hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 05:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,447 Commits 1,742 Branches 166 Tags
ed6804859a677934d3c43b641f67df4682ffd3f8
Commit Graph

549 Commits

Author SHA1 Message Date
Chris Smowton
0f637c5887 Merge pull request #379 from smowton/model-revel 
Model Revel
 2020-10-28 09:56:25 +00:00
Chris Smowton
0bf80641e8 Revel: mark header reads as user-controlled data 2020-10-26 12:26:37 +00:00
Chris Smowton
4a2c4bf1b8 Merge pull request #387 from sauyon/testing-framework 
Add a testing framework
 2020-10-26 10:32:22 +00:00
Sauyon Lee
47f40d5f3e Add tests for log frameworks 2020-10-22 09:18:53 -07:00
Sauyon Lee
671b427e1e Add shared testing framework 
It has been modified to use `hasLocation` instead of `Location`
 2020-10-22 09:18:52 -07:00
Sauyon Lee
1e034a1dd5 Add logrus to go.qll 2020-10-22 09:18:52 -07:00
Chris Smowton
62c6b0dc37 Add support for more Revel untrusted sources 2020-10-21 17:28:28 +01:00
Sauyon Lee
e823712adf Add utility predicates to FunctionModel 
Co-authored-by: Chris Smowton <smowton@github.com>
 2020-10-21 09:16:04 -07:00
Chris Smowton
9aceae8bd6 Revel: add support and tests for Render and Redirect sinks. 2020-10-20 10:00:05 +01:00
Owen Mansel-Chan
b2b8f10418 Fix stub for Revel 
Embedded fields aren't stubbed correctly
 2020-10-19 15:47:08 +01:00
Owen Mansel-Chan
4dfa9d58c0 Model Revel 2020-10-19 15:47:07 +01:00
Owen Mansel-Chan
01ad7acb6f Remove unnecessary import 2020-10-19 15:46:33 +01:00
Owen Mansel-Chan
f49ff279b8 Merge pull request #375 from owen-mc/spew 
Model Spew logging framework
 2020-10-16 13:20:13 +01:00
Sauyon Lee
1ba1029a13 Use comment-based tests for GoModExpr 2020-10-14 09:25:38 -07:00
Sauyon Lee
34837c10ce Fix tests for go.mod files 2020-10-14 09:25:38 -07:00
Owen Mansel-Chan
4b76966a49 Model Spew logging framework 2020-10-14 14:47:22 +01:00
Chris Smowton
0afa0e75c4 Merge pull request #374 from smowton/smowton/feature/more-accurate-allocation-overflow 
Improve accuracy of allocation-size-overflow by excluding len(...) calls that never see a large operand
 2020-10-14 13:25:45 +01:00
Chris Smowton
83a7411a05 Improve accuracy of allocation-size-overflow by excluding len(...) calls that never see a large operand 
This is achieved by splitting the query into two pieces: (1) trace flow from indefinitely large object creation to len(...) calls, then (2) considering those particular len(...) calls as taint propagators, trace taint from the same sources all the way to an allocation call. This is more accurate than the previous solution, which considered any len(...) call to propagate taint, potentially confusing an array that stored a large value in one of its cells for an array which is itself of large size.
 2020-10-14 10:16:08 +01:00
Chris Smowton
40869480e1 Extend context models to cover its old golang.org/x/net/context home. 2020-10-12 12:27:19 +01:00
Chris Smowton
c8a2d30e39 Merge pull request #360 from smowton/smowton/feature/stack-trace-exposure 
Add stack-trace exposure query
 2020-10-07 11:08:37 +01:00
Chris Smowton
0eb7ac94cc Add stack-trace exposure query 
This is a port of `java/stack-trace-exposure`, and does the same job: warn that a stack dump is written to an HTTP response.
 2020-10-06 14:42:59 +01:00
Max Schaefer
97fb967d5c Add a few tests. 2020-09-28 10:58:28 +01:00
Max Schaefer
907ae20a16 Merge pull request #350 from smowton/smowton/feature/bad-regex-escape-query 
Add query spotting probably-bad escapes in regular expressions.
 2020-09-24 09:49:16 +01:00
Chris Smowton
59138048bb Add query spotting probably-bad escapes in regular expressions. 
Inspired by js/useless-regexp-character-escape, but much much simpler because the Go source code parser forbids unrecognised escapes and its regex engine refuses to compile \\x where x is not a character class or other special token (e.g. start-of-word).
 2020-09-23 15:07:22 +01:00
Chris Smowton
a094ddb988 Merge pull request #349 from gagliardetto/stdlib-339-340-342-346-347 
Merge #339 #340 #342 #346 #347
 2020-09-23 14:38:04 +01:00
Chris Smowton
1a3589ac06 Merge pull request #352 from smowton/smowton/feature/http-newrequest 
Add model for net/http.NewRequest
 2020-09-23 09:56:17 +01:00
Max Schaefer
6130720e00 Merge pull request #348 from max-schaefer/functioninput_entrynode 
Ensure `FunctionInput`s corresponding to results have an entry node
 2020-09-23 09:15:18 +01:00
Chris Smowton
c1fbbfb05a Add model for net/http.NewRequest noting that if the URL is tainted then the response should be considered tainted also. 2020-09-23 08:46:36 +01:00
Slavomir
a7148638aa Merge branch 'standard-lib-pt-6' into stdlib-339-340-342-346-347 2020-09-22 18:44:14 +02:00
Slavomir
61a0cfa06a Merge branch 'standard-lib-pt-4' into stdlib-339-340-342-346-347 2020-09-22 18:43:30 +02:00
Slavomir
315514085f Merge branch 'standard-lib-pt-9' into stdlib-339-340-342-346-347 2020-09-22 18:43:14 +02:00
Slavomir
0510404112 Merge branch 'standard-lib-pt-12' into stdlib-339-340-342-346-347 2020-09-22 18:42:46 +02:00
Slavomir
e742525be5 Fix (*Logger).Writer() model 2020-09-22 13:35:55 +02:00
Slavomir
bff19d5a37 Move and extend Log module for package log with taint-tracking 2020-09-22 13:35:55 +02:00
Slavomir
3abf0e8d29 Add taint-tracking for crypto/x509 package 2020-09-22 13:33:37 +02:00
Slavomir
3acb7a5311 Add taint-tracking for crypto/tls package 2020-09-22 13:33:37 +02:00
Slavomir
5e0e3cc2cc Add taint-tracking for crypto/rsa package 2020-09-22 13:33:37 +02:00
Slavomir
742319c071 Move to stdlib and expand crypto/cypher package taint-tracking 2020-09-22 13:33:37 +02:00
Slavomir
434c4bca9c Add taint-tracking for crypto package 2020-09-22 13:33:37 +02:00
Max Schaefer
c61881acb3 Merge pull request #344 from smowton/smowton/feature/echo-models 
Add models for the Echo framework
 2020-09-22 10:45:02 +01:00
Max Schaefer
2d4f17c91c Ensure result inputs always have an entry node. 2020-09-22 09:08:17 +01:00
Max Schaefer
4b56581122 Fix input nodes for results that are not assigned to an SSA variable. 2020-09-22 09:06:16 +01:00
Max Schaefer
9c640fff4f Add a new test for FunctionInputsAndOutputs. 2020-09-22 09:04:49 +01:00
Max Schaefer
c905149579 Merge pull request #341 from gagliardetto/standard-lib-pt-10 
Move to stdlib and extend the models for `fmt` package
 2020-09-21 22:10:56 +01:00
Chris Smowton
397282f41a Add models for the Echo framework 2020-09-21 17:35:40 +01:00
Chris Smowton
bdb3e54299 Add tests for stdlib-http fields that aren't supposed to cause open-redirect alerts 2020-09-21 16:26:46 +01:00
Slavomir
dedeb7bbf1 Add taint-tracking for container/ring package 2020-09-21 12:34:00 +02:00
Slavomir
75e3ee6e77 Add taint-tracking for container/list package 2020-09-21 12:32:39 +02:00
Slavomir
4ecf9b0f6b Add taint-tracking for container/heap package 2020-09-21 12:30:47 +02:00
Slavomir
a7dba54001 Merge branch 'standard-lib-pt-15' into from-331-to-337 2020-09-20 18:25:29 +02:00