hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

2505 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
f9333fc551 Python: Expand dill tests 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen
42980a1ab4 Python: Model shelve.open 2021-10-08 11:55:54 +02:00
Rasmus Wriedt Larsen
a81d359669 Python: Model marshal.load 2021-10-07 21:27:51 +02:00
Rasmus Wriedt Larsen
1b61296ea5 Python: Model pickle.load 2021-10-07 21:25:48 +02:00
Rasmus Wriedt Larsen
27c368a444 Python: Model keyword arguments to pickle.loads 2021-10-07 21:24:12 +02:00
Rasmus Wriedt Larsen
3592b09d56 Python: Expand stdlib decoding tests 
The part about claiming there is decoding of the input to `shelve.open`
is sort of an odd one, since it's not the filename, but the contents of
the file that is decoded.

However, trying to only handle this problem through path injection is
not enough -- if a user is able to upload and access files through
`shelve.open` in a path injection safe manner, that still leads to code
execution.

So right now the best way we have of modeling this is to treat the
filename argument as being deserialized...
 2021-10-07 21:11:51 +02:00
yoff
933412eb8d Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2021-10-07 17:45:07 +02:00
Owen Mansel-Chan
938d003e5e Fix example to use space after $ for consistency 2021-10-02 08:11:49 +01:00
Owen Mansel-Chan
25792b2a45 Change class name to avoid clash with Go and Javascript libraries 2021-10-02 08:04:17 +01:00
Rasmus Wriedt Larsen
2d5c6e2723 Python: FastAPI: Add taint test 2021-09-30 19:14:15 +02:00
Rasmus Wriedt Larsen
c839f35485 Python: FastAPI: Proper modeling of implicit returns 2021-09-30 19:14:15 +02:00
Rasmus Wriedt Larsen
50147708bf Python: FastAPI: Model response classes 
Figuring out how to do the `media_type` tracking was quite difficult.
 2021-09-30 19:14:15 +02:00
Rasmus Wriedt Larsen
eef946a0c8 Python: FastAPI: Add test for custom response annotation 
It really is rather contrived, but it also _does_ work.
 2021-09-30 19:14:15 +02:00
Rasmus Wriedt Larsen
c9895b54fe Python: FastAPI: Add tests for direct response construction 2021-09-30 19:14:14 +02:00
Rasmus Wriedt Larsen
c50c805f5f Python: FastAPI: Model Cookie Writes 2021-09-30 19:14:14 +02:00
Rasmus Wriedt Larsen
d34c5fd72f Python: FastAPI: Add tests with response parameter 2021-09-30 19:14:14 +02:00
Rasmus Wriedt Larsen
285de2b4c8 Python: FastAPI: Add support for APIRouter 2021-09-30 19:14:14 +02:00
Rasmus Wriedt Larsen
b1f8b5352b Python: FastAPI: Add support for api_route 
Note that `route` did not actually work (that also comes from the
underlying web framework library Starlette)
 2021-09-30 19:14:14 +02:00
Rasmus Wriedt Larsen
3661ff3bd8 Python: Add basic FastAPI support 2021-09-30 19:14:14 +02:00
Rasmus Lerchedahl Petersen
cc1c32cf0e Python: model file accesses 2021-09-29 16:53:25 +02:00
Rasmus Wriedt Larsen
8df3dab121 Python: Adjust .expected with subpaths 2021-09-28 17:04:20 +02:00
Rasmus Wriedt Larsen
67fddda6d2 Merge branch 'main' into jorgectf/python/deserialization 2021-09-28 16:49:33 +02:00
Rasmus Lerchedahl Petersen
3c1206f873 Python: Model more awaiting construcs 
in API graphs.
Some unsatisfactory lack of understanding here.
 2021-09-27 16:41:01 +02:00
Rasmus Lerchedahl Petersen
f6311bf051 Python: model other awaiting constructs 2021-09-27 14:32:55 +02:00
Rasmus Lerchedahl Petersen
15b07bfcc0 Python: Model sql executions 2021-09-27 14:15:58 +02:00
Rasmus Wriedt Larsen
ded3088529 Python/JS: Recognize SHA-3 hash functions 
Official names are SHA3-224, SHA3-256, SHA3-384, SHA3-512 as per
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf
 2021-09-27 12:08:40 +02:00
Rasmus Wriedt Larsen
547cbb6322 Merge pull request #6331 from porcupineyhairs/pythonXpath 
Python : Improve Xpath Injection Query
 2021-09-24 18:11:08 +02:00
Rasmus Wriedt Larsen
d39df18544 Python: Minor test cleanup 2021-09-24 16:11:27 +02:00
Rasmus Wriedt Larsen
26d2fbd217 Python: Fix new XPath injection query 
Fixes the typo `ETXpath` => `ETXPath`
 2021-09-24 15:11:34 +02:00
Rasmus Wriedt Larsen
913a679ef5 Python: Replace old XPath injection query 2021-09-24 15:10:41 +02:00
Rasmus Lerchedahl Petersen
520a2da8ab Python: Add tests for asyncpg 2021-09-24 14:41:50 +02:00
Rasmus Lerchedahl Petersen
f2fbeed490 Python: Model os.path-functions 2021-09-23 15:30:00 +02:00
Rasmus Lerchedahl Petersen
81adb7dd2a Python: Add tests for os.path-functions 2021-09-23 15:28:05 +02:00
Rasmus Wriedt Larsen
f14e3f6007 Merge pull request #5445 from jorgectf/jorgectf/python/ldapinsecureauth 
Python: Add LDAP Insecure Authentication query
 2021-09-23 11:08:13 +02:00
Rasmus Wriedt Larsen
ef6e502ff0 Python: Make LDAP global options test better 
Before it didn't really showcase that we know it can make connections
secure.
 2021-09-23 10:18:18 +02:00
Rasmus Wriedt Larsen
70489b2fc2 Merge branch 'main' into jorgectf/python/ldapinsecureauth 2021-09-23 10:05:56 +02:00
Rasmus Wriedt Larsen
8badba26b8 Python: Minor SQLALchemy comment fixes 2021-09-22 13:58:29 +02:00
Rasmus Wriedt Larsen
a83bb39d0f Python: Merge SQLAlchemy TextClause injection into py/sql-injection 
As discussed in a meeting today, this will end up presenting an query
suite that's easier to use for customers.

Since https://github.com/github/codeql/pull/6589 has JUST been merged,
if we get this change in fast enough, no end-user will ever have run
`py/sqlalchemy-textclause-injection` as part of LGTM.com or Code
Scanning.
 2021-09-21 20:21:42 +02:00
Erik Krogh Kristensen
99ed4a1a89 add a bad-tag-filter query for Python and JavaScript 2021-09-21 15:04:03 +02:00
Erik Krogh Kristensen
8535e6f281 use toUnicode in RegexTreeView 2021-09-21 12:13:37 +02:00
yoff
4adb0c75bd Merge pull request #6589 from RasmusWL/promote-sqlalchemy 
Python: Promote modeling of SQLAlchemy
 2021-09-21 11:08:41 +02:00
Rasmus Wriedt Larsen
4a16be2cba Merge pull request #6557 from yoff/python/port-modification-of-default-value 
Python: port modification of default value
 2021-09-21 10:12:12 +02:00
Rasmus Wriedt Larsen
f8e6ba633a Python: Fix .expected for new subpaths query predicate 2021-09-21 09:40:13 +02:00
Rasmus Wriedt Larsen
c7c8e2f3e3 Merge branch 'main' into promote-sqlalchemy 2021-09-21 09:36:07 +02:00
Rasmus Lerchedahl Petersen
72bf390ec5 Merge branch 'main' of github.com:github/codeql into python/promote-regex-injection 2021-09-16 14:50:17 +02:00
haby0
c60eded2de Fix conflicting 2021-09-15 11:07:43 +08:00
Rasmus Wriedt Larsen
8b7fad8595 Merge pull request #6283 from tausbn/python-fix-exceptstmt-gettype 
Python: Fix `ExceptStmt::getType`
 2021-09-14 13:40:33 +02:00
Rasmus Wriedt Larsen
49f5f1e2c2 Merge pull request #6336 from tausbn/python-make-annotated-assignment-a-definitionnode 
Python: Two fixes regarding annotated assignments
 2021-09-14 13:37:53 +02:00
Rasmus Lerchedahl Petersen
1c7982b319 Python: Move query tests over 2021-09-14 13:29:21 +02:00
jorgectf
b505662ef9 Fix global test and update .expected 2021-09-14 10:20:50 +02:00