yoff
|
cfbae50845
|
Python: convert barrier guard to MaD
|
2026-02-26 13:12:34 +01:00 |
|
yoff
|
c4f8748a42
|
Python: simplify barrier guard
|
2026-02-25 18:03:40 +01:00 |
|
Ben Rodes
|
ceb3b21e0f
|
Update python/ql/lib/semmle/python/security/dataflow/ServerSideRequestForgeryCustomizations.qll
Co-authored-by: Taus <tausbn@github.com>
|
2026-02-17 10:28:43 -05:00 |
|
REDMOND\brodes
|
a91cf6b7cb
|
Applying copilot PR suggestions.
|
2026-02-10 11:37:11 -05:00 |
|
REDMOND\brodes
|
42f6e6a19c
|
Fixing inefficiently passed variable in nested existential quantification.
|
2026-02-06 11:20:15 -05:00 |
|
REDMOND\brodes
|
97ddab0724
|
Added support for new URIValidator in AntiSSRF library. Updated test caes to use postprocessing results. Currently results for partial ssrf still need work, it is flagging cases where the URL is fully controlled, but is sanitized. I'm not sure if this should be flagged yet.
|
2026-02-06 11:20:11 -05:00 |
|
Owen Mansel-Chan
|
0222159df5
|
Specify vulnerable args instead of safe ones
|
2026-01-30 14:10:03 +00:00 |
|
Owen Mansel-Chan
|
a3885cd8b2
|
Replace sanitizer by exclusion from sink definition
|
2026-01-30 09:28:02 +00:00 |
|
Owen Mansel-Chan
|
b4cb2c3f13
|
Make qldoc slightly more specific
|
2026-01-30 09:28:01 +00:00 |
|
Owen Mansel-Chan
|
ef6332c581
|
Allow MaD sanitizers for queries with MaD sinks
|
2026-01-30 09:27:59 +00:00 |
|
yoff
|
55abc52c61
|
python: format file
|
2026-01-22 20:51:46 +01:00 |
|
yoff
|
7f00a7f67e
|
Update python/ql/lib/semmle/python/security/dataflow/UrlRedirectCustomizations.qll
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
|
2026-01-22 17:30:24 +01:00 |
|
yoff
|
3dbfb9fa4b
|
python: add machinery for MaD barriers
and reinstate previously removed barrier
now as a MaD row
|
2026-01-22 17:30:24 +01:00 |
|
Anders Schack-Mulligen
|
78e1879c9e
|
Use more flowTo.
|
2025-12-03 14:12:08 +01:00 |
|
Nora Dimitrijević
|
37fff48dcd
|
Python/ServerSideRequestForgeryQuery
python/ql/src/Security/CWE-918/PartialServerSideRequestForgery.ql
|
2025-10-28 09:40:24 +01:00 |
|
Nora Dimitrijević
|
baccdcc07f
|
Python/PolynomialReDoSQuery
python/ql/src/Security/CWE-730/PolynomialReDoS.ql
|
2025-10-28 09:40:21 +01:00 |
|
Jeroen Ketema
|
c582a9ccd6
|
Remove duplicate copies of SensitiveDataHeuristics
|
2025-07-14 11:38:52 +02:00 |
|
Asger F
|
4a2d795076
|
Shared: Make approximate location filtering the default behaviour
|
2025-07-02 14:41:02 +02:00 |
|
Asger F
|
a46b5f9529
|
Python: enable diff-informedness for poly redos using approximate related locations
|
2025-07-02 14:39:42 +02:00 |
|
Kasper Svendsen
|
2da8d61984
|
Run config/sync-files.py
|
2025-06-24 10:25:06 +02:00 |
|
Chuan-kai Lin
|
6c1e80df3a
|
Python: disable diff-informed PolynomialReDoS.ql
This commit disabled diff-informed for PolynomialReDoS.ql because it
could miss some alerts within diff ranges.
|
2025-04-24 14:57:06 -07:00 |
|
Asger F
|
d3b9d1d89d
|
JS: Partial SSRF does not select the sink location
|
2025-02-06 11:30:32 +01:00 |
|
Asger F
|
7d6abb4e0a
|
JS: Disable diff-informedness for full SSRF
Partial SSRF uses its result in a way that prevents diff-informedness
|
2025-02-06 11:30:18 +01:00 |
|
Asger F
|
d3ee658399
|
Python: resolve remaining TODOs
|
2025-02-06 10:27:56 +01:00 |
|
Asger F
|
975ce064fc
|
Python: implement for polynomial redos
|
2025-02-06 10:27:45 +01:00 |
|
Asger F
|
e4a1847dad
|
Python: mass enable diff-informed data flow
|
2025-02-06 10:27:19 +01:00 |
|
Geoffrey White
|
f8659c0a4e
|
Sync identical files.
|
2025-01-10 10:26:13 +00:00 |
|
Joe Farebrother
|
71ab82dee0
|
Fix qldoc, formatting, and redundant import warnings
|
2024-12-09 19:55:21 +00:00 |
|
Joe Farebrother
|
8647073433
|
Copy template injection to standard pack + add jinja sinks
|
2024-12-09 19:47:06 +00:00 |
|
Anders Schack-Mulligen
|
8a5fc97b06
|
Python: Remove deprecated configuration classes referencing deleted api.
|
2024-12-03 20:08:45 +01:00 |
|
yoff
|
7816f34d75
|
Merge branch 'main' into stdlib-optparse
|
2024-10-01 12:48:09 +02:00 |
|
Rasmus Wriedt Larsen
|
431a1af628
|
Merge branch 'main' into threat-models
|
2024-09-26 11:44:24 +02:00 |
|
yoff
|
e7f9b5bbbc
|
Merge branch 'main' into stdlib-optparse
|
2024-09-24 20:24:00 +02:00 |
|
Joe Farebrother
|
48f9e0efe5
|
Adress review comments: Add missing deprecation + additional test case
|
2024-09-23 10:57:04 +01:00 |
|
Rasmus Wriedt Larsen
|
4a21a85e73
|
Merge branch 'main' into threat-models
|
2024-09-23 11:19:58 +02:00 |
|
Joe Farebrother
|
3001a570b2
|
Replace uses of StringConstCompare
|
2024-09-20 14:47:22 +01:00 |
|
Rasmus Wriedt Larsen
|
528f08fb83
|
Python: Make queries use ActiveThreatModelSource
|
2024-09-10 14:32:35 +02:00 |
|
Joe Farebrother
|
d1cca13563
|
Merge pull request #17314 from joefarebrother/python-x509-cert
Python: Exclude certificate classification fo sensitive data queries
|
2024-09-09 10:48:36 +01:00 |
|
erik-krogh
|
20dfdc9661
|
delete some deprecated files
|
2024-09-03 20:30:59 +02:00 |
|
erik-krogh
|
0fdd06fff5
|
use my script to delete outdated deprecations
|
2024-09-03 20:30:58 +02:00 |
|
Joe Farebrother
|
ec7ad84cd1
|
Update formatting
|
2024-08-30 13:51:33 +01:00 |
|
Joe Farebrother
|
5360192a58
|
Apply review suggestions - change = to in
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
|
2024-08-30 13:25:59 +01:00 |
|
Joe Farebrother
|
1cb23e7e86
|
Exclude certificates from being cinsidered sensitive data by cleartext-storage and cleartext-logging queries
|
2024-08-27 14:18:39 +01:00 |
|
Joe Farebrother
|
123214cb2b
|
Promoto cookie injection query
|
2024-07-16 16:49:56 +01:00 |
|
Joe Farebrother
|
8152ec7472
|
Merge pull request #16696 from joefarebrother/python-cookie-write-headers
Python: Model CookieWrites from HeaderWrites
|
2024-07-11 14:25:54 +01:00 |
|
Rasmus Lerchedahl Petersen
|
a3076f4f72
|
Python: fix test expectations, add missing sanitizer
|
2024-06-26 13:27:32 +02:00 |
|
Joe Farebrother
|
b71ba7c30f
|
Move Header Write derrived concepts to Concepts
|
2024-06-24 17:26:51 +01:00 |
|
Rasmus Lerchedahl Petersen
|
f0e68887d4
|
Python: autoformat
|
2024-06-20 10:59:39 +02:00 |
|
Rasmus Lerchedahl Petersen
|
5cb37f5c4c
|
python: Document MaD format
- add a few tests reflecting the documentation
- make the mentioned sink-kinds have an effect on relevant queries
|
2024-06-19 17:00:15 +02:00 |
|
Joe Farebrother
|
93f10fcf14
|
Add sanitizers for compiled regexes
|
2024-06-11 15:44:16 +01:00 |
|