hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
34,296 Commits 1,741 Branches 165 Tags
a7dab53ed2df129e7bdab97cd04f73b9b133574b
Commit Graph

34296 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
a7dab53ed2 Python: Add change-note 2022-04-05 11:46:49 +02:00
Rasmus Wriedt Larsen
1f285b8983 Python: Rename to XmlParsingVulnerabilityKind 
To keep up with style guide
 2022-04-05 11:07:12 +02:00
Rasmus Wriedt Larsen
ab59d5c786 Python: Rename to XmlParsing 
To follow our style guide
 2022-04-05 11:06:22 +02:00
Rasmus Wriedt Larsen
d2b03bb480 Python: Fix SimpleXmlRpcServer.ql 2022-03-31 20:37:28 +02:00
Rasmus Wriedt Larsen
4abab22066 Python: Promote XXE and XML-bomb queries 
Need to write a change-note as well, but will do that tomorrow
 2022-03-31 18:47:50 +02:00
Rasmus Wriedt Larsen
b8d3c5e96f Python: Remove last bits of experimental XML modeling 2022-03-31 18:40:26 +02:00
Rasmus Wriedt Larsen
5083023aa8 Python: Move XML parsing PoC 
Since the folder where it used to live is now empty otherwise :O
 2022-03-31 18:37:47 +02:00
Rasmus Wriedt Larsen
673220b231 Python: Minor cleanup of XmlParsingTest 2022-03-31 18:18:35 +02:00
Rasmus Wriedt Larsen
b4c0065aeb Python: Extend FileSystemAccess for xml.sax and xml.dom.* parsing 2022-03-31 18:08:47 +02:00
Rasmus Wriedt Larsen
1d7cec60ae Python: xml.sax.parse is not a method call 
And it's not possible to provide a parser argument either
 2022-03-31 17:50:23 +02:00
Rasmus Wriedt Larsen
e11269715d Python: Promote xml.sax and xml.dom.* modeling 2022-03-31 17:44:00 +02:00
Rasmus Wriedt Larsen
05bb0ef976 Python: Align xml.etree.ElementTree modeling 
I didn't find a good way to actually share the stuff, so we kinda just
have 2 things that look very similar :|
 2022-03-31 17:24:16 +02:00
Rasmus Wriedt Larsen
70b3eecdd5 Python: Merge xml.etree.ElementTree models 
I forgot about the existing ones when I promoted it
 2022-03-31 17:13:11 +02:00
Rasmus Wriedt Larsen
db43d043c4 Python: Add test showing misalignment of xml.etree modeling 2022-03-31 11:55:46 +02:00
Rasmus Wriedt Larsen
543454eff2 Python: Model file access from XML parsing 2022-03-31 11:47:29 +02:00
Rasmus Wriedt Larsen
386ff53614 Python: Model lxml.iterparse 2022-03-31 11:32:22 +02:00
Rasmus Wriedt Larsen
12cbdcde28 Python: Model lxml.etree.XMLID 2022-03-31 11:21:24 +02:00
Rasmus Wriedt Larsen
6774085e7a Python: Add note about parseid/XMLID 2022-03-31 11:19:25 +02:00
Rasmus Wriedt Larsen
a315aa84b2 Python: Add some links in QLDocs 2022-03-31 11:16:50 +02:00
Rasmus Wriedt Larsen
64aa503cc3 Python: Promote xml.etree modeling 2022-03-31 11:12:02 +02:00
Rasmus Wriedt Larsen
7f5f7679f8 Python: Promote xmltodict modeling 2022-03-31 10:28:34 +02:00
Rasmus Wriedt Larsen
80b5cde3a2 Python: Promote lxml parsing modeling 2022-03-31 10:19:08 +02:00
Rasmus Wriedt Larsen
3040adfd9b Python: Handle XMLParser().close() for XPath 2022-03-31 10:08:26 +02:00
Rasmus Wriedt Larsen
c4473c5f65 Python: Rename lxml XPath tests 2022-03-31 10:08:02 +02:00
Rasmus Wriedt Larsen
1ea4bcc59f Python: Make XMLParsing a Decoding subclass 2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
35ccba2ec1 Python: Promote XMLParsing concept test 2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
e45288e812 Python: => XMLParsingVulnerabilityKind 
Since there are other XML vulnerabilities that are not about parsing,
this is more correct.
 2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
e005a5c0ab Python: Promote XMLParsing concept 2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
9caf4be21b Python: Add PortSwigger link to Xxe.qhelp 
I found this resource quite good myself at least :)
 2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
56b9c891d8 Python: Adjust XmlBomb.qhelp from JS 2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
b00766b054 Python: Adjust XXE qhelp 
and remove the old copy, we don't need it anymore :)
 2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
c365337867 Python: Delete XmlEntityInjection.ql 
Kept the test of SimpleXmlRpcServer, and kept the qhelp so it can be
used to write the new qhelp files
 2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
769f5691d0 Python: Add taint for StringIO and BytesIO 2022-03-31 09:52:54 +02:00
Rasmus Wriedt Larsen
57b9780428 Python: XXE: Add example of exfiltrating data through dtd-retrival 2022-03-31 09:52:54 +02:00
Rasmus Wriedt Larsen
a1d88e39a7 Python: Adjust XXE PoC for newer lxml versions 
Which doesn't raise that syntax error (at least not on my laptop)
 2022-03-31 09:52:54 +02:00
Rasmus Wriedt Larsen
91795b8577 Python: Add simple test of Xxe/XmlBomb 
Note that most of the testing happens in the framework specific tests,
with an inline-expectation test
 2022-03-31 09:52:54 +02:00
Rasmus Wriedt Larsen
e45f9d69cc Python: Adjust Xxe/XmlBomb for Python 
I changed a few QLdocs so they fit the style we have used in Python...
although I surely do regret having introduced a new style for how these
QLDocs look :D
 2022-03-31 09:52:54 +02:00
Rasmus Wriedt Larsen
65907c9762 Python: Copy Xxe/XmlBomb queries from JS 
After internal discussion, these will replace the `XmlEntityInjection`
query, so we can have separate severities on DoS and the other (more
serious) attacks.

Note: These clearly don't work, since they are verbatim copies of the JS
code, but I split it into multiple commits to clearly highlight what
changes were made.
 2022-03-31 09:52:54 +02:00
Chuan-kai Lin
48015e5a2e Merge pull request #8597 from cklin/run-js-ml-tests 
JS: Fix expected test output for ATM queries
 2022-03-30 13:10:02 -07:00
Chuan-kai Lin
a8dabb238d JS: Fix expected test output for ATM queries 2022-03-30 11:35:17 -07:00
Nick Rolfe
fa1bb82701 Merge pull request #8610 from github/nickrolfe/re-fix-location-join-order 
Ruby: undo accidental revert of #8538
 2022-03-30 16:31:52 +01:00
Nick Rolfe
10b75bff76 Ruby: undo accidental revert of 13be9919 2022-03-30 16:02:12 +01:00
Chris Smowton
9675f34cf5 Merge pull request #8257 from luchua-bc/java/insecure-webview-resource-response 
Java: CWE-200 Query to detect insecure WebResourceResponse implementation
 2022-03-30 15:56:27 +01:00
Arthur Baars
031d183bdf Merge pull request #8532 from aibaars/regex-refactor-2 
JS/Ruby/Python: rename RegExpTreeView.qll to ReDoSUtilSpecific.qll
 2022-03-30 16:38:47 +02:00
Dave Bartolomeo
70c44734e6 Merge pull request #8445 from dbartol/dbartol/ir-range/semantic-scratch 
Sign, Modulus, and Range analysis for C++ using sharable semantic layer
 2022-03-30 07:08:09 -04:00
Dave Bartolomeo
e2396a5e03 Remove PrintIR tests for range analysis 
These were only used for debugging, and don't actually make good tests.
 2022-03-30 06:45:28 -04:00
Dave Bartolomeo
19789fa738 Merge remote-tracking branch 'upstream/main' into semantic-scratch 2022-03-30 06:39:14 -04:00
Nick Rolfe
a274af2b16 Merge pull request #7985 from github/nickrolfe/constant_regexp 
Ruby: separate constant propagation of regexps from strings
 2022-03-30 11:37:33 +01:00
Robert Marsh
8d21c8b7c5 Merge pull request #8423 from 4B5F5F4B/main 
[CPP][Linux Kernel]Add ql to detect CVE-2017-5123
 2022-03-29 15:10:15 -04:00
luchua-bc
fa2a6a7da3 Remove unnecessary taint step and update qldoc 2022-03-29 17:52:49 +00:00