hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-05 18:50:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
71,656 Commits 1,676 Branches 157 Tags
a4fe728af2def2d79559dbbba12bc0bfac5fd9a1
Commit Graph

71656 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Napalys
a4fe728af2 Added matchAll test which is not marked as vulnurability by CodeQL 2024-11-07 13:35:09 +01:00
Napalys
514375dbf9 Fixes false positives from commit 42600c93ff 2024-11-07 13:00:54 +01:00
Napalys
42600c93ff Added tests which shows false positive SSRF via matchAll 2024-11-07 11:40:20 +01:00
Napalys
449cee91c8 Fixes false positives from commit 445552d3b53ec9592e8e3892cb337d1004b6a432 2024-11-07 10:33:13 +01:00
Napalys
4106663d89 Added tests for regex sanitization to identify false positives matchAll 2024-11-07 10:27:58 +01:00
Napalys Klicius
5e8b1b061f Update javascript/ql/src/Security/CWE-020/MissingRegExpAnchor.ql 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2024-11-05 10:29:22 +01:00
Napalys Klicius
7825a46085 Merge branch 'github:main' into napalys/matchAll-support 2024-11-05 09:31:30 +01:00
Napalys
b239bfabf1 Added tests forIncompleteHostnameRegExp and normalizedPaths using matchAll 2024-11-05 09:22:26 +01:00
Napalys
ccee34d6d3 Added support for matchAll in CWE-020 including new test cases 2024-11-05 08:51:24 +01:00
Chuan-kai Lin
3cdf94e83a Merge pull request #17904 from github/post-release-prep/codeql-cli-2.19.3 
Post-release preparation for codeql-cli-2.19.3
 2024-11-04 10:14:12 -08:00
github-actions[bot]
f107d16b4e Post-release preparation for codeql-cli-2.19.3 2024-11-04 17:20:08 +00:00
Chuan-kai Lin
39a67b6e2e Merge pull request #17903 from github/release-prep/2.19.3 
Release preparation for version 2.19.3
codeql-cli/v2.19.3 		2024-11-04 08:42:12 -08:00
github-actions[bot]
cc7b724123 Release preparation for version 2.19.3 2024-11-04 16:37:28 +00:00
Florin Coada
7418d8ed24 Merge pull request #17832 from github/changedocs/2.19.2 
CodeQL 2.19.2 changedocs
 2024-11-04 13:56:28 +00:00
Tom Hvitved
0aee809697 Merge pull request #17899 from hvitved/accept-changes-multi-jobs 
Handle matrix jobs in accept changes script
 2024-11-04 14:54:21 +01:00
Rasmus Wriedt Larsen
5f20f1984c expected-changes: Use set constructor 2024-11-04 14:14:15 +01:00
Rasmus Wriedt Larsen
8f80c24270 Merge pull request #17256 from RasmusWL/js-threat-models 
JS: Add support for threat models
 2024-11-04 14:04:12 +01:00
Simon Friis Vindum
34e8ea17d8 Merge pull request #17898 from paldepind/rust-cfg-refactor 
Rust: CFG classes are in expression module iff they correspond to exp…
 2024-11-04 13:01:15 +01:00
Tom Hvitved
a89c82bf74 Handle matrix jobs in accept changes script 2024-11-04 11:49:35 +01:00
Simon Friis Vindum
fb26f7861f Merge pull request #17895 from paldepind/rust-data-flow-consistency-query 
Rust: Add data flow consistency queries
 2024-11-04 11:07:46 +01:00
Simon Friis Vindum
714e2fc2c1 Merge branch 'main' into rust-data-flow-consistency-query 2024-11-04 10:42:53 +01:00
Simon Friis Vindum
2ae721bd54 Merge pull request #17897 from github/redsun82/rust-fix-compilation 
Rust: fix semantic merge conflict about semantics
 2024-11-04 10:35:47 +01:00
Simon Friis Vindum
633bac633c Rust: CFG classes are in expression module iff they correspond to expressions 2024-11-04 10:34:08 +01:00
Simon Friis Vindum
7f344fab78 Rust: Add data flow consistency queries 2024-11-04 10:17:50 +01:00
Paolo Tranquilli
6848a22c65 Rust: fix semantic merge conflict about semantics 2024-11-04 10:04:40 +01:00
Paolo Tranquilli
bde517fcb1 Merge pull request #17849 from github/aibaars/single-semantics 
Rust: try to speed things up a bit
 2024-11-04 09:24:26 +01:00
Tom Hvitved
662a824312 Merge pull request #17865 from hvitved/rust/unused-macro-expansion 2024-11-03 09:17:14 +01:00
Tom Hvitved
c4adec3010 Address review comment 2024-11-01 15:28:17 +01:00
yoff
cec0544ca5 Merge pull request #17789 from aschackmull/python/resolvecall-refactor 
Python: Refactor references to NormalCall.
 2024-11-01 14:20:34 +01:00
Taus
0bb5b4b9dc Merge pull request #17875 from github/tausbn/python-improve-parser-logging-and-timing 
Python: Improve parser logging/timing/customisability
 2024-11-01 12:47:46 +01:00
Taus
2892f0ff48 Merge pull request #17873 from github/tausbn/python-fix-generator-expression-locations 
Python: Even more parser fixes
 2024-11-01 12:47:19 +01:00
Rasmus Wriedt Larsen
c0ad9ba529 Merge branch 'main' into js-threat-models 2024-11-01 10:48:32 +01:00
Rasmus Wriedt Larsen
dc8e645594 JS: Convert remaining queries to use ActiveThreatModelSourceAsSource 2024-11-01 10:47:10 +01:00
Tom Hvitved
03ffaac87a Merge pull request #17880 from hvitved/ruby/symbol-string-key-indifference 
Ruby: Do not distinguish between symbols and strings in hash keys
 2024-11-01 10:43:56 +01:00
Rasmus Wriedt Larsen
19fae76a94 JS: Remove dummy comment 
Co-authored-by: Asger F <asgerf@github.com>
 2024-11-01 10:24:22 +01:00
Paolo Tranquilli
03aef50836 Merge pull request #17883 from github/redsun82/rust-analysis 
Rust: use common config for analysis
 2024-10-31 17:46:15 +01:00
Paolo Tranquilli
c6585b726a Rust: use common config for analysis 
Now that the nightly bundle has the default query set, we don't need a special
inline config.
 2024-10-31 16:44:07 +01:00
Jeroen Ketema
03ced1795a Merge pull request #17694 from jketema/multiple-entry-point 
C++: Do not generate IR for functions with multiple entry points
 2024-10-31 16:16:03 +01:00
Rasmus Wriedt Larsen
61e60de969 JS: Model readline as a stdin threat-model source 
Technically not always true, but my assumption is that +90% of the time
that's what it will be used for, so while we could be more precise by
adding a taint-step from the `input` part of the construction, I'm not
sure it's worth it in this case.

Furthermore, doing so would break with the current way we model
threat-model sources, and how sources are generally modeled in JS... so
for a very pretty setup it would require changing all the other `file`
threat-model sources to start at the constructors such as
`fs.createReadStream()` and have taint-propagation steps towards the
actual use (like we do in Python)...

I couldn't see an easy path forwards for doing this while keeping the
Concepts integration, so I opted for the simpler solution here.
 2024-10-31 14:29:30 +01:00
Rasmus Wriedt Larsen
eca8bf5a35 JS: Do simple modeling of process.stdin as threat-model source 2024-10-31 14:26:45 +01:00
Rasmus Wriedt Larsen
34b86c39c1 JS: Model fs.promises.readFile as file source 
You could argue that proper modeling be done in the same way as
`NodeJSFileSystemAccessRead` is done for the callback based `fs` API (in
NodeJSLib.qll). However, that work is straying from the core goals I'm
working towards right now, so I'll argue that "perfect is the enemy of
good", and leave this as is for now.
 2024-10-31 14:09:38 +01:00
Rasmus Wriedt Larsen
971f53870e JS: Include fs externs 
Makes a difference due to the modeling of NodeJSFileSystemAccessRead depending on these, see
412e841d69/javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.qll (L479-L488)

File copied from 7cef4322e7/javascript/externs/nodejs/fs.js
 2024-10-31 13:51:22 +01:00
Rasmus Wriedt Larsen
b47fa77dc6 JS: Add tests for stdin threat-model sources 2024-10-31 12:59:21 +01:00
Tom Hvitved
d0f9a0b9ce Rust: Add another unused-value test 2024-10-31 11:43:33 +01:00
Tom Hvitved
55a6ed7e8a Rust: Include link to variable in unused value query 2024-10-31 11:42:44 +01:00
Tom Hvitved
2b340b18dd Rust: Exclude results inside macro expansions from unused entity queries 2024-10-31 11:42:43 +01:00
Tom Hvitved
fec31a6da4 Rust: Include variable name in Unused{Variable,Value}.ql 2024-10-31 11:42:41 +01:00
Tom Hvitved
6b60865d7e Ruby: Do not distinguish between symbols and strings in hash keys 2024-10-31 11:42:09 +01:00
Tom Hvitved
2b37c6cd32 Merge pull request #17548 from hvitved/shared/inline-test-post-process 
Shared: Post-processing query for inline test expectations
 2024-10-31 11:40:11 +01:00
Tom Hvitved
f04a55ecb5 Ruby: Update hash extension tests 2024-10-31 11:00:33 +01:00