hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-24 00:16:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,500 Commits 1,714 Branches 163 Tags
ce507beed40bdbc57e755fd1367bd255f8aa6011
Commit Graph

3451 Commits

Author SHA1 Message Date
jorgectf
ce507beed4 Add Authlib modeling and tests 2021-07-21 21:31:35 +02:00
jorgectf
e14b10370e Add indeterminate test to pyjwt 2021-07-21 21:30:54 +02:00
jorgectf
f1b3c70909 Divide JWT libraries 2021-07-21 21:29:23 +02:00
jorgectf
3d2b6f7a2d Delete outdated comment 2021-07-01 17:54:46 +02:00
jorgectf
7fb44470ee Add .expected results 2021-07-01 17:53:04 +02:00
jorgectf
a1f48db60b Make verifiesSignature() a predicate 2021-07-01 17:51:56 +02:00
jorgectf
4079e5352e Add JWT framework to Frameworks.qll 2021-07-01 17:51:34 +02:00
jorgectf
07422a1dce Move tests under test/ 2021-07-01 17:51:00 +02:00
jorgectf
058ade4d8e Merge remote-tracking branch 'upstream/main' into jorgectf/python/jwt-queries 2021-06-18 22:21:38 +02:00
jorgectf
6565680dd6 Finish query 2021-06-18 22:16:39 +02:00
Calum Grant
32f6a465b0 Merge pull request #6080 from github/calumgrant/security-severities 
Update security-severity scores
 2021-06-18 09:40:40 +01:00
Anders Schack-Mulligen
b173b4141d Merge pull request #6096 from smowton/smowton/fix/inline-expectations-missing-prefix 
Inline expectation tests: accept // $MISSING: and // $SPURIOUS:
 2021-06-17 11:41:15 +02:00
Chris Smowton
558813acf7 Inline expectation tests: accept // $MISSING: and // $SPURIOUS: 
Previously there had to be a space after the $ token, unlike ordinary expectations (i.e., // $xss was already accepted)
 2021-06-17 09:44:39 +01:00
Tom Hvitved
0febf5a592 Merge pull request #6094 from hvitved/dataflow/consistency-compiler-too-smart 
Data flow: Workaround for too clever compiler in consistency queries
 2021-06-17 10:23:31 +02:00
Tom Hvitved
cc383e0f6a Data flow: Workaround for too clever compiler in consistency queries 2021-06-17 09:43:36 +02:00
CodeQL CI
bcafe532ac Merge pull request #5944 from RasmusWL/async-api-graph-tests 
Approved by tausbn
 2021-06-16 08:46:26 -07:00
yoff
0ddeb7a8c1 Merge pull request #5950 from RasmusWL/promote-clickhouse 
Python: Promote ClickHouse SQL models
 2021-06-16 13:38:41 +02:00
Taus
96d8fc78f8 Merge pull request #6078 from hvitved/type-tracker-caching 
Python: Move cached predicates in type tracker library to same stage
 2021-06-16 10:45:02 +02:00
Taus
87ee7849a9 Merge pull request #6077 from RasmusWL/fix-pypi-names 
Python: Fixup for names of supported PyPI packages
 2021-06-15 15:01:35 +02:00
yoff
b19d64f173 Merge pull request #6013 from RasmusWL/sensitive-improvements 
Python: Improve sensitive data modeling
 2021-06-15 14:45:40 +02:00
Calum Grant
771e686946 Update security-severity scores 2021-06-15 13:25:17 +01:00
Tom Hvitved
c03ee32f02 Python: Move cached predicates in type tracker library to same stage 2021-06-15 13:42:43 +02:00
Rasmus Wriedt Larsen
b1fb68bc54 Python: Rename .qll file for mysql-connector-python support 
Just like our support for the `PyYAML` PyPI package that you import with
`import yaml` is in `Yaml.qll`.

Since this file does not provide any public predicates/modules, it
should be safe to rename it.
 2021-06-15 13:06:53 +02:00
Rasmus Wriedt Larsen
b154f034cb Python: Fix names of supported PyPI packages 2021-06-15 12:55:52 +02:00
Rasmus Wriedt Larsen
00af18a622 Python: Autoformat 2021-06-15 11:31:38 +02:00
Rasmus Wriedt Larsen
156b10cb59 Merge branch 'main' into promote-clickhouse 2021-06-15 11:30:19 +02:00
Taus
c6c9a5110a Merge pull request #6063 from tausbn/python-promote-type-tracking-library 
Python: Promote shared type tracking library
 2021-06-14 18:56:03 +02:00
Rasmus Wriedt Larsen
d19bc1252b Python: limit size of extraStepForCalls predicate 
On django/django, this reduced the number of results in
`extraStepForCalls` from 201,283 to 541
 2021-06-14 15:06:42 +02:00
CodeQL CI
02c017afec Merge pull request #6058 from RasmusWL/more-aiohttp 
Approved by yoff
 2021-06-14 02:56:59 -07:00
Taus
8016715fb6 Python: Add missing QLDoc 2021-06-11 20:35:58 +00:00
Taus
3869ab76d1 Python: Promote shared type tracking library 
This was slightly messier than anticipated, as I hadn't accounted for
the dozen uses of `startInAttr` in our codebase. To circumvent this,
I decided to put the type tracking implementation in the `internal`
directory, and wrap it with a file that ensures the old interface still
works.
 2021-06-11 20:20:22 +00:00
Calum Grant
85467adc5e Merge pull request #5839 from github/security-severities5 
Add security-severity scores
 2021-06-11 15:56:20 +01:00
Rasmus Wriedt Larsen
53f7633662 Python: Model await request.post() as MultiDictProxy 
as highlight as being quite easy to do by @yoff 👍
 2021-06-11 14:53:30 +02:00
Rasmus Wriedt Larsen
dee93783a2 Python: Update .expected for py/weak-sensitive-data-hashing 
Now there is a path from the _imports_ of the functions that would
return sensitive data, so we produce more alerts.

I'm not entirely happy about this "double reporting", but I'm not sure
how to get around it without either:

1. disabling the extra taint-step for calls. Not ideal since we would
   loose good sources.
2. disabling the extra sources based on function name. Not ideal since
   we would loose good sources.
3. disabling the extra sources based on function name, for those calls
   that would be handled with the extra taint-step for calls. Not ideal
   since that would require running the data-flow query initially to
   prune these out :|

So for now, I think the best approach is to accept some risk on this,
and ship to learn :)
 2021-06-11 13:56:55 +02:00
Rasmus Wriedt Larsen
df67028a1d Python: Model aiohttp.StreamReader 2021-06-11 12:06:53 +02:00
Rasmus Wriedt Larsen
2d31ef7016 Python: Fix last TODOs in aiohttp tests 2021-06-11 12:00:02 +02:00
Rasmus Wriedt Larsen
64a0e3fd0a Merge branch 'main' into aiohttp-modeling 2021-06-11 11:42:24 +02:00
Rasmus Wriedt Larsen
8b8e1334cc Python: Fix syntax error 2021-06-11 11:42:14 +02:00
Rasmus Wriedt Larsen
46f7a2b572 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-06-11 11:28:11 +02:00
Rasmus Wriedt Larsen
3d5f379b8c Merge branch 'main' into sensitive-improvements 2021-06-11 10:48:20 +02:00
Calum Grant
a594afb828 Add security-severity metadata 2021-06-10 20:11:08 +01:00
Taus
e7b9603c5b Merge pull request #6053 from RasmusWL/fix-tests 
Python: Fix tests
 2021-06-10 16:55:45 +02:00
Rasmus Wriedt Larsen
dd457f9641 Python: Fix tests 2021-06-10 15:58:56 +02:00
CodeQL CI
a241c114da Merge pull request #5836 from RasmusWL/ec-class-improvement 
Approved by tausbn
 2021-06-10 06:20:56 -07:00
Rasmus Wriedt Larsen
04db33513e Merge branch 'main' into sensitive-improvements 2021-06-10 15:11:09 +02:00
Rasmus Wriedt Larsen
ea0c1d7db3 Python: Better handling of sensitive functions 
This solution was the best I could come up with, but it _is_ a bit
brittle since you need to remember to add this additional taint step
to any configuration that relies on sensitive data sources... I don't
see an easy way around this though :|
 2021-06-10 15:08:21 +02:00
Rasmus Wriedt Larsen
f167143a84 Python: Use real config in TestSensitiveDataSources 
This will enable better tests in just one second
 2021-06-10 15:01:31 +02:00
Rasmus Wriedt Larsen
c341643ec1 Python: Add more tests for sensitive function handling 2021-06-10 14:36:05 +02:00
Rasmus Wriedt Larsen
eb4f168dd4 Python: Clarify SensitiveAttributeAccess 
The comment about imports was placed wrong. I also realized we didn't
even have a single test-case for
`this.(DataFlow::AttrRead).getAttributeNameExpr() = sensitiveLookupStringConst(classification)`
so I added that (notice that this is only `getattr(foo, x)` and not
`getattr(foo, "password")`)
 2021-06-10 14:09:47 +02:00
yoff
716627c1dd Merge pull request #5878 from RasmusWL/fix-concept-tests-pretty-print 
Python: Fix concept tests pretty print
 2021-06-10 11:21:08 +02:00