hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,611 Commits 1,672 Branches 157 Tags
ea4c2e432100cb15e4ad5448d02c36153a6f9f95
Commit Graph

3828 Commits

Author SHA1 Message Date
yoff
4445cf152a python: various fixes 
- compilation
- alerts
- some review comments
 2022-05-11 12:28:58 +00:00
Rasmus Wriedt Larsen
cff950f5f7 Python: Fix select of py/insecure-cookie 2022-05-11 14:06:30 +02:00
Rasmus Wriedt Larsen
0956d506de Python: Actually promote py/pam-auth-bypass 
🤦
 2022-05-11 13:44:47 +02:00
Rasmus Wriedt Larsen
fc8633cc01 Python: Fix select for py/cookie-injection 2022-05-11 13:18:14 +02:00
Rasmus Wriedt Larsen
27b99c51e9 Python: Add placeholder precision for py/insecure-cookie 2022-05-11 11:36:06 +02:00
Rasmus Wriedt Larsen
a902d3d8f0 Python: Add security-severity for py/insecure-cookie 
Matching the Java query
7d4767a4f5/java/ql/src/Security/CWE/CWE-614/InsecureCookie.ql (L7)
 2022-05-11 11:34:16 +02:00
Rasmus Wriedt Larsen
84ad45c665 Python: Fix Django import 2022-05-11 11:33:35 +02:00
Rasmus Wriedt Larsen
d127d2164a Merge branch 'main' into jorgectf/python/insecure-cookie 2022-05-11 11:13:47 +02:00
Erik Krogh Kristensen
f5329a3d1b PY: fix ql/field-only-used-in-charpred warning 2022-05-11 09:54:55 +02:00
Erik Krogh Kristensen
94a9b3e873 fix all ql/counting-to-zero in some languages 2022-05-11 09:54:53 +02:00
Rasmus Wriedt Larsen
c890f9c4ac Python: Fix change-note 2022-05-10 18:08:43 +02:00
Rasmus Wriedt Larsen
f68b281762 Python: Add change-note 2022-05-10 18:04:52 +02:00
Rasmus Wriedt Larsen
7e87e18b32 Python: Adjust name/description/select of PamAuthorization.ql 
Thought that calling out the actual vulnerability would make things
easier for our end users :)
 2022-05-10 18:02:17 +02:00
Rasmus Wriedt Larsen
c84f693151 Python: Adjust PamAuthorization examples 
They did not have proper formatting (only 2 spaces), and I restructured
them a bit more so they look like code in the wild
 2022-05-10 18:00:20 +02:00
Rasmus Wriedt Larsen
0c534444ad Python: Format .qhelp file 
99% of our .qhelp files have manually wrapped lines, so just wanted to
keep things consistent
 2022-05-10 17:59:21 +02:00
yoff
da3634188d python: variaous fixes 
- sync summary files
- format files
- fix compilation
 2022-05-10 12:48:42 +00:00
yoff
f14ee0e794 python: Flow summaries based on type tracking 
Two classes have been inserted into the hierarchies:

- `NonLibraryDataFlowCallable` with a method `getACall2`.
This method implements "get a call, not considering flow summaries".
For `NonLibraryDataFlowCallable`s, `getACall` will defer to `getACall2`.
While you could have a synthesised call to such a callable,
it would not correspond to a `CallNode`.

- `NonLibraryDataFlowSourceCall` with methods
`getArg2` and `getCallable2`. These also refer to a call graph that
does not consider flow summaries.

`getArg2` is used to synthesise pre-update nodes for arguments.

`getCallable2` is used in `connects` to compute argument passing.
This is used to define data flow nodes for overflow arguments.

`getACall2` ensures that `LibraryCallableValue::getACall` is not called
when the charpred of `FunctionCall` is evaluated.
 2022-05-10 12:48:42 +00:00
Rasmus Lerchedahl Petersen
80175a9af5 Python: Compiles and mostly pass tests 
- add flowsummaries shared files
- register in indentical files
- fix initial non-monotonic recursions
  - add DataFlowSourceCall
  - add resolvedCall
  - add SourceParameterNode

failing tests:
- 3/library-tests/with/test.ql
 2022-05-10 12:48:42 +00:00
Rasmus Wriedt Larsen
2b6e0cfb44 Merge pull request #8340 from yoff/python/simple-csrf 
python: minimal CSRF implementation
 2022-05-10 13:36:38 +02:00
Rasmus Wriedt Larsen
cb17e2a649 Merge pull request #8595 from porcupineyhairs/pypam 
Python : Add query to detect PAM authorization bypass
 2022-05-10 13:35:12 +02:00
Rasmus Wriedt Larsen
2421076d2f Merge pull request #8696 from RasmusWL/new-nosql-examples 
Python: Improve experimental modeling for `pymongo`
 2022-05-10 11:03:05 +02:00
yoff
6c3e2db7fd Merge branch 'main' into python/simple-csrf 2022-05-10 10:55:28 +02:00
yoff
b6605bc330 Merge pull request #8634 from RasmusWL/promote-xxe 
Python: Promote XXE and XML-bomb queries
 2022-05-09 21:54:55 +02:00
Rasmus Lerchedahl Petersen
1c7e533144 python: format 2022-05-09 21:22:27 +02:00
Rasmus Lerchedahl Petersen
2a5908ff49 python: require all settings be vulnerable 
at least all thos not in tests
 2022-05-09 17:08:49 +02:00
Rasmus Wriedt Larsen
c218162104 Merge branch 'main' into pypam 2022-05-09 14:20:05 +02:00
Rasmus Wriedt Larsen
ab1252d196 Python: Add @precision high for py/pam-auth-bypass 2022-05-09 14:19:40 +02:00
Rasmus Wriedt Larsen
f5854f33da Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-05-09 10:53:25 +02:00
github-actions[bot]
1a25457178 Post-release preparation for codeql-cli-2.9.1 2022-05-05 19:05:50 +00:00
Rasmus Wriedt Larsen
5f01fc24e4 Merge branch 'main' into promote-xxe 2022-05-02 11:25:55 +02:00
Rasmus Wriedt Larsen
3c1a37e7e1 Merge branch 'main' into new-nosql-examples 2022-05-02 11:21:36 +02:00
github-actions[bot]
8e4cf190e9 Release preparation for version 2.9.1 2022-04-28 11:59:05 +00:00
yoff
39753d5a0b Merge pull request #8693 from erik-krogh/pyApi 
PY: more API-graphs refactorings
 2022-04-27 13:19:50 +02:00
Erik Krogh Kristensen
e1c7d369be Merge pull request #8796 from erik-krogh/redundantImport 
Remove redundant imports
 2022-04-27 12:39:51 +02:00
yoff
9d774463f5 Merge pull request #8859 from tausbn/python-fix-bad-essa-joins 
Python: Fix a bunch of bad joins
 2022-04-27 12:27:50 +02:00
Erik Krogh Kristensen
7dba2b5868 PY: revert deletion of redundant-import in ClientSuppliedIpUsedInSecurityCheckLib.qll 2022-04-26 14:51:21 +02:00
Erik Krogh Kristensen
d389012b75 Merge branch 'main' into redundantImport 2022-04-26 14:24:51 +02:00
yoff
76f2eca1ee Merge pull request #8560 from erik-krogh/movePolyTest 
PY: move the polynomialbacktracking-test to the test folder
 2022-04-26 14:21:30 +02:00
Mathias Vorreiter Pedersen
aca4c8727f Merge pull request #8802 from github/post-release-prep/codeql-cli-2.9.0 
Post-release preparation for codeql-cli-2.9.0
 2022-04-25 22:52:55 +01:00
Taus
d4fc096ea8 Python: Use local flow in Pythagorean.ql 
The hand-rolled notion of flow was causing some severe performance
issues (on a few databases):

```
Tuple counts for Pythagorean::square#168e234a#f#loop_invariant_prefix/2@c86989kr after 6m35s:
175000     ~5%     {2} r1 = JOIN SSA::SsaVariable::getDefinition#dispred#f0820431#ff_10#join_rhs WITH Flow::ControlFlowNode::getNode#dispred#f0820431#bf ON FIRST 1 OUTPUT Lhs.1, Rhs.1 'arg0'
174500     ~6%     {2} r2 = JOIN r1 WITH SSA::SsaVariable::getVariable#dispred#f0820431#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'arg0'
1467782500 ~5%     {3} r3 = JOIN r2 WITH AstGenerated::Name_::getVariable#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT 3, Rhs.1 'arg1', Lhs.1 'arg0'
1467553000 ~0%     {2} r4 = JOIN r3 WITH py_expr_contexts_12#join_rhs ON FIRST 2 OUTPUT Lhs.2 'arg0', Lhs.1 'arg1'
                    return r4
```

Rewriting it to use the data flow library made all of this go away. 🎉
 2022-04-25 14:35:37 +00:00
Jeroen Ketema
79164056d1 Replace help.semmle.com links by codeql.github.com links 2022-04-22 20:42:11 +02:00
Erik Krogh Kristensen
ff73dbc35c delete redundant imports 2022-04-22 12:55:28 +02:00
Erik Krogh Kristensen
a96489b23d delete duplicate imports 2022-04-22 12:41:30 +02:00
github-actions[bot]
1aecfc67c2 Post-release preparation for codeql-cli-2.9.0 2022-04-21 19:22:19 +00:00
github-actions[bot]
eeaf233c29 Release preparation for version 2.9.0 2022-04-21 14:49:00 +00:00
${sleep,7}
b5734ed6a2 Merge branch 'main' into jty/python/emailInjection 2022-04-20 09:50:08 -04:00
Rasmus Wriedt Larsen
bb6969a175 Merge branch 'main' into promote-xxe 2022-04-20 13:42:02 +02:00
Rasmus Wriedt Larsen
6235dc5039 Python: Handle find_library assignment to temp variable 2022-04-13 11:44:15 +02:00
Porcupiney Hairs
785dc1af3c Include changes from review 2022-04-12 21:17:39 +05:30
Taus
626770aaab Merge pull request #8004 from ahmed-farid-dev/ZipSlip 
Add query to detect ZipSlip
 2022-04-08 23:55:02 +02:00