hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,836 Commits 1,672 Branches 157 Tags
d28316d3974dfb51d42853e1e57a4104ce2de7f7
Commit Graph

279 Commits

Author SHA1 Message Date
Geoffrey White
4781881a6a Swift: Improve mobile/phone number regexp. 2023-05-15 15:30:30 +01:00
Geoffrey White
a0cba8cb6b Swift: Address boolean value FPs. 2023-05-15 14:24:18 +01:00
Geoffrey White
27c8eb301e Swift: Fix URL-related FPs. 2023-05-15 14:08:43 +01:00
Geoffrey White
e59d7e0345 Swift: Remove assumption that 'username' is not sensitive (in the tests). 2023-05-15 13:58:44 +01:00
Geoffrey White
dba951111a Swift: Add more sensitive data test cases. 2023-05-15 13:58:44 +01:00
Geoffrey White
d7382053ca Merge branch 'main' into swifttodos 2023-05-09 10:06:45 +01:00
Geoffrey White
08b6755c55 Swift: Simplify hasActualResult. 2023-05-09 09:03:32 +01:00
Geoffrey White
e4382677c2 Merge branch 'main' into modernsec3 2023-05-05 13:07:01 +01:00
Geoffrey White
d92ecbb3cf Swift: Standardize on 'barrier' tover 'santerminology now we use ConfigSig dataflow. 2023-05-05 10:03:18 +01:00
Geoffrey White
9317174742 Swift: Improve the LibXML2 tests for XXE and remove the TODO comment. 2023-05-04 12:28:55 +01:00
Geoffrey White
a698f3fcb9 Merge branch 'main' into modernsec3 2023-05-02 17:35:08 +01:00
Geoffrey White
bb6aa11ce5 Swift: Additional test case. 2023-05-02 17:12:44 +01:00
Geoffrey White
ca50f1117e Swift: Hide locationless results in the inlineexpectations test (there's no way to make them expected). 2023-05-02 16:57:29 +01:00
Geoffrey White
664500d2e6 Swift: Fix member variable sinks in swift/hardcoded-key. 2023-05-02 11:26:21 +01:00
Geoffrey White
adbd2c467d Swift: Fix member variable sinks in swift/path-ionjection. 2023-05-02 11:26:20 +01:00
Anders Schack-Mulligen
9fe5462b1b Swift: Update more expected output. 2023-04-26 13:41:50 +02:00
Anders Schack-Mulligen
6b049cb37a Swift: Update expected output. 2023-04-26 13:15:39 +02:00
Geoffrey White
bfbd45a220 Swift: Fix CSV field sinks. 2023-04-20 18:14:34 +01:00
Geoffrey White
d317ad80e5 Swift: Convert to CSV sinks. 2023-04-20 17:53:00 +01:00
Geoffrey White
380bf21a38 Swift: Update InsecureTLSExtensions.ql sinks to not depend on AssignExpr. 2023-04-20 17:15:48 +01:00
Geoffrey White
c1a95d57bb Swift: Add some test cases. 2023-04-20 17:15:47 +01:00
Geoffrey White
a3c66b6032 Merge pull request #12833 from geoffw0/addmodels 
Swift: Add some sink models
 2023-04-19 14:18:29 +01:00
Geoffrey White
c7ea08aa73 Swift: Fix inline expectations. 2023-04-18 17:32:38 +01:00
Geoffrey White
619d572d50 Swift: Add RNCryptor hmacKey encryption-key sinks. 2023-04-14 14:58:15 +01:00
Geoffrey White
46da73cc11 Swift: Add realm path-injection sinks. 2023-04-14 14:50:50 +01:00
Geoffrey White
feccd307da Swift: Add realm encryption-key sinks. 2023-04-14 14:47:24 +01:00
Geoffrey White
bfdaf6951d Swift: Add some test cases. 2023-04-14 14:39:45 +01:00
Geoffrey White
21414089ee Swift: Test renaming and layout changes. 2023-04-14 14:39:32 +01:00
Geoffrey White
cdcee5cc75 Swift: Add high-level CryptoSwift sinks. 2023-04-11 19:59:43 +01:00
Geoffrey White
539f8f0f70 Swift: Add mid-level CryptoSwift sinks and prevent duplication that results. Overall this doesn't give us any new results in tests, but makes paths shorter, and in the real world I expect it to add reliability. 2023-04-11 19:54:55 +01:00
Geoffrey White
51a62b54ee Swift: Add low-level CryptoSwift sinks. 2023-04-11 19:54:48 +01:00
Geoffrey White
d299d92025 Swift: Prevent potentially misleading duplicate results. 2023-04-11 19:39:09 +01:00
Geoffrey White
4995f13234 Swift: Add tests for swift/weak-sensitive-data-hashing on CryptoSwift. 2023-04-11 18:46:38 +01:00
Jeroen Ketema
cb8568f6fd Swift: Rewrite PathInjection to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
a45f381ab9 Swift: Rewrite CleartextLogging to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
0ff607c930 Swift: Rewrite XXEQuery to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
70d0e987c4 Swift: Rewrite PredicateInjection to use DataFlow::ConfigSig 2023-04-03 16:19:30 +02:00
Geoffrey White
4d3fc02d7e Merge pull request #11965 from geoffw0/realmfix 
Swift: Test and fix missing swift/cleartext-storage-database results
 2023-04-03 14:02:18 +01:00
Geoffrey White
33b041242d Swift: Recognize Core Data + Realm sources via type aliases. 2023-03-31 10:44:01 +01:00
Paolo Tranquilli
33b4d2d653 Swift: add SuccessfullyExtractedLines query 
This counts how many lines we have extracted some entity in. If we test
changes in this, we can have a more fine grained look into how much we
actually extract than looking at the extracted files.
 2023-03-31 10:02:19 +02:00
Geoffrey White
daa8141414 Swift: Add test case. 2023-03-30 16:16:40 +01:00
Geoffrey White
beb7d9d7a1 Swift: Test layout change. 2023-03-30 16:13:42 +01:00
Mathias Vorreiter Pedersen
e3e68b7753 Merge pull request #12642 from geoffw0/modernstring 
Swift: Modernize the swift/string-length-conflation query
 2023-03-29 14:55:40 +01:00
Geoffrey White
28998ccafe Merge pull request #12471 from geoffw0/dbsinks2 
Swift: Better sinks for swift/cleartext-storage-database
 2023-03-27 12:51:13 +01:00
Geoffrey White
9529bc5f09 Swift: The regressed test is not realistic, update it to be more like what really happens. 2023-03-23 10:52:58 +00:00
Geoffrey White
e266132f0a Swift: Replace sinks with (extendable) CSV. 2023-03-23 10:45:29 +00:00
Geoffrey White
879dea2984 Swift: Additional test cases. 2023-03-23 10:38:52 +00:00
Geoffrey White
a4e9d38abb Swift: Fix the test regression. 2023-03-22 16:44:29 +00:00
Geoffrey White
cbe5243c89 Swift: Accept test regressions. :( 2023-03-22 16:24:32 +00:00
Geoffrey White
1f8a165611 Swift: Add a couple of extra test cases. 2023-03-20 10:58:58 +00:00