hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 12:15:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,912 Commits 1,741 Branches 166 Tags
cb4b4e91abc61e548d70bf7a9430dbd388439961
Commit Graph

14912 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
cb4b4e91ab Python: Taint for string multiplication 2020-08-24 14:54:06 +02:00
Rasmus Wriedt Larsen
b688fe68d6 Python: Add options file to shared dataflow tests 
Since there isn't one in top-level of experimental, making a single import made
tests go really slow :|
 2020-08-24 14:54:05 +02:00
Rasmus Wriedt Larsen
5125c7a55c Python: Add taint tests for encode/decode functions 2020-08-24 14:54:04 +02:00
Rasmus Wriedt Larsen
31b398937a Python: Handle taint from bytes(obj) 2020-08-24 14:17:59 +02:00
Rasmus Wriedt Larsen
1e447c5ca2 Python: Handle taint for % formatting 2020-08-24 14:15:27 +02:00
Rasmus Wriedt Larsen
80745e8881 Python: Model string methods in shared taint tracking library 2020-08-24 13:58:42 +02:00
Rasmus Wriedt Larsen
a77f118b62 Python: Shared taint tracking: Handle string concat + subcript 2020-08-24 13:58:41 +02:00
Rasmus Wriedt Larsen
61f89ca3c3 Python: Add tests for shared taint tracking for strings 
I adopted the TestTaint testing setup that I made for the "old" taint tracking
tests. This time around we should figure out if we can use .qlref or similar so
it doesn't end up in multiple copies that are not kept up to date :|

The `repr` predicate could probably be placed somewhere better. For now I just
wanted something that could help me. I considered just expanding the `repr`
predicate in `ql/src/semmle/python/strings.qll`, but since it's currently used
by queries, I didn't want to do anything about it.

Anyway, the output it gives is much more useful than seeing this ;)

```
| test.py:20 | ok   | str_operations | test.py:20:9:20:10 | ts |
| test.py:21 | fail | str_operations | test.py:21:9:21:18 | BinaryExpr |
| test.py:22 | fail | str_operations | test.py:22:9:22:18 | BinaryExpr |
| test.py:23 | fail | str_operations | test.py:23:9:23:21 | Subscript |
| test.py:24 | fail | str_operations | test.py:24:9:24:13 | Subscript |
| test.py:25 | fail | str_operations | test.py:25:9:25:18 | Subscript |
| test.py:26 | fail | str_operations | test.py:26:9:26:13 | Subscript |
| test.py:27 | fail | str_operations | test.py:27:9:27:15 | str() |
| test.py:35 | fail | str_methods | test.py:35:9:35:23 | Attribute() |
| test.py:36 | fail | str_methods | test.py:36:9:36:21 | Attribute() |
| test.py:37 | fail | str_methods | test.py:37:9:37:22 | Attribute() |
| test.py:38 | fail | str_methods | test.py:38:9:38:23 | Attribute() |
| test.py:40 | fail | str_methods | test.py:40:9:40:19 | Attribute() |
| test.py:41 | fail | str_methods | test.py:41:9:41:23 | Attribute() |
| test.py:42 | fail | str_methods | test.py:42:9:42:36 | Attribute() |
| test.py:44 | fail | str_methods | test.py:44:9:44:25 | Attribute() |
| test.py:45 | fail | str_methods | test.py:45:9:45:45 | Attribute() |
| test.py:47 | fail | str_methods | test.py:47:9:47:21 | Attribute() |
| test.py:48 | fail | str_methods | test.py:48:9:48:19 | Attribute() |
| test.py:49 | fail | str_methods | test.py:49:9:49:18 | Attribute() |
| test.py:51 | fail | str_methods | test.py:51:9:51:32 | Attribute() |
| test.py:52 | fail | str_methods | test.py:52:9:52:34 | Attribute() |
| test.py:54 | fail | str_methods | test.py:54:9:54:21 | Attribute() |
| test.py:55 | fail | str_methods | test.py:55:9:55:19 | Attribute() |
| test.py:56 | fail | str_methods | test.py:56:9:56:18 | Attribute() |
| test.py:57 | fail | str_methods | test.py:57:9:57:21 | Attribute() |
| test.py:58 | fail | str_methods | test.py:58:9:58:18 | Attribute() |
| test.py:59 | fail | str_methods | test.py:59:9:59:18 | Attribute() |
| test.py:60 | fail | str_methods | test.py:60:9:60:21 | Attribute() |
| test.py:62 | fail | str_methods | test.py:62:9:62:26 | Attribute() |
| test.py:63 | fail | str_methods | test.py:63:9:63:42 | Attribute() |
| test.py:65 | fail | str_methods | test.py:65:9:65:26 | Attribute() |
| test.py:66 | fail | str_methods | test.py:66:9:66:42 | Attribute() |
| test.py:69 | fail | str_methods | test.py:69:9:69:25 | Attribute() |
| test.py:70 | fail | str_methods | test.py:70:9:70:26 | Attribute() |
| test.py:71 | fail | str_methods | test.py:71:9:71:22 | Attribute() |
| test.py:72 | fail | str_methods | test.py:72:9:72:21 | Attribute() |
| test.py:73 | fail | str_methods | test.py:73:9:73:23 | Attribute() |
| test.py:78 | ok   | str_methods | test.py:78:9:78:39 | Attribute() |
```
 2020-08-24 13:58:39 +02:00
CodeQL CI
765c40ef03 Merge pull request #4019 from erik-krogh/asyncCalls 
Approved by asgerf
 2020-08-24 11:18:42 +01:00
Taus
b8d6f76749 Merge pull request #4056 from yoff/SharedDataflow_ParameterTests 
Python: Shared dataflow, parameter routing tests
 2020-08-24 11:36:30 +02:00
Erik Krogh Kristensen
65a1769d43 Merge branch 'main' into asyncCalls 2020-08-21 14:58:27 +02:00
Calum Grant
a93a84fb2e Merge pull request #4065 from hvitved/csharp/dataflow-type-restriction 
C#: Restrict `DataFlowType` to types belonging to `Node`s
 2020-08-21 11:57:29 +01:00
yoff
d05954e5cc Merge pull request #4109 from RasmusWL/python-basic-taint-tracking 
Python: Basic taint tracking with shared library
 2020-08-21 12:20:22 +02:00
Tom Hvitved
86b91cec8a Merge pull request #4111 from tamasvajk/feature/nullability-extraction 
C#: Fix nullability warning in Semmle.Extraction
 2020-08-21 09:22:05 +02:00
Tom Hvitved
ea77828a6a Merge pull request #4116 from hvitved/csharp/print-ast-order-top-level 
C#: Order top-level elements by location in `PrintAst.qll`
 2020-08-21 09:09:20 +02:00
Tom Hvitved
b8cde180b9 C#: Order top-level elements by location in PrintAst.qll 2020-08-21 06:17:37 +02:00
CodeQL CI
29183fa0a1 Merge pull request #4067 from erik-krogh/noBin 
Approved by esbena
 2020-08-20 23:07:02 +01:00
CodeQL CI
508ade29f4 Merge pull request #4106 from erik-krogh/depTracked 
Approved by esbena
 2020-08-20 21:23:24 +01:00
Tamas Vajk
b9e3b327d6 C#: Fix nullability warning in Semmle.Extraction 2020-08-20 16:33:02 +02:00
Erik Krogh Kristensen
cef681d009 bump extractor version (again) 2020-08-20 15:58:44 +02:00
Erik Krogh Kristensen
68f7942820 Merge branch 'main' into noBin 2020-08-20 15:58:15 +02:00
Jonas Jensen
d56a03389c Merge pull request #4107 from geoffw0/vecmethods 
C++: Initial models for std::vector
 2020-08-20 15:53:35 +02:00
Erik Krogh Kristensen
fa8edeed6a change StoredXss example to use TypeTracking 2020-08-20 15:05:38 +02:00
Erik Krogh Kristensen
906705f84c add SourceNode example to the TrackedNode deprecation description 2020-08-20 15:01:40 +02:00
Rasmus Wriedt Larsen
7fb8e0e277 Python: Add basic shared taint tracking test 2020-08-20 14:49:17 +02:00
Rasmus Wriedt Larsen
0baac8fd54 Python: Adjust shared taint tracking skeleton 
So it fits the setup from Java/Go, with AdditionalTaintStep class.
 2020-08-20 14:49:09 +02:00
Geoffrey White
3d171f358a Merge remote-tracking branch 'upstream/main' into vecmethods 2020-08-20 13:29:28 +01:00
Tamás Vajk
2a8ff8785a C#: Add AST printing (#4038) 2020-08-20 14:24:43 +02:00
Geoffrey White
258b61c5f8 Update cpp/ql/src/semmle/code/cpp/models/implementations/StdContainer.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-08-20 12:53:23 +01:00
Geoffrey White
689c637d48 C++: Rename things. 2020-08-20 12:52:40 +01:00
Anders Schack-Mulligen
ec7a65777b Merge pull request #3855 from JLLeitschuh/feat/JLL/jOOQ_SQL_injection 
Add jOOQ methods as SQL Injection Sinks
 2020-08-20 13:17:07 +02:00
Erik Krogh Kristensen
bf88c81f78 bump extractor version 2020-08-20 12:57:48 +02:00
Erik Krogh Kristensen
a347569385 inline StandardCharsets.UTF_8 2020-08-20 12:57:05 +02:00
Erik Krogh Kristensen
410ef8fe0e exit early if the default encoding is not UTF-8 2020-08-20 12:50:43 +02:00
Erik Krogh Kristensen
fe41521e0c add tutorial for how to get around TrackedNodes deprecation 2020-08-20 12:46:17 +02:00
Geoffrey White
61158e759b C++: Improve StdContainerConstructor model. 2020-08-20 11:04:59 +01:00
Geoffrey White
acd1437103 C++: Change note. 2020-08-20 10:46:12 +01:00
Geoffrey White
f2ac4fa94a C++: Autoformat. 2020-08-20 10:44:54 +01:00
Geoffrey White
cda9fd250b C++: Model vector methods. 2020-08-20 10:30:01 +01:00
Geoffrey White
620126d38c C++: Add vector taint cases to test. 2020-08-20 10:27:25 +01:00
Erik Krogh Kristensen
8f68f512df deprecate TrackedNodes.qll 2020-08-20 11:26:22 +02:00
Geoffrey White
43c8efdf63 C++: Repair the range based for test. 2020-08-20 10:19:54 +01:00
CodeQL CI
6adedac337 Merge pull request #4096 from erik-krogh/qlMod 
Approved by esbena
 2020-08-20 10:05:30 +01:00
Geoffrey White
8afa92d881 C++: Add more detail to the vector class in the test stl.h. 2020-08-20 09:39:35 +01:00
Tom Hvitved
65b4d35add Merge pull request #4055 from tamasvajk/feature/partial-methods 
C#: Add body to partial methods
 2020-08-20 10:14:56 +02:00
Tom Hvitved
6dc1244410 Merge pull request #4064 from hvitved/csharp/gvn-speedup 
C#: Speed up `Implements.qll` and `Unification.qll`
 2020-08-20 10:11:36 +02:00
Mathias Vorreiter Pedersen
aa522b54c1 Merge pull request #4098 from jbj/SimpleRangeAnalysis-mul-constant 
C++: Support multiplication by constants in range analysis
 2020-08-20 09:22:05 +02:00
Erik Krogh Kristensen
5b42e242af add change note for supporting ".cjs" files 2020-08-20 09:18:26 +02:00
Jonas Jensen
b1c0e6f626 Merge remote-tracking branch 'upstream/main' into SimpleRangeAnalysis-mul-constant 2020-08-20 08:20:31 +02:00
Robert Marsh
a457d54ad1 Merge pull request #4078 from jbj/SimpleRangeAnalysis-AssignMulExpr 
C++: Range analysis for unsigned AssignMulExpr
 2020-08-19 14:42:04 -04:00