hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-14 11:34:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
49,294 Commits 1,738 Branches 164 Tags
c31c51520589a89e39c73d4e995310094de04330
Commit Graph

1200 Commits

Author SHA1 Message Date
Geoffrey White
ea06ad1933 Merge pull request #11529 from geoffw0/format 
Swift: Uncontrolled format string query
 2023-01-17 16:16:10 +00:00
Paolo Tranquilli
0a792f2f61 Swift: add upgrade and downgrade scripts for ExtensionDecl new protocols property 2023-01-17 13:07:02 +01:00
Paolo Tranquilli
0d32f00020 Swift: update ExtensionDecl test results 2023-01-17 12:58:02 +01:00
Paolo Tranquilli
f6e26211f9 Swift: add protocols to ExtensionDecl schema 2023-01-17 12:54:50 +01:00
Paolo Tranquilli
8906e101cb Swift: add ExtensionDecl QL test 2023-01-17 12:49:53 +01:00
Tony Torralba
bd5619147d Merge pull request #11590 from atorralba/atorralba/swift/sensitive-info-logs 
Swift: Add Cleartext Logging query
 2023-01-16 16:22:20 +01:00
Tony Torralba
0017461e2d Update swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-01-16 15:35:58 +01:00
Tony Torralba
fdb3b65bce Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-01-16 11:57:37 +01:00
Mathias Vorreiter Pedersen
2dbacbc302 Merge pull request #11841 from MathiasVP/swift-add-integral-types 
Swift: Add integral type classes
 2023-01-13 17:30:57 +00:00
Geoffrey White
7f31c9c7e5 Swift: Add a test. 2023-01-12 15:19:57 +00:00
Geoffrey White
3d1b2fdbda Swift: Rename NumericOrCharType.qll -> Numer> NumericType.qll. 2023-01-12 11:46:51 +00:00
Geoffrey White
418d593a97 Swift: Replace NumericOrCharType with a more basic NumericType, and rename classes for consistency with other static languages. 2023-01-12 11:43:20 +00:00
Geoffrey White
d0eb167d47 Swift: Merge FloatingPointType.qll into NumericOrCharType.qll, because it is a numeric type and other stuff like CharacterType is there. 2023-01-12 11:42:36 +00:00
Michael Nebel
18a815ca8b Merge pull request #11721 from michaelnebel/csharpjava/refactorprovenance 
C#/Java: Re-factor provenance related predicates.
 2023-01-12 10:50:31 +01:00
Pierre
c3116b3f0f Merge branch 'main' into turbo/experimental/combined 2023-01-11 18:02:55 +01:00
Michael Nebel
7e4f7a0c17 C#: Address review comments and sync files. 2023-01-11 16:29:24 +01:00
Michael Nebel
67cbe38255 Sync files. 2023-01-11 16:20:55 +01:00
Michael Nebel
80a4197604 Swift: Re-factor provenance related predicates for summarized callable. 2023-01-11 16:20:55 +01:00
Michael Nebel
ea173f9516 Sync files. 2023-01-11 16:20:55 +01:00
Tony Torralba
c115a9fee4 Add more path injection sinks 2023-01-11 14:28:24 +01:00
Tony Torralba
a4f813183e Merge pull request #11785 from atorralba/atorralba/swift/grdb-sinks 
Swift: Add sinks for the GRDB library
 2023-01-11 11:49:37 +01:00
Tony Torralba
50cd40ed20 Swift: Remove omittable exists variables 2023-01-10 13:39:50 +01:00
Mathias Vorreiter Pedersen
7f5344e025 Update swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-01-09 17:08:27 +00:00
Tony Torralba
8e0a018673 Consider Int8 and UInt8 as OsLogNonRedactedTypes 2023-01-09 18:05:18 +01:00
Tony Torralba
49a41c98ee Test that hashed passwords are 'safe' to log 
This doesn't seem completely right, but the heuristic approach we have regarding sensitive expressions has to draw the line somewhere.
 2023-01-09 18:01:07 +01:00
Tony Torralba
160d89fb4e Add qhelp examples 2023-01-09 18:01:07 +01:00
Tony Torralba
33029b0ed8 Fix sanitizer QLDoc 2023-01-09 18:01:07 +01:00
Tony Torralba
7e0869965c Uncomment tests 2023-01-09 18:01:07 +01:00
Tony Torralba
c1f19dd145 Add stub so that tests work on Linux 2023-01-09 18:01:07 +01:00
Tony Torralba
b203a9eb6e Add a sanitizer for OSLogPrivacy options 
Add test cases to verify how the sanitizer behaves depending on the argument type and the privacy option being used.
 2023-01-09 18:01:07 +01:00
Tony Torralba
aad56097ac Add Cleartext Loggin query for Swift. 
With some caveats: see TODO comments and failing tests.
 2023-01-09 18:01:07 +01:00
Tony Torralba
eb78661c1f Add missing SQL injection tests for the GRDB SQL class 2023-01-09 17:36:54 +01:00
yoff
c01ce955ba Merge pull request #11778 from yoff/shared/inline-tests 
Shared: Inline test expectations
 2023-01-09 13:21:18 +01:00
Mathias Vorreiter Pedersen
381301e552 Update swift/ql/lib/swift.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-01-09 10:32:52 +00:00
Geoffrey White
9333e80def Swift: Add getVaList stub to the test. 2023-01-09 10:29:37 +00:00
Mathias Vorreiter Pedersen
6bb09ef289 Swift: Add integral type classes. 2023-01-09 09:43:09 +00:00
Mathias Vorreiter Pedersen
9be9636816 Merge pull request #11670 from atorralba/atorralba/swift/predicate-injection 
Swift: Add predicate injection query
 2023-01-09 08:54:13 +00:00
Rasmus Lerchedahl Petersen
8d9e94a00f swift: fix typo 2023-01-06 11:22:49 +01:00
Rasmus Lerchedahl Petersen
8afb541718 cpp/swift: fix qldoc 2023-01-05 14:30:13 +01:00
Rasmus Lerchedahl Petersen
c3b3c05cf3 Revert "Merge pull request #37 from erik-krogh/shared/inline-tests" 
This reverts commit 65fe9abcfe, reversing
changes made to 08e9d3391f.
 2023-01-05 09:19:43 +01:00
Aditya Sharad
ed73875fac Merge pull request #11747 from adityasharad/tutorial/library-pack 
Tutorial: Move QL detective tutorial library into shared `codeql/tutorial` library pack
 2023-01-04 08:24:53 -08:00
Aditya Sharad
9988c19a42 Merge branch 'main' into tutorial/library-pack 2023-01-03 14:08:37 -08:00
Geoffrey White
e5a74cb29c Swift: Add a reference for swift/hardcoded-key. 2023-01-03 17:27:31 +00:00
Geoffrey White
fc646a6d48 Swift: Update .expected following a toString change in main. 2023-01-03 16:25:14 +00:00
Geoffrey White
e05bb7fcee Merge branch 'main' into format 2023-01-03 15:14:55 +00:00
Tony Torralba
07d99bd643 Add path injection sinks 2022-12-23 17:16:06 +01:00
Tony Torralba
4215a89bc8 Add cleartext storage database sinks 2022-12-23 17:15:59 +01:00
Tony Torralba
ac39aeb6b6 Add SQLi sinks 2022-12-23 17:03:31 +01:00
Mathias Vorreiter Pedersen
b330b628e3 Merge pull request #11595 from d10c/swift/extract-mainactor 
Swift: MethodRefExpr -> MethodLookupExpr
 2022-12-22 10:22:33 +00:00
erik-krogh
b3dd50bc36 inline Location into the shared implementation of InlineExpectationsTest 2022-12-22 11:09:43 +01:00