hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,068 Commits 1,671 Branches 157 Tags
d249b51a5e94a2682b3aec519e7f31e82df12d59
Commit Graph

2211 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
d249b51a5e Python: Add test-case for indirect RawSQL 2020-10-21 13:23:19 +02:00
Rasmus Lerchedahl Petersen
e51543ea79 Python: allow any positional argument in annotate 2020-10-21 13:17:20 +02:00
Rasmus Lerchedahl Petersen
2c855c739b Python: Ignore relatively safe arguments of extra 2020-10-21 13:15:46 +02:00
Rasmus Lerchedahl Petersen
6805fb63cc Python: Use modern pattern for RawSQL class 2020-10-21 13:14:32 +02:00
Rasmus Lerchedahl Petersen
e44247bb00 Python: Add links to function docs 2020-10-21 13:03:14 +02:00
yoff
8e7e107365 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-21 12:55:38 +02:00
Rasmus Lerchedahl Petersen
90d0cff384 Python: Use flask routing 2020-10-21 00:30:16 +02:00
Rasmus Lerchedahl Petersen
383d846396 Python: address review 
- smooth out future merge
- keyword argument for execute
 2020-10-21 00:15:05 +02:00
Rasmus Lerchedahl Petersen
e1dfbc0486 Python: address review 2020-10-20 23:59:44 +02:00
yoff
01845d1278 Update python/ql/src/experimental/semmle/python/frameworks/Django.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-20 21:43:15 +02:00
Rasmus Lerchedahl Petersen
5990241c8f Python: Support django models (with some caveats) 2020-10-20 03:20:00 +02:00
Rasmus Lerchedahl Petersen
d7308bddf2 Python: Add django sink with concept test 2020-10-19 21:34:55 +02:00
Rasmus Lerchedahl Petersen
646ced2a1d Python: Add concept test scaffold 2020-10-19 10:58:57 +02:00
Rasmus Lerchedahl Petersen
f17720f587 Python: Add test and fix filename 2020-10-19 10:58:57 +02:00
Rasmus Lerchedahl Petersen
d76b2c0023 Python: Add concept and port query 2020-10-19 10:58:57 +02:00
Anders Schack-Mulligen
b352605d12 Dataflow: Code review fixes. 2020-10-16 13:45:51 +02:00
Anders Schack-Mulligen
664f04020f Revert "Dataflow: Count callables instead of nodes for fieldFlowBranchLimit." 
This reverts commit 1501a40de8.
 2020-10-16 12:51:50 +02:00
Anders Schack-Mulligen
1501a40de8 Dataflow: Count callables instead of nodes for fieldFlowBranchLimit. 2020-10-16 12:51:17 +02:00
Anders Schack-Mulligen
6aae51fa4f Dataflow: Sync. 2020-10-16 12:51:17 +02:00
Tom Hvitved
27fc610c0d Python: Update expected test output 2020-10-16 09:09:06 +02:00
Tom Hvitved
5f01fda1ef Data flow: Sync files 2020-10-16 09:05:02 +02:00
Anders Schack-Mulligen
94f110f739 Sync. 2020-10-16 09:05:01 +02:00
Tom Hvitved
d608138c0c Data flow: Sync files 2020-10-16 09:03:13 +02:00
Rasmus Wriedt Larsen
5142bfaf01 Merge pull request #4453 from yoff/python-port-unsafe-deserialization 
Python: port unsafe deserialization
 2020-10-15 17:26:31 +02:00
Rasmus Wriedt Larsen
58baec5b06 Merge pull request #4364 from yoff/SharedDataflow_ArgumentPassing 
Python: Shared dataflow, argument passing
 2020-10-15 17:10:59 +02:00
Rasmus Lerchedahl Petersen
89f5352324 Python: fix QL format 2020-10-15 16:41:41 +02:00
Rasmus Lerchedahl Petersen
ef32488596 Merge branch 'main' of github.com:github/codeql into python-port-unsafe-deserialization 2020-10-15 15:45:35 +02:00
CodeQL CI
ab7d28b3fb Merge pull request #4482 from RasmusWL/promote-script 
Approved by tausbn
 2020-10-15 06:15:55 -07:00
Rasmus Wriedt Larsen
43cee8567c Python: Add script to promote experimental security queries 2020-10-15 13:25:01 +02:00
Rasmus Lerchedahl Petersen
cc7d32c27c Merge branch 'python-port-unsafe-deserialization' of github.com:yoff/codeql into python-port-unsafe-deserialization 2020-10-15 13:01:38 +02:00
Rasmus Lerchedahl Petersen
172e058438 Python: unsafe -> mayExecuteInput 2020-10-15 12:56:29 +02:00
Rasmus Lerchedahl Petersen
00566f0eee Python: Extend DataFlow::CfgNode when appropriate 2020-10-15 12:40:16 +02:00
yoff
c36ad7dd9b Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2020-10-15 12:35:21 +02:00
Rasmus Lerchedahl Petersen
9c8e968cba Python: Fix bad merge 2020-10-15 11:47:34 +02:00
Taus
c8b93148a2 Merge pull request #4424 from RasmusWL/python-model-python2-specific-command-execution 
Python: model Python 2 specific command execution
 2020-10-15 10:52:43 +02:00
Rasmus Wriedt Larsen
c5810d623b Merge pull request #4474 from tausbn/python-fix-tostring-divergence 
Python: Fix divergence in tuple/subscripted type `toString`
 2020-10-15 10:29:33 +02:00
Rasmus Wriedt Larsen
ce967e1249 Merge branch 'main' into python-model-python2-specific-command-execution 2020-10-15 10:00:02 +02:00
Rasmus Lerchedahl Petersen
0766eef49b Merge branch 'main' of github.com:github/codeql into SharedDataflow_ArgumentPassing 2020-10-15 09:49:21 +02:00
Rasmus Lerchedahl Petersen
d2b90662a3 Python: implement ToString on mappings 2020-10-14 17:31:13 +02:00
Taus
466c22f4a8 Merge pull request #4435 from RasmusWL/python-port-code-injection 
Python: port code injection query
 2020-10-14 16:41:42 +02:00
Rasmus Lerchedahl Petersen
6a3aed337f Python self -> range 2020-10-14 16:35:43 +02:00
Rasmus Lerchedahl Petersen
352418cb5d Python: track safe loaders 2020-10-14 16:33:55 +02:00
Taus Brock-Nannestad
f8190feef2 Python: Fix divergence in tuple/subscripted type toString 
A slightly more complicated version of the situation in
https://github.com/github/codeql/pull/2507 could cause the `toString`
calculation to diverge. Although the previous PR took tuples nested
inside tuples into account (and subscripted types cannot be nested
inside each other in our modelling), it did not account for having
this nesting be interleaved, and this is what caused the divergence.

I have not done the usual "test case first to show the problem
exists", since this would also diverge and take forever to fail. The
instance observed in `scipy` was likely caused by something akin to

```python
x = ()
while True:
    x = x[(x,)]
```

Finally, to prevent this from happening with other types, I went
through and checked each instance where the string representation of
an `ObjectInternal` might potentially contain a reference to
itself (and thus explode). I encapsulated this in a
`bounded_toString` helper predicate, and used this in all the cases
where I was able to determine that the above _could_ happen.
 2020-10-14 16:13:03 +02:00
yoff
5f6f85c998 Merge pull request #4465 from tausbn/python-remove-essa-flow 
Python: Remove flow between ESSA variables
 2020-10-14 15:37:39 +02:00
Rasmus Lerchedahl Petersen
b8cba381cf Merge branch 'main' of github.com:github/codeql into python-port-unsafe-deserialization 2020-10-14 15:01:30 +02:00
Rasmus Lerchedahl Petersen
3a281a1bd6 Python: Adjust comments and tests 2020-10-14 14:40:11 +02:00
Rasmus Wriedt Larsen
5db4f906d0 Merge branch 'main' into python-port-code-injection 2020-10-14 14:22:02 +02:00
yoff
ffe79f688d Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-10-14 14:08:16 +02:00
Taus
92ccb795fd Merge pull request #4415 from RasmusWL/python-flask-routed-parameter 
Python: Add support for routed parameters in flask
 2020-10-14 13:29:51 +02:00
Rasmus Wriedt Larsen
1fde477a8f Python: Refactor argument matching 2020-10-14 13:22:35 +02:00