hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-25 13:16:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,523 Commits 1,673 Branches 157 Tags
ae296fc6db39d710cabe40d761a1bf6c87cc6837
Commit Graph

2592 Commits

Author SHA1 Message Date
CodeQL CI
565af1a879 Merge pull request #6071 from RasmusWL/fix-input-cwe 
Approved by calumgrant, tausbn
 2021-06-21 06:23:18 -07:00
yoff
baf8d0a990 Merge pull request #6045 from RasmusWL/twisted 
Python: Model twisted
 2021-06-21 14:52:57 +02:00
Anders Schack-Mulligen
9110dfaeb3 Merge pull request #6095 from hvitved/dataflow/local-cc-join 
Data flow: Fix `getLocalCallContext` join-order
 2021-06-21 12:53:38 +02:00
Rasmus Wriedt Larsen
d6ec4d30fc Python: Twisted refactor of getRequestParamIndex 2021-06-21 10:54:28 +02:00
Rasmus Wriedt Larsen
8208aebd7e Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-06-21 10:43:25 +02:00
Calum Grant
32f6a465b0 Merge pull request #6080 from github/calumgrant/security-severities 
Update security-severity scores
 2021-06-18 09:40:40 +01:00
Tom Hvitved
eb86bceb4d Address review comments 2021-06-18 10:18:47 +02:00
Tom Hvitved
0febf5a592 Merge pull request #6094 from hvitved/dataflow/consistency-compiler-too-smart 
Data flow: Workaround for too clever compiler in consistency queries
 2021-06-17 10:23:31 +02:00
Tom Hvitved
ffb2350a54 Data flow: Fix getLocalCallContext join-order 2021-06-17 10:02:31 +02:00
Tom Hvitved
cc383e0f6a Data flow: Workaround for too clever compiler in consistency queries 2021-06-17 09:43:36 +02:00
CodeQL CI
bcafe532ac Merge pull request #5944 from RasmusWL/async-api-graph-tests 
Approved by tausbn
 2021-06-16 08:46:26 -07:00
yoff
0ddeb7a8c1 Merge pull request #5950 from RasmusWL/promote-clickhouse 
Python: Promote ClickHouse SQL models
 2021-06-16 13:38:41 +02:00
Taus
96d8fc78f8 Merge pull request #6078 from hvitved/type-tracker-caching 
Python: Move cached predicates in type tracker library to same stage
 2021-06-16 10:45:02 +02:00
Taus
87ee7849a9 Merge pull request #6077 from RasmusWL/fix-pypi-names 
Python: Fixup for names of supported PyPI packages
 2021-06-15 15:01:35 +02:00
yoff
b19d64f173 Merge pull request #6013 from RasmusWL/sensitive-improvements 
Python: Improve sensitive data modeling
 2021-06-15 14:45:40 +02:00
Calum Grant
771e686946 Update security-severity scores 2021-06-15 13:25:17 +01:00
Tom Hvitved
c03ee32f02 Python: Move cached predicates in type tracker library to same stage 2021-06-15 13:42:43 +02:00
Rasmus Wriedt Larsen
b1fb68bc54 Python: Rename .qll file for mysql-connector-python support 
Just like our support for the `PyYAML` PyPI package that you import with
`import yaml` is in `Yaml.qll`.

Since this file does not provide any public predicates/modules, it
should be safe to rename it.
 2021-06-15 13:06:53 +02:00
Rasmus Wriedt Larsen
b154f034cb Python: Fix names of supported PyPI packages 2021-06-15 12:55:52 +02:00
Rasmus Wriedt Larsen
00af18a622 Python: Autoformat 2021-06-15 11:31:38 +02:00
Rasmus Wriedt Larsen
156b10cb59 Merge branch 'main' into promote-clickhouse 2021-06-15 11:30:19 +02:00
Taus
c6c9a5110a Merge pull request #6063 from tausbn/python-promote-type-tracking-library 
Python: Promote shared type tracking library
 2021-06-14 18:56:03 +02:00
Rasmus Wriedt Larsen
d19bc1252b Python: limit size of extraStepForCalls predicate 
On django/django, this reduced the number of results in
`extraStepForCalls` from 201,283 to 541
 2021-06-14 15:06:42 +02:00
Rasmus Wriedt Larsen
4eed94a262 Python: Fix CWE tag for py/use-of-input 
So it better matches what is in `py/code-injection`. I had my doubts
about CWE-95, but after reading
https://owasp.org/www-community/attacks/Direct_Dynamic_Code_Evaluation_Eval%20Injection
I think it's fine to add CWE-95 as well 👍

Definitions are:

CWE-78: Improper Neutralization of Special Elements used in an OS
Command ('OS Command Injection')

CWE-94: Improper Control of Generation of Code ('Code Injection')

CWE-95: Improper Neutralization of Directives in Dynamically Evaluated
Code ('Eval Injection')
 2021-06-14 14:08:34 +02:00
CodeQL CI
02c017afec Merge pull request #6058 from RasmusWL/more-aiohttp 
Approved by yoff
 2021-06-14 02:56:59 -07:00
Taus
8016715fb6 Python: Add missing QLDoc 2021-06-11 20:35:58 +00:00
Taus
3869ab76d1 Python: Promote shared type tracking library 
This was slightly messier than anticipated, as I hadn't accounted for
the dozen uses of `startInAttr` in our codebase. To circumvent this,
I decided to put the type tracking implementation in the `internal`
directory, and wrap it with a file that ensures the old interface still
works.
 2021-06-11 20:20:22 +00:00
Calum Grant
85467adc5e Merge pull request #5839 from github/security-severities5 
Add security-severity scores
 2021-06-11 15:56:20 +01:00
Rasmus Wriedt Larsen
53f7633662 Python: Model await request.post() as MultiDictProxy 
as highlight as being quite easy to do by @yoff 👍
 2021-06-11 14:53:30 +02:00
Rasmus Wriedt Larsen
df67028a1d Python: Model aiohttp.StreamReader 2021-06-11 12:06:53 +02:00
Rasmus Wriedt Larsen
64a0e3fd0a Merge branch 'main' into aiohttp-modeling 2021-06-11 11:42:24 +02:00
Rasmus Wriedt Larsen
8b8e1334cc Python: Fix syntax error 2021-06-11 11:42:14 +02:00
Rasmus Wriedt Larsen
46f7a2b572 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-06-11 11:28:11 +02:00
Rasmus Wriedt Larsen
3d5f379b8c Merge branch 'main' into sensitive-improvements 2021-06-11 10:48:20 +02:00
Calum Grant
a594afb828 Add security-severity metadata 2021-06-10 20:11:08 +01:00
CodeQL CI
a241c114da Merge pull request #5836 from RasmusWL/ec-class-improvement 
Approved by tausbn
 2021-06-10 06:20:56 -07:00
Rasmus Wriedt Larsen
04db33513e Merge branch 'main' into sensitive-improvements 2021-06-10 15:11:09 +02:00
Rasmus Wriedt Larsen
ea0c1d7db3 Python: Better handling of sensitive functions 
This solution was the best I could come up with, but it _is_ a bit
brittle since you need to remember to add this additional taint step
to any configuration that relies on sensitive data sources... I don't
see an easy way around this though :|
 2021-06-10 15:08:21 +02:00
Rasmus Wriedt Larsen
eb4f168dd4 Python: Clarify SensitiveAttributeAccess 
The comment about imports was placed wrong. I also realized we didn't
even have a single test-case for
`this.(DataFlow::AttrRead).getAttributeNameExpr() = sensitiveLookupStringConst(classification)`
so I added that (notice that this is only `getattr(foo, x)` and not
`getattr(foo, "password")`)
 2021-06-10 14:09:47 +02:00
Taus
b14fa8b4cd Merge pull request #5925 from RasmusWL/pep249-import 
Python: Use absolute import for PEP249
 2021-06-09 18:32:28 +02:00
Rasmus Wriedt Larsen
23f668f8ee Python: Model redirects in twisted 2021-06-08 16:16:56 +02:00
Rasmus Wriedt Larsen
a21039170b Python: Model (most of) twisted 2021-06-08 16:11:18 +02:00
Rasmus Wriedt Larsen
e82ad6fc22 Python: Add missing QLDoc 2021-06-07 10:13:26 +02:00
Rasmus Wriedt Larsen
9dcb26d151 Python: Autoformat 
I had not set up the pre-commit hook properly
 2021-06-07 10:05:48 +02:00
Rasmus Wriedt Larsen
350f79e1e1 Python: Model sensitive data based on variable names 2021-06-04 11:28:07 +02:00
Rasmus Wriedt Larsen
f5fd0f8d1c Python: Model sensitive data based on parameter names 2021-06-04 11:28:07 +02:00
Rasmus Wriedt Larsen
925e67d734 Python: Model sensitive data from subscripts 2021-06-04 11:28:07 +02:00
Rasmus Wriedt Larsen
d6532e280a Python: minor cleanup in SensitiveDataSources 2021-06-04 11:28:07 +02:00
Rasmus Wriedt Larsen
00a71a1c41 Python: Port sensitive data modeling 
No longer using points-to 🎉
 2021-06-04 11:28:07 +02:00
Rasmus Wriedt Larsen
79bef11cf7 Python: Use "new" SensitiveDataHeuristics 2021-06-03 12:10:29 +02:00