hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-24 00:16:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,500 Commits 1,714 Branches 163 Tags
9f590dbf2d3ed436bbdd24e475ae129fb0c5ff47
Commit Graph

3786 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
9f590dbf2d Python: Fix .expected 
After we now model `db.text()` calls from Flask-SQLAlchemy
 2021-09-02 16:04:25 +02:00
Rasmus Wriedt Larsen
414bf12f86 Python: Fix DefaultTextClauseConstruction 2021-09-02 16:03:25 +02:00
Rasmus Wriedt Larsen
88c6d4bb20 Python: Fix .qhelp 2021-09-02 16:02:04 +02:00
Rasmus Wriedt Larsen
d55f18f8e3 Python: Add modeling of Flask-SQLAlchemy 2021-09-02 10:48:24 +02:00
Rasmus Wriedt Larsen
f1744890b1 Python: Add tests for Flask-SQLAlchemy 2021-09-02 10:48:15 +02:00
Rasmus Wriedt Larsen
c34d6d1162 Python: Add query to handle SQLAlchemy TextClause Injection 
instead of doing this via taint-steps. See description in code/tests.
 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
81dbe36e99 Python: Promote SQLAlchemy modeling 
Due to the split between `src/` and `lib/`, I was not really able to do
the next step without having moved the SQLAlchemy modeling over to be in
`lib/` as well.
 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
ba99e21875 Python: Remove modeling of sqlescapy PyPI package 
I've never seen this being used in real code, and this library doesn't
have a lot of traction, so I would rather not commit to supporting it
(which includes verifying that it actually makes things safe).

Personally I don't think this is the right approach for avoiding SQL
injection either.
 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
91442e100c Python: Model sessionmaker().begin() 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
feb2303e1f Python: Model the underlying DB-API connection 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
1ab04a7276 Python: Model Connection.execution_options 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
2acf518037 Python: Model exec_driver_sql 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
fe143c7dfa Python: Rewrite most of SQLAlchemy modeling 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
b39bb24fcf Python: Add more SQLAlchemy tests 2021-09-02 10:19:57 +02:00
Erik Krogh Kristensen
0cc19d914e use toUnicode in ReDoSUtil.qll 2021-08-25 22:21:43 +02:00
Andrew Eisenberg
3660c64328 Packaging: Rafactor Python core libraries 
Extract the external facing `qll` files into the codeql/python-all
query pack.
 2021-08-24 13:23:45 -07:00
yoff
2f5ed03798 Merge pull request #6323 from RasmusWL/sec-test-layout 
Python: Restructure security tests to contain query name
 2021-08-24 16:50:08 +02:00
Rasmus Wriedt Larsen
ca341bde08 Merge pull request #5612 from jty-team/jty/python/nosqlInjection 
Python: CWE-943 - Add NoSQL injection query
 2021-08-24 11:29:25 +02:00
Erik Krogh Kristensen
38477d7d2e Merge pull request #6462 from erik-krogh/repeat 
JS: support more regular expressions in js/incomplete-multi-character-sanitization
 2021-08-23 15:39:31 +02:00
yoff
0c0f335b1c Merge pull request #6508 from github/RasmusWL-patch-1 
Python: Update comment for RegExpTreeView isExcluded
 2021-08-23 15:07:29 +02:00
yoff
467aa647da Merge pull request #6507 from tausbn/python-prevent-polynomial-redos-explosion 
Python: Prevent explosion in poly-ReDoS query
 2021-08-23 11:48:14 +02:00
Taus
021e5ff510 Python: Autoformat 2021-08-18 14:27:54 +00:00
Rasmus Wriedt Larsen
60eb81106a Python: Update comment for RegExpTreeView isExcluded 
I noticed after reading https://github.com/github/codeql/pull/6507, but didn't want to overload that PR.
 2021-08-18 16:16:26 +02:00
Taus
af91a2df00 Python: Prevent explosion in poly-ReDoS query 
I consider this to be a short-term solution to the performance problems
we identified. The choice of "at most ten occurrences of `.*`" is
somewhat arbitrary, and it's possible a higher limit would work just as
well.
 2021-08-18 13:21:46 +00:00
Andrew Eisenberg
03d6b15401 Merge branch 'main' into aeisenberg/pack/cpp 2021-08-17 15:28:47 -07:00
Rasmus Wriedt Larsen
3231ae77ef Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-08-17 15:17:10 +02:00
Erik Krogh Kristensen
3f7f5d2418 performance improvements in ReDoSUtil 2021-08-17 15:10:33 +02:00
Erik Krogh Kristensen
49e47641e4 sync ReDoSUtil.qll with python 2021-08-17 15:10:33 +02:00
Rasmus Wriedt Larsen
15d483d56c Python: Use TypeTrackingNode in new PEP249 modeling 2021-08-17 12:03:40 +02:00
Rasmus Wriedt Larsen
b649f5f38c Merge branch 'main' into peewee-modeling 2021-08-17 12:03:18 +02:00
Andrew Eisenberg
e566fb9c5a Packaging: Update suite-helpers qlpack 
Uses new style naming scheme.
 2021-08-16 17:51:33 -07:00
Erik Krogh Kristensen
46959234b7 Merge pull request #6288 from erik-krogh/emptyRedos 
JS/Python: Fix FP in redos related to empty lookaheads
 2021-08-16 13:48:22 +02:00
Erik Krogh Kristensen
e962a7c77c Update python/ql/src/semmle/python/RegexTreeView.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-08-16 11:24:05 +02:00
jorgectf
e6ce10b5c5 Merge remote-tracking branch 'origin/main' into jty/python/nosqlInjection 2021-08-10 20:01:08 +02:00
Tom Hvitved
ea6d51f123 Python: Avoid bad join in AstExtended::AstNode::containsInScope 2021-08-09 11:20:57 +02:00
Taus
74f1992aaf Merge pull request #6352 from tausbn/mergeback-rc/3.2-to-main 
Mergeback `rc/3.2` to `main`
 2021-07-22 19:58:29 +02:00
Rasmus Wriedt Larsen
42a997cbcb Python: Fix deprecation warning 2021-07-22 15:59:13 +02:00
Rasmus Wriedt Larsen
71e6db8a01 Merge branch 'main' into jorgectf/python/ldapimproperauth 2021-07-22 15:57:43 +02:00
Taus
6ea8ef5d16 Merge branch 'rc/3.2' into mergeback-rc/3.2-to-main 2021-07-22 13:52:56 +00:00
Rasmus Wriedt Larsen
802d9bda83 Merge pull request #5680 from mrthankyou/python-use-sqlalchemy 
Python: Add SqlAlchemy model
 2021-07-22 15:31:39 +02:00
Taus
badf6311c9 Python: Remove flow between globals... 
... in a local scope. Or rather, remove these from the `hasLocalSource`
relation.

This prevents a quadratic blowup when the same global is mentioned
_a lot_ of times within a single function scope.
 2021-07-22 13:10:40 +00:00
Taus
ed794f42b5 Python: Soft revert TypeTrackingNode 
Temporarily instates `TypeTrackingNode` as an alias of `LocalSourceNode`
as having it as a separate class lead to performance regressions.

In the hopes that this will be resolved in the near future, I have left
the current `TypeTrackingNode` implementation in situ, but hidden inside
a `FutureWork` private module.
 2021-07-22 13:10:07 +00:00
Mathias Vorreiter Pedersen
e34261accf Merge branch 'rc/3.2' into mergeback-2021-07-22 2021-07-22 14:40:22 +02:00
Taus
e9a4114c04 Python: Hotfix: Disable ReDoS queries 2021-07-22 10:58:49 +00:00
Sam Havron
733e5b45bf Fix qhelp typo in RequestWithoutValidation 2021-07-19 16:01:06 -04:00
Rasmus Wriedt Larsen
5249591747 Python: Fix test folder for InsecureProtocol 2021-07-19 16:57:00 +02:00
Rasmus Wriedt Larsen
5939128a76 Python: Fix test folder for InsecureDefaultProtocol 
it was named wrong before. whoops.
 2021-07-19 16:56:07 +02:00
Rasmus Wriedt Larsen
77021ae119 Python: Restructure security tests to contain query name 
We were mixing between things, so this is just to keep things
consistent. Even though it's not strictly needed for all queries,
it does look nice I think
 2021-07-19 16:54:34 +02:00
Rasmus Wriedt Larsen
da021feb8b Python: Move py/incomplete-hostname-regexp tests to own folder 2021-07-19 16:48:21 +02:00
Rasmus Wriedt Larsen
7939a1372e Python: Move Jinja2WithoutEscaping tests to own folder 2021-07-19 16:44:41 +02:00