hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-14 17:31:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,247 Commits 1,785 Branches 169 Tags
e612db2ec96fd364ce25ca932f96bd1ec26c4307
Commit Graph

87247 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
BazookaMusic
e612db2ec9 Promote user prompt injection query to stable security 
Move UserPromptInjection out of experimental into stable JavaScript security locations.

Set js/user-prompt-injection precision to low and remove experimental tagging.

Move supporting dataflow libraries, qhelp/examples, and tests to stable paths and update references.
 2026-06-11 11:28:14 +02:00
BazookaMusic
d0ffde8c45 Em-dash - of course :D 2026-06-08 14:03:12 +02:00
BazookaMusic
b6c951e90c Remove redundant file 2026-06-08 13:47:44 +02:00
BazookaMusic
2cb0851900 1. Rename AgentSDK -> AgentSdk 
2. Remove redundant constant comparison barriers. This is already happening by default by the taint tracking library.
 2026-06-08 12:55:52 +02:00
BazookaMusic
e370af6444 QLDoc + include the queries in the correct expected files per query suite 2026-06-08 12:38:28 +02:00
BazookaMusic
61be37d718 Formatting 2026-06-08 12:15:50 +02:00
BazookaMusic
da05992a09 Better document the new queries 2026-06-08 11:27:40 +02:00
BazookaMusic
078d15e165 add openrouter support 2026-06-04 16:42:49 +02:00
BazookaMusic
6c5c8e1c9b move system prompt injection to non-experimental 2026-05-20 10:48:07 +02:00
BazookaMusic
5ef09a102c add tests for langchain and remove wrong model for guardrails agent 2026-05-15 12:49:36 +02:00
BazookaMusic
fe7eabd56f Add run from agents into the user prompt and fix an issue with classifying it as a system prompt injection 2026-05-15 12:39:54 +02:00
BazookaMusic
535adc7a31 add barrier when data flows into user messages for system prompt detection, remove embeddings from user prompt injection query 2026-05-15 12:14:14 +02:00
BazookaMusic
9c136264de remove guardrails sanitizer for now 2026-05-13 13:37:44 +02:00
BazookaMusic
34da804aee Move structurally typed prompt injection sinks to Models as Data 
Move OpenAI, Anthropic, Google GenAI, and LangChain sinks that are
structurally typed (identified by API name alone) into MaD YAML files.

Role-filtered sinks that require inspecting a sibling 'role' property
remain in QL code since MaD cannot express conditional logic.

Use two distinct sink kinds:
- user-prompt-injection: picked up by UserPromptInjection.ql
- system-prompt-injection: picked up by SystemPromptInjection.ql

New files:
- javascript/ql/lib/ext/openai.model.yml
- javascript/ql/lib/ext/anthropic.model.yml
- javascript/ql/lib/ext/google-genai.model.yml
- javascript/ql/lib/ext/langchain.model.yml
 2026-05-13 11:08:25 +02:00
BazookaMusic
98379cffcb Documentation 2026-05-12 16:11:31 +02:00
BazookaMusic
9006ddb793 default threat model 2026-05-12 15:28:08 +02:00
BazookaMusic
74a3ba1f0d changes for spliting into system and user 2026-05-04 11:57:43 +02:00
BazookaMusic
0b7133c4ce JS: Add prompt injection detection (CWE-1427) for OpenAI, Anthropic, and Google GenAI SDKs 
Add experimental CodeQL query detecting prompt injection vulnerabilities
in JavaScript/TypeScript applications using AI SDK libraries.

Modeled frameworks:
- openai (OpenAI, AzureOpenAI): responses, chat.completions, completions,
  images, embeddings, beta.assistants, beta.threads, audio APIs
- @openai/agents: Agent instructions, handoffDescription, run/Runner.run,
  asTool, tool()
- @anthropic-ai/sdk: messages.create, beta.messages.create,
  beta.agents.create/update
- @google/genai (GoogleGenAI): generateContent, generateContentStream,
  generateImages, editImage, chats, live.connect

Includes role-based filtering (system/developer/assistant/model roles)
and constant-comparison sanitizer guard.
 2026-04-30 17:39:09 +02:00
Mathias Vorreiter Pedersen
154d213fd2 Merge pull request #21768 from github/speed-up-unchecked-leap-year-after-modification 
C++: Speed up `cpp/leap-year/unchecked-after-arithmetic-year-modification`
 2026-04-30 16:06:17 +01:00
Michael Nebel
4446f42846 Merge pull request #21684 from michaelnebel/csharp/improve-reachability-checks 
C#: Improve BMN feed checking & handling.
 2026-04-30 15:53:52 +02:00
Owen Mansel-Chan
87c35e6401 Merge pull request #21654 from MarkLee131/fix/sensitive-log-hash-sanitizer 
Java: treat hash/encrypt/digest methods as sensitive-log sanitizers
 2026-04-30 13:21:03 +01:00
Tom Hvitved
a473fdb709 Merge pull request #21759 from hvitved/csharp/cfg-params 
C#: Include parameters and their defaults in the CFG
 2026-04-30 11:31:06 +02:00
Owen Mansel-Chan
fed42d655f Merge pull request #21656 from MarkLee131/fix/trust-boundary-regexp-barrier 
Java: add RegexpCheckBarrier to trust-boundary-violation sanitizers
 2026-04-29 14:59:01 +01:00
Michael Nebel
03d70b9f94 C#: Add another nuget.config integration test. 2026-04-29 15:47:32 +02:00
Michael Nebel
e29770c2b5 C#: Fix missing slash in comments. 2026-04-29 15:27:47 +02:00
MarkLee131
28a6ff208c Merge remote-tracking branch 'origin/main' into fix/sensitive-log-hash-sanitizer 
# Conflicts:
#	java/ql/test/query-tests/security/CWE-532/SensitiveLogInfo.expected
#	java/ql/test/query-tests/security/CWE-532/Test.java
 2026-04-29 20:59:59 +08:00
Tom Hvitved
e14b654e8a Update shared/controlflow/codeql/controlflow/ControlFlowGraph.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2026-04-29 14:57:35 +02:00
MarkLee131
51e2a5418b Java: move EncryptedSensitiveMethodCall into Sanitizers.qll 
Address review feedback by moving the shared method-name-based encryption/hash/digest
check into Sanitizers.qll, and reference it from both CleartextStorageQuery.qll and
SensitiveLoggingQuery.qll instead of duplicating the definition.
 2026-04-29 20:56:36 +08:00
MarkLee131
75162bb9eb Update java/ql/test/query-tests/security/CWE-532/Test.java 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2026-04-29 20:53:58 +08:00
MarkLee131
49d014cbac Merge branch 'main' into fix/trust-boundary-regexp-barrier 2026-04-29 20:48:22 +08:00
MarkLee131
d27ee86242 Java: refactor trust-boundary sanitizers into TrustBoundaryValidationSanitizer subclasses 
Address review feedback by introducing dedicated subclasses of
TrustBoundaryValidationSanitizer for SimpleTypeSanitizer, RegexpCheckBarrier,
and the HttpServletSession type check, so isBarrier only references the
abstract class.
 2026-04-29 20:46:11 +08:00
Jack Nørskov Jørgensen
0192ffab07 Merge pull request #21751 from github/jacknojo/move_java_generated_mads 
Move generated MaDs into modelgenerator/
 2026-04-29 14:33:58 +02:00
Tom Hvitved
99b5cecb18 Java: Adapt to changes in shared CFG library 2026-04-29 14:03:06 +02:00
Tom Hvitved
99023f8b59 C#: Add upgrade/downgrade scripts 2026-04-29 14:03:05 +02:00
Tom Hvitved
b6c464281b C#: Move internal logic into internal/ControlFlowGraph.qll 2026-04-29 14:01:14 +02:00
Tom Hvitved
d4a32476da C#: No need to special-case default arguments in nullness analysis 2026-04-29 14:01:13 +02:00
Tom Hvitved
6c42418faf C#: Use parameter CFG nodes in SSA 2026-04-29 14:01:11 +02:00
Tom Hvitved
cbe207ab65 C#: Include parameters and their defaults in the CFG 2026-04-29 14:01:09 +02:00
Tom Hvitved
d792e11b7f C#: Add tests for methods with default parameters 2026-04-29 14:01:08 +02:00
Tom Hvitved
77639817fe C#: Remove unintended CP 2026-04-29 14:01:06 +02:00
Josef Svenningsson
68be006a29 Merge pull request #21641 from github/josefs/promptInjectionImprovements 
Improve prompt inject for Python
 2026-04-29 11:23:52 +01:00
Mathias Vorreiter Pedersen
96d6ee61ff Update cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2026-04-29 10:55:02 +01:00
Michael Nebel
bfd3683b0b Merge pull request #21372 from michaelnebel/csharp14/usercompoundassignment 
C# 14: User defined compound assignment operators.
 2026-04-29 11:22:35 +02:00
Asger F
c95083b176 Merge pull request #21697 from yearn/js/vercel-node-framework 
JS: Add support for @vercel/node serverless functions
 2026-04-29 10:58:53 +02:00
Mathias Vorreiter Pedersen
dfd85c321c C++: Compute 'IgnorableOperationToOperationSourceCandidateConfig' after an initial round of the query to reduce the number of sinks. 2026-04-28 22:02:32 +01:00
Jeroen Ketema
c2beef1900 Merge pull request #21765 from jketema/switch 
C++: Fix join-order problem in `getNextSwitchCase`
 2026-04-28 21:57:10 +02:00
Josef Svenningsson
25a8aa97b2 Fix openai prompt injection tests 2026-04-28 18:24:26 +01:00
Josef Svenningsson
691aeb0815 Remove the chat completion create logic. 2026-04-28 18:24:24 +01:00
Josef Svenningsson
a05e191518 Add tests for anthropic prompt injection models 2026-04-28 18:24:22 +01:00
Josef Svenningsson
e069c9c2ee Fix tests 2026-04-28 18:24:19 +01:00