hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-30 07:36:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,012 Commits 1,673 Branches 157 Tags
b0b795dbbb4878859903661ba2c09f695ff2d58a
Commit Graph

282 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
ae1ba11d57 Merge branch 'main' into orm 2022-03-16 11:23:14 +01:00
Rasmus Wriedt Larsen
461e2f3663 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-03-16 10:43:20 +01:00
haby0
7e6666bc63 Merge branch 'main' into py/add-ssrf-sinks 2022-03-07 12:09:14 +08:00
Rasmus Wriedt Larsen
f620e2599d Merge branch 'main' into py/add-ssrf-sinks 2022-03-04 11:50:12 +01:00
Rasmus Wriedt Larsen
02a97b08bb Python: Move urllib and urllib2 to be part of stdlib modeling 2022-03-04 11:31:47 +01:00
Rasmus Wriedt Larsen
c65839bb77 Python: improve urllib3 modeling 2022-03-04 11:25:14 +01:00
Rasmus Wriedt Larsen
7d6d8be179 Python: Fix httpx modeling 2022-03-04 11:07:51 +01:00
Rasmus Wriedt Larsen
40feb1fb8d Python: SPURIOUS results for httpx 2022-03-04 11:03:32 +01:00
yoff
d0a393e8d1 Update python/ql/test/library-tests/frameworks/stdlib/XPathExecution.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-03-04 10:56:53 +01:00
Rasmus Lerchedahl Petersen
143e9ee954 Merge branch 'main' of github.com:github/codeql into python/promote-xpath-injection 2022-03-02 13:14:08 +01:00
Rasmus Lerchedahl Petersen
80be767a7a python: implement stdlib xpath support 2022-03-02 12:59:34 +01:00
Rasmus Lerchedahl Petersen
06e0f140c5 python: add tests for stdlib xpath 2022-03-02 12:58:37 +01:00
Rasmus Wriedt Larsen
27d5349a74 Python: ORM: Remove imports from test code 
These are no longer needed, as data-flow now has this import by default
 2022-03-01 15:39:52 +01:00
Rasmus Lerchedahl Petersen
f55d7d627e python: model XPathEvaluator 2022-03-01 14:40:13 +01:00
Rasmus Lerchedahl Petersen
3bb17be389 python: add concept and library tests 2022-03-01 14:39:28 +01:00
Rasmus Wriedt Larsen
8afd560c64 Python: ORM: Handle load of PolymorphicModels 2022-02-28 16:38:41 +01:00
Rasmus Wriedt Larsen
48fba87273 Python: ORM: add flow to base-class 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
6b9dd49499 Python: ORM: Model polymorphic.models.PolymorphicModel as Django ORM class 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
e1191cf63c Python: ORM: Add tests for inheritance 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
092cfceb18 Python: Add dataflow consistency checks to ORM tests 
Luckily they passed :phew:
 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
ed36ff1570 Python: ORM: Handle <Model>.objects.[<QuerySet>].update() 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
fea46b642d Python: ORM: Handle <Model>.objects.create and friends 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
9b458b54aa Python: ORM: Add flow to collection/dict queries 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
9cff4cbd1c Python: ORM: Add a few more tests 
There were a few methods I had overlooked
 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
ae057c74cc Python: ORM: Store step for constructor 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
f8a51bb994 Python: ORM: Add data-flow steps for Django ORM 
Added dummy-whitespace to `orm_security_tests.py` so it would be
possible to see what the reflected XSS results are in the diff
 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
d3f07cdc10 Python: ORM: Add qltests 
Which shows that there is no flow yet, which is not really a surprise :D
 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
c78fed6594 Python: ORM: Add raw python test files 
no ql test files yet though, will come in next commit.
 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
f89fb50eb5 Python: ORM: Add boilerplate django project 
By doing

```
django-admin startproject testproj
django-admin startapp testapp
```
 2022-02-28 16:38:40 +01:00
haby0
be40b54b9f add test 2022-02-28 20:34:58 +08:00
Rasmus Wriedt Larsen
b2ce0fcb72 Python: Add post-update nodes to args of unresolved calls 
Besides solving the problem with `setattr`, it also solved some old
problems with json library modeling (yay).
 2022-02-04 11:51:53 +01:00
Rasmus Wriedt Larsen
301318020f Merge pull request #7455 from haby0/py/add-shutil-module-path-injection-sinks 
Python: Add shutil module sinks for path injection query
 2022-01-24 20:06:36 +01:00
Rasmus Wriedt Larsen
95e935e9c1 Python: Support SQLAlchemy scoped_session 2022-01-18 14:34:31 +01:00
haby0
759ec31508 Delete shutil_path_injection.py file 2022-01-06 21:38:35 +08:00
haby0
05b0daa0b7 Add the test of shutil module in FileSystemAccess.py 2022-01-06 14:14:42 +08:00
Rasmus Wriedt Larsen
6ce1524192 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-12-16 15:19:37 +01:00
Rasmus Wriedt Larsen
f8fc583af3 Python: client request: getUrl => getAUrlPart 
I think `getUrl` is a bit too misleading, since from the name, I would
only ever expect ONE result for one request being made.

`getAUrlPart` captures that there could be multiple results, and that
they might not constitute a whole URl.

Which is the same naming I used when I tried to model this a long time ago
a80860cdc6/python/ql/lib/semmle/python/web/Http.qll (L102-L111)
 2021-12-15 21:55:04 +01:00
Rasmus Wriedt Larsen
6f81685f48 Python: Add modeling of http.client.HTTPResponse 2021-12-15 21:55:04 +01:00
Rasmus Wriedt Larsen
a5bae30d81 Python: Add tests of http.client.HTTPResponse 2021-12-15 20:39:46 +01:00
Rasmus Wriedt Larsen
cf2ee0672f Python: Model requests Responses 2021-12-13 15:09:46 +01:00
Rasmus Wriedt Larsen
35cba17642 Python: Consider taint of client http requests 2021-12-13 14:56:16 +01:00
Rasmus Wriedt Larsen
b68d280129 Python: Add modeling of requests 2021-12-13 14:56:16 +01:00
Rasmus Wriedt Larsen
1ff56d5143 Python: Add tests of requests 
Also adjusts test slightly. Writing
`clientRequestDisablesCertValidation=False` to mean that certificate
validation was disabled by the `False` expression is just confusing, as
it easily reads as _certificate validate was NOT disabled_ :|

The new one ties to each request that is being made, which seems like
the right setup.
 2021-12-13 14:07:32 +01:00
yoff
8e11c2c476 Merge pull request #7259 from RasmusWL/even-more-path-injection-sinks 
Python: Add more path-injection sinks from `os` and `tempfile` modules
 2021-12-09 14:46:41 +01:00
yoff
f10f053c36 Merge pull request #7228 from RasmusWL/fastapi-improvements 
Python: FastAPI improvements
 2021-12-02 12:58:53 +01:00
yoff
19802ccb73 Merge pull request #7046 from RasmusWL/django-own-json-response 
Python: Add test with custom django json response (FP)
 2021-11-29 16:05:20 +01:00
Rasmus Wriedt Larsen
cbd7434a7e Python: Add modeling of tempfile module 2021-11-29 15:08:36 +01:00
Rasmus Wriedt Larsen
b68538376c Python: Add tests of tempfile module 2021-11-29 15:08:36 +01:00
Rasmus Wriedt Larsen
58f92764f7 Python: Model more file access from os module 2021-11-29 14:54:02 +01:00
Rasmus Wriedt Larsen
e79b8f3e23 Python: Treat os.exec*, os.spawn*, and os.posix_spawn* as FileSystemAccess 2021-11-29 14:54:02 +01:00