hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-14 19:44:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
74,501 Commits 1,736 Branches 164 Tags
71eae39feb73e2d7e680b04d2c6536831864ae02
Commit Graph

1045 Commits

Author SHA1 Message Date
REDMOND\brodes
71eae39feb Adding missing block modes. 2025-03-11 15:19:42 -04:00
REDMOND\brodes
44b1e921d6 commenting out hash size for now, TODO 2025-03-11 14:10:04 -04:00
REDMOND\brodes
085e8d40fd Hash nodes have instances. 2025-03-11 14:06:36 -04:00
REDMOND\brodes
fe52351aed Stubbing out hash operation node, borrowing from cipher operaiton node 2025-03-10 14:10:55 -04:00
REDMOND\brodes
0672027822 Tracing new notion of known getters, which now includes direct getters for cipher and hash. Removed a redundant hash qll, and fixed misplacement of has type in model. 2025-03-10 11:46:26 -04:00
REDMOND\brodes
d99812a10d Adding GOSTHash to THashType. 2025-03-10 09:59:28 -04:00
REDMOND\brodes
64241caf1d Merge branch 'brodes/cipher_operation' of https://github.com/nicolaswill/codeql into brodes/cipher_operation 2025-03-07 14:25:13 -05:00
REDMOND\brodes
bac0a635f9 Initial hash models for openssl. 2025-03-07 14:24:01 -05:00
Nicolas Will
47affa0fed Restore location output for nodes 2025-03-07 18:30:58 +01:00
REDMOND\brodes
cf72fde911 Fixing cross product in getPropertyAsGraphString (parameter root not bound in all cases, fixing using a bindingetset) 2025-03-07 12:11:12 -05:00
REDMOND\brodes
32d29ffde3 Changed casing on TCipherType, Added some initial fixes for hash support, started developing openssl hashing modeling. 2025-03-07 10:02:36 -05:00
REDMOND\brodes
de3ff45cba Misc updates for OpenSSL modeling to trace algorithm literals to known alg getters, and converting the literal to a TCipherType. 2025-03-05 15:17:52 -05:00
Nicolas Will
627790f98b Clean up consumer and instance interfaces 2025-03-03 19:06:53 +01:00
Nicolas Will
cf33cf7653 Add input and output nodes and fix cross product 2025-02-28 15:21:46 +01:00
Nicolas Will
0354afc365 Make ArtifactConsumers instances of some Artifacts 
TODO: refactor the interfaces
 2025-02-27 15:54:38 +01:00
Nicolas Will
ef0614ad45 Restore removed node location output 2025-02-27 05:45:27 +01:00
Nicolas Will
04f4683399 Rewrite handling of known unknowns and data-flow 2025-02-27 05:42:02 +01:00
Nicolas Will
f55f27b0d9 Expand handling of generic artifact sources 2025-02-25 18:22:38 +01:00
Nicolas Will
eb91ecf1fb Add generic artifact data-flow 
The relation between RNG and other artifacts has been added
Nonce has been completed to report its source
 2025-02-25 02:53:13 +01:00
Nicolas Will
2b0b927b0b Add Nonce association to Operation, update graph 2025-02-24 17:37:41 +01:00
REDMOND\brodes
86cab46b8d Misc. updates to support all JCA cipher operations, including wrap, unwrap and doFinal calls. Corrected pathing for init tracing to detect what mode is being set along a path. Added support for tracing the init operation mode argument to source. Since this involved creating an Operation Mode, changes were also made to make cipher block modes (CBC) more explicit (previously just called mode, but now that term is used for various purposes). 2025-02-21 12:53:35 -05:00
REDMOND\brodes
83dc5b9906 Fixing type bug 2025-02-20 10:45:33 -05:00
REDMOND\brodes
9ee4a7a7b8 Adding a sketch for a CipherOperation concept to model encryption/decryption operations. 2025-02-20 10:37:40 -05:00
REDMOND\brodes
3871c6a33e Adding support for encryption operation detection. 2025-02-18 16:09:00 -05:00
Nicolas Will
8707e4d9a3 Continue Artifact data-flow WIP 2025-02-18 18:35:49 +01:00
Nicolas Will
df01fa7a9c Expand model and JCA modeling 2025-02-17 00:16:08 +01:00
Nicolas Will
b777a22d35 Expand model and specialize newtype relations 2025-02-14 23:43:07 +01:00
Nicolas Will
874e3b5e06 Modify model to use newtypes, expand modeling 2025-02-12 17:58:15 +01:00
Nicolas Will
4d44755945 Refactor Model and CBOM print queries 2025-02-11 15:37:15 +01:00
Kristen Newbury
1a12fb3099 Update JCA model, refactor modes 2025-02-10 13:49:32 -05:00
Kristen Newbury
59208bdb85 Update JCA model to use shared lib 2025-02-10 12:22:22 -05:00
Nicolas Will
3dc28c2d17 Move language-agnostic model to shared library 2025-02-06 21:54:18 +01:00
Tom Hvitved
303b11ec36 Merge pull request #18298 from hvitved/rust/mad-source-sink 
Rust: Add support for MaD sources and sinks with access paths
 2025-01-10 11:49:51 +01:00
Tom Hvitved
039b2ecf9b Merge pull request #18457 from hvitved/dataflow/disallowed-return-inline-late 
Data flow: Fix a bad join order
 2025-01-10 09:37:58 +01:00
yoff
b263132ab2 Merge pull request #17998 from yoff/shared/locations-in-range-analysis 2025-01-09 14:05:54 +01:00
Tom Hvitved
653d1227e3 Data flow: Cache known{Source,Sink}Model 2025-01-09 13:11:29 +01:00
Tom Hvitved
91b6a6573c Data flow: Fix a bad join order 2025-01-09 12:58:16 +01:00
Tom Hvitved
a7bb95249b Rust: Implement known{Source,Sink}Model 2025-01-09 11:47:57 +01:00
Owen Mansel-Chan
0f8f5d2793 Merge branch 'main' into post-release-prep/codeql-cli-2.20.1 2025-01-08 16:28:23 +00:00
yoff
21e7a0e828 Merge branch 'main' into shared/locations-in-range-analysis 2025-01-08 16:40:59 +01:00
Tom Hvitved
9e5a814f72 Merge pull request #18315 from hvitved/ruby/dataflow-types 
Ruby: Track types in data flow
 2025-01-08 15:26:38 +01:00
Tom Hvitved
868caf948c Rename {Source,Sink}Node to {Source,Sink}Element 2025-01-08 15:21:43 +01:00
Paolo Tranquilli
d2c7decd02 Rust/Ruby: upgrade all cargo dependencies excluding rust-analyzer 
The rust-analyzer update will need more work as it seems to break rust
analysis on windows.

This was carried out using `cargo upgrade` from `cargo-edit`:
* getting exclusions options for rust-analyzer with
   ```bash
   cargo upgrade -i --dry-run | grep -o 'ra_ap_\S\+' | sort -u | sed 's/^/--exclude=/' > /tmp/exclude
   ```
* running
   ```bash
   cargo upgrade -i $(cat /tmp/exclude)
   misc/bazel/3rdparty/update_cargo_deps.sh
   ```
 2025-01-08 09:57:11 +01:00
Tom Hvitved
96bf81ad6c Merge pull request #18333 from hvitved/dataflow/stage1-param-self-prune 
Data flow: Prune parameter-self flow in stage 1
 2025-01-08 09:16:12 +01:00
github-actions[bot]
fb20f6ca63 Post-release preparation for codeql-cli-2.20.1 2025-01-07 22:07:40 +00:00
github-actions[bot]
88b6f1e79a Release preparation for version 2.20.1 2025-01-07 20:50:36 +00:00
Dave Bartolomeo
72a53c4b23 Revert "Release preparation for version 2.20.1" 2025-01-07 13:32:23 -05:00
github-actions[bot]
fbf9f2fff8 Release preparation for version 2.20.1 2025-01-07 17:20:13 +00:00
Dave Bartolomeo
22e030584c Revert "Release preparation for version 2.20.1" 2025-01-07 12:14:27 -05:00
Tom Hvitved
aa024010b1 Address review comment 2025-01-07 14:23:54 +01:00