hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-19 00:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
59,433 Commits 1,693 Branches 160 Tags
8768eb64e6319fc189f7a9fedf42767cb59ce3dd
Commit Graph

1367 Commits

Author SHA1 Message Date
amammad
609bb762fe fix a bug,modularize 2023-10-11 12:04:11 +02:00
amammad
90017712a6 Merge remote-tracking branch 'origin/main' into amammad-ruby-bombs 2023-10-11 10:45:16 +02:00
Tom Hvitved
c570083163 Ruby: Improve performance of flow through (hash) splats 2023-09-27 11:49:31 +02:00
Harry Maclean
dc2acf5a39 Merge pull request #14090 from hmac/splat-flow-4 
Ruby: More splat flow (alternative)
 2023-09-27 10:22:57 +01:00
Tom Hvitved
97ed5b8afb Ruby: Improvments to splat flow 
- Only step through a `SynthSplatParameterElementNode` when there is a splat parameter
  at index > 0.
- Model read+stores via `SynthSplatArgumentElementNode` as a single read-store
  step in type tracking.
 2023-09-14 09:26:42 +01:00
Harry Maclean
bf51cbad88 Ruby: Update test fixture 2023-09-14 09:26:38 +01:00
Tom Hvitved
e11a4b63e9 Ruby: Remove SynthSplatArgParameterNode 2023-09-14 09:26:38 +01:00
Harry Maclean
5a6a52b767 Ruby: Use fewer SynthSplatArgumentElementNodes 
In cases such as

    def f(x, *y); end

    f(*[1, 2])

we don't need any `SynthSplatArgumentElementNodes`. We get flow from the
splat argument to a `SynthSplatParameterNode` via `parameterMatch`, then
from element 0 of the synth splat to the positional param `x` via a
read step.

We add a read step from element 1 to `SynthSplatParameterElementNode(1)`.
From there we get flow to element 0 of `*y` via an existing store step.
 2023-09-14 09:26:38 +01:00
Harry Maclean
4c1beea465 Ruby: Address review comments 2023-09-14 09:26:33 +01:00
Harry Maclean
3c8683428b Ruby: Model more splat flow (alternative approach) 2023-09-14 08:55:59 +01:00
Harry Maclean
ef63ea8399 Ruby: Update fixture 2023-09-14 08:54:48 +01:00
Harry Maclean
7ebd51163e Ruby: Handle more splat arg flow 
Allow flow from a splat argument to a positional parameter in cases
where there are positional arguments left of the splat. For example:

    def foo(x, y, z); end

    foo(1, *[2, 3])
 2023-09-14 08:54:48 +01:00
Tom Hvitved
e258324960 Ruby: Allow for implicit array reads at all sinks during taint tracking 2023-09-14 09:40:05 +02:00
Alex Ford
79c305c1a1 Merge pull request #14124 from alexrford/rb/dataflow-query-refactor 
Ruby: Use the new dataflow API for checked in queries
 2023-09-13 14:24:47 +01:00
Alex Ford
5b013dd5d2 Merge branch 'main' into rb/dataflow-query-refactor 2023-09-07 14:57:38 +01:00
amammad
4191b07b1f Merge branch 'github:main' into amammad-ruby-bombs 2023-09-06 20:17:49 +10:00
Tom Hvitved
48e2dcfa35 Ruby: Reimplement flow through captured variables using field flow 2023-09-06 11:00:55 +02:00
Tom Hvitved
5d1c399371 Ruby: Add more data-flow tests for captured variables 2023-09-06 10:34:34 +02:00
Tom Hvitved
a2912cd72b Ruby: Use proper PathGraph module in inline flow tests 
Gets rid of
```
PathNode is incompatible with PathNode (the type of the edge relation).
```
warnings.
 2023-09-04 20:27:34 +02:00
Alex Ford
cdc788b162 Ruby: configsig rb/hardcoded-credentials 2023-09-03 17:20:06 +01:00
Alex Ford
b6d12f8b1c Ruby: configsig rb/zip-slip 2023-09-03 17:20:05 +01:00
Alex Ford
42cd58695d Ruby: configsig rb/url-redirection 2023-09-03 17:20:05 +01:00
Alex Ford
593d9a48d4 Ruby: configsig rb/reflected-xss 2023-09-03 17:20:05 +01:00
Alex Ford
a8ad0d8ff5 Ruby: renames for rb/insecure-download 2023-09-03 17:20:04 +01:00
Tom Hvitved
89e9d25f02 Ruby: Hide desugared assignments from data flow path graph 2023-08-31 14:04:57 +02:00
Tom Hvitved
7e77c77d92 Ruby: Update expected test output 2023-08-30 13:33:48 +02:00
Jeroen Ketema
0d1fd88729 Merge pull request #14050 from jketema/inline-6 
Consolidate all `InlineFlowTest` libraries in the dataflow qlpack
 2023-08-29 09:30:35 +02:00
Alex Ford
9957e2683b Merge pull request #13313 from maikypedia/maikypedia/ldap-improper-auth 
Ruby: Add Improper LDAP Authentication query (CWE-287)
 2023-08-25 20:52:34 +01:00
Maiky
ffd618d6cc Revert "Add "" and nil as sources" 
This reverts commit 664c1eba72.
 2023-08-25 15:23:55 +02:00
Jeroen Ketema
9d573e5544 Consolidate all InlineFlowTest libraries in the dataflow qlpack 2023-08-24 21:38:46 +02:00
Harry Maclean
54c2221f35 Merge pull request #14033 from hmac/excon-bugfix 
Ruby: Fix bug in excon model
 2023-08-23 14:24:53 +01:00
Harry Maclean
d18ca3f5d7 Ruby: Fix bug in excon model 
If a codebase included a definition for `Excon.new`, we matched
connection nodes to unrelated request nodes.
 2023-08-23 12:55:36 +01:00
Harry Maclean
842da58269 Ruby: Update test fixture 2023-08-23 09:59:04 +01:00
Harry Maclean
fb4b774c0d Merge pull request #13967 from hmac/remove-splat-all 
Ruby: Remove isSplatAll
 2023-08-23 09:40:06 +01:00
Maiky
664c1eba72 Add "" and nil as sources 2023-08-22 18:10:33 +02:00
Harry Maclean
414ae76ae1 Ruby: Add another splat flow test 2023-08-21 16:21:55 +01:00
Harry Maclean
c615f183c1 Ruby: Add test for spurious splat flow 
We don't yet properly model splat flow when a positional argument
follows a splat argument.
 2023-08-21 16:11:10 +01:00
Tom Hvitved
deaa37d9d3 Ruby: Include more (hash)splat flow in type tracking 2023-08-18 14:07:12 +02:00
Tom Hvitved
da05e3e0e8 Ruby: Add more type tracking tests 2023-08-18 13:51:29 +02:00
Harry Maclean
222aa41bbf Merge pull request #13938 from hmac/splat-flow-2 
Ruby: More precise flow into splat parameters
 2023-08-18 12:07:58 +01:00
Tom Hvitved
44b734e120 Merge pull request #13955 from hvitved/ruby/type-tracking-capture-insensitive 
Ruby: Make type tracking flow-insensitive for captured variables
 2023-08-15 11:42:41 +02:00
Erik Krogh Kristensen
6a3b9e10eb Merge pull request #13914 from erik-krogh/escape-unicode 
ReDoS: escape unicode chars in the output for the ReDoS queries
 2023-08-15 11:21:21 +02:00
Tom Hvitved
061575ff77 Merge pull request #13937 from hvitved/ruby/for-loop-desugar 
Ruby: Improve desugaring of `for` loops
 2023-08-14 20:12:12 +02:00
Tom Hvitved
e96cbeb00a Ruby: Adjust locations of synthesized nodes 2023-08-14 14:37:47 +02:00
Tom Hvitved
c084a9b27a Ruby: Make type tracking flow-insensitive for captured variables 2023-08-14 13:44:37 +02:00
Harry Maclean
6011d26823 Ruby: Restrict parameter nodes 2023-08-11 15:14:32 +01:00
Tom Hvitved
e39fb093e9 Merge pull request #13945 from hvitved/ruby/destruct-param-test 
Ruby: Add test for documenting missing flow through destructured parameters
 2023-08-11 15:11:39 +02:00
Tom Hvitved
b28f60ccd2 Ruby: Add test for documenting missing flow through destructured parameters 2023-08-10 20:22:11 +02:00
Tom Hvitved
f19232f800 Ruby: Fix another bug in isCapturedAccess 2023-08-10 14:02:58 +02:00
Tom Hvitved
77fca277fe Ruby: Improve desugaring of for loops 2023-08-10 13:22:01 +02:00