codeql

mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00

Author	SHA1	Message	Date
Rasmus Wriedt Larsen	b55817a5b2	Python: Model HTTP responses in tornado This is quite a simpel model, but ends up matching what we were able to do with points-to. I think this modeling excercise really shows that we need a bit of a different way to model HTTP responses... but I'm not going to try to fix that in this PR.	2021-01-21 13:26:31 +01:00
Rasmus Wriedt Larsen	ac77a8b8a8	Python: Add proper HTTP response tests for Tornado	2021-01-21 13:22:31 +01:00
Rasmus Wriedt Larsen	812ea5dde5	Python: Tornado: Model request handlers without known route	2021-01-14 13:37:27 +01:00
Rasmus Wriedt Larsen	1849b9e771	Python: Tornado: Handle basic route setup with tuples The reason this becomes valueable right now, is that we can mark routed params as taint-sources. Longer down the line, we can (hopefully) detect that a routed param will only accept digits, and mark it safe for some of our taint-tracking queries.	2021-01-14 13:37:26 +01:00
Rasmus Wriedt Larsen	39d85896a1	Python: Add basic taint modeling of tornado request	2021-01-14 13:37:26 +01:00
Rasmus Wriedt Larsen	4641150d45	Python: Basic taint-modeling of tornado.web.RequestHandler classes	2021-01-14 13:37:25 +01:00
Rasmus Wriedt Larsen	9cd8a862a0	Python: Expand Tornado tests and add annotations I should probably have split this up into 2 commits, so sorry that didn't happen :\|	2021-01-14 13:37:24 +01:00
Rasmus Wriedt Larsen	b4f3399534	Python: Add reverse inheritance test for Tornado	2021-01-14 13:37:24 +01:00
Rasmus Wriedt Larsen	57d08a8523	Python: Rewrite old Tornado tests Now you can run them, and the examples have been adjusted so they actually work!	2021-01-14 13:37:23 +01:00
Rasmus Wriedt Larsen	7db55906b9	Python: Copy old tornado tests	2021-01-14 13:37:22 +01:00

10 Commits