hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-23 16:06:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,903 Commits 1,712 Branches 163 Tags
c2708176b140e56cfbcc752db03ca59ef45f24e8
Commit Graph

3495 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
c2708176b1 Python: Support %-style formatting for MarkupSafe 2021-06-30 14:15:41 +02:00
Rasmus Wriedt Larsen
0a4efd0e86 Python: Add %-style formatting tests for MarkupSafe 2021-06-30 14:13:59 +02:00
Rasmus Wriedt Larsen
c84658dff1 Python: Use MethodCallNode for MarkupSafe string-format 2021-06-30 13:58:09 +02:00
Rasmus Wriedt Larsen
d6e8fafdbd Python: Proper sorting in Frameworks.qll 2021-06-30 13:55:26 +02:00
Rasmus Wriedt Larsen
075953860b Merge branch 'main' into markupsafe-modeling 2021-06-30 13:55:08 +02:00
Anders Schack-Mulligen
2d24387e9e Merge pull request #6149 from edoardopirovano/fix-java-regression 
Performance: Fix bad join order in Java dataflow library
 2021-06-25 10:42:05 +02:00
Anders Schack-Mulligen
95ad8b55fe Merge pull request #6107 from aschackmull/dataflow/implicit-reads 
Dataflow: Add support for implicit reads
 2021-06-24 15:38:35 +02:00
Anders Schack-Mulligen
cd0efbe7ce Dataflow: Sync. 2021-06-24 14:19:17 +02:00
Rasmus Wriedt Larsen
686638a65f Merge pull request #6049 from RasmusWL/jmespath 
Python: Add modeling of `jmespath`
 2021-06-24 11:13:19 +02:00
Edoardo Pirovano
0909c9ff22 Performance: Fix bad join order in dataflow library 2021-06-24 08:24:17 +01:00
CodeQL CI
469e709113 Merge pull request #6055 from RasmusWL/rsa-modeling 
Approved by yoff
 2021-06-23 08:35:25 -07:00
Rasmus Wriedt Larsen
0774e985ce Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-06-23 13:37:38 +02:00
Rasmus Wriedt Larsen
447099a1df Python: Update jmespath tests 2021-06-23 13:32:19 +02:00
Rasmus Wriedt Larsen
c0964617d7 Merge pull request #6111 from tausbn/python-a-few-minor-cleanups 
Python: A few minor bits of cleanup
 2021-06-23 10:42:41 +02:00
Rasmus Wriedt Larsen
c77884b8c4 Python: Apply suggestions from code review 
Co-authored-by: Jorge <46056498+jorgectf@users.noreply.github.com>
 2021-06-23 10:37:06 +02:00
Taus
317c6867aa Python: Fix sneaky semantic change 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-06-22 16:46:54 +02:00
Rasmus Wriedt Larsen
5db627042f Merge pull request #6091 from tausbn/python-exclude-main-py-files 
Python: Avoid `__main__.py` files as entry points.
 2021-06-22 11:29:02 +02:00
Rasmus Wriedt Larsen
e05d6e71b8 Merge pull request #6064 from tausbn/python-add-get-method-call 
Python: Add `getAMethodCall` to `LocalSourceNode`
 2021-06-22 11:16:39 +02:00
Taus
ba6ab8ff3d Python: Expand __main__.py comment 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-06-21 18:14:03 +02:00
Taus
768cab3642 Python: Address review comments 
- changes `getReceiver` to `getObject`
- fixes `calls` to avoid unwanted cross-talk
- adds some more documentation to highlight the above issue
 2021-06-21 14:57:19 +00:00
Rasmus Wriedt Larsen
1c48aca630 Merge branch 'main' into jmespath 2021-06-21 15:26:45 +02:00
CodeQL CI
565af1a879 Merge pull request #6071 from RasmusWL/fix-input-cwe 
Approved by calumgrant, tausbn
 2021-06-21 06:23:18 -07:00
yoff
baf8d0a990 Merge pull request #6045 from RasmusWL/twisted 
Python: Model twisted
 2021-06-21 14:52:57 +02:00
Anders Schack-Mulligen
65ac8be5ac Java: Add defaultImplicitTaintRead and sync. 2021-06-21 14:42:47 +02:00
Anders Schack-Mulligen
80880320d5 Dataflow: Sync. 2021-06-21 14:42:47 +02:00
Anders Schack-Mulligen
9110dfaeb3 Merge pull request #6095 from hvitved/dataflow/local-cc-join 
Data flow: Fix `getLocalCallContext` join-order
 2021-06-21 12:53:38 +02:00
Rasmus Wriedt Larsen
d6ec4d30fc Python: Twisted refactor of getRequestParamIndex 2021-06-21 10:54:28 +02:00
Rasmus Wriedt Larsen
8208aebd7e Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-06-21 10:43:25 +02:00
Taus
3aea270e10 Python: Autoformat 2021-06-18 18:30:27 +00:00
Taus
aeac03663f Python: Remove old ClickHouseDriver.qll 
The merge must've gone wrong some way, as this file is not supposed to
exist in `experimental` anymore.
 2021-06-18 17:41:09 +00:00
Taus
348b20ca9d Merge branch 'main' of https://github.com/github/codeql into python-a-few-minor-cleanups 2021-06-18 17:38:43 +00:00
Taus
9351688da8 Python: asCfgNode cleanup 2021-06-18 17:22:42 +00:00
Taus
c386f4a009 Python: Clean up py/insecure-protocol 
Going all the way to the AST layer seemed excessive to me, so I rewrote
it to do most of the logic at the data-flow layer. In principle this
_could_ result in more names being computed (due to splitting), but in
practice I don't expect this make a big difference.
 2021-06-18 17:22:42 +00:00
Taus
f24a9a46d9 Python: add getAnAttributeWrite 2021-06-18 17:22:42 +00:00
Taus
c78ba476cf Python: Clean up a few verbose casts 2021-06-18 17:22:42 +00:00
Calum Grant
32f6a465b0 Merge pull request #6080 from github/calumgrant/security-severities 
Update security-severity scores
 2021-06-18 09:40:40 +01:00
Tom Hvitved
eb86bceb4d Address review comments 2021-06-18 10:18:47 +02:00
Anders Schack-Mulligen
b173b4141d Merge pull request #6096 from smowton/smowton/fix/inline-expectations-missing-prefix 
Inline expectation tests: accept // $MISSING: and // $SPURIOUS:
 2021-06-17 11:41:15 +02:00
Chris Smowton
558813acf7 Inline expectation tests: accept // $MISSING: and // $SPURIOUS: 
Previously there had to be a space after the $ token, unlike ordinary expectations (i.e., // $xss was already accepted)
 2021-06-17 09:44:39 +01:00
Tom Hvitved
0febf5a592 Merge pull request #6094 from hvitved/dataflow/consistency-compiler-too-smart 
Data flow: Workaround for too clever compiler in consistency queries
 2021-06-17 10:23:31 +02:00
Tom Hvitved
ffb2350a54 Data flow: Fix getLocalCallContext join-order 2021-06-17 10:02:31 +02:00
Tom Hvitved
cc383e0f6a Data flow: Workaround for too clever compiler in consistency queries 2021-06-17 09:43:36 +02:00
Rasmus Wriedt Larsen
498703fc81 Python: Escaping only valid with both input/output defined 
Problematic part is

```codeql
  /** A escape from string format with `markupsafe.Markup` as the format string. */
  private class MarkupEscapeFromStringFormat extends MarkupSafeEscape, Markup::StringFormat {
    override DataFlow::Node getAnInput() {
      result in [this.getArg(_), this.getArgByName(_)] and
      not result = Markup::instance()
    }

    override DataFlow::Node getOutput() { result = this }
  }
```

since the char-pred still holds even if `getAnInput` has no results...

I will say that doing it this way feels kinda dirty, and we _could_ fix
this by including the logic in `getAnInput` in the char-pred as well.
But as I see it, that would just lead to a lot of code duplication,
which isn't very nice.
 2021-06-16 19:09:00 +02:00
Rasmus Wriedt Larsen
6539df6422 Python: Add ConceptsTest for MarkupSafe 2021-06-16 19:09:00 +02:00
Rasmus Wriedt Larsen
14de3bffb7 Python: Model MarkupSafe PyPI package 
Since expectation tests had so many changes from ConceptsTest, I'm going
to do the changes for that on in a separate commit. The important part
is the changes to taint-tracking, which is highlighted in this commit.
 2021-06-16 19:09:00 +02:00
Rasmus Wriedt Larsen
e1c4b8ca42 Python: Add helper predicates to Escaping kinds 
The other approach felt a bit too much like specifying magic strings
that you had to get right. (crossing your fingers that no-one writes
`HTML` instead of `html`)
 2021-06-16 19:09:00 +02:00
Rasmus Wriedt Larsen
bcef8d19e6 Python: Add Escaping concept 2021-06-16 19:09:00 +02:00
Rasmus Wriedt Larsen
d18b9a2704 Python: Add markupsafe tests 2021-06-16 19:09:00 +02:00
CodeQL CI
bcafe532ac Merge pull request #5944 from RasmusWL/async-api-graph-tests 
Approved by tausbn
 2021-06-16 08:46:26 -07:00
yoff
0ddeb7a8c1 Merge pull request #5950 from RasmusWL/promote-clickhouse 
Python: Promote ClickHouse SQL models
 2021-06-16 13:38:41 +02:00