codeql

mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00

Author	SHA1	Message	Date
Owen Mansel-Chan	87f2cad475	Merge pull request #427 from owen-mc/model-kubernetes-secret Model kubernetes SecretInterface	2020-12-15 17:12:45 +00:00
Chris Smowton	de93b59245	Merge pull request #419 from smowton/smowton/feature/model-beego Model Beego web framework	2020-12-15 16:15:59 +00:00
Owen Mansel-Chan	0980a50627	Remove erroneous import from stub	2020-12-15 16:00:58 +00:00
Owen Mansel-Chan	676ca529b5	Add tests	2020-12-15 16:00:58 +00:00
Owen Mansel-Chan	6ca2e0e38e	Add SecretInterface as source for cleartext logging query	2020-12-15 16:00:58 +00:00
Owen Mansel-Chan	8fd055bc60	Model SecretInterface from k8s.io/client-go/kubernetes/typed/core/v1	2020-12-15 16:00:51 +00:00
Chris Smowton	8e7abbac0a	Model Beego web framework This excludes the ORM, email and validation components, which I will follow up with seperately.	2020-12-15 14:04:36 +00:00
Chris Smowton	8b6f229bd3	SafeUrlFlow: allow libraries to add sources	2020-12-15 14:01:59 +00:00
Sauyon Lee	3617a801db	Merge pull request #429 from sauyon/smowton/admin/refactor-http-module Refactor HTTP module	2020-12-14 09:25:43 -08:00
Jason Rogers	3a83fbd765	Refactor HTTP module This makes it easier to identify related classes and support future expansion.	2020-12-14 07:16:24 -08:00
Owen Mansel-Chan	e4316768ef	Merge pull request #426 from owen-mc/model-k8s-io-apimachinery-pkg-runtime Model k8s.io/apimachinery/pkg/runtime	2020-12-09 09:16:47 +00:00
Owen Mansel-Chan	c17f1618e0	Add change note	2020-12-09 06:45:08 +00:00
Owen Mansel-Chan	4d3eb47784	Fix stubbing Depstubber can only stub one package at a time. We have to do some manual editing to make a stubbed package use another stubbed package.	2020-12-09 06:45:08 +00:00
Owen Mansel-Chan	e5fb401d50	Model runtime	2020-12-09 06:45:08 +00:00
Owen Mansel-Chan	290a4dcdf4	Merge pull request #414 from owen-mc/model-evanphx-json-patch Model evanphx/json-patch	2020-12-08 17:36:10 +00:00
Owen Mansel-Chan	0b50ee7755	Change to Inline Expectations Test	2020-12-08 16:38:13 +00:00
Owen Mansel-Chan	e786fa07ee	Add change note	2020-12-08 16:15:01 +00:00
Owen Mansel-Chan	5ebd637ca7	Model evanphx/json-patch	2020-12-08 16:15:01 +00:00
Chris Smowton	6b8003b0f2	Merge pull request #420 from smowton/smowton/admin/upgrade-codeql-240-and-autoformat Upgrade CI toolchain to CodeQL 2.4.0	2020-12-07 14:16:19 +00:00
Chris Smowton	563f74bd45	Upgrade CI toolchain to CodeQL 2.4.0 Also reformat code (the autoformatter has changed slightly)	2020-12-07 12:35:07 +00:00
Chris Smowton	a794e05c74	Merge pull request #417 from smowton/smowton/fix/reduce-symlink-loop-finding-cost Unsafe-unzip-symlinks: reduce cost of `getAnEnclosingLoop`	2020-12-03 12:21:38 +00:00
Chris Smowton	c1669d732b	Unsafe-unzip-symlinks: reduce cost of `getAnEnclosingLoop` This used to get the closest enclosing loops of all expressions; now it is restricted to those surrounding interesting expressions.	2020-12-02 14:33:38 +00:00
Chris Smowton	f9fc01bd73	Merge pull request #415 from smowton/smowton/feature/errorf-returns-non-nil Note that `fmt.Errorf` returns non-nil	2020-12-01 12:04:23 +00:00
Owen Mansel-Chan	8c33979425	Merge pull request #388 from owen-mc/untrusted-data-flow-to-external-api Untrusted data flow to external API	2020-12-01 11:25:58 +00:00
Chris Smowton	5d17b27770	Note that `fmt.Errorf` returns non-nil This enables recognising more guarding functions that return nil/non-nil conditional on a barrier guard.	2020-11-30 19:10:58 +00:00
Chris Smowton	3338a0b10d	Merge pull request #402 from smowton/smowton/feature/zipslip-more-generous-sanitisers ZipSlip: redefine sources closer to their origin, and make sanitizers more generous	2020-11-27 18:25:07 +00:00
Owen Mansel-Chan	bfbf102408	Remove restriction on void and boolean-returning methods When the taint was in the receiver, we were excluding methods which return nothing or a boolean.	2020-11-27 16:51:24 +00:00
Owen Mansel-Chan	7730d66d76	Apply suggestions from code review Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>	2020-11-27 16:17:54 +00:00
Chris Smowton	70015b2c32	Add tests for zipslip using a utility function to check that the archive header is safe Note this currently contains some cases that are safe but are still flagged, because of weaknesses in the guardingFunction predicate.	2020-11-27 15:11:57 +00:00
Sauyon Lee	627241aaa5	Merge pull request #401 from sauyon/stored-command Add stored command query	2020-11-27 06:37:02 -08:00
Chris Smowton	1eb8fff7e1	ZipSlip: redefine sources closer to their origin, and make sanitizers more generous. Previously we considered certain fields of `tar` or `zip` file headers to be sources, but this meant subsequent references to the same field were not considered sanitized. For example, at least some real-world projects used a pattern like `if isIllegalPathTraversal(hdr.Name) { return nil; } ... /* other code using hdr.Name */`. By associating a source with the field-read `.Name` rather than the header itself, we were unable to see that the subsequent read was guarded by the sanitizer function. Relatedly, it is common to use some intermediary taint-propagating function, as in `clean(s string) { if strings.HasPrefix("..", filepath.Clean(filepath.Join(target, s))) ...`, in the implementation of a sanitizer. We now follow the taint propagation (locally) backwards towards the function parameter, marking the predecessor functions and ultimately the parameter `s` as sanitized in addition to the direct argument to `strings.HasPrefix`. Existing sanitizing-function logic can then sometimes lift this out into the caller too.	2020-11-27 13:57:25 +00:00
Chris Smowton	f775adf306	Merge pull request #404 from smowton/smowton/feature/improved-guarding-function Recognise many more guarding functions	2020-11-27 13:56:31 +00:00
Chris Smowton	c6f14de065	Merge pull request #413 from smowton/smowton/admin/document-cond-root-etc Clarify naming and add documentation around `hasSemantics` and cousins	2020-11-26 16:59:07 +00:00
Owen Mansel-Chan	0ee00d8647	Apply suggestions from code review Co-authored-by: Chris Smowton <smowton@github.com>	2020-11-26 16:49:02 +00:00
Owen Mansel-Chan	bf78189e21	Make two separate queries	2020-11-26 14:59:13 +00:00
Owen Mansel-Chan	dec7967c7a	Update qhelp files	2020-11-26 14:57:56 +00:00
Owen Mansel-Chan	e7697963d3	Exclude local function pointers	2020-11-26 14:57:56 +00:00
Owen Mansel-Chan	05fe388ba3	Mark hashing functions as safe See https://github.com/github/codeql-go-team/issues/219 for issue to model this better	2020-11-26 14:57:55 +00:00
Owen Mansel-Chan	d3bef7fc4f	Model safe external APIs	2020-11-26 14:57:55 +00:00
Owen Mansel-Chan	4184a6ecd8	Add testing frameworks Add "github.com/golang/mock/gomock", several packages under "github.com/stretchr/testify", £gotest.tools/assert", "k8s.io/client-go/testing" and "testing"	2020-11-26 14:57:55 +00:00
Owen Mansel-Chan	410cf49af8	Shorten function using set literal	2020-11-26 14:57:55 +00:00
Owen Mansel-Chan	18c66e84f7	Make more package paths accessible	2020-11-26 14:57:55 +00:00
Owen Mansel-Chan	171e433593	Exclude test files	2020-11-26 14:57:55 +00:00
Owen Mansel-Chan	fe5822ae3a	Exclude functions in packages which have some modeled functions	2020-11-26 14:57:55 +00:00
Owen Mansel-Chan	ff542508aa	Exclude sinks from common queries	2020-11-26 14:57:55 +00:00
Owen Mansel-Chan	b698276e3a	Update function name to give better text output	2020-11-26 14:57:55 +00:00
Owen Mansel-Chan	50a32f47d5	First draft	2020-11-26 14:57:50 +00:00
Chris Smowton	fb814e949d	Clarify naming and add documentation around `hasSemantics` and cousins	2020-11-26 13:34:58 +00:00
Chris Smowton	2377337564	Treat functions that directly return a BarrierGuard like BarrierGuards themselves	2020-11-26 13:27:53 +00:00
Chris Smowton	387a13f22a	Add support for barrier guards in functions that indicate success by returning nil Typically these are returning a nil error when sanitization succeeds.	2020-11-24 12:39:05 +00:00

1 2 3 4 5 ...

1544 Commits