hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,098 Commits 1,672 Branches 157 Tags
66737402c20fc83b3d3a654dcccf4b26c901b100
Commit Graph

540 Commits

Author SHA1 Message Date
Jeroen Ketema
a45f381ab9 Swift: Rewrite CleartextLogging to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
0ff607c930 Swift: Rewrite XXEQuery to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
70d0e987c4 Swift: Rewrite PredicateInjection to use DataFlow::ConfigSig 2023-04-03 16:19:30 +02:00
Geoffrey White
33b041242d Swift: Recognize Core Data + Realm sources via type aliases. 2023-03-31 10:44:01 +01:00
Geoffrey White
daa8141414 Swift: Add test case. 2023-03-30 16:16:40 +01:00
Geoffrey White
beb7d9d7a1 Swift: Test layout change. 2023-03-30 16:13:42 +01:00
Mathias Vorreiter Pedersen
e3e68b7753 Merge pull request #12642 from geoffw0/modernstring 
Swift: Modernize the swift/string-length-conflation query
 2023-03-29 14:55:40 +01:00
Geoffrey White
28998ccafe Merge pull request #12471 from geoffw0/dbsinks2 
Swift: Better sinks for swift/cleartext-storage-database
 2023-03-27 12:51:13 +01:00
Geoffrey White
9529bc5f09 Swift: The regressed test is not realistic, update it to be more like what really happens. 2023-03-23 10:52:58 +00:00
Geoffrey White
e266132f0a Swift: Replace sinks with (extendable) CSV. 2023-03-23 10:45:29 +00:00
Geoffrey White
879dea2984 Swift: Additional test cases. 2023-03-23 10:38:52 +00:00
Geoffrey White
a4e9d38abb Swift: Fix the test regression. 2023-03-22 16:44:29 +00:00
Geoffrey White
cbe5243c89 Swift: Accept test regressions. :( 2023-03-22 16:24:32 +00:00
Geoffrey White
1f8a165611 Swift: Add a couple of extra test cases. 2023-03-20 10:58:58 +00:00
Geoffrey White
170fde5bc0 Swift: Add some more test cases. 2023-03-16 12:53:06 +00:00
Geoffrey White
bfbd3d95f9 Swift: Clean up the result message. 2023-03-14 16:03:55 +00:00
Geoffrey White
ffa279e87b Swift: Add additional taint steps into fields. 
ed
 2023-03-09 17:17:42 +00:00
Geoffrey White
da338c26ba Swift: Add a few more test cases for sensitive data. 2023-03-09 11:39:22 +00:00
Geoffrey White
2d889304bb Swift: Some cases in the SqlInjection test are fixed by this. 2023-03-03 16:49:13 +00:00
Geoffrey White
417d175ff2 Merge branch 'main' into nsstring 2023-02-17 11:32:40 +00:00
Geoffrey White
c692a316b0 Swift: Add new results found in UncontrolledFormatString test. 2023-02-17 10:07:32 +00:00
Geoffrey White
cb11524dde Merge pull request #12154 from geoffw0/pathinjectionext 
Swift: More path injection sinks
 2023-02-16 16:00:31 +00:00
Geoffrey White
ad85b37585 Swift: Tidy up indenting. 2023-02-10 18:06:56 +00:00
Geoffrey White
d0efbbf5b8 Swift: More path injection models. 2023-02-10 18:02:50 +00:00
Geoffrey White
82f09b8511 Swift: More path injection test cases. 2023-02-10 17:55:06 +00:00
Geoffrey White
15b8aa1979 Swift: Effect on other tests :) 2023-02-10 14:16:48 +00:00
Geoffrey White
996536b08e Swift: Remove a no-longer-needed special case from swift/unsafe-js-eval. 2023-02-06 17:35:21 +00:00
Geoffrey White
364c173fc3 Swift: Accept additional taint flow in UnsafeJsEval test. 2023-02-03 19:21:10 +00:00
Geoffrey White
794ba428a7 Merge pull request #11942 from geoffw0/rncrypt4 
Swift: add RNCryptor sinks to swift/static-initialization-vector
 2023-01-27 14:33:06 +00:00
Geoffrey White
e92a5eb467 Merge pull request #11911 from geoffw0/rncrypt2 
Swift: Add RNCryptor sinks to swift/hardcoded-key
 2023-01-25 15:11:16 +00:00
Geoffrey White
f6fe627f4b Merge pull request #11914 from geoffw0/rncrypt3 
Swift: Add RNCryptor sinks to swift/constant-salt
 2023-01-25 13:05:33 +00:00
Geoffrey White
f05be77a0b Swift: Recognize more array sources. 2023-01-20 15:25:00 +00:00
Geoffrey White
7648e8f6a3 Swift: Recognize more sources. 2023-01-20 15:08:12 +00:00
Geoffrey White
581c478872 Swift: Model RNCryptor. 2023-01-20 14:50:23 +00:00
Geoffrey White
bb59d055ff Swift: Add tests for RNCryptor library. 2023-01-20 14:50:21 +00:00
Geoffrey White
5d6f2436e4 Merge branch 'main' into coredata 2023-01-18 13:39:02 +00:00
Geoffrey White
71c1ca53a9 Merge branch 'main' into rncrypt 2023-01-18 11:09:09 +00:00
Geoffrey White
a568d0af7f Swift: Remove unused variable. 2023-01-17 18:10:02 +00:00
Geoffrey White
b3d30bfc4f Swift: Add NumberLiteral sources as well. 2023-01-17 18:04:26 +00:00
Geoffrey White
d1cfdb97ee Swift: Model RNCryptor. 2023-01-17 17:55:52 +00:00
Geoffrey White
a92e1c7ea0 Swift: Add tests for RNCryptor library. 2023-01-17 17:31:49 +00:00
Geoffrey White
9911dd53e1 Merge branch 'main' into coredata 2023-01-17 16:22:53 +00:00
Geoffrey White
ea06ad1933 Merge pull request #11529 from geoffw0/format 
Swift: Uncontrolled format string query
 2023-01-17 16:16:10 +00:00
Geoffrey White
3c55cdd5be Swift: Catch the last two test results as well. 2023-01-17 16:04:58 +00:00
Geoffrey White
d42848bb7e Swift: Upgrade the query from dataflow to taint tracking, so as to support more flows. 2023-01-17 16:04:58 +00:00
Geoffrey White
a8ef9cc987 Swift: Add tests for RNCryptor library. 2023-01-17 16:04:57 +00:00
Geoffrey White
037b49b454 Update swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-01-17 14:16:52 +00:00
Geoffrey White
74a37475db Swift: Model RNCryptor. 2023-01-17 11:54:12 +00:00
Geoffrey White
449ebb8a12 Swift: Add tests for RNCryptor library. 2023-01-17 09:03:07 +00:00
Tony Torralba
bd5619147d Merge pull request #11590 from atorralba/atorralba/swift/sensitive-info-logs 
Swift: Add Cleartext Logging query
 2023-01-16 16:22:20 +01:00