Ahmed Farid
abc49bd62b
Update TimingAttackAgainstHeader.py
2022-08-16 12:06:34 +01:00
Ahmed Farid
68cf084b8f
Update TimingAttackAgainstSensitiveInfo.expected
2022-08-16 12:03:14 +01:00
Ahmed Farid
c85ad1b2c0
Update TimingAttackAgainstHash.py
2022-08-16 11:50:37 +01:00
Ahmed Farid
5ecadd06ae
Update TimingAttackAgainstHash.py
2022-08-15 15:21:10 +01:00
Ahmed Farid
f2bf58bdb6
Update TimingAttackAgainstSensitiveInfo.py
2022-08-15 15:16:30 +01:00
Ahmed Farid
18b103dbd5
Update TimingAttackAgainstHash.py
2022-08-15 11:29:29 +01:00
Ahmed Farid
7d23b80582
Update TimingAttackAgainstHash.py
2022-08-15 11:29:09 +01:00
Ahmed Farid
521dbd0e82
Update TimingAttackAgainstSensitiveInfo.py
2022-08-15 11:28:51 +01:00
Ahmed Farid
5de103303d
Update TimingAttackAgainstHeader.py
2022-08-15 11:26:34 +01:00
Ahmed Farid
7cb1683f5b
Update TimingAttackAgainstSensitiveInfo.py
2022-08-15 11:21:40 +01:00
Ahmed Farid
01490414e8
Update TimingAttackAgainstHeader.py
2022-08-12 12:25:31 +01:00
Ahmed Farid
ae4ded08fa
Update and rename TimingAttackAgainstHeader.qlref to TimingAttackAgainstHeaderValue.qlref
2022-08-04 12:42:52 +01:00
Ahmed Farid
813e2394f7
Merge branch 'main' into timing-attack-py
2022-07-27 14:40:55 +01:00
Ahmed Farid
e3340c9345
Update TimingAttackAgainstSensitiveInfo.py
2022-07-27 00:25:42 +01:00
Ahmed Farid
ad57ff4def
Rename PossibleTimingAttackAgainstSignature.qlref to PossibleTimingAttackAgainstHash.qlref
2022-07-26 23:56:24 +01:00
Ahmed Farid
f35985097d
Update and rename PossibleTimingAttackAgainstSignature.expected to PossibleTimingAttackAgainstHash.expected
2022-07-26 23:50:44 +01:00
Ahmed Farid
4f082e28e5
Update and rename TimingAttackAgainstSignature.py to TimingAttackAgainstHash.py
2022-07-20 12:26:57 +01:00
Ahmed Farid
b3925ae988
Update PossibleTimingAttackAgainstSignature.qlref
2022-07-20 00:57:26 +01:00
Asger F
a522562f93
Merge pull request #9369 from asgerf/python/api-graph-api
...
Python: API graph renaming and documentation
2022-06-28 14:48:12 +02:00
root
655b9d4262
Python: Timing attack
2022-06-27 12:18:45 -04:00
Rasmus Wriedt Larsen
3248f7b423
Merge pull request #9649 from RasmusWL/certificate-modeling
...
Python/JS/Ruby: Ignore common words (like certain) as sensitive data source
2022-06-23 12:04:58 +02:00
Rasmus Wriedt Larsen
4be375521f
Python: Handle _ in sensitive-data-sources
2022-06-22 11:05:14 +02:00
Rasmus Wriedt Larsen
4a844312f4
Python: _ in var name not handled by sensitive-data-sources
2022-06-22 11:05:14 +02:00
Rasmus Wriedt Larsen
5dc2bb717a
Python: ignore common words (certain/concert) as sensitive source
2022-06-22 11:05:05 +02:00
Anders Schack-Mulligen
df6d68b215
Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class
...
Dataflow: Deprecate BarrierGuard class
2022-06-22 10:44:08 +02:00
Rasmus Wriedt Larsen
abdcfd55c3
Python: uncertainty is treated as a certificate :O
2022-06-22 10:16:28 +02:00
Asger F
181a53bd03
Python: Rename getAnImmediateUse -> asSource
2022-06-21 12:44:06 +02:00
Asger F
60fde3c031
Python: Rename getARhs -> asSink
2022-06-21 12:44:06 +02:00
Anders Schack-Mulligen
a7c268f804
Python: adjust test.
2022-06-20 15:46:38 +02:00
Anders Schack-Mulligen
f473a0a961
Python: Deprecate and replace BarrierGuard class.
2022-06-20 15:46:38 +02:00
Rasmus Wriedt Larsen
ae44a941f9
Merge pull request #9421 from RasmusWL/inline-brackets
...
Inline Expectation Tests: Allow `tag[foo bar]`
2022-06-20 10:01:19 +02:00
yoff
699761889d
Merge pull request #7127 from jty-team/jty/python/emailInjection
...
Python: CWE-079 - Add Email injection query
2022-06-14 10:54:16 +02:00
Alex Ford
8d195e3188
Merge pull request #9157 from alexrford/crypto-op-block-mode
...
Ruby/Python: Add a `BlockMode` concept for `CryptographicOperations`
2022-06-13 21:32:36 +02:00
Rasmus Wriedt Larsen
c1e6996e99
Inline Expectation Tests: Allow tag[foo bar]
...
This is partly motivated by the MaD tests which looks much better now in
my opinion.
I also wanted this for testing argument passing. In Python we're
adopting the same argument positions as Ruby has
[here](4f3751dfea/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowDispatch.qll (L508-L540)
2022-06-03 11:39:57 +02:00
Anders Schack-Mulligen
4f3751dfea
Merge pull request #9316 from hvitved/dataflow/edges-get-a-successor-consistency
...
Data flow: Make `PathGraph::edges/2` and `PathNode::getASuccessor/1` consistent
2022-06-01 10:38:25 +02:00
yoff
cd46f31cba
Merge branch 'main' into py/CsvInjection
2022-05-30 13:41:31 +02:00
Rasmus Wriedt Larsen
7a6646dcaf
Merge pull request #8883 from erik-krogh/pyMaD
...
Python: add MaD implementation
2022-05-30 13:31:07 +02:00
jorgectf
e577a0e836
Update .expected tests
2022-05-27 00:13:40 +02:00
${sleep,7}
76c27c685f
Merge branch 'main' into jty/python/emailInjection
2022-05-26 16:27:57 -04:00
Tom Hvitved
4f95abc4f6
Python: Update expected test output
2022-05-25 14:39:37 +02:00
yoff
aadfa8eacd
Merge branch 'main' into py/CsvInjection
2022-05-25 10:43:08 +02:00
Rasmus Wriedt Larsen
6611e5b4b8
Merge branch 'main' into promote-pam
2022-05-18 10:35:39 +02:00
Erik Krogh Kristensen
7245591468
Merge pull request #7763 from erik-krogh/unused-field
...
QL: add unused-field query
2022-05-18 09:15:16 +02:00
Erik Krogh Kristensen
5d1c41c269
Merge branch 'main' into pyMaD
2022-05-17 12:23:03 +02:00
Alex Ford
da135448a2
python: update tests for CryptographicOperation#getBlockMode
2022-05-13 16:32:36 +01:00
Nick Rolfe
2efa38aaa6
Python: fix typos in comments
2022-05-12 16:02:20 +01:00
Erik Krogh Kristensen
31e9876de7
Merge branch 'main' into pyMaD
2022-05-12 14:43:16 +02:00
Rasmus Wriedt Larsen
795adf0566
Python: Fix API::moduleImport("foo.bar")
2022-05-12 13:33:00 +02:00
Rasmus Wriedt Larsen
cff950f5f7
Python: Fix select of py/insecure-cookie
2022-05-11 14:06:30 +02:00
Rasmus Wriedt Larsen
0956d506de
Python: Actually promote py/pam-auth-bypass
...
🤦
2022-05-11 13:44:47 +02:00
