hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-13 22:44:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,304 Commits 1,679 Branches 158 Tags
b680795d15cf479052d7a4cab29bbb44979560c8
Commit Graph

315 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
59a8b21851 Merge pull request #10862 from erik-krogh/unsafeCodeConstruction 
Rb: Add an `unsafe-code-construction` query
 2023-01-16 13:22:58 +01:00
Tony Torralba
c9d1cd97fb Ruby: Remove omittable exists variables 2023-01-10 13:39:49 +01:00
erik-krogh
19d2b49562 drive-by: make Base64.decode64(..) into a flowsummary that is shared with all queries 2023-01-06 09:04:37 +01:00
erik-krogh
1a27441cfb drive-by: delete code-execution sinks from unsafe-deserialization, we risked duplicate alerts 2023-01-06 09:04:36 +01:00
erik-krogh
0e6028a7f3 add stdin as source for unsafe-deserialization 2023-01-06 09:04:36 +01:00
erik-krogh
f98ff65b11 use eval() instead of send() in test 2023-01-05 20:04:04 +01:00
Arthur Baars
0f313231bc AlertSuppression: add more tests 2022-12-19 16:43:11 +01:00
Arthur Baars
c176606be5 AlertSuppression: allow //lgtm comments to scope over the next line 2022-12-19 16:10:26 +01:00
Arthur Baars
016c7a8ca7 Merge pull request #11719 from aibaars/alert-suppression-shared 
Shared AlertSuppression library
 2022-12-19 16:04:44 +01:00
Arthur Baars
06736e3e91 Add .gitattributes for Windows test files 2022-12-19 12:39:01 +01:00
erik-krogh
db49cfb723 Merge branch 'main' into kernelLoad 2022-12-19 09:46:25 +01:00
Tom Hvitved
5d9c64ba6f Ruby: Model flow through initialize constructors 2022-12-14 12:57:39 +01:00
erik-krogh
ccf520a5cd Merge branch 'main' into unsafeCodeConstruction 2022-12-13 18:31:49 +01:00
Peter Stöckli
03fff2709b Add suggestions to fix FileJoinSanitizer 2022-12-09 09:42:44 +01:00
Peter Stöckli
0d8c82009c Merge branch 'main' into p--ruby-kernel-open-addition 2022-12-09 07:54:56 +01:00
erik-krogh
8f0c0f3c17 add support for super calls to Kernel 2022-12-06 14:25:51 +01:00
erik-krogh
66946ebf6a add Kernel methods as sinks to path-injection 2022-12-06 14:09:15 +01:00
Harry Maclean
375403fb9d Merge pull request #11114 from hmac/case-barrier-guard-3 
Ruby: Add case string comparison barrier guard
 2022-11-30 11:21:07 +13:00
erik-krogh
7dcb813ff3 remove two more claseses of FPs in rb/non-constant-kernel-open 2022-11-29 12:49:23 +01:00
Peter Stöckli
6b1865d2ca Merge branch 'main' into p--ruby-kernel-open-addition 2022-11-29 10:19:36 +01:00
Peter Stöckli
5b6dd786c3 Add changes for NonConstantKernelOpenQuery 2022-11-29 10:00:57 +01:00
Peter Stöckli
d8752a0b12 Add additional sinks to the rb/kernel-open query 2022-11-29 10:00:56 +01:00
Nick Rolfe
8a94cabdbf Merge pull request #11250 from github/nickrolfe/stack-trace-exposure 
Ruby: add stack-trace exposure query
 2022-11-28 10:45:59 +00:00
erik-krogh
378cc1aed2 add support for string-like-literals 2022-11-25 10:32:06 +01:00
erik-krogh
80c92dc3e6 add support for array pushes 2022-11-25 10:32:05 +01:00
erik-krogh
3461404bbb add basic support for arrays 2022-11-25 10:31:35 +01:00
erik-krogh
2033dd2dcc remove parameters named "code" as source 2022-11-25 10:25:31 +01:00
erik-krogh
e7c6571f52 remove the "send(..)" and similar from unsafe-code-construction 2022-11-25 10:25:31 +01:00
erik-krogh
f1668801d3 add a rb/unsafe-code-construction query 
rebase
 2022-11-25 10:25:30 +01:00
erik-krogh
5f6cb1684b move the code-injection tests into a subfolder 2022-11-24 17:23:25 +01:00
Nick Rolfe
50b10be2db Ruby: StackTraceExposure: add test for a specific rescue type 2022-11-24 14:08:34 +00:00
Nick Rolfe
1c407a28cd Apply suggestions from code review 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-11-24 14:02:32 +00:00
Erik Krogh Kristensen
b4661f4a59 Merge pull request #11245 from erik-krogh/rb-redosMod 
Ruby: use the shared regex pack
 2022-11-21 15:34:20 +01:00
Harry Maclean
a6f6936719 Merge pull request #11058 from hmac/actioncontroller-logger 
Ruby: Model various ActionController methods
 2022-11-17 08:21:00 +13:00
Erik Krogh Kristensen
7d4ea47611 Merge pull request #10855 from erik-krogh/formatTaint 
Ruby: taint-steps for printf calls - and add a `AdditionalTaintStep` class
 2022-11-16 12:08:45 +01:00
Harry Maclean
2e2fcd49bf Ruby: Consider Object#inspect a log sanitizer 
The behaviour of `Object#inspect` depends on whether it has been
overridden by a subclass, but it will typically produce output on a
single line. Calling `inspect` on a String will replace newlines with
`\n`, which is then safe for interpolation into a log line.
 2022-11-16 13:46:51 +13:00
erik-krogh
10fff4e2ef Merge branch 'main' into rb-redosMod 2022-11-14 21:31:10 +01:00
Nick Rolfe
b39e2ef71c Ruby: add stacktrace exposure query 2022-11-14 12:26:40 +00:00
Nick Rolfe
83b3312467 Merge pull request #11207 from github/nickrolfe/arel-sql 
Ruby: add `SqlConstruction` concept, and implement it for calls to `Arel.sql`
 2022-11-14 10:21:37 +00:00
Nick Rolfe
5a15558355 Ruby: treat an Arel.sql call as a SqlConstruction 2022-11-10 14:11:14 +00:00
erik-krogh
88de299e12 add join(" ") calls as a sink for rb/shell-command-constructed-from-input 2022-11-09 21:46:25 +01:00
Harry Maclean
4bc9096446 Ruby: Add case string comparison barrier guard 
This recognises barriers of the form

    STRINGS = ["foo", "bar"]

    case foo
    when "some string literal"
      foo
    when *["other", "strings"]
      foo
    when *STRINGS
      foo
    end

where the reads of `foo` inside each `when` are guarded by the comparison
of `foo` with the string literals.

We don't yet recognise this construct:

    case foo
    when "foo", "bar"
      foo
    end

This is due to a limitation in the shared barrier guard logic.
 2022-11-09 15:03:13 +13:00
Erik Krogh Kristensen
c82410fd16 Merge pull request #10680 from erik-krogh/unsafeRbCmd 
RB: add an unsafe-shell-command-construction query
 2022-11-08 09:22:33 +01:00
erik-krogh
860c3c443c update expected output of the queries (some sorting changed due to locations being used slightly differently in the shared pack) 2022-11-07 14:34:20 +01:00
Arthur Baars
98f4c29913 Ruby: weak crypto: do not report weak hash algorithms 
Weak hash algorithms such as MD5 and SHA1 are often
used in non security sensitive contexts and reporting
all uses is far too noisy.
 2022-11-04 15:58:50 +01:00
erik-krogh
f3741ff1e4 changes based on review 2022-11-03 09:41:05 +01:00
erik-krogh
6bc12e8f2b Merge branch 'main' into formatTaint 2022-11-02 13:39:30 +01:00
Rasmus Wriedt Larsen
8628ff5e52 Merge pull request #10999 from RasmusWL/inline-fail-tag 
InlineExpectationsTest: Fail if missing `getARelevantTag`
 2022-10-28 10:35:49 +02:00
Erik Krogh Kristensen
93fb2930c8 Merge pull request #10968 from erik-krogh/fixRbCode 
RB: fix rb/code-injection
 2022-10-28 09:14:14 +02:00
Rasmus Wriedt Larsen
adf109b624 Merge branch 'main' into inline-fail-tag 2022-10-27 13:42:32 +02:00