hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-03 17:50:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,371 Commits 1,673 Branches 157 Tags
a635503be0987f4b3148f12f97cc093cd9596b54
Commit Graph

16371 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tamas Vajk
a635503be0 Add test cases to UselessCastToSelf 2020-09-28 11:04:22 +02:00
Tamas Vajk
3577b27f49 Fix to not report on enum member initialization 2020-09-28 11:04:22 +02:00
Tamas Vajk
77bb1b2cd9 C#: Extract constant value of enum member equal clauses 2020-09-28 11:04:22 +02:00
Tamas Vajk
a6b62a3838 C#: Add enum init value test 2020-09-28 10:56:50 +02:00
Tamás Vajk
20c4d94ccc Merge pull request #4318 from tamasvajk/feature/pointer-cast 
C#: Add implicit cast from array to pointer
 2020-09-28 09:34:54 +02:00
Taus
fc84286b56 Merge pull request #3830 from yoff/SharedDataflow_FieldFlow 
Python: Shared dataflow: Field flow
 2020-09-25 14:53:57 +02:00
CodeQL CI
ea5feb2b0a Merge pull request #4331 from erik-krogh/DVNA-files 
Approved by esbena
 2020-09-25 05:21:03 -07:00
Rasmus Lerchedahl Petersen
4621e6d8c0 Python: fix QL format 2020-09-25 13:37:39 +02:00
Rasmus Lerchedahl Petersen
88bba46698 Python: Modify tests based on review 
The extra hist in `test.py` seen in `globalStep.expected`
are due to the removal of manual filtering code.
(That code was from when dataflow had many strange things in it.)
 2020-09-25 13:35:30 +02:00
yoff
c56ff986d4 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2020-09-25 11:56:50 +02:00
CodeQL CI
4deb43f361 Merge pull request #4323 from RasmusWL/python-new-command-injection-query 
Approved by tausbn
 2020-09-25 02:39:46 -07:00
CodeQL CI
7b1dbb4364 Merge pull request #4337 from max-schaefer/js/fix-indirect-command-injection 
Approved by asgerf
 2020-09-25 00:18:55 -07:00
CodeQL CI
19316930cd Merge pull request #4310 from asgerf/js/extract-xml-with-codeql 
Approved by aibaars, esbena
 2020-09-24 10:14:46 -07:00
Jonas Jensen
e012dce755 Merge pull request #4334 from github/faster-skip-copy-value-instructions 
C++: Manual recursion in `skipCopyValueInstructions`
 2020-09-24 16:43:25 +02:00
Anders Schack-Mulligen
3ef3e6e140 Merge pull request #4319 from hvitved/python-java-block-precedes-var 
Java/Python: Reduce size of `blockPrecedesVar`
 2020-09-24 16:07:49 +02:00
Anders Schack-Mulligen
d4d4c0f3f9 Merge pull request #4325 from aibaars/hibernate-changenote 
Java: change note for Hiberate ORM improvements
 2020-09-24 12:58:45 +02:00
Erik Krogh Kristensen
6163e6cf5f adjust test case for XML entity expansion 2020-09-24 09:53:06 +02:00
Mathias Vorreiter Pedersen
780a07e89c Merge pull request #4332 from jbj/ExtendedRangeAnalysis-stub 
C++: ExtendedRangeAnalysis stub implementation
 2020-09-24 09:01:06 +02:00
Tom Hvitved
7970fef3e4 Merge pull request #4315 from hvitved/merge-rc-1.25 
Merge rc/1.25 into main
 2020-09-24 08:27:01 +02:00
Tamas Vajk
48bf6d55aa C#: Add implicit cast from array to pointer 2020-09-23 17:21:38 +02:00
Mathias Vorreiter Pedersen
f794eaa670 C++: Manual recursion in skipCopyValueInstructions instead of transitive closure 2020-09-23 16:26:40 +02:00
Erik Krogh Kristensen
83f0514475 add req.files as a RequestInputAccess in the Express model 2020-09-23 15:50:59 +02:00
Jonas Jensen
b7d0939f4a C++: ExtendedRangeAnalysis stub implementation 
Just to demonstrate how things fit together, I've created
`SubtractSelf.qll` that adds a (hopefully sound) version of the test
extension that was already used in `extensibility.ql`.
 2020-09-23 15:50:07 +02:00
Arthur Baars
5894263671 Java: improve change note 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2020-09-23 15:37:55 +02:00
Max Schaefer
dc7b447895 JavaScript: Make alert locations for command injection more precise. 2020-09-23 14:07:36 +01:00
Max Schaefer
439aadf0b6 JavaScript: Do even more type tracking in command injection. 2020-09-23 14:07:36 +01:00
Max Schaefer
ef18b39124 JavaScript: Fix use of type backtracker in IndirectCommandArgument.qll. 2020-09-23 14:07:36 +01:00
Max Schaefer
825fc2228b JavaScript: Add two new command-injection tests. 2020-09-23 14:07:36 +01:00
Rasmus Wriedt Larsen
66815c9d3d Python: Suppress unused variable warnings in DataFlowPrivate 2020-09-23 14:33:10 +02:00
Tamás Vajk
9b14a70eef Merge pull request #4316 from tamasvajk/feature/local-functions 
C#: Change TrapStackBehaviour of local functions
 2020-09-23 14:12:07 +02:00
Tamas Vajk
2868d5bf34 C#: Add pointer cast test cases 2020-09-23 12:20:51 +02:00
Rasmus Wriedt Larsen
6aec2ec673 Python: Fix os.popen modeling 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2020-09-23 11:18:32 +02:00
Rasmus Wriedt Larsen
624cdd339a Python: Fix grammar 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2020-09-23 11:18:12 +02:00
Tom Hvitved
d652b95b21 Merge pull request #4011 from hvitved/csharp/asp-extraction-pre-finalize 
C#: Move ASP extraction from auto builder to `pre-finalize.{sh,cmd}`
 2020-09-23 09:11:11 +02:00
Tamás Vajk
03e20eed05 Merge pull request #4314 from tamasvajk/feature/switch-case-expr 
C#: Fix switch case expression types
 2020-09-23 08:57:32 +02:00
Rasmus Lerchedahl Petersen
ef4461ce54 Python: Address review comments 2020-09-22 23:48:28 +02:00
Tamás Vajk
5ab5e75b85 Merge pull request #4255 from fatenhealy/IncreaseInsufficientKeySizeValue 
Increase insufficient key size value from 1024 to 2048
 2020-09-22 23:06:12 +02:00
yoff
aece0ff652 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2020-09-22 22:33:46 +02:00
Arthur Baars
b382711f14 Java: change note for Hiberate ORM improvements 2020-09-22 18:55:07 +02:00
CodeQL CI
475519c9ee Merge pull request #4267 from asgerf/js/log-typescript-memory 
Approved by esbena
 2020-09-22 08:51:51 -07:00
Rasmus Wriedt Larsen
71a75ce596 Python: Handle bound methods in flask modeling 2020-09-22 16:33:35 +02:00
Rasmus Wriedt Larsen
5709189c2a Python: Expand flask test 2020-09-22 16:33:34 +02:00
Rasmus Wriedt Larsen
e614365963 Python: Adopt new approach in flask modeling 
Removed all the dict-like stuff, not sure that is how we should do things.
 2020-09-22 16:33:33 +02:00
Rasmus Wriedt Larsen
a82fa04d8a Python: Add worked example of taint step modeling of external libs 
This can't be seen on the example, but I went through quite a lot of iterations
before arriving at this fairly simple solution.
 2020-09-22 16:28:26 +02:00
Rasmus Wriedt Larsen
00ea0cebc3 Python: More Flask modeling kinda works 
It "kinda" works now, but it really is not a pretty solution. Adding all these
"tracked" objects is SUPER annoying... it _would_ be possible to skip them, but
that seems like it will give the wrong edges for dataflow/taintflow queries :|

A good chunk of it should be able to be removed with access-paths like C# does
for library modeling. Some of it could be solved by better type-tracking API
like API Graphs... but it seems like we generally are just lacking the
nice-to-have features like `.getAMemberCall` and the like. See
https://github.com/github/codeql/pull/4082/files#diff-9aa94c4d713ef9d8da73918ff53db774L33
 2020-09-22 16:28:25 +02:00
Rasmus Wriedt Larsen
3c08590ee4 Python: Expand flask tests a bit 2020-09-22 16:28:24 +02:00
Rasmus Wriedt Larsen
2bdd0284dc Python: Port py-command-line-injection with new dataflow 2020-09-22 16:28:23 +02:00
Rasmus Wriedt Larsen
7c205dd3fc Python: First attempt at modeling Flask 2020-09-22 16:28:21 +02:00
Rasmus Wriedt Larsen
cdc5ca7aec Python: Model os.system and os.popen 2020-09-22 16:28:20 +02:00
Rasmus Wriedt Larsen
0265f26301 Python: Add importModule and importMember DataFlow helpers 2020-09-22 16:28:19 +02:00