hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-11 18:14:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,375 Commits 1,740 Branches 164 Tags
e4fe1d5c13ccbc811576b7eec3fc07ea806919eb
Commit Graph

1375 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Ford
e4fe1d5c13 check for superclass method definitions in ActiveRecordModelClass#methodMayAccessField 2021-10-07 15:30:36 +01:00
Alex Ford
fb5cfcc9b0 OrmTracking goes through or expressions 2021-10-07 15:30:36 +01:00
Alex Ford
be018cc97f update ActionController tests 2021-10-07 15:30:36 +01:00
Alex Ford
955080234b partial support for rails layouts 2021-10-07 15:30:36 +01:00
Alex Ford
8e1b48e607 StoredXSS.qhelp 2021-10-07 15:30:36 +01:00
Alex Ford
182a926eeb rename some example files 2021-10-07 15:30:36 +01:00
Alex Ford
1929a95e89 format 2021-10-07 15:30:36 +01:00
Alex Ford
6065e29aba Fix performance issues related to a x-product between ActiveRecordModelInstantiation and MethodCall 2021-10-07 15:30:36 +01:00
Alex Ford
43a49689d7 reorganize ActiveRecord field access heuristics 2021-10-07 15:30:36 +01:00
Alex Ford
8f81eaa79c format 2021-10-07 15:30:36 +01:00
Alex Ford
b2434950d3 abstract away some ActiveRecord specific parts of XSS.qll 2021-10-07 15:30:36 +01:00
Alex Ford
6a32c0cde0 update XSS tests 2021-10-07 15:30:36 +01:00
Alex Ford
6dc3ce335b make rb/stored-xss track ActiveRecord db accesses 2021-10-07 15:30:36 +01:00
Alex Ford
f6dd6bb00c expand ActiveRecord modelling to cover how to access fields 2021-10-07 15:30:36 +01:00
Alex Ford
eb5f26ce06 duplicate DataFlow implementation 2021-10-07 15:30:36 +01:00
Alex Ford
a2084f813e rb/stored-xss structure and initial implementation (FileSystemReadAccess sources) 2021-10-07 15:30:36 +01:00
Tom Hvitved
1c08592637 Merge pull request #329 from github/hvitved/dataflow/synth-return 
Data flow: Add a synthetic return node
 2021-10-07 13:06:39 +02:00
Tom Hvitved
c540615223 HardcodedCredentials: Add test for default parameter values 2021-10-07 11:57:57 +02:00
Tom Hvitved
953821c443 Avoid potential tuple explosion in reverse type tracking 2021-10-06 15:21:43 +02:00
Tom Hvitved
fdf1cd38fd Data flow: Add a synthetic return node 2021-10-06 15:21:43 +02:00
Harry Maclean
c50a6c180f Merge pull request #318 from github/hmac-open-query 
Add a query for uses of `Kernel.open` and `IO.read`
 2021-10-06 10:05:43 +01:00
Tom Hvitved
1d1215923c Merge pull request #323 from github/hvitved/get-value-text 
Introduce `Expr::getValueText`
 2021-10-05 14:26:25 +02:00
Harry Maclean
7bf818fdf5 Refactor KernelMethodCall modelling 
By extending `DataFlow::CallNode` instead of `MethodCall`, we get rid of
a lot of `.asExpr().getExpr()` calls.
 2021-10-05 12:26:59 +01:00
Harry Maclean
232fb9ad5b Add cwe-073 tag to KernelOpen query 
CWE-073 is External Control of File Name or Path, which applies here.
 2021-10-05 11:13:58 +01:00
Harry Maclean
6f293c7a5e Add a query for uses of Kernel.open and IO.read 2021-10-05 11:13:58 +01:00
Harry Maclean
0fcb079ba7 Merge pull request #326 from github/hmac/eval-fixes 
Make Code execution query more specific
 2021-10-05 10:57:54 +01:00
Harry Maclean
e419fc9599 Make Code execution query more specific 
Only the first argument to eval, instance_eval, send, class_send and
module_send is interpreted as Ruby code.
 2021-10-05 10:28:34 +01:00
Nick Rolfe
b955fdb58d Merge pull request #324 from github/clippy_fixes 
clippy fixes
 2021-10-04 13:35:26 +01:00
Nick Rolfe
46d1280d07 Fix clippy warnings in extractor 2021-10-04 12:07:49 +01:00
Nick Rolfe
a188e73f7b Fix clippy warnings in generator 2021-10-04 11:55:55 +01:00
Nick Rolfe
087958be2d Fix clippy warnings in node-types 2021-10-04 11:44:21 +01:00
Nick Rolfe
1e38c705b8 Fix clippy warnings in autobuilder 2021-10-04 11:44:14 +01:00
Arthur Baars
2f462771bb Merge pull request #286 from github/aibaars/xxe 
XXE query
 2021-10-01 16:14:41 +02:00
Arthur Baars
5a454bb9f2 Add comment 2021-10-01 12:13:19 +02:00
Arthur Baars
c78d02d00d Fix module of Parser::Options 2021-10-01 11:18:03 +02:00
Arthur Baars
b06bb7a789 Improve test cases 
Set NONET (2048) by default.
 2021-10-01 11:16:56 +02:00
Tom Hvitved
08225181c8 Introduce Expr::getValueText 2021-10-01 11:03:46 +02:00
Harry Maclean
f61161e66d Merge pull request #321 from github/hmac-more-eval 
Identify more instances of code injection
 2021-09-30 16:12:24 +01:00
Harry Maclean
8c0c08e887 Identify more instance of code injection 
`class_eval` and `module_eval` both take a string as argument and
execute it as Ruby code.
 2021-09-30 14:19:24 +01:00
Harry Maclean
7f103b9450 Merge pull request #319 from github/hmac-activerecord-updates 
Add some more vulnerable ActiveRecord methods
 2021-09-30 12:09:09 +01:00
Arthur Baars
0419d28ba0 XXE: overapproximate feature flag values for & and | operators 2021-09-30 11:20:23 +02:00
Arthur Baars
089f9d87d4 Address comments 2021-09-30 11:20:23 +02:00
Arthur Baars
2b077595ae Also track DTDLOAD and NONET 2021-09-30 11:20:23 +02:00
Arthur Baars
4268d9c565 XXE query 2021-09-30 11:20:17 +02:00
Harry Maclean
7191e1c007 Re-add delete_all and destroy_all methods 
These methods don't take any arguments in Rails versions > 3, but
there's no harm in checking for them anyway, and some people might be
using very old Rails versions.
 2021-09-30 09:39:58 +01:00
Harry Maclean
75bbc51e73 Make room for new test cases 
This just bumps the other code down a bit so that the .expected diff is
easier to read.
 2021-09-30 09:33:39 +01:00
Harry Maclean
0ea228e86f Merge pull request #315 from github/hmac-outgoing-http 
Model more HTTP clients
 2021-09-29 14:26:56 +01:00
Harry Maclean
a9c00a05fe HTTP -> Http 
Change the capitalisation of HTTP to Http, to conform to the QL style
guide.

Leave the HTTP module in Concepts alone, so it remains consistent with
the Concepts in other language libraries.
 2021-09-29 13:50:05 +01:00
Nick Rolfe
1d58f8cd50 Merge pull request #320 from github/rasmuswl/fix-hasLocationInfo-url 2021-09-29 13:23:08 +01:00
Tom Hvitved
c69762bc14 Merge pull request #317 from github/hvitved/disable-operation-resolution 
Temporarily disable operation call resolution
 2021-09-29 14:17:05 +02:00