hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 23:35:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,340 Commits 1,738 Branches 165 Tags
69ed88bccd4e1e52f4e6ffdf6c7f48940ec4c4fc
Commit Graph

25 Commits

Author SHA1 Message Date
Felicity Chapman
caf6b950ac Remove trailing periods from @name metadata in query files 
Fixed 73 .ql query files where the @name metadata contained an ending period.
This ensures consistency with the CodeQL query metadata style guidelines.
 2025-11-26 14:29:51 +00:00
Nora Dimitrijević
4bc9ede2e8 Python/UnsafeUsageOfClientSideEncryptionVersion 2025-10-28 09:40:30 +01:00
Nora Dimitrijević
b79ce6d30b Python: mass enable diff-informed data flow none() location overrides 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on github#18346 and github/codeql-patch#88
 2025-06-17 15:36:52 +02:00
Asger F
e4a1847dad Python: mass enable diff-informed data flow 2025-02-06 10:27:19 +01:00
Taus
1c68c987b0 Python: Change all remaining occurrences of StrConst 
Done using
```
git grep StrConst | xargs sed -i 's/StrConst/StringLiteral/g'
```
 2024-04-22 12:00:09 +00:00
Rasmus Wriedt Larsen
d5e2a30e5b Python: Modernize py/azure-storage/unsafe-client-side-encryption-in-use a bit 
To use consistent naming
 2023-08-28 15:31:08 +02:00
Rasmus Wriedt Larsen
34cbaf10c2 Python: Use PostUpdateNode in py/azure-storage/unsafe-client-side-encryption-in-use 2023-03-29 13:22:21 +02:00
Rasmus Wriedt Larsen
86333e3ba5 Python: Remove duplicate results from azure blob query 2023-03-29 11:47:29 +02:00
Rasmus Wriedt Larsen
32d52c023e Python: Allow any order for azure blob query 
By only allowing the sink in the state where encryption v1 is used, we
can handle the new case where the order of attribute assignment is
flipped.

However, we get a few too many paths because we can have multiple
sources reaching the same sink... let's fix in next commit.
 2023-03-29 11:42:01 +02:00
Rasmus Wriedt Larsen
683985a00a Python: Expand azure blob modeling 
Now we can differentiate between the classes
 2023-03-29 11:24:36 +02:00
Rasmus Wriedt Larsen
8ea6b6f256 Python: Update py/azure-storage/unsafe-client-side-encryption-in-use to use datafow 2023-03-28 10:09:22 +02:00
Rasmus Wriedt Larsen
7a17cd2a9e Python: Rewrite azure query to more idiomatic ql 2023-03-28 10:06:00 +02:00
Raul Garcia
8b4826c0b4 Singleton set literal fix 
Fixing auto-code scanning recommendation
 2023-03-21 08:02:30 -07:00
Raul Garcia
1400b4b520 Update UnsafeUsageOfClientSideEncryptionVersion.ql 
*  predicate `isUnsafeClientSideAzureStorageEncryptionViaObjectCreation` was not useful (it was meant to detect the SDK code, not its usage)
* fixed & simplified `isUnsafeClientSideAzureStorageEncryptionViaAttributes`, the original query was not finding the right code.
NOTE: tested with a real project: https://github.com/wastore/azure-storage-samples-for-python/tree/master/ClientSideEncryptionToServerSideEncryptionMigrationSamples/ClientSideEncryptionV1ToV2
 2023-03-20 18:52:58 -07:00
turbo
4ec401a3f6 Tag all security queries in supported languages' experimental directories with an experimental tag 2022-12-14 17:15:50 +01:00
Raul Garcia
6b17890e4f Fixing warning on usage of a deprecated feature. 2022-07-16 08:30:06 -07:00
Raul Garcia
f7c47b6c75 Update python/ql/src/experimental/Security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.py 
Co-authored-by: Taus <tausbn@github.com>
 2022-07-13 08:34:48 -07:00
Raul Garcia
0dbb03f732 Adding CVE information. 2022-07-12 21:49:19 -07:00
Raul Garcia
d929b1338b Addressing API::Node feedback for all predicates 2022-07-12 11:55:06 -07:00
Raul Garcia
d5791e2d56 Addressing feedback from the PR 2022-07-11 15:45:15 -07:00
Raul Garcia
ac05577966 Making various changes based on the feedback. Pending: 2 non-trivial fixes for Java & Python. 2022-07-11 13:25:35 -07:00
Raul Garcia
e5702d0e15 Update python/ql/src/experimental/Security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql 
Co-authored-by: Taus <tausbn@github.com>
 2022-07-11 13:07:37 -07:00
Raul Garcia
7fc9ae6c49 Update python/ql/src/experimental/Security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql 
Co-authored-by: Taus <tausbn@github.com>
 2022-07-11 13:07:20 -07:00
Raul Garcia
dd1a9a22e3 Update UnsafeUsageOfClientSideEncryptionVersion.qhelp 2022-07-05 13:58:38 -07:00
Raul Garcia
e43e5810cf New queries to detect unsafe client side encryption in Azure Storage 2022-07-01 17:08:35 -07:00