hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-19 09:24:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
45,354 Commits 1,679 Branches 158 Tags
8a3e255e125d866ca0a72c8737fb467facfebfdd
Commit Graph

45354 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
erik-krogh
8a3e255e12 remove FPs in rb/stored-xss from spurious sources 2022-10-18 11:07:48 +02:00
erik-krogh
e47e20c5e7 remove use of HtmlSafeCall from tests 2022-10-18 10:43:24 +02:00
erik-krogh
5a98f66bef simplify the modeling of html_safe. Any call to html_safe is now considered an XSS sink 2022-10-18 10:43:22 +02:00
Tom Hvitved
19bcd287cb Merge pull request #10867 from hvitved/ruby/orm-tracking-redundant-additional-step 
Ruby: Remove redundant additional flow step from `OrmTracking::Configuration`
 2022-10-18 10:03:51 +02:00
Tom Hvitved
d362296f1c Merge pull request #10864 from hvitved/ruby/get-a-barrier-node-join-fix 
Ruby: Fix bad join-order in `BarrierGuard::getABarrierNode`
 2022-10-18 10:03:02 +02:00
Tom Hvitved
1266d248ed Ruby: Remove redundant additional flow step from OrmTracking::Configuration 2022-10-18 09:33:29 +02:00
Tamás Vajk
543e2f5aab Merge pull request #10678 from tamasvajk/kotlin-type-param-modifiers 
Kotlin: Extract type parameter modifiers (`reified`, `in`, `out`)
 2022-10-18 09:10:57 +02:00
Tom Hvitved
6c765a95ff Ruby: Fix bad join-order in BarrierGuard::getABarrierNode 
Before
```
Evaluated relational algebra for predicate XSS#e59174e9::Shared::Sanitizer#class#f@6c9d334e with tuple counts:
                 0   ~0%    {1} r1 = JOIN ActionView#3462bac2::RailsHtmlEscaping#f WITH project#DataFlowPublic#e1781e31::CallNode::getArgument#1#dispred#fff#3 ON FIRST 1 OUTPUT Lhs.0

            554860   ~0%    {2} r2 = JOIN SsaImpl#ff97b16a::Cached::getARead#1#ff_10#join_rhs WITH DataFlowPrivate#462ff392::Cached::TExprNode#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1

                 1   ~0%    {1} r3 = JOIN r2 WITH DataFlowPublic#e1781e31::BarrierGuard#BarrierGuards#2462899b::stringConstArrayInclusionCall#::getAMaybeGuardedCapturedDef#0#f ON FIRST 1 OUTPUT Lhs.1

                 1   ~0%    {1} r4 = r1 UNION r3

                 7   ~0%    {1} r5 = JOIN r2 WITH DataFlowPublic#e1781e31::BarrierGuard#BarrierGuards#2462899b::stringConstCompare#::getAMaybeGuardedCapturedDef#0#f ON FIRST 1 OUTPUT Lhs.1

           3045081   ~1%    {3} r6 = JOIN DataFlowPrivate#462ff392::Cached::TExprNode#ff_10#join_rhs WITH DataFlowPrivate#462ff392::Cached::TExprNode#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Rhs.1
           3045081   ~1%    {3} r7 = JOIN r6 WITH ControlFlowGraph#46cebcbd::CfgNode::getBasicBlock#0#dispred#ff ON FIRST 1 OUTPUT Lhs.2, Lhs.1, Rhs.1
            554860   ~1%    {3} r8 = JOIN r7 WITH SsaImpl#ff97b16a::Cached::getARead#1#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2
        1462917146   ~0%    {3} r9 = JOIN r8 WITH SsaImpl#ff97b16a::Cached::getARead#1#ff ON FIRST 1 OUTPUT Lhs.2, Lhs.1, Rhs.1
           5082692   ~1%    {4} r10 = JOIN r9 WITH DataFlowPublic#e1781e31::guardControlsBlock#3#fff_102#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Rhs.2, Lhs.1

                33   ~0%    {1} r11 = JOIN r10 WITH BarrierGuards#2462899b::stringConstArrayInclusionCall#3#fff ON FIRST 3 OUTPUT Lhs.3

                57   ~0%    {1} r12 = JOIN r10 WITH BarrierGuards#2462899b::stringConstCompare#3#fff ON FIRST 3 OUTPUT Lhs.3

                90   ~0%    {1} r13 = r11 UNION r12
                97   ~0%    {1} r14 = r5 UNION r13
                98   ~0%    {1} r15 = r4 UNION r14
                            return r15
```

After
```
[2022-10-17 20:35:01] Evaluated non-recursive predicate XSS#e59174e9::Shared::Sanitizer#class#f@487a64ar in 65ms (size: 98).
Evaluated relational algebra for predicate XSS#e59174e9::Shared::Sanitizer#class#f@487a64ar with tuple counts:
             0   ~0%    {1} r1 = JOIN ActionView#3462bac2::RailsHtmlEscaping#f WITH project#DataFlowPublic#e1781e31::CallNode::getArgument#1#dispred#fff#3 ON FIRST 1 OUTPUT Lhs.0

            33   ~0%    {1} r2 = JOIN DataFlowPublic#e1781e31::BarrierGuard#BarrierGuards#2462899b::stringConstArrayInclusionCall#::guardChecksSsaDef#3#fff WITH DataFlowPublic#e1781e31::BarrierGuard#BarrierGuards#2462899b::stringConstArrayInclusionCall#::guardControlsSsaDef#4#ffff ON FIRST 3 OUTPUT Rhs.3

            33   ~0%    {1} r3 = r1 UNION r2

            57   ~1%    {1} r4 = JOIN DataFlowPublic#e1781e31::BarrierGuard#BarrierGuards#2462899b::stringConstCompare#::guardChecksSsaDef#3#fff WITH DataFlowPublic#e1781e31::BarrierGuard#BarrierGuards#2462899b::stringConstArrayInclusionCall#::guardControlsSsaDef#4#ffff ON FIRST 3 OUTPUT Rhs.3

        554860   ~0%    {2} r5 = JOIN SsaImpl#ff97b16a::Cached::getARead#1#ff_10#join_rhs WITH DataFlowPrivate#462ff392::Cached::TExprNode#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1

             1   ~0%    {1} r6 = JOIN r5 WITH DataFlowPublic#e1781e31::BarrierGuard#BarrierGuards#2462899b::stringConstArrayInclusionCall#::getAMaybeGuardedCapturedDef#0#f ON FIRST 1 OUTPUT Lhs.1

             7   ~0%    {1} r7 = JOIN r5 WITH DataFlowPublic#e1781e31::BarrierGuard#BarrierGuards#2462899b::stringConstCompare#::getAMaybeGuardedCapturedDef#0#f ON FIRST 1 OUTPUT Lhs.1

             8   ~0%    {1} r8 = r6 UNION r7
            65   ~2%    {1} r9 = r4 UNION r8
            98   ~1%    {1} r10 = r3 UNION r9
                        return r10
```
 2022-10-17 20:39:30 +02:00
Geoffrey White
040d72e7f1 Merge pull request #10857 from geoffw0/locationstring 
Swift: Give Location a useful toString
 2022-10-17 18:10:51 +01:00
Paolo Tranquilli
3a99b9845e Merge pull request #10856 from github/redsun82/swift-show-ql-class-in-collapsed-hierarchy-tests 
Swift: show QL class in generated tests on collapsed hierarchies
 2022-10-17 16:38:24 +02:00
Chris Smowton
eb97735568 Merge pull request #10797 from smowton/smowton/fix/byte-short-inversion 
Kotlin: fix bit-inversion operator for Byte and Short types
 2022-10-17 15:05:57 +01:00
Chris Smowton
e1c93c9284 Merge pull request #10816 from smowton/smowton/fix/kotlin-adapted-function-references 
Kotlin: extract function references using compiler-generated adapters
 2022-10-17 15:05:16 +01:00
Geoffrey White
dcf254a9e3 Swift: Make QL-for-QL happy. 2022-10-17 14:23:28 +01:00
Taus
f5b2eb94a6 Merge pull request #10783 from yoff/python/subscript-nodes 
Python: API graph improvements for subscripts
 2022-10-17 15:21:56 +02:00
Geoffrey White
0281bfedda Merge pull request #10689 from d10c/swift/cleartext-storage-nsuserdefaults 
Swift: Query for CWE-312: Exposure of sensitive information using NSUserDefaults
 2022-10-17 14:05:17 +01:00
Geoffrey White
13f9834fde Merge pull request #10780 from karimhamdanali/swift-hardcoded-key 
Swift: detect hardcoded encryption keys
 2022-10-17 14:02:31 +01:00
Arthur Baars
7af4c08055 Merge pull request #10803 from hmac/actiondispatch-response 
Ruby: Model ActionDispatch::Response
 2022-10-17 14:51:25 +02:00
Geoffrey White
85e164d4f6 Swift: QLDoc some stuff while we're here. 2022-10-17 13:22:44 +01:00
Geoffrey White
3b9151cb24 Swift: Restore UnknownLocation.toString(), it seems helpful. 2022-10-17 13:11:22 +01:00
Paolo Tranquilli
e49268d036 Swift: show QL class in generated tests on collapsed hierarchies 
In those kinds of tests the results may have different final classes
that are not necessarily visible (or tested) solely through the string
representation. For better testing and reading of expected results,
`getQlPrimaryClasses` is added in these cases.
 2022-10-17 14:08:04 +02:00
Geoffrey White
9c8bbe384b Swift: Add Location.toString. 2022-10-17 12:48:17 +01:00
Paolo Tranquilli
c3968a2166 Merge pull request #10854 from github/redsun82/swift-extract-implicit-conversions 
Swift: extract all `ImplicitConversionExpr`
 2022-10-17 13:46:10 +02:00
Geoffrey White
4d0c23c4da Swift: Add a test of Location.qll. 2022-10-17 12:45:26 +01:00
Chris Smowton
efd7b6e692 Use isFunction 2022-10-17 12:27:58 +01:00
Arthur Baars
f7ff2cdc0d Merge branch 'main' into actiondispatch-response 2022-10-17 13:22:17 +02:00
Paolo Tranquilli
789be9a1ad Swift: add ImplicitConversionExpr test 2022-10-17 12:57:44 +02:00
Karim Ali
bbc03a1578 add false negatives to the test case 2022-10-17 12:54:34 +02:00
Karim Ali
bb3bf64364 update example with both AES and Blowfish for better clarity 2022-10-17 12:54:34 +02:00
Karim Ali
b840a41222 fix typo in doc 2022-10-17 12:54:34 +02:00
Karim Ali
e942cfb98e fix typos in docs and in-code comments 2022-10-17 12:54:34 +02:00
Karim Ali
aef9645bd6 change use of toString() to getName() 2022-10-17 12:54:34 +02:00
Karim Ali
81e027f225 address QLDoc style comments 2022-10-17 12:54:34 +02:00
Karim Ali
d56c82ff75 add a query that detects hardcoded keys 2022-10-17 12:54:34 +02:00
Chris Smowton
be53ec9b42 Accept test changes 2022-10-17 11:48:22 +01:00
Chris Smowton
f9d65e42dd Use compiler-provided adapter functions when creating a function reference 2022-10-17 11:48:21 +01:00
Paolo Tranquilli
e4bcea708e Swift: extract all ImplicitConversionExpr 
In order to do so, `VisitorBase` was changed to allow writing one
`translate` function for an abstract class like
`ImplicitConversionExpr`.
 2022-10-17 12:47:05 +02:00
Chris Smowton
4c63237ed1 Add test checking argument <-> parameter matching, and fix superconstructor calls that were missing their argument. 2022-10-17 11:44:44 +01:00
Chris Smowton
f1fd470f49 Merge pull request #10821 from smowton/smowton/fix/kotlin-property-ref-to-sam-interface 
Kotlin SAM conversion: tolerate property refs used to implement a SAM interface
 2022-10-17 11:25:24 +01:00
Geoffrey White
2b3ab180fa Merge pull request #10077 from intrigus-lgtm/cpp/wexpand-commmand-injection 
Add query for tainted `wordexp` calls.
 2022-10-17 11:18:38 +01:00
Erik Krogh Kristensen
71135da7ff Merge pull request #10768 from erik-krogh/fixFileLoops 
JS: fix that js/file-system-race could have FPs related to loops
 2022-10-17 12:01:55 +02:00
Taus
fa2faeb77b Merge pull request #10802 from jsoref/spelling-python 
Spelling python
 2022-10-17 11:33:27 +02:00
Jeroen Ketema
720efd62b0 Merge pull request #10825 from jsoref/spelling-cpp 
Spelling cpp
 2022-10-17 10:42:53 +02:00
Rasmus Lerchedahl Petersen
2a56fb5a21 python: expand TODO 2022-10-17 10:23:55 +02:00
Rasmus Lerchedahl Petersen
c4271c1125 Python: add TODO comments 2022-10-17 10:22:47 +02:00
Erik Krogh Kristensen
122d188f1d Merge pull request #10832 from erik-krogh/passRb 
RB: add model for the `Digest` and `OpenSSL::Digest` modules
 2022-10-17 10:02:33 +02:00
Tamás Vajk
85fbf4b965 Merge pull request #10767 from tamasvajk/kotlin-prop-ref-fix 
Kotlin: adjust extracted property reference base class
 2022-10-17 09:40:03 +02:00
erik-krogh
191efdf6e0 replace getMethod("new").getReturn() with getInstance() 2022-10-17 09:35:44 +02:00
Anders Schack-Mulligen
6ef5fac239 Merge pull request #10814 from aschackmull/dataflow/synth-global 
Dataflow: Add support for synthetic global fields in MaD.
 2022-10-17 08:34:26 +02:00
Arthur Baars
dbee26ecde Merge pull request #10850 from hmac/fix-self-test 
Ruby: Update test fixture
 2022-10-17 07:23:51 +02:00
Harry Maclean
aa6c433529 Ruby: Update test fixture 
This change is due to a8fdda65fb.
 2022-10-17 09:44:32 +13:00