hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 00:43:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
68,138 Commits 1,693 Branches 160 Tags
bbc3ff2dfedf7cbf087209f7863d1049db7b4bca
Commit Graph

2144 Commits

Author SHA1 Message Date
yoff
bbc3ff2dfe Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2024-06-28 14:39:03 +02:00
Rasmus Lerchedahl Petersen
a3076f4f72 Python: fix test expectations, add missing sanitizer 2024-06-26 13:27:32 +02:00
Rasmus Lerchedahl Petersen
571be8be3e Python: model more loggers 2024-06-26 01:00:38 +02:00
Rasmus Lerchedahl Petersen
eb32cbe8a5 Python: codecs.open 2024-06-26 00:57:59 +02:00
Rasmus Lerchedahl Petersen
bdc48088e6 Python: MaD summary models 
Two of the generated summaries have been excluded:
 - ["re", "Member[split]", "Argument[0,pattern:]", "ReturnValue", "taint"]
   From the documentation, it is not clear why pattern should figure in the return value, as that is the part denoting split point and thus all those instances are filtered out.
   From the implementation
     Spit function: https://github.com/python/cpython/blob/3.12/Lib/re/__init__.py#L199
     _compile function being called by split: https://github.com/python/cpython/blob/3.12/Lib/re/__init__.py#L280
   We see that in case the pattern is already a compiled `Pattern`, it is returned directly from _compile and could thus be part of the return value from split. This is probably not possible to arrange for an attacker, and so an FP in practice.

 - ["urllib2", "Member[unquote]", "Argument[0,string:]", "ReturnValue", "taint"]
   urllib2 seems to be only in Python2 (e.g. https://docs.python.org/2.7/library/urllib2.html) and I cannot locate the function unquote.
 2024-06-26 00:39:30 +02:00
Rasmus Lerchedahl Petersen
bc551174f9 Python: model copy.deepcopy as a value step 2024-06-25 14:53:06 +02:00
Rasmus Lerchedahl Petersen
501cda4e8c Python: model fnmatch.filter 2024-06-25 14:44:39 +02:00
Rasmus Lerchedahl Petersen
2118f233b9 Python: model optparse.OptionParser.parse_arg 2024-06-25 14:40:23 +02:00
Rasmus Lerchedahl Petersen
1e97600c4a Python: move models 2024-06-25 14:13:56 +02:00
Rasmus Lerchedahl Petersen
c004ffaca8 python: move model to Stdlib.yml 
There is already a model there so we add to that one.

We did observe that this existing model was blocked by the external MaD model.
This is concerning and needs to be cleared up.
 2024-06-25 14:13:48 +02:00
Anders Schack-Mulligen
8c23e21073 Dataflow: Cache compatibleTypes. 2024-06-24 13:35:48 +02:00
am0o0
8a7fdfa6fe fix conflict 2024-06-18 17:18:59 +02:00
Joe Farebrother
f441c68f7e Merge pull request #16657 from joefarebrother/python-partial-ssrf-fp 
Python: Add additional sanitizers to SSRF
 2024-06-11 23:20:50 +01:00
Joe Farebrother
93f10fcf14 Add sanitizers for compiled regexes 2024-06-11 15:44:16 +01:00
Anders Schack-Mulligen
68ddae2918 Python: Add support for pretty-printed provenace in tests. 2024-06-07 11:47:48 +02:00
Asger F
6e0f3df573 Merge pull request #14120 from asgerf/dynamic/typemodel-istypeused 
Dynamic: add TypeModel.isTypeUsed
 2024-06-06 15:31:16 +02:00
Rasmus Wriedt Larsen
dd8b65130e Merge pull request #16598 from jorgectf/jorgectf/opml-models 
Python: Add models for `opml`
 2024-06-04 10:16:26 +02:00
Joe Farebrother
6ac46b8436 Add additional sanitizers to SSRF for methods that restrict the contents of a string. 2024-06-03 23:23:25 +01:00
Sid Shankar
859e8db5f2 Fixes typo in deprecation notice 2024-06-03 16:31:29 +00:00
am0o0
66cba89fdb Torch.qll: use better alternative instead of exists 2024-05-29 15:43:41 +02:00
am0o0
8c3994bc9c Paramiko.qll: improve docs 2024-05-29 15:42:29 +02:00
am0o0
b1242e464e Pandas.qll: remove unnecessary exists, fix class naming 2024-05-29 15:41:45 +02:00
am0o0
fcd2bd6776 fabic.qll: remove test predicate and apply review changes 2024-05-29 15:37:11 +02:00
Joe Farebrother
4c97b0c785 Merge pull request #16529 from joefarebrother/python-flask-session-interface 
Python: Model Flask SessionInterface request parameter
 2024-05-28 10:03:13 +01:00
Jorge
34230369bc Add OPML module to frameworks imports 2024-05-27 09:48:49 +00:00
Jorge
e992d86d38 Add OPML models 2024-05-27 09:48:10 +00:00
Anders Schack-Mulligen
1432519cc2 Dataflow: Add totalorder predicates to all languages. 2024-05-27 11:01:52 +02:00
Anders Schack-Mulligen
bc8ca1af86 Dataflow: Introduce NodeRegions for use in isUnreachableInCall. 2024-05-27 11:01:51 +02:00
Joe Farebrother
2db1fbc713 Merge branch 'main' into python-flask-session-interface 2024-05-22 21:48:01 +01:00
Asger F
0b78d1d953 Python: add qldoc 2024-05-21 14:40:35 +02:00
Asger F
13d01f1ec4 Ruby/Python: add recursion guard 2024-05-21 14:40:15 +02:00
Asger F
14c71a351e Sync shared files 2024-05-21 14:38:55 +02:00
yoff
358c7410c8 Merge pull request #16490 from yoff/python/rich-type-column-MaD 
Python: Rich `type` column in MaD
 2024-05-21 11:55:41 +02:00
Joe Farebrother
01a6c5e82f Merge pull request #16446 from joefarebrother/shared-sensitive-heuristics 
Ruby/Python/JS/Swift: Add category of Private information to shared sensitive data heuristics
 2024-05-21 09:07:13 +01:00
Joe Farebrother
7727e465f4 Model Flask SessionInterface request parameter 2024-05-20 09:46:54 +01:00
Rasmus Lerchedahl Petersen
9534e56d1b Python: address review comments 2024-05-17 16:25:22 +02:00
Rasmus Lerchedahl Petersen
e66cce7fe1 python: add qldoc and refactor 
The logic of which steps an `AdditionalTaintStep` has defined
is now pushed into the defitnion of `AdditionalTaintStep`.
 2024-05-17 09:49:31 +02:00
Rasmus Lerchedahl Petersen
a88c007c05 python: Allow dotted paths in type column 2024-05-17 00:03:00 +02:00
Rasmus Lerchedahl Petersen
4378924785 Python: Example use of provenance for additional taint steps 2024-05-16 14:04:35 +02:00
Rasmus Lerchedahl Petersen
20ea9255a1 Python: Allow provenance in additional taint steps 2024-05-16 14:04:10 +02:00
yoff
5076b1a214 Merge pull request #16135 from sylwia-budzynska/gradio-model 
Python: Add Gradio models
 2024-05-16 09:00:50 +02:00
Sylwia Budzynska
72493a6bd1 Change classes to private 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-05-15 15:08:27 +02:00
yoff
04c0475251 Merge pull request #16483 from yoff/python/MaD-instance-follow-subclass 
Python: The MaD token `Instance` now follows subclasses
 2024-05-14 21:30:43 +02:00
Joe Farebrother
027e5e7291 Merge pull request #16300 from joefarebrother/python-pyramid 
Python: Model the Pyramid framework
 2024-05-14 13:24:19 +01:00
Sylwia Budzynska
f72afdc7cb Merge branch 'main' into gradio-model 2024-05-14 12:41:00 +02:00
am0o0
c7adb32bc4 simply replace duplicate class references with classRef() in Fabric.qll 2024-05-14 09:51:47 +02:00
Rasmus Lerchedahl Petersen
52717f8500 python: The MaD token Instance now follows subclasses 2024-05-14 08:40:19 +02:00
am0o0
37d33186e5 revert classRef deletion, fix secondaryserverCmdInjection expected test results 2024-05-13 15:02:04 +02:00
am0o0
fb3d34ce11 format Torch.qll 2024-05-13 14:43:43 +02:00
Sylwia Budzynska
d6acea1d0c Fix tests 2024-05-10 12:41:47 +02:00