05:00
Ed Minnix
0d12981d6a Bump change note 2023-12-15 11:09:08 -05:00
Ed Minnix
078a33eecc Updated change note 2023-12-15 11:09:07 -05:00
Ed Minnix
1c3993e632 QLDocs 2023-12-15 11:09:07 -05:00
Ed Minnix
8e55ced288 Update test to use MaybeBrokenCryptoAlgorithm 2023-12-15 11:09:07 -05:00
Ed Minnix
83c6ece405 Move weak hashing into MaybeBrokenCryptoAlgorithm 2023-12-15 11:09:07 -05:00
Ed Minnix
fbc2a33597 Replace MethodAccess with MethodCall 2023-12-15 11:09:07 -05:00
Ed Minnix
c20ea1f629 Bump change note date 2023-12-15 11:09:07 -05:00
Ed Minnix
cb0ea350b5 Improve docs 2023-12-15 11:09:07 -05:00
Ed Minnix
0efca8200d Weak Hashing query wording 2023-12-15 11:09:07 -05:00
Ed Minnix
86b57a11ac Bump change note date 2023-12-15 11:09:07 -05:00
Ed Minnix
25fa8d5ae7 Move some logic to class 2023-12-15 11:09:07 -05:00
Ed Minnix
4ff6c1e2ea Test case 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-12-15 11:09:07 -05:00
Ed Minnix
93cf5b8eb9 Weak Hashing Property initial query 2023-12-15 11:09:07 -05:00
Anders Schack-Mulligen
337e5e458c Update java/ql/lib/semmle/code/java/security/InsufficientKeySize.qll 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-12-15 08:48:50 +01:00
Anders Schack-Mulligen
7623432c76 Java: Remove/deprecate FlowStateString-based extension points. 2023-12-14 15:15:58 +01:00
Anders Schack-Mulligen
a1068ce2f9 Dataflow: deprecate references 2023-12-14 15:05:33 +01:00
Tom Hvitved
c8b4a215bc Merge pull request #14573 from hvitved/flow-summary-impl-param 
Move `FlowSummaryImpl.qll` to `dataflow` pack
 2023-12-14 12:24:15 +01:00
Tom Hvitved
098afb935b Address more review comments 2023-12-14 09:48:45 +01:00
Ed Minnix
717e69ac0e Add properties file references 2023-12-13 16:54:55 -05:00
Jeroen Ketema
99e65df6ce Merge remote-tracking branch 'upstream/rc/3.12' into mb12 2023-12-13 15:43:39 +01:00
github-actions[bot]
9b20665d75 Add changed framework coverage reports 2023-12-13 00:16:25 +00:00
Tony Torralba
bd8f35bef7 Java: Fix FPs in Missing certificate pinning 
Local URIs should never require pinning
 2023-12-12 18:02:12 +01:00