yoff
c3d2001e85
Merge pull request #5251 from tausbn/python-port-missing-host-key-validation-query
...
Python: Port missing host key validation query
2021-02-24 08:43:52 +01:00
Taus Brock-Nannestad
f241dbabab
Python: Clean up query a bit
2021-02-23 22:33:18 +01:00
Taus Brock-Nannestad
002d0fe565
Python: Port missing host key query
2021-02-23 22:26:03 +01:00
Rasmus Wriedt Larsen
358ade67e5
Merge pull request #5248 from tausbn/python-port-insecure-temporary-file
...
Python: Port `py/insecure-temporary-file`
2021-02-23 21:37:59 +01:00
Taus Brock-Nannestad
b8ce5e969e
Python: Port py/insecure-temporary-file
2021-02-23 20:02:22 +01:00
yoff
9eed17f647
Merge pull request #5152 from RasmusWL/improve-pyyaml-support
...
Python: Improve pyyaml support
2021-02-23 19:58:04 +01:00
Taus
53711dc82f
Merge pull request #5238 from RasmusWL/no-flow-default-value
...
Python: Highlight missing flow from default value in functions
2021-02-23 13:27:41 +01:00
Rasmus Wriedt Larsen
e160c855ad
Merge pull request #5233 from yoff/python-for-tuple-iteration
...
Python: `for`-iteration of tuples
2021-02-22 15:28:13 +01:00
Rasmus Wriedt Larsen
5249b54a9b
Python: Highlight missing flow from default value in functions
...
Although it is becoming non-trivial to get an overview of what tests we have and
don't have, I didn't find any that highlighted this one
I used all 3 variants of parameters, just to be sure :)
2021-02-22 14:52:51 +01:00
Rasmus Lerchedahl Petersen
d23a8ad016
Python: elide test output
2021-02-21 13:12:54 +01:00
Rasmus Lerchedahl Petersen
46faba69ff
Python: Fix for-iteration of tuples
2021-02-21 12:41:16 +01:00
Rasmus Lerchedahl Petersen
0aecf33fe6
Python: test iteration through overflow parameters
...
These are in a tuple, so the for-step does not fire
2021-02-21 12:33:04 +01:00
Rasmus Wriedt Larsen
9798e60d0f
Merge pull request #5203 from tausbn/python-add-typebacktrackers
...
Python: Add `TypeBackTracker`
2021-02-19 12:02:53 +01:00
Taus
e9cbdc4ad3
Update python/ql/src/semmle/python/dataflow/new/TypeTracker.qll
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2021-02-18 15:53:15 +01:00
CodeQL CI
d94f20ff2f
Merge pull request #5194 from RasmusWL/type-tracking-snippets
...
Approved by tausbn
2021-02-18 02:13:21 -08:00
Taus Brock-Nannestad
23e9785efd
Python: Add missing QLDoc
2021-02-17 21:38:48 +01:00
Taus Brock-Nannestad
99f3a61f61
Python: Add TypeBackTracker
...
This is a fairly straight port of the JS equivalent. Also adds
`Node::getALocalSourceNode` which seems like it might come in handy.
2021-02-17 21:14:20 +01:00
Rasmus Wriedt Larsen
4880350420
Python: Add a single missing QLDoc
2021-02-17 16:33:12 +01:00
Rasmus Wriedt Larsen
7afe3972d8
Revert "Merge pull request #5171 from RasmusWL/restructure-queries"
...
This reverts commit 8caafb3710ec79094957
2021-02-17 16:32:53 +01:00
Taus
ce1d8ded22
Merge pull request #5192 from RasmusWL/framework-for-routed-params
...
Python: Expose framework identifier for route-setup and request handler
2021-02-17 13:19:43 +01:00
Rasmus Wriedt Larsen
a4de88d39c
Python: Update type-tracking snippet
...
based on what I learned in https://github.com/github/codeql/pull/5184
2021-02-17 13:13:25 +01:00
Rasmus Wriedt Larsen
eee49cde85
Merge pull request #5184 from tausbn/python-move-type-tracker-tests-to-source-nodes
...
Python: Use `LocalSourceNode` in type tracker tests
2021-02-17 12:13:47 +01:00
Taus
8caafb3710
Merge pull request #5171 from RasmusWL/restructure-queries
...
Python: Restructure query file layout
2021-02-17 12:09:32 +01:00
Rasmus Wriedt Larsen
cf9ad0cdc5
Python: Move ExternalAPI queries back under Security
...
This was raised as a question at review, and I don't really have a good enough
argument for moving it under POI. At the end of the day, they are _security_
related enough I guess :)
2021-02-17 11:29:33 +01:00
Rasmus Wriedt Larsen
dec026a820
Python: Fix security qlref to have single empty line
2021-02-17 11:26:02 +01:00
Rasmus Wriedt Larsen
1adb510578
Python: Add a single missing QLDoc
2021-02-17 11:24:11 +01:00
Rasmus Wriedt Larsen
2927d888cf
Python: Fix location of PathInjection tests
2021-02-17 11:20:00 +01:00
Rasmus Wriedt Larsen
d98aae9fc1
Python: Expose framework identifier for route-setup and req handler
...
This makes collecting metrics on framework coverage a bit simpler (specifically
giving the RoutedParameter class a more descriptive result for getSourceType).
I guess it can also help a bit when trying to get an overview of a new DB, but
making metrics collection easier is my main motivation for this.
2021-02-16 23:44:03 +01:00
Taus
36be72972d
Merge pull request #2663 from tausbn/python-type-annotation-reuse-fp
...
Python: Add false positive test example for issue #2652 .
2021-02-16 18:46:15 +01:00
Taus Brock-Nannestad
04eb0c774c
Python: Use LocalSourceNode in type tracker tests
...
One minor change to the tests results needed: there is no longer local
flow going into the `ModuleVariableNode` for `attr_ref` in the
`moduleattr.ql` test, but I think this is reasonable.
2021-02-16 18:25:54 +01:00
Rasmus Wriedt Larsen
bc8e61366b
Python: Clarify comment about flask blueprint URL prefixes
2021-02-16 15:29:25 +01:00
Rasmus Wriedt Larsen
1e1cb87436
Python: Model flask blueprints
2021-02-16 15:26:51 +01:00
Rasmus Wriedt Larsen
b7ea469e26
Python: Add tests for flask blueprints
2021-02-16 15:03:00 +01:00
Rasmus Wriedt Larsen
bf401c7498
Merge pull request #5103 from tausbn/python-port-flask-to-api-graphs
...
Python: Port Flask models to use API graphs
2021-02-16 15:00:46 +01:00
Rasmus Wriedt Larsen
8494fcf45f
Python: Move query tests to reflect new file layout
2021-02-16 13:15:01 +01:00
Rasmus Wriedt Larsen
1d6f9bee08
Python: Update qlrefs
2021-02-16 11:48:36 +01:00
Rasmus Wriedt Larsen
3a18881660
Python: Restructure query file location
...
Since I can never remember the CWE numbers
2021-02-16 11:36:10 +01:00
Rasmus Wriedt Larsen
1961ec6e8d
Merge pull request #5159 from tausbn/python-unknown-argument-in-format-string-fp
...
Python: Add FP test for unknown argument in string format
2021-02-15 14:39:10 +01:00
Taus
2ca12aa612
Update python/ql/src/semmle/python/dataflow/new/internal/DataFlowPublic.qll
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2021-02-15 14:21:12 +01:00
Taus Brock-Nannestad
27c479a8ba
Python: Limit RequestInputAccess to immediate uses
...
This fixes some spurious results that occurred when we considered
_any_ use of `request.something` to be a source, even ones we had
tracked into other functions. To prevent this, using
`getAnImmediateUse` better captures the fact that we want the source
to be just the actual attribute access.
2021-02-15 13:51:29 +01:00
CodeQL CI
178c54e69b
Merge pull request #5139 from RasmusWL/django-improvements
...
Approved by yoff
2021-02-14 02:16:52 -08:00
Taus Brock-Nannestad
2632422783
Python: Add FP test for unknown argument in string format
...
Reported in https://github.com/github/codeql/issues/2650
I found this during a bit of spring cleaning in my working
directory. As this doesn't have any immediate security implications, I
don't know when we'll get round to fixing it, but it can't hurt to
have the test case checked in.
2021-02-12 19:28:12 +01:00
Rasmus Wriedt Larsen
10fdc4bfb9
Python: Add support for more yaml loading functions
2021-02-12 12:30:00 +01:00
Rasmus Wriedt Larsen
2021cdbe33
Python: Add tests for more yaml loading functions
2021-02-12 12:30:00 +01:00
Rasmus Wriedt Larsen
f328e84bd2
Python: Mention yaml.safe_load in the qhelp
2021-02-12 12:29:55 +01:00
Rasmus Wriedt Larsen
1651f81ac8
Python: Refactor to avoid confusing name
...
After discussion with @yoff
2021-02-12 12:19:37 +01:00
Taus Brock-Nannestad
4c66071f5f
Python: Revert "Python: Support moduleImport("dotted.name") in API graphs"
...
This reverts commit 2c4a477a4e
2021-02-11 16:08:28 +01:00
Taus Brock-Nannestad
ea30598a08
Python: Split dotted names more efficiently
2021-02-11 16:07:39 +01:00
Rasmus Wriedt Larsen
c57a4df819
Python: Model taint of self.request on django view class
2021-02-10 17:48:48 +01:00
Rasmus Wriedt Larsen
9ca738d921
Python: Add taint test for self.request on django view class
2021-02-10 17:48:41 +01:00
