hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,611 Commits 1,672 Branches 157 Tags
ea4c2e432100cb15e4ad5448d02c36153a6f9f95
Commit Graph

310 Commits

Author SHA1 Message Date
Karim Ali
4b7cb706f6 fix error in checking # of iterations 
plus also simplify the pattern matching of the sink classes
 2022-10-25 13:24:37 +02:00
Karim Ali
c4b2519e6c initial draft of the Swift query for CWE-916 2022-10-25 13:24:37 +02:00
Geoffrey White
8a8b1aff7f Swift: Restrict expressions count to expressions with locations. 2022-10-21 18:57:15 +01:00
Geoffrey White
3215295d06 Swift: simpkify SummaryStats.ql description. 2022-10-21 18:48:08 +01:00
Geoffrey White
138643519c Merge pull request #10757 from geoffw0/sqlinject 
Swift: Query for SQL injection
 2022-10-20 18:55:38 +01:00
Geoffrey White
661106c1a0 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2022-10-20 17:54:40 +01:00
Geoffrey White
5a3577679d Swift: Improve metadata. 2022-10-20 12:44:56 +01:00
Geoffrey White
adeef309f3 Swift: Add some queries to help examine databases. 2022-10-20 12:34:07 +01:00
Geoffrey White
5b1e138300 Swift: Another qhelp edit. 2022-10-19 20:49:26 +01:00
Geoffrey White
495f744cd3 Swift: Attempt to address qhelp suggestions. 2022-10-19 20:44:27 +01:00
Geoffrey White
05d9c7b892 Swift: More 'an SQL' -> 'a SQL'. 2022-10-19 19:44:59 +01:00
Geoffrey White
83dc6d1564 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2022-10-19 19:42:35 +01:00
Geoffrey White
0281bfedda Merge pull request #10689 from d10c/swift/cleartext-storage-nsuserdefaults 
Swift: Query for CWE-312: Exposure of sensitive information using NSUserDefaults
 2022-10-17 14:05:17 +01:00
Geoffrey White
9767064310 Swift: Fix bug for sqlite3_prepare_v3. 2022-10-17 13:40:35 +01:00
Geoffrey White
13018150ed Merge branch 'main' into sqlinject 2022-10-17 13:30:14 +01:00
Karim Ali
bb3bf64364 update example with both AES and Blowfish for better clarity 2022-10-17 12:54:34 +02:00
Karim Ali
b840a41222 fix typo in doc 2022-10-17 12:54:34 +02:00
Karim Ali
e942cfb98e fix typos in docs and in-code comments 2022-10-17 12:54:34 +02:00
Karim Ali
aef9645bd6 change use of toString() to getName() 2022-10-17 12:54:34 +02:00
Karim Ali
81e027f225 address QLDoc style comments 2022-10-17 12:54:34 +02:00
Karim Ali
d56c82ff75 add a query that detects hardcoded keys 2022-10-17 12:54:34 +02:00
Geoffrey White
8eccae1cdd Swift: Fix the qhelp. 2022-10-14 15:31:53 +01:00
Geoffrey White
f96e4eb87e Swift: One more go at getting the query message how ql-for-ql wants it. 2022-10-14 15:28:14 +01:00
Geoffrey White
227b10adf6 Swift: Qhelp. 2022-10-14 15:18:47 +01:00
Geoffrey White
24c6bb4c52 Swift: More modern (?) phrasing. 2022-10-14 14:41:02 +01:00
Geoffrey White
3da3a278ab Swift: Query metadata. 2022-10-14 14:31:38 +01:00
Geoffrey White
76ff593cc5 Swift: Bring it all together into a query. 2022-10-13 16:06:44 +01:00
Geoffrey White
7d78df25bf Swift: Define SQL sinks. 2022-10-13 15:50:57 +01:00
Geoffrey White
ce5631e7cb Swift: Complete the rename. 2022-10-13 15:22:36 +01:00
Geoffrey White
12cb099376 Swift: Rename to match other languages (except Java). 2022-10-13 15:21:39 +01:00
Geoffrey White
bcab9d8e7c Swift: Add framework for SQL Injection query. 2022-10-10 17:25:08 +01:00
Nora Dimitrijević
8a08a3ecce Merge branch 'main' into swift/cleartext-storage-nsuserdefaults 2022-10-10 14:06:32 +02:00
Nora Dimitrijević
29df69742c Swift: Docs review response: consistent naming 2022-10-05 14:42:11 +02:00
Nora Dimitrijević
ba7d375c01 Swift: Fix QL-on-QL warnings. 2022-10-05 12:22:33 +02:00
Nora Dimitrijević
75a980905c Swift: Initial CleartextStoragePreferences impl. 
Clearly based on CleartextStorageDatabase by @geoffw0.
 2022-10-04 23:14:55 +02:00
Geoffrey White
0ed89fb11a Swift: Use ClassOrStructDecl. 2022-10-04 15:10:41 +01:00
Karim Ali
d44f6b0f41 fix formatting issue raised by ql-format 2022-10-03 12:18:01 +02:00
Karim Ali
72ba77d900 Add rule that checks for using the insecure ECB block mode for encryption 2022-10-02 15:53:39 +02:00
Karim Ali
5e189b8c75 update qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-10-02 15:50:26 +02:00
Karim Ali
677946d19d update typos to address requested changes 2022-10-02 15:50:26 +02:00
Karim Ali
dbc86b2cd8 update qhelp to adjust for US spelling + improved readability 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-02 15:50:26 +02:00
Karim Ali
a23e17a370 fix typo in qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2022-10-02 15:50:26 +02:00
Karim Ali
2409ba2c05 update query description 2022-10-02 15:50:26 +02:00
Karim Ali
2080f0dd36 address style violation in generated alerts 2022-10-02 15:50:26 +02:00
Karim Ali
f060f056c2 rename ECBEncryption to please the codeql formatter 2022-10-02 15:50:26 +02:00
Karim Ali
fe024ef91e change TaintTracking::Configuration to DataFlow::Configuration 2022-10-02 15:50:25 +02:00
Karim Ali
9576e4c008 update qhelp to include a description for the accompanying example 2022-10-02 15:50:25 +02:00
Karim Ali
746f535ee5 Add rule that checks for using the insecure ECB block mode for encryption 2022-10-02 15:50:25 +02:00
Geoffrey White
13b2b1f304 Swift: Repair CleartextTransmission query. 2022-09-27 18:25:32 +01:00
Geoffrey White
ed3d3e4ff0 Swift: fix regression. 2022-09-23 21:01:25 +01:00