hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,228 Commits 1,693 Branches 161 Tags
78370cf63fa0bf528c3f566654c73bdf25547f1f
Commit Graph

213 Commits

Author SHA1 Message Date
yoff
78370cf63f Update python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll 2021-05-10 14:53:40 +02:00
Jorge
bd4b189373 Polish documentation consistency 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-04-29 16:26:28 +02:00
jorgectf
213d011a8c Edit code example in CompiledRegex 
Signed-off-by: jorgectf <jorgectf@protonmail.com>
 2021-04-29 11:10:03 +02:00
jorgectf
21e01b809f Add code example in CompiledRegex 
Signed-off-by: jorgectf <jorgectf@protonmail.com>
 2021-04-27 19:54:42 +02:00
jorgectf
8a800986a2 Remove unused class variables 
Signed-off-by: jorgectf <jorgectf@protonmail.com>
 2021-04-27 19:54:42 +02:00
Jorge
c0c71c509c Apply suggestions from code review 
Update `RegexExecution` docs and use `flowsTo()` instead of `getALocalSource()`.

Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-04-27 19:54:41 +02:00
jorgectf
3fae3fd93e Take ApiGraphs out of Concepts.qll 2021-04-27 19:54:39 +02:00
jorgectf
ec85ee4537 Sink's predicate typo 2021-04-27 19:54:36 +02:00
jorgectf
03825a6052 Add comment to Sink's predicates 2021-04-27 19:54:36 +02:00
jorgectf
fc27c6c547 Fix RegexExecution ambiguity 2021-04-27 19:54:35 +02:00
jorgectf
3655514924 Fix ambiguity 2021-04-27 19:54:35 +02:00
jorgectf
b6721971dd Improve code comments 2021-04-27 19:54:35 +02:00
jorgectf
f75110365f Fix Sink utilization in select 2021-04-27 19:54:32 +02:00
jorgectf
a5850f4a99 Use getRegexModule to know used lib 2021-04-27 19:54:31 +02:00
jorgectf
e78e2ac266 Get rid of (get)regexMethod 2021-04-27 19:54:30 +02:00
jorgectf
18ce257fc8 Move RegexInjectionSink to query config (qll) 2021-04-27 19:54:29 +02:00
jorgectf
53d61c4fb6 Use custom Sink 2021-04-27 19:54:29 +02:00
jorgectf
36cc7b5e3f Fix CompiledRegex 2021-04-27 19:54:28 +02:00
jorgectf
35f1c45d32 Change from Attribute to DataFlow::CallCfgNode in getRegexMethod() 2021-04-27 19:54:28 +02:00
jorgectf
be09ffec3f Create RegexEscape Range 2021-04-27 19:54:27 +02:00
jorgectf
805f86a5cf Polish RegexEscape 2021-04-27 19:54:26 +02:00
jorgectf
3d990c5950 Get back to ApiGraphs 2021-04-27 19:54:26 +02:00
jorgectf
30554a16da Format 2021-04-27 19:54:24 +02:00
jorgectf
ee1d2b645b Delete DirectRegex and CompiledRegex 2021-04-27 19:54:24 +02:00
jorgectf
ce23db2e9c Move Sanitizer to ReEscapeCall 2021-04-27 19:54:23 +02:00
jorgectf
b5ea41fcca Fix CompiledRegex 2021-04-27 19:54:22 +02:00
jorgectf
28fdeba4fa Structure development 2021-04-27 19:54:20 +02:00
yoff
61cff8faed Update python/ql/src/experimental/semmle/python/Concepts.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-03-24 01:06:03 +01:00
Rasmus Lerchedahl Petersen
198a4ca79b Python: Add files to experimental 2021-03-22 21:42:06 +01:00
Taus Brock-Nannestad
a5121babc8 Python: The one with changes that don't look like renames anymore 2020-11-02 22:19:15 +01:00
Taus Brock-Nannestad
5156bf756d Python: Promote data-flow libraries 
Step 1: Moving stuff around. Also includes a bit of import renaming.
 2020-11-02 22:15:38 +01:00
Taus
25e88ed585 Merge pull request #4588 from yoff/python-pep-249 
Python: Model PEP 249
 2020-11-02 18:57:15 +01:00
yoff
1535ce1f5d Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2020-11-02 18:26:37 +01:00
Rasmus Lerchedahl Petersen
ea74c7f12b Python: add tests 2020-11-02 17:59:51 +01:00
Rasmus Lerchedahl Petersen
cb47b57440 Python: fix typos 2020-11-02 17:22:01 +01:00
yoff
222a2f7f5d Update python/ql/src/experimental/semmle/python/frameworks/PEP249.qll 
Co-authored-by: Taus <tausbn@github.com>
 2020-11-02 17:19:21 +01:00
yoff
ca34219ec5 Update python/ql/src/experimental/semmle/python/frameworks/PEP249.qll 
Co-authored-by: Taus <tausbn@github.com>
 2020-11-02 17:19:10 +01:00
yoff
1c83d67513 Update python/ql/src/experimental/semmle/python/frameworks/PEP249.qll 
Co-authored-by: Taus <tausbn@github.com>
 2020-11-02 17:18:18 +01:00
Rasmus Lerchedahl Petersen
6a81987284 Python: Rename and add docs 2020-11-02 17:17:12 +01:00
Rasmus Lerchedahl Petersen
6d850b2e0c Merge branch 'main' of github.com:github/codeql into python-pep-249 2020-11-02 16:58:31 +01:00
yoff
ac85a77ac5 Update python/ql/src/experimental/semmle/python/Frameworks.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-11-02 16:40:22 +01:00
Rasmus Wriedt Larsen
247fd4f5f3 Python: Make encoding/decoding preserve taint automatically 
With the way we have set things up, there is no way to opt out of this behavior.
 2020-11-02 14:53:30 +01:00
Rasmus Lerchedahl Petersen
36e364d6ef Python: Django use PEP 249 2020-11-02 14:49:34 +01:00
Rasmus Wriedt Larsen
66f5d0d9d5 Python: Model encoding/decoding with base64 module 2020-11-02 14:44:53 +01:00
Rasmus Wriedt Larsen
eff244db71 Python: Add Encoding concept 
I wasn't able to find a good opposite of "parsing", so left that out of the list
of intended purposes.
 2020-11-02 14:19:20 +01:00
Rasmus Lerchedahl Petersen
d35bf8f446 Python: Update comments on PEP 249 module 2020-11-02 11:22:51 +01:00
Rasmus Lerchedahl Petersen
0240670d62 Python: import frameworks 2020-11-01 18:02:36 +01:00
Rasmus Lerchedahl Petersen
babcf7acd9 Python: add two implementations of PEP249 2020-11-01 16:01:05 +01:00
Rasmus Lerchedahl Petersen
ae3227fc33 Python: initial sketch 2020-10-31 00:10:49 +01:00
Rasmus Lerchedahl Petersen
63cbc01c32 Python: Use subclass pattern for Models 2020-10-30 22:29:38 +01:00