hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
72,681 Commits 1,673 Branches 157 Tags
dbe8f98e183b58c716a44c025dab58ec69b9d65c
Commit Graph

528 Commits

Author SHA1 Message Date
Geoffrey White
10b4c98e80 Swift: Move password sources to be reported by the new query. 2023-12-14 16:09:47 +00:00
Geoffrey White
5faa25fc6c Swift: Make passwords their own sensitive data type. 2023-12-14 16:09:47 +00:00
Mathias Vorreiter Pedersen
04ca36f9b0 Merge pull request #15106 from geoffw0/revrevtest 
Swift: Revert:Revert "Swift: CommonCrypto test cases for the BrokenCryptoAlgorithm query"
 2023-12-14 15:56:46 +00:00
Geoffrey White
7e6ff7c826 Swift: Disable the part of the test that triggers an extraction issue. 2023-12-14 15:04:48 +00:00
Geoffrey White
987cdff862 Revert "Revert "Swift: CommonCrypto test cases for the BrokenCryptoAlgorithm query"" 
This reverts commit a478980e48.
 2023-12-14 13:56:35 +00:00
Geoffrey White
e8f8aa266f Merge remote-tracking branch 'upstream/main' into pointermodels 2023-12-13 16:43:15 +00:00
Mathias Vorreiter Pedersen
a478980e48 Revert "Swift: CommonCrypto test cases for the BrokenCryptoAlgorithm query" 2023-12-13 15:40:09 +00:00
Geoffrey White
023d72b6fb Merge remote-tracking branch 'upstream/main' into pointermodels 2023-12-13 14:07:17 +00:00
Geoffrey White
609f92c7ac Merge pull request #13870 from geoffw0/commoncrypto1 
Swift: CommonCrypto test cases for the BrokenCryptoAlgorithm query
 2023-12-12 15:26:02 +00:00
Geoffrey White
f2e3391a33 Swift: Accept test regression. 2023-12-12 11:37:05 +00:00
Mathias Vorreiter Pedersen
2e4fe49d61 Swift: Accept test changes. 2023-12-11 10:41:07 +00:00
Geoffrey White
32fdf4fc9f Merge pull request #15007 from geoffw0/sensitivekeytests 
Swift: Add some tests and model SecKeyCopyExternalRepresentation
 2023-12-07 10:50:13 +00:00
Geoffrey White
4cec14657e Merge pull request #14853 from geoffw0/logsinks 
Swift: More sinks for swift/cleartext-logging
 2023-12-06 09:00:26 +00:00
Geoffrey White
5095031110 Swift: Model SecKeyCopyExternalRepresentation as an explicit sensitive data source. 2023-12-05 13:35:44 +00:00
Geoffrey White
1d903c56ad Swift: Add a test with SecKeyCopyExternalRepresentation. 2023-12-05 13:35:44 +00:00
Geoffrey White
a5dd4a4e2a Swift: More tests of keys as sensitive data. 2023-12-04 19:05:15 +00:00
Robert Marsh
4df25f4f7f Merge pull request #14797 from geoffw0/sqlsinks 
Swift: Heuristic sinks for swift/sql-injection
 2023-11-28 11:18:10 -05:00
Geoffrey White
5f4213004b Merge branch 'main' into logsinks 2023-11-28 11:51:56 +00:00
Mathias Vorreiter Pedersen
70e0b33ce6 Merge pull request #14807 from geoffw0/formatsinks 
Swift: More sinks for swift/uncontrolled-format-string
 2023-11-27 11:10:04 +00:00
Maiky
6739750d2a Add Unsafe Unpacking Query (CWE-022) 2023-11-23 12:48:33 +01:00
Geoffrey White
c89be6a1de Swift: Refine the heuristic (mostly narrower). 2023-11-21 13:49:53 +00:00
Geoffrey White
5bbc61e83c Swift: Add a few more test cases. 2023-11-21 11:32:40 +00:00
Geoffrey White
b4b78a1bce Swift: Minor corrections. 2023-11-20 19:29:35 +00:00
Geoffrey White
3cecf69818 Swift: Fix spurious results for 'login' functions. 2023-11-20 18:38:47 +00:00
Geoffrey White
aa93165d24 Swift: Add heuristic sinks. 2023-11-20 18:38:47 +00:00
Geoffrey White
d91c5c0486 Swift: Model NSException sinks. 2023-11-20 18:38:46 +00:00
Geoffrey White
7e02c05164 Swift: Address the sprintf case. 2023-11-20 18:38:46 +00:00
Geoffrey White
835967a33e Swift: Fix for autoclosure sinks. 2023-11-20 18:15:16 +00:00
Geoffrey White
795f16ba56 Swift: Model 'printf' variants as cleartext logging sinks. 2023-11-20 18:15:06 +00:00
Geoffrey White
06c2c423b3 Swift: Clean up the test logic slightly. 2023-11-20 18:12:15 +00:00
Geoffrey White
b348dc2a32 Swift: Extend cleartext logging tests (test cases). 2023-11-20 18:11:52 +00:00
Geoffrey White
2a69b03092 Swift: Extend cleartext logging tests (stubs). 2023-11-20 18:11:41 +00:00
Geoffrey White
c49f05aa2b Swift: Fix false positive / result overlap. 2023-11-16 09:00:35 +00:00
Geoffrey White
96b4a12af7 Swift: Add heuristic sinks. 2023-11-16 09:00:35 +00:00
Geoffrey White
697c3df74a Swift: Model C printf variants. 2023-11-16 09:00:34 +00:00
Geoffrey White
1040561ec1 Swift: Model formatting append methods. 2023-11-16 09:00:34 +00:00
Geoffrey White
a6fe620bcb Swift: Fix Swift warnings in the test. 2023-11-15 18:06:38 +00:00
Geoffrey White
3a38f3b947 Swift: Add test cases. 2023-11-15 18:06:37 +00:00
Geoffrey White
0ae04de7f0 Swift: Test stubs / classes. 2023-11-15 17:23:22 +00:00
Geoffrey White
3a13759f10 Swift: Clean up the test. 2023-11-15 13:35:18 +00:00
Geoffrey White
6783707e2c Swift: Add heuristic sink. We don't catch everything, but the simple heuristic was better than anything else I tried. 2023-11-14 10:07:12 +00:00
Geoffrey White
80cfb934ce Swift: Add some tests. 2023-11-14 09:52:53 +00:00
Geoffrey White
c327f0f0a7 Merge branch 'main' into pathinjectionsinks 2023-11-10 16:04:56 +00:00
Geoffrey White
5a09a325f2 Swift: Add heuristic path injection sinks. 2023-11-10 15:13:51 +00:00
Geoffrey White
ebf7231be7 Swift: Make the 'completePath' models work. 2023-11-09 18:21:12 +00:00
Geoffrey White
9b5556e245 Swift: Test 'completePath' more carefully. 2023-11-09 18:21:12 +00:00
Geoffrey White
2d313ef4c7 Swift: Add some path injection sink models. 2023-11-09 18:21:12 +00:00
Geoffrey White
cd147038cd Swift: Fill some gaps in the URL, NSURL models. 2023-11-09 11:51:18 +00:00
Geoffrey White
a86862d578 Swift: Add test cases (heuristic). 2023-11-09 11:33:10 +00:00
Geoffrey White
04016ebd20 Swift: Add test cases (more library functions). 2023-11-09 11:31:58 +00:00