hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-21 23:16:53 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,029 Commits 1,712 Branches 163 Tags
48be57c8fd05928ed0405306afceec3cd882f40a
Commit Graph

13029 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
48be57c8fd Python: Improve QLDoc for ExternalStringDictKind 2020-05-29 12:06:57 +02:00
Rasmus Wriedt Larsen
b083c01520 Python: Deprecate StringDictKind 
This QL

```codeql
import python
import semmle.python.dataflow.TaintTracking
import semmle.python.security.strings.Untrusted

from CollectionKind ck
where
    ck.(DictKind).getMember() instanceof StringKind
    or
    ck.getMember().(DictKind).getMember() instanceof StringKind
select ck, ck.getAQlClass(), ck.getMember().getAQlClass()
```

generates these 6 results.

```
1	{externally controlled string}          ExternalStringDictKind	UntrustedStringKind
2	{externally controlled string}	        StringDictKind	        UntrustedStringKind
3	[{externally controlled string}]	SequenceKind	        ExternalStringDictKind
4	[{externally controlled string}]	SequenceKind	        StringDictKind
5	{{externally controlled string}}	DictKind	        ExternalStringDictKind
6	{{externally controlled string}}	DictKind	        StringDictKind
```

StringDictKind was only used in *one* place in our library code. As illustrated
above, it pollutes our set of TaintKinds. Effectively, every time we make a
flow-step for dictionaries with tainted strings as values, we do it TWICE --
once for ExternalStringDictKind, and once for StringDictKind... that is just a
waste.
 2020-05-29 12:06:57 +02:00
Rasmus Wriedt Larsen
87bc8ae28d Python: Don't use UntrustedStringKind in web lib 
If I wanted to use my own TaintKind and not have any interaction with
`UntrustedStringKind` that wouldn't be possible today since these standard http
libraries import it directly. (also, I wouldn't get any sources of my custom
TaintKind from turbogears or bottle). I changed them to use the same pattern of
`ExternalStringKind` as everything else does.
 2020-05-29 12:06:57 +02:00
Mathias Vorreiter Pedersen
ae4f6edc6a Merge pull request #3204 from jbj/Expr-location-workaround 
C++: Move Expr location workaround to Expr.qll
 2020-05-29 11:58:50 +02:00
Jonas Jensen
7d4d435f25 Merge remote-tracking branch 'upstream/master' into Expr-location-workaround 
Conflicts:
	cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected
 2020-05-29 10:04:12 +02:00
Mathias Vorreiter Pedersen
a305d39111 Merge pull request #3577 from dbartol/github/codeql-c-analysis-team/69 
C++: Fix `MemoryLocation` with multiple `VirtualVariables`
 2020-05-29 09:40:58 +02:00
Jonas Jensen
9813258a3e Merge remote-tracking branch 'upstream/master' into Expr-location-workaround 
Conflicts and semantic conflicts in `library-tests/dataflow/fields` and
`library-tests/ir/ir`.
 2020-05-29 08:44:37 +02:00
Jonas Jensen
87ad519541 Merge pull request #3569 from geoffw0/strftime 
C++: Taint flow consistency change for strftime
 2020-05-29 08:05:25 +02:00
yo-h
1fea545160 Merge pull request #3573 from aschackmull/java/private-interface-methods 
Java: Fix for private interface methods.
 2020-05-28 20:31:55 -04:00
yo-h
c2de08ca51 Merge pull request #3499 from aschackmull/java/instanceof-pattern-cfg 
Java: Add CFG edges for Java 14 pattern-matching instanceof.
 2020-05-28 20:24:39 -04:00
Robert Marsh
732da9cc4c Merge pull request #3586 from MathiasVP/qldoc-for-remaining-controlflow 
C++: QLDoc for the remaining elements in the controlflow directory
 2020-05-28 15:59:19 -07:00
Dave Bartolomeo
476f27e427 Merge from master 2020-05-28 17:27:08 -04:00
Dave Bartolomeo
01ef8795bf C++: Updated fixed test expectation 2020-05-28 17:24:38 -04:00
Robert Marsh
0d8472bd9e Merge pull request #3571 from rdmarsh2/ir-this-parameter 
Treat `this` as a parameter in IR generation
 2020-05-28 14:16:12 -07:00
Calum Grant
2b90b50587 Merge pull request #3528 from hvitved/csharp/cfg/cs6-initializers 
C#: Fix CFG for C# 6 initializers
 2020-05-28 21:40:52 +01:00
Calum Grant
499e349bff Merge pull request #3529 from hvitved/csharp/cs6-nested-initializer-type 
C#: Fix extracted type for nested object initializers
 2020-05-28 21:25:57 +01:00
Jonas Jensen
8b8c00de75 Merge pull request #3584 from jbj/devcontainer 
Codespaces: initial configuration
 2020-05-28 19:06:02 +02:00
Robert Marsh
d8b5d3bce8 C++: accept test fixes 2020-05-28 08:45:01 -07:00
Robert Marsh
693789c2cc Merge branch 'master' into ir-this-parameter 
Bring in new tests so their output can be fixed
 2020-05-28 08:32:10 -07:00
Mathias Vorreiter Pedersen
5fb79cde9a C++: Sync identical files 2020-05-28 16:45:52 +02:00
Mathias Vorreiter Pedersen
0671586aac C++: QLDoc for the remaining elements in the controlflow directory 2020-05-28 16:35:46 +02:00
Geoffrey White
6fcfd0310f C++: Autoformat. 2020-05-28 15:23:48 +01:00
Geoffrey White
c9e1ccf320 Merge branch 'master' into strftime 2020-05-28 15:22:16 +01:00
Jonas Jensen
19d4011b8a Codespaces: initial configuration 
This was adapted from https://github.com/github/vscode-codeql-starter.
 2020-05-28 14:01:36 +02:00
Jonas Jensen
688f540843 Merge pull request #3582 from MathiasVP/qldoc-for-controlflow 
C++: QLDoc for BasicBlock, ControlFlowGraph and Dataflow
 2020-05-28 13:52:43 +02:00
Calum Grant
725a8f55ca Merge pull request #3574 from hvitved/csharp/unification-performance 
C#: Fix performance issue in unification library
 2020-05-28 10:39:02 +01:00
Mathias Vorreiter Pedersen
52da5755b3 C++: Respond to review comments. 2020-05-28 11:20:13 +02:00
Jonas Jensen
1b23f3ec90 C++: Accept two more changed tests 2020-05-28 11:18:14 +02:00
Mathias Vorreiter Pedersen
3d27b6bbde C++: QLDoc for BasicBlock, ControlFlowGraph and Dataflow 2020-05-28 10:10:26 +02:00
Jonas Jensen
9153f568be C++: Accept test results with location fixes 2020-05-28 09:42:49 +02:00
Jonas Jensen
6eaf64c896 Merge remote-tracking branch 'upstream/master' into Expr-location-workaround 2020-05-28 09:37:15 +02:00
Robert Marsh
54ed5d647a C++:autoformat 2020-05-27 19:30:02 -07:00
Robert Marsh
58673c449a C++: switch to TranslatedThisParameter 2020-05-27 19:29:29 -07:00
Robert Marsh
593d4c0f32 Merge pull request #3567 from MathiasVP/ir-partial-definition 
Implement `asPartialDefinition` for IR dataflow nodes
 2020-05-27 13:51:41 -07:00
semmle-qlci
083b8ef8e5 Merge pull request #3568 from asger-semmle/js/avoid-accidental-string-coercion 
Approved by erik-krogh
 2020-05-27 20:46:54 +01:00
Robert Marsh
be74616b2b C++: accept consistency test fixes 2020-05-27 12:39:54 -07:00
Jonas Jensen
c7fa11229c Merge pull request #3532 from MathiasVP/remove-field-conflation-from-ir-fieldflow 
C++: Remove field conflation caused by IR field flow
 2020-05-27 21:17:32 +02:00
Dave Bartolomeo
533eeff7e8 C++: Fix MemoryLocation with multiple VirtualVariables 
While investigating a bug with `TInstruction` sharing, I discovered that we had a case where alias analysis could create two `VirtualVariable`s for the same `Allocation`. For an indirect parameter allocation, we were using the type of the pointer variable as the type of the indirect allocation, instead of just `Unknown`. If the `IRType` of the pointer variable was the same type as the type of at least one access to the indirect allocation, we'd create both an `EntireAllocationVirtualVariable` and a `VariableVirtualVariable` for the allocation.

I added a new consistency test to guard against this in the future. This also turned out to be the root cause of the one existing known consistency failure in the IR tests.
 2020-05-27 14:06:59 -04:00
Mathias Vorreiter Pedersen
bd97fe627c Merge branch 'master' into remove-field-conflation-from-ir-fieldflow 2020-05-27 17:08:19 +02:00
semmle-qlci
674c184a97 Merge pull request #3566 from erik-krogh/XssAttributeSanitizer 
Approved by asgerf
 2020-05-27 15:45:41 +01:00
Tom Hvitved
1c5da67cd8 C#: Fix performance issue in unification library 2020-05-27 15:26:03 +02:00
Erik Krogh Kristensen
33da82d884 Merge branch 'master' of https://github.com/github/codeql into pr/erik-krogh/3566 2020-05-27 12:21:14 +00:00
semmle-qlci
3cfc1e553c Merge pull request #3560 from erik-krogh/OptionalSanitizer 
Approved by asgerf
 2020-05-27 13:15:41 +01:00
Erik Krogh Kristensen
d05a61c745 Merge branch 'master' of https://github.com/github/codeql into pr/erik-krogh/3566 2020-05-27 12:12:08 +00:00
semmle-qlci
fd05314b2c Merge pull request #3531 from asger-semmle/js/node-version-check-notimeout 
Approved by esbena
 2020-05-27 11:13:22 +01:00
Erik Krogh Kristensen
3ae4e90902 change note 2020-05-27 09:45:49 +00:00
Anders Schack-Mulligen
a858a8cd42 Java: Fix for private interface methods. 2020-05-27 11:05:41 +02:00
Anders Schack-Mulligen
796eac108f Java: Autoformat 2020-05-27 09:19:59 +02:00
Mathias Vorreiter Pedersen
db557a45e7 Merge pull request #3570 from geoffw0/mysprintftest 
C++: Fix mysprintf in taint test
 2020-05-27 09:19:54 +02:00
Mathias Vorreiter Pedersen
97edd97778 C++: Add getLocation to TNode IPA type in testcase 2020-05-27 08:28:18 +02:00