hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,025 Commits 1,684 Branches 159 Tags
dc00a17fd29da80c0cb508093dc252b7c8294665
Commit Graph

186 Commits

Author SHA1 Message Date
snoopywu
0174270a03 Add change note 2021-08-23 08:15:56 -07:00
Sauyon Lee
ab80f35451 Add change note for 1.17 2021-08-19 14:02:29 -07:00
Owen Mansel-Chan
8c97395884 Add change note 2021-08-18 11:54:05 +01:00
Chris Smowton
9ab1a8d144 Reword change note 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2021-04-21 15:28:28 +01:00
Chris Smowton
e50ad90856 Elaborate comment and change-note a little 2021-04-21 12:36:43 +01:00
Sauyon Lee
7efbcec50d Add change note 2021-04-20 23:27:03 -07:00
Chris Smowton
685f4fa2a6 Add change note 2021-04-19 16:13:16 +01:00
Owen Mansel-Chan
c192a255c5 Add change note 2021-03-30 10:13:22 +01:00
Sauyon Lee
012825323d Add change note 2021-03-18 10:54:33 -07:00
sn00py
22c3110602 Update change-notes/2021-03-16-nethttp-updated.md 
Co-authored-by: Sauyon Lee <sauyon@github.com>
 2021-03-18 23:32:23 +08:00
snoopywu
161ce91159 Add changenote for #506 2021-03-16 23:51:26 +08:00
Sauyon Lee
fc9bc68829 Add change note for go 1.16 2021-02-18 11:49:00 -08:00
Sauyon Lee
e6d11fc99e Merge pull request #475 from sauyon/yaml 
Add models for gopkg.in/yaml
 2021-02-16 15:11:47 +00:00
Chris Smowton
2be66d1d74 Merge pull request #479 from smowton/smowton/admin/add-missing-change-notes 
Add missing change notes
 2021-02-16 09:58:29 +00:00
Owen Mansel-Chan
1c6a68ae93 Merge pull request #478 from owen-mc/update-logrus-model 
Simplify Logrus model
 2021-02-16 07:35:44 +00:00
Sauyon Lee
1acbfaafcc Add models for gopkg.in/yaml 2021-02-15 18:27:09 +00:00
Chris Smowton
95008d1ccb Update change-notes/2021-02-09-html-templates.md 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2021-02-15 14:39:24 +00:00
Chris Smowton
6f5f1c4829 Add missing change notes 2021-02-15 14:07:10 +00:00
Owen Mansel-Chan
46cc9e9fa4 Add change note 2021-02-15 13:51:01 +00:00
Owen Mansel-Chan
a2c0b6ade6 Merge pull request #464 from owen-mc/list-constants-sanitizers 
List of constants sanitizer guards (switch statement in function only)
 2021-02-15 11:39:40 +00:00
Owen Mansel-Chan
1dc474650a Model zap 2021-02-11 14:35:36 +00:00
Owen Mansel-Chan
5ec25de1fc Add change note 2021-02-02 16:27:44 +00:00
Sauyon Lee
82bd293e5c Polish insecure randomness query 2021-02-02 08:04:11 +00:00
Sauyon Lee
48a52cfd2f Merge pull request #437 from sauyon/goproxy 
Model elazarl/goproxy
 2021-01-28 06:05:52 +00:00
Sauyon Lee
fb84df241a Add change note for goproxy modeling 2021-01-27 17:38:23 +00:00
Sauyon Lee
3ed9e66c7a Add gokit models 2021-01-25 08:15:14 -08:00
Owen Mansel-Chan
8acf572283 Add change note 2021-01-22 17:38:26 +00:00
Owen Mansel-Chan
b5dfef894b Add change note 2021-01-13 09:18:54 +00:00
Chris Smowton
a9cff82161 Add change-note for addition of git to the list of known interpreters for the go/command-injection query. 2021-01-11 18:48:54 +00:00
Chris Smowton
2dffd3e261 Merge pull request #443 from smowton/smowton/admin/missing-change-notes-2021-01 
Add change-notes for recent PRs that were missing them
 2021-01-05 11:41:35 +00:00
Chris Smowton
19921ed115 Add change-notes for recent PRs that were missing them 2021-01-05 11:39:26 +00:00
Chris Smowton
2b608e5822 Merge remote-tracking branch 'origin/rc/1.26' into HEAD 2021-01-04 15:32:15 +00:00
Chris Smowton
8060993b3b Merge pull request #430 from smowton/smowton/feature/model-beego-orm 
Model the Beego ORM subpackage
 2020-12-16 16:08:18 +00:00
Chris Smowton
44a63b2f94 Model the Beego ORM subpackage 2020-12-16 14:39:58 +00:00
Owen Mansel-Chan
87f2cad475 Merge pull request #427 from owen-mc/model-kubernetes-secret 
Model kubernetes SecretInterface
 2020-12-15 17:12:45 +00:00
Owen Mansel-Chan
6ca2e0e38e Add SecretInterface as source for cleartext logging query 2020-12-15 16:00:58 +00:00
Chris Smowton
8e7abbac0a Model Beego web framework 
This excludes the ORM, email and validation components, which I will follow up with seperately.
 2020-12-15 14:04:36 +00:00
Owen Mansel-Chan
e4316768ef Merge pull request #426 from owen-mc/model-k8s-io-apimachinery-pkg-runtime 
Model k8s.io/apimachinery/pkg/runtime
 2020-12-09 09:16:47 +00:00
Owen Mansel-Chan
c17f1618e0 Add change note 2020-12-09 06:45:08 +00:00
Owen Mansel-Chan
290a4dcdf4 Merge pull request #414 from owen-mc/model-evanphx-json-patch 
Model evanphx/json-patch
 2020-12-08 17:36:10 +00:00
Owen Mansel-Chan
e786fa07ee Add change note 2020-12-08 16:15:01 +00:00
Owen Mansel-Chan
8c33979425 Merge pull request #388 from owen-mc/untrusted-data-flow-to-external-api 
Untrusted data flow to external API
 2020-12-01 11:25:58 +00:00
Sauyon Lee
09d41952dc SuspiciousCharacterInRegexp: Add fix for raw string literals 2020-11-30 19:15:17 +00:00
Chris Smowton
3338a0b10d Merge pull request #402 from smowton/smowton/feature/zipslip-more-generous-sanitisers 
ZipSlip: redefine sources closer to their origin, and make sanitizers more generous
 2020-11-27 18:25:07 +00:00
Owen Mansel-Chan
7730d66d76 Apply suggestions from code review 
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com>
 2020-11-27 16:17:54 +00:00
Chris Smowton
1eb8fff7e1 ZipSlip: redefine sources closer to their origin, and make sanitizers more generous. 
Previously we considered certain fields of `tar` or `zip` file headers to be sources, but this meant subsequent references to the same field were not considered sanitized. For example, at least some real-world projects used a pattern like `if isIllegalPathTraversal(hdr.Name) { return nil; } ... /* other code using hdr.Name */`. By associating a source with the field-read `.Name` rather than the header itself, we were unable to see that the subsequent read was guarded by the sanitizer function.

Relatedly, it is common to use some intermediary taint-propagating function, as in `clean(s string) { if strings.HasPrefix("..", filepath.Clean(filepath.Join(target, s))) ...`, in the implementation of a sanitizer. We now follow the taint propagation (locally) backwards towards the function parameter, marking the predecessor functions and ultimately the parameter `s` as sanitized in addition to the direct argument to `strings.HasPrefix`. Existing sanitizing-function logic can then sometimes lift this out into the caller too.
 2020-11-27 13:57:25 +00:00
Sauyon Lee
0bf09307cf Add StoredCommand query 2020-11-23 02:11:44 -08:00
Chris Smowton
e241f8469b Add change notes for PRs that omitted them 2020-11-20 16:15:12 +00:00
Sauyon Lee
793d6f6053 Merge pull request #399 from sauyon/stored-xss 
Add stored XSS query
 2020-11-19 23:23:21 -08:00
Chris Smowton
1a2c209259 Add query checking for unpacking of symlinks without using EvalSymlinks to spot existing ones. 
This is usually dangerous because (if the archive is untrusted) the intent is usually to permit within-archive symlinks, e.g. dest/a/parent -> .. -> dest/a is an acceptable link to unpack. However if EvalSymlinks is not used to take already-unpacked symlinks into account, it becomes possible to sneak tricks like dest/escapes -> dest/a/parent/.. through, which create links leading out of the archive for later abuse.
 2020-11-16 09:57:26 +00:00