hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-05 18:50:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
56,978 Commits 1,676 Branches 157 Tags
aa59741c38d40ca7f76216d9b9ea29d4c8461fc7
Commit Graph

1340 Commits

Author SHA1 Message Date
Ahmed Farid
23f268f3b9 Import Django and Flask model 2022-08-30 16:39:40 +01:00
Ahmed Farid
de58d0f024 Update the subclasses of ClientSuppliedSecret class 2022-08-30 16:34:43 +01:00
Ahmed Farid
0177cd810e Update suspicious() 2022-08-30 13:58:54 +01:00
Ahmed Farid
9995e91bb7 Update the name of the class (and its subclasses) 2022-08-29 18:57:56 +01:00
Ahmed Farid
b2551a5581 Update the name of the class (and its subclasses) 2022-08-29 18:30:43 +01:00
Ahmed Farid
baa0fd4148 Convert %UserPass% word to lowercase 2022-08-29 18:25:26 +01:00
Ahmed Farid
141b65fea8 Fix typo 2022-08-29 18:18:19 +01:00
Ahmed Farid
199e3d9462 Rename the query ID 2022-08-29 18:13:45 +01:00
Ahmed Farid
66fb420d00 Update PossibleTimingAttackAgainstHash.ql 2022-08-29 18:08:09 +01:00
erik-krogh
cc7a9ef97a rename more acronyms 2022-08-25 20:52:27 +02:00
Ahmed Farid
93257be913 Add Werkzeug source 2022-08-23 12:51:48 +01:00
Ahmed Farid
ee05e2ca76 add x-gitlab-token to sensitive headers 2022-08-23 12:27:20 +01:00
erik-krogh
28083ebe09 run the implicit-this patch 2022-08-22 21:23:31 +02:00
erik-krogh
e89e0eb7fb make some acronyms camelCase 2022-08-22 21:22:35 +02:00
Taus
bd45ea94d0 Python: Fix TimingAttackAgainstHash.ql select 2022-08-19 12:31:12 +00:00
Taus
3d17989107 Python: Fix broken select statement 
Based on the alert description, "message" seemed like a suitable word to
use here.
 2022-08-17 17:09:18 +00:00
Taus
76de2f4203 Python: Remove trailing newlines 
These were causing the autoformatting check to fail. I'm not really sure
how these newlines got introduced. Possibly some editor option or
`git-commit` hook?
 2022-08-17 15:12:51 +00:00
Ahmed Farid
313dbc9120 Autoformat PossibleTimingAttackAgainstSensitiveInfo.ql 2022-08-17 12:59:09 +01:00
Ahmed Farid
9f3de035c7 Autoformat PossibleTimingAttackAgainstHash.ql 2022-08-17 12:57:57 +01:00
Ahmed Farid
cb5331bdd8 Autoformat TimingAttackAgainstHeaderValue.ql 2022-08-17 12:54:34 +01:00
Ahmed Farid
a7dcf96f55 Autoformat TimingAttackAgainstSensitiveInfo.ql 2022-08-17 12:53:07 +01:00
erik-krogh
8066e39d07 delete some redundant imports 2022-08-17 13:50:04 +02:00
Ahmed Farid
9b4d1789b1 Autoformat TimingAttackAgainstHash.ql 2022-08-17 12:49:58 +01:00
Ahmed Farid
b29ca57ce1 Autoformat TimingAttack.qll 2022-08-17 12:46:57 +01:00
Ahmed Farid
5daeea7aeb Adjust the @id property 2022-08-17 12:24:40 +01:00
Ahmed Farid
01828936e2 fix qhelp 2022-08-17 12:19:44 +01:00
Ahmed Farid
10d5ab20f5 fix qhelp 2022-08-17 12:19:02 +01:00
Ahmed Farid
abcfb1cd63 Update TimingAttack.qll 2022-08-16 12:33:19 +01:00
Ahmed Farid
169d27951a Update UnSafeComparisonOfSensitiveInfo.py 2022-08-15 15:19:13 +01:00
Ahmed Farid
dbd6076725 Update SafeComparisonOfSensitiveInfo.py 2022-08-15 15:18:09 +01:00
Ahmed Farid
8ebf428078 Update SafeComparisonOfSensitiveInfo.py 2022-08-15 15:15:24 +01:00
Ahmed Farid
054e0726b0 Update UnsafeComparisonOfHeaderValue.py 2022-08-15 15:13:17 +01:00
Ahmed Farid
c578a34892 Update SafeComparisonOfHeaderValue.py 2022-08-15 15:12:38 +01:00
Ahmed Farid
773bb5fffd Update SafeComparisonOfHeaderValue.py 2022-08-15 14:43:32 +01:00
Ahmed Farid
a724bd1e32 Update UnSafeComparisonOfSensitiveInfo.py 2022-08-15 14:42:17 +01:00
Ahmed Farid
0e0c6e08b5 Update TimingAttack.qll 2022-08-15 11:18:31 +01:00
Ahmed Farid
21f9ee449a Delete UnSafeComparison.py 2022-08-05 12:49:00 +01:00
Ahmed Farid
d9e85a9064 Delete SafeComparison.py 2022-08-05 12:48:51 +01:00
Ahmed Farid
c7828bf9b4 Create UnSafeComparisonOfSensitiveInfo.py 2022-08-05 12:47:58 +01:00
Ahmed Farid
dd61383469 Create SafeComparisonOfSensitiveInfo.py 2022-08-05 12:46:46 +01:00
Ahmed Farid
5eef14a0a9 Update SafeComparisonOfHeaderValue.py 2022-08-04 12:51:30 +01:00
Ahmed Farid
a6af455eae Create UnsafeComparisonOfHeaderValue.py 2022-08-04 12:50:55 +01:00
Ahmed Farid
a98a77ad40 Create SafeComparisonOfHeaderValue.py 2022-08-04 12:48:19 +01:00
Ahmed Farid
e1435afea9 Rename python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHeaderValue.qhelp to python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHeaderValue/TimingAttackAgainstHeaderValue.qhelp 2022-08-04 12:45:01 +01:00
Ahmed Farid
76c8e7d2e8 Rename python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHeaderValue.ql to python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHeaderValue/TimingAttackAgainstHeaderValue.ql 2022-08-04 12:44:45 +01:00
Ahmed Farid
428132a58e Rename python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstSensitiveInfo.ql to python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstSensitiveInfo/TimingAttackAgainstSensitiveInfo.ql 2022-08-04 12:44:10 +01:00
Ahmed Farid
a34478d58f Rename python/ql/src/experimental/Security/CWE-208/PossibleTimingAttackAgainstSensitiveInfo.ql to python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstSensitiveInfo/PossibleTimingAttackAgainstSensitiveInfo.ql 2022-08-04 12:43:53 +01:00
Ahmed Farid
59f05b4d62 Rename python/ql/src/experimental/Security/CWE-208/PossibleTimingAttackAgainstSensitiveInfo.qhelp to python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstSensitiveInfo/PossibleTimingAttackAgainstSensitiveInfo.qhelp 2022-08-04 12:43:35 +01:00
Ahmed Farid
fe51a917ec Rename python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstSensitiveInfo.qhelp to python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstSensitiveInfo/TimingAttackAgainstSensitiveInfo.qhelp 2022-08-04 12:43:21 +01:00
Ahmed Farid
a747bacbe5 Rename python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHash.ql to python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHash/TimingAttackAgainstHash.ql 2022-08-04 12:42:08 +01:00