hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-17 04:56:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
32,313 Commits 1,714 Branches 162 Tags
c4d9c1d9e779efbfcceac24dee6ce087c70b557e
Commit Graph

32313 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
c4d9c1d9e7 C++: Reduce result duplication. 2022-02-11 16:03:38 +00:00
Geoffrey White
00ba76b7e4 C++: Convert to IR taint tracking. 2022-02-11 13:00:42 +00:00
Geoffrey White
85d03fdbfd C++: Change note. 2022-02-10 18:05:41 +00:00
Geoffrey White
b0c2a144cc C++: Remove no longer relevant tests. 2022-02-10 11:11:31 +00:00
Geoffrey White
20ad92a82e C++: Filter noisiest sources. 2022-02-10 11:11:30 +00:00
Geoffrey White
7b5b2fdcd1 C++: Modernize cpp/system-data-exposure as a path-problem using IR taint, RemoteFlowSinkFunction. 2022-02-10 11:11:26 +00:00
Geoffrey White
5490809bcf C++: Expand tests. 2022-02-10 10:43:21 +00:00
Mathias Vorreiter Pedersen
55e69d421c Merge pull request #7849 from Yonah125/main 
C/C++: Useless Test : verification of "Fully converted" Type
 2022-02-07 11:46:51 +00:00
Jeroen Ketema
1f2865c7cc Merge pull request #7798 from jketema/missing-open-arg 
C++: Add query for missing mode argument in `open`/`openat` calls
 2022-02-07 12:01:44 +01:00
BACK Yonah
61dc9ef12e C/C++: AutoFormat fix 2022-02-07 11:41:17 +01:00
Arthur Baars
ac03fab986 Merge pull request #7753 from aibaars/ruby-3.1 
Ruby 3.1 features
 2022-02-06 21:06:16 +01:00
Erik Krogh Kristensen
ab2d3a7ca0 Merge pull request #7828 from Naman-ntc/main 
JS: Adding model for `.get` function of `Map` in Unvalidated Dynamic Method Call
 2022-02-04 20:19:02 +01:00
Erik Krogh Kristensen
f00d723c49 Merge pull request #7843 from erik-krogh/CVE-2021-23484 
JS: add file sources from `jszip` to `js/zip-slip`
 2022-02-04 20:17:43 +01:00
BACK Yonah
21fdc53d62 C/C++: Using UnspecifiedType instead of Type 2022-02-04 19:12:15 +01:00
BACK Yonah
b2ca25abef Merge branch 'main' of https://github.com/github/codeql 2022-02-04 18:09:19 +01:00
BACK Yonah
f4a1d1d5e6 C/C++: Useless Test Fully converted verification 2022-02-04 18:05:03 +01:00
BACK Yonah
34320cb57b C/C++: Useless Test Fully converted verification 2022-02-04 18:03:29 +01:00
Ian Wright
6c3daf49f9 Merge pull request #7785 from github/z80coder/impose-length-restriction 
Restrict AST nodes according to string length
 2022-02-04 16:35:04 +00:00
Henry Mercer
bb1e89d261 Merge pull request #7848 from github/henrymercer/js-ml-powered-codeowners 
JS: Add codeowners for ML-powered queries
 2022-02-04 16:08:56 +00:00
Henry Mercer
22ef35e13a JS: Add codeowners for ML-powered queries 
Create a new reviewers team @github/codeql-ml-powered-queries-reviewers
for reviewing ML-powered queries and the associated CodeQL libraries.
 2022-02-04 15:49:44 +00:00
Ian Wright
be5e8dae05 Update javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2022-02-04 15:41:50 +00:00
Ian Wright
e57a0e0e2f Update javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2022-02-04 15:21:56 +00:00
Ian Wright
b38335a6c2 add QL comment; inline a predicate; restore a comment 2022-02-04 15:21:09 +00:00
Erik Krogh Kristensen
edcb3ba902 add file sources from jszip to js/zip-slip 2022-02-04 14:39:49 +01:00
yoff
182c62f5c3 Merge pull request #7838 from tausbn/python-fix-charset-performance-problem 
Python: Fix performance issue in `charSet`
 2022-02-04 14:18:13 +01:00
Michael Nebel
567768134f Merge pull request #7792 from michaelnebel/csharp/attributes 
C#: Attribute kind and return value attributes.
 2022-02-04 14:10:51 +01:00
Taus
67be20f368 Python: Remove implied inequalities 
Also gets rid of `inner_end`, since we're already doing `end - 1 = ...`
in the other fix (and so this is more consistent).
 2022-02-04 12:46:06 +00:00
Benjamin Muskalla
eee03ebe3b Merge pull request #7767 from bmuskalla/regenerateModelScript 
Java: Regenerate framework models automatically
 2022-02-04 13:29:46 +01:00
Naman Jain
009c95774e update expected files 2022-02-04 12:28:17 +00:00
Michael Nebel
6487b546dc C#: Update TargetFramework testcases expected files as well, as these also uses the string representation of the attributes. 2022-02-04 13:05:08 +01:00
Jeroen Ketema
b967eaf25d Add documentation for parseHex 2022-02-04 12:35:13 +01:00
Michael Nebel
f365477996 C#: Address review comments and update test output. 2022-02-04 11:48:12 +01:00
Benjamin Muskalla
bc5753cb20 Fix path expression 2022-02-04 11:43:18 +01:00
Naman Jain
5e1ca3154f Update javascript/ql/test/query-tests/Security/CWE-754/UnvalidatedDynamicMethodCallGood3.js 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-02-04 16:13:05 +05:30
Naman Jain
5121414a53 Update javascript/ql/test/query-tests/Security/CWE-754/UnvalidatedDynamicMethodCallGood4.js 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-02-04 16:12:58 +05:30
Rasmus Wriedt Larsen
e9b496ba73 Merge pull request #7831 from RasmusWL/printast-remove-regexp 
Python: Remove `RegExpTerm` from PrintAST
 2022-02-04 11:38:58 +01:00
Mathias Vorreiter Pedersen
2e2913b921 Merge pull request #7839 from rdmarsh2/rdmarsh2/ir-initializer-inheritance-fix 
C++: fix IR generation for constructor base inits when no constructor is present.
 2022-02-04 10:32:57 +00:00
Benjamin Muskalla
fcaead4004 Enable debugging action 2022-02-04 11:29:36 +01:00
Benjamin Muskalla
b747391c74 Improve error handling and refactor base path 2022-02-04 11:26:19 +01:00
Esben Sparre Andreasen
d08c0f7852 Merge pull request #7817 from github/esbena-patch-7 
Document and format event-stream-orig.js
 2022-02-04 10:26:30 +01:00
Jeroen Ketema
9f4e261625 Set precision of cpp/open-call-with-mode-argument to high 2022-02-04 10:01:25 +01:00
Jeroen Ketema
ef2a70e00c Limit open/openat target to global/std scope 2022-02-04 09:51:10 +01:00
Mathias Vorreiter Pedersen
bc17df55ee Merge pull request #7830 from MathiasVP/fix-ir-reevaluation-in-return-stack-allocated-memory 
C++: Fix re-evaluation in `cpp/return-stack-allocated-memory`
 2022-02-04 08:32:40 +00:00
Esben Sparre Andreasen
72b5edc144 Document and format event-stream-orig.js 
Some anti-virus products (rightfully) flag this event-stream-orig.js as a malicious file.
This change does two things:
- neutralises the file such that the code can not be run accidentally
- documents the purpose of the file
 2022-02-04 09:27:47 +01:00
Harry Maclean
ab7fd89653 Merge pull request #7663 from github/hmac/api-graph-subclass 
Ruby: Add basic subclassing support to API Graphs
 2022-02-04 10:19:07 +13:00
Harry Maclean
e328c6222a Merge pull request #7797 from github/hmac/pin-rust 
Ruby: Pin Rust to 1.54
 2022-02-04 10:18:46 +13:00
Taus
22aa4c9379 Python: Fix performance issue in charSet 
Observed on `mozilla/bugbug` on the 2.8.0 CLI branch, we had the
following line in the timing report:
```
FullServerSideRequestForgery.ql-17:regex::RegexString::charSet_dispred#fff#antijoin_rhs ............... 1m13s
```

Inspecting the logs, we see the following join:

```
(644s) Tuple counts for regex::RegexString::charSet_dispred#fff#antijoin_rhs/5@f295d1bk after 1m13s:
1         ~0%         {1} r1 = CONSTANT(unique string)["]"]
2389      ~4%         {3} r2 = JOIN r1 WITH regex::RegexString::nonEscapedCharAt_dispred#fff_201#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg0', Rhs.2 'arg1', (Rhs.2 'arg1' + 1)
668873    ~0%         {6} r3 = JOIN r2 WITH regex::RegexString::char_set_start_dispred#fff ON FIRST 1 OUTPUT Lhs.0 'arg0', "]", Lhs.1 'arg1', Lhs.2 'arg2', Rhs.1 'arg3', Rhs.2 'arg4'
537501371 ~4%         {7} r4 = JOIN r3 WITH regex::RegexString::nonEscapedCharAt_dispred#fff_021#join_rhs ON FIRST 2 OUTPUT Lhs.0 'arg0', Lhs.2 'arg1', Lhs.3 'arg2', Lhs.4 'arg3', Lhs.5 'arg4', "]", Rhs.2
269085087 ~0%         {7} r5 = SELECT r4 ON In.6 > In.4 'arg4'
89583155  ~3%         {7} r6 = SELECT r5 ON In.6 < In.1 'arg1'
89583155  ~26634%     {5} r7 = SCAN r6 OUTPUT In.0 'arg0', In.1 'arg1', In.2 'arg2', In.3 'arg3', In.4 'arg4'
                    return r7
```
Now, this is problematic not just because of the large intermediary join
but also because of the large number of tuples being materialised at the
end. The culprit in this case turns out to be this bit of `charSet`:
```
not exists(int mid | this.nonEscapedCharAt(mid) = "]" | mid > inner_start and mid < inner_end)
```

Rewriting this to instead look for the minimum index at which a `]`
appears resulted in a much nicer join.

I also fixed up a similar issue surrounding the `\N` unicode escape.
Not that I think this will necessarily be relevant, but the `min`-based
solution is more robust either way.
 2022-02-03 20:42:04 +00:00
Robert Marsh
8544cff1c4 Merge pull request #7836 from geoffw0/clrtxt9 
C++: Fix more FPs in cpp/cleartext-transmission
 2022-02-03 15:18:55 -05:00
Chuan-kai Lin
c8bc5cfa75 Merge pull request #7825 from github/cklin/python-downgrade-scripts 
Python: adjust downgrade script location and format
 2022-02-03 11:40:07 -08:00
Michael Nebel
32756cd442 C#: Update stats after the change in the attributes relation. 2022-02-03 20:00:33 +01:00