hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 23:26:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
58,454 Commits 1,703 Branches 162 Tags
9b73bbfc31cab1c8d605a151a6d3449bd9d98568
Commit Graph

58454 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
9b73bbfc31 Python: Add keyword argument support 
and a fair bit of refactoring
 2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
d6d13f84a9 Python: -> NoSQL in QLDocs 2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
3676262313 Python: Clean trailing whitespace 2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
d7ad5a0f23 Python: List NoSQL injection sinks 2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
16e1a00e88 Python: NoSQLInjection -> NoSqlInjection 2023-09-29 13:52:51 +02:00
Rasmus Lerchedahl Petersen
97696680e6 Python: require dict sinks be dangerous. 2023-09-29 13:45:23 +02:00
Rasmus Lerchedahl Petersen
f3a01612e8 Python: rename flow states 
Close to being a revert of
3043633d9c
but with slightly shorter names and added comments.
 2023-09-29 13:23:36 +02:00
Rasmus Lerchedahl Petersen
e1708054a4 Python: fix QL alert 2023-09-29 12:06:51 +02:00
Rasmus Lerchedahl Petersen
2d845e3e55 Python: nicer paths 
turn "the long jump" that would end up
straight at the argument into a short jump
that ends up at the dictionary being written to.
Dataflow takes care of the rest of the path.
 2023-09-29 12:02:16 +02:00
Rasmus Lerchedahl Petersen
74d6f37467 Python: update meta query TaintSinks 2023-09-29 12:02:16 +02:00
yoff
2e028a41ee Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-09-29 11:32:51 +02:00
Rasmus Lerchedahl Petersen
3043633d9c Python: Some renaming of flow states 2023-09-28 14:24:49 +02:00
Rasmus Lerchedahl Petersen
d5b64c5ff2 Python: update test expectations 2023-09-28 14:20:30 +02:00
Rasmus Lerchedahl Petersen
a8e0023f39 Python: forgot to list framework 2023-09-28 13:42:33 +02:00
Rasmus Lerchedahl Petersen
2a7b593285 Python: Fix QL alerts 2023-09-28 13:35:29 +02:00
Rasmus Lerchedahl Petersen
eb1be08bce Python: split modelling 2023-09-28 12:54:06 +02:00
Rasmus Lerchedahl Petersen
2a739b3b7a Python: rename module 2023-09-28 12:54:05 +02:00
Rasmus Lerchedahl Petersen
9682c8218a Python: rename file 2023-09-28 12:54:05 +02:00
yoff
c2b63830f1 Apply suggestions from code review 
Claim conversions do not execute inputs in order to remove interaction with `py/unsafe-deserialization`.

Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-09-28 12:40:37 +02:00
Rasmus Lerchedahl Petersen
d90630aa66 Python: fix query file 2023-09-28 12:34:10 +02:00
Rasmus Lerchedahl Petersen
3fb579eaff Python: add test for type tracking 2023-09-28 12:14:12 +02:00
Rasmus Lerchedahl Petersen
37a4f35650 Python: further rename 2023-09-28 11:49:42 +02:00
yoff
8156fa9a4d Apply naming suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-09-28 11:47:10 +02:00
Rasmus Lerchedahl Petersen
12dab88ec7 Python: rename concept 
`NoSqlQuery` -> `NoSqlExecution`
 2023-09-20 15:49:35 +02:00
Rasmus Lerchedahl Petersen
4ec8b3f02f Python: Model map_reduce 2023-09-20 15:44:12 +02:00
Rasmus Lerchedahl Petersen
7c085ecc61 Python: Add test for map_reduce 
Also log requirement for old versions of `pymongo`
 2023-09-20 15:23:18 +02:00
Rasmus Lerchedahl Petersen
30c37ca8cb Python: model §accumulator 
also slightly rearrange the modelling
 2023-09-19 22:21:14 +02:00
Rasmus Lerchedahl Petersen
5611bda7ee Python: add test for $accumulator 2023-09-19 17:04:28 +02:00
Rasmus Lerchedahl Petersen
4614b1ae9c Python: add change note 2023-09-18 14:34:03 +02:00
Rasmus Lerchedahl Petersen
a063d7d510 Python: sinks -> decodings 
Query operators that interpret JavaScript
are no longer considered sinks.
Instead they are considered decodings
and the output is the tainted dictionary.
The state changes to `DictInput` to reflect
that the user now controls a dangerous dictionary.

This fixes the spurious result and moves the error reporting
to a more logical place.
 2023-09-11 16:33:20 +02:00
Rasmus Lerchedahl Petersen
d9f63e1ed3 Python: Split modelling of query operators 
`$where` and `$function` behave quite differently.
 2023-09-11 15:54:00 +02:00
Rasmus Lerchedahl Petersen
154a36934d Python: Add test for function 2023-09-11 14:49:03 +02:00
Rasmus Lerchedahl Petersen
d91cd21204 Python: rename file 2023-09-08 13:37:54 +02:00
Rasmus Lerchedahl Petersen
b07d085157 Python: make test PoC a proper package 2023-09-07 15:04:27 +02:00
Rasmus Lerchedahl Petersen
970e881697 Python: Follow naming convention 2023-09-07 15:03:51 +02:00
Rasmus Lerchedahl Petersen
f253f9797f Python: update test expectations 2023-09-07 10:22:37 +02:00
Rasmus Lerchedahl Petersen
7edebbeaff Python: Add QLDocs 2023-09-07 10:22:37 +02:00
Rasmus Lerchedahl Petersen
c0b3245a53 Python: Enrich the NoSql concept 
This allows us to make more precise modelling
The query tests now pass.
I do wonder, if there is a cleaner approach, similar to
`TaintedObject` in JavaScript. I want the option to
get this query in the hands of the custumors before
such an investigation, though.
 2023-09-07 10:22:37 +02:00
Rasmus Lerchedahl Petersen
114984bd8c Python: Added tests based on security analysis 
currently we do not:
- recognize the pattern
   `{'author': {"$eq": author}}` as protected
- recognize arguements to `$where` (and friends)
   as vulnerable
 2023-09-07 10:22:37 +02:00
Rasmus Lerchedahl Petersen
bf8bfd91cd Python: Add inline query test 2023-09-07 10:22:30 +02:00
Rasmus Lerchedahl Petersen
19046ea417 Python: more renames 2023-09-07 09:28:30 +02:00
Rasmus Lerchedahl Petersen
087961d179 Python: Refactor to allow customizations 
Also use new DataFlow API
 2023-09-07 09:28:30 +02:00
Rasmus Lerchedahl Petersen
db0459739f Python: rename file 2023-09-07 09:28:30 +02:00
Rasmus Lerchedahl Petersen
55707d395e Python: Make things compile in their new location 
- Move NoSQL concepts to the non-experimental concepts file
- fix references
 2023-09-07 09:28:30 +02:00
Rasmus Lerchedahl Petersen
60dc1afbc0 Python: prepare to promote NoSqlInjection 
Mostly move files, preserving authourship.
This will not compile.
 2023-09-07 09:28:29 +02:00
Tom Hvitved
334502a3de Merge pull request #14153 from github/revert-14082-csharp/bump-dependencies 
Revert "C#: Bump all dependencies"
 2023-09-06 21:10:56 +02:00
Mathias Vorreiter Pedersen
12a717e3af Merge pull request #14141 from github/alexdenisov/unresolved-ast-nodes 
Swift: add queries for unresolved AST nodes
 2023-09-06 15:40:11 +01:00
Tom Hvitved
6e0ff56788 Revert "C#: Bump all dependencies" 2023-09-06 16:23:38 +02:00
Michael Nebel
a8e427ffe1 Merge pull request #14097 from michaelnebel/csharp/extractorerrormessages 
C#: Update extractor_messages relation schema.
 2023-09-06 14:01:36 +02:00
Cornelius Riemenschneider
76f1c7a4cd Merge pull request #14137 from github/dependabot/github_actions/actions/checkout-4 
Bump actions/checkout from 2 to 4
 2023-09-06 13:13:30 +02:00