hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-22 18:03:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
64,787 Commits 1,693 Branches 161 Tags
bc745dfd5eea4e87a3d29bc745bea7cb815ba6b2
Commit Graph

1426 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
7f7758b83d Python: rewrite xml sax modeling 2022-03-02 15:22:11 +01:00
Rasmus Wriedt Larsen
6dd776b2de Python: Only produce one alert per vulnerable XML sink 
This made it much easier to debug the current alerts on tests at least.

Notice that it's important that we have `strictconcat` and not just
`concat`, since `concat` will also allow flow to sinks that are not
vulnerable to any kind of XML vulnerability :|
 2022-03-02 15:22:11 +01:00
Rasmus Wriedt Larsen
16e482bf6f Python: Improve QLDoc for XML parsing/parsers 2022-03-02 14:25:12 +01:00
Rasmus Wriedt Larsen
aaf55b21c4 Python: Add XMLVulnerabilityKind 
This gives some freedom in changing the name presented, and not worrying about whether you have made a typo that makes everything break :|
 2022-03-02 14:25:12 +01:00
Rasmus Wriedt Larsen
ee23c05489 Python: XML: Expose vuln kind on sink 2022-03-02 14:25:12 +01:00
Rasmus Lerchedahl Petersen
143e9ee954 Merge branch 'main' of github.com:github/codeql into python/promote-xpath-injection 2022-03-02 13:14:08 +01:00
Rasmus Wriedt Larsen
518e2aeebf Merge branch 'main' into jorgectf/python/deserialization 2022-03-01 16:47:13 +01:00
Ahmed Farid
70c0c7e461 Update zipslip_bad.py 2022-03-01 00:24:33 +01:00
Ahmed Farid
85bcaa96ce Update Concepts.qll 2022-03-01 00:23:06 +01:00
Ahmed Farid
c22b032bbe Update Zip.qll 2022-03-01 00:11:33 +01:00
Ahmed Farid
67d3498891 Update ZipSlip.ql 2022-03-01 00:07:37 +01:00
Ahmed Farid
b29936716d Update Frameworks.qll 2022-03-01 00:06:22 +01:00
Ahmed Farid
76bd3317eb Create Zip.qll 2022-03-01 00:05:30 +01:00
Ahmed Farid
abe25da3df Create ZipSlip.qll 2022-03-01 00:04:02 +01:00
Ahmed Farid
3eae13161f Delete ZipSlipCheckLib.ql 2022-03-01 00:01:34 +01:00
Ahmed Farid
21f6ad5190 Update and rename ZipSlipCheck.ql to ZipSlip.ql 2022-03-01 00:01:06 +01:00
Ahmed Farid
c207294dfc Update zipslip_good.py 2022-02-26 18:31:22 +01:00
Ahmed Farid
d0d14be693 Update ZipSlip.qhelp 2022-02-26 18:25:13 +01:00
jorgectf
67b672a467 Merge remote-tracking branch 'origin/main' into jty/python/emailInjection 2022-02-26 01:22:55 +01:00
jorgectf
2f2cf2c1f6 Use StrConst.getText() instead of Str_.getS() 2022-02-26 01:19:50 +01:00
Rasmus Wriedt Larsen
aeba497832 Merge pull request #7735 from yoff/python/promote-log-injection 
Python: promote log injection
 2022-02-23 16:21:12 +01:00
Taus
3ce7d47b5b Merge pull request #7452 from jorgectf/python_jwt 
Python: Add Python_JWT to JWT security query
 2022-02-23 15:23:20 +01:00
Jorge
0216798cb9 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2022-02-22 20:55:51 +01:00
Rasmus Wriedt Larsen
b59ab7f5f3 Merge branch 'main' into python/promote-log-injection 2022-02-21 09:59:31 +01:00
jorgectf
c5f30d99d5 Create an extendable AdditionalTaintStep class in customizations 2022-02-20 17:34:12 +01:00
Rasmus Wriedt Larsen
5a90214ece Merge pull request #7783 from yoff/python/promote-ldap-injection 
Python: promote LDAP injection query
 2022-02-15 10:24:18 +01:00
yoff
de5b3a272d Merge pull request #7660 from RasmusWL/deprecate-old-modeling 
Python: Deprecate old points-to based modeling
 2022-02-14 19:48:03 +01:00
root
5ed5e0b105 Add query to detect ZipSlip 2022-02-13 16:44:27 -05:00
Rasmus Wriedt Larsen
94f9656e8e Python: Solve deprecation warnings for old experimental queries 2022-02-10 00:09:43 +01:00
jorgectf
85b5ef36ae XmlInjection -> XmlEntityInjection 2022-02-09 13:28:56 +01:00
jorgectf
c6d8b97871 Make verifyCall() a private predicate 2022-02-08 23:37:17 +01:00
jorgectf
ed60d16367 Refactor the way to check the verifying call 2022-02-08 23:33:30 +01:00
Jorge
f1fab98ea2 Merge branch 'github:main' into python_jwt 2022-02-08 23:12:58 +01:00
jorgectf
01ad25f3f0 Apply .getALocalSource() and fix xmltodict's vulnerable predicate 2022-02-08 17:51:09 +01:00
jorgectf
8f9cd16806 Update 2022-02-08 17:23:18 +01:00
Rasmus Lerchedahl Petersen
88efcff818 python: move query 
and update reference in query test
 2022-02-08 11:24:09 +01:00
Rasmus Wriedt Larsen
eb109828c0 Merge pull request #7252 from museljh/feature/cwe-338 
Python: CWE-338 insecureRandomness
 2022-02-07 19:30:06 +01:00
Jorge
d96eb01b9c Merge branch 'github:main' into jorgectf/python/deserialization 2022-02-04 16:32:01 +01:00
liangjinhuang
1dd15fa235 style:auto format 2022-02-02 01:30:54 +08:00
liangjinhuang
976e484c57 style:move all source files under src/experimental & feat:modify source regular matching rules 2022-02-02 01:14:51 +08:00
liangjinhuang
1885b683f7 style:formatDocument 2022-02-02 00:21:26 +08:00
museljh
012434b152 Update python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-02-01 19:00:06 +08:00
museljh
a6002186bd Update python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-02-01 18:59:12 +08:00
Rasmus Wriedt Larsen
f7a0b17ed6 Merge pull request #7687 from yoff/python/PathInjection-FlowState 
python: Rewrite path injection query to use flow state
 2022-02-01 11:33:37 +01:00
Jorge
a1f8acc9bb Merge branch 'github:main' into jorgectf/python/deserialization 2022-01-31 17:48:35 +01:00
Rasmus Lerchedahl Petersen
20d54543fd python: move log injection out of experimental 
- move from custom concept `LogOutput` to standard concept `Logging`
- remove `Log.qll` from experimental frameworks
  - fold models into standard models (naively for now)
    - stdlib:
      - make Logger module public
      - broaden definition of instance
      - add `extra` keyword as possible source
   - flak: add app.logger as logger instance
   - django: `add django.utils.log.request_logger` as logger instance
     (should we add the rest?)
- remove LogOutput from experimental concepts
 2022-01-31 11:27:55 +01:00
Rasmus Lerchedahl Petersen
4c3c4deb34 python: Move over query and tests 2022-01-28 09:19:11 +01:00
Rasmus Lerchedahl Petersen
a026120c52 Python: Move configuration over and refine it 
The original configuration did not match sinks with sanitizers.
Here it is resolved using flow state,
it could also be done by using two configurations.
 2022-01-28 09:00:40 +01:00
Rasmus Lerchedahl Petersen
e6b5833bd6 python: fix typo in qhelp 2022-01-26 19:05:36 +01:00
Rasmus Lerchedahl Petersen
9aa4c4a6a7 python: Add missing input 
also update test expectation
 2022-01-21 13:55:33 +01:00