hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 20:26:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,886 Commits 1,672 Branches 157 Tags
eda25bb402cabd243b71f5f429b5ecdd420965fc
Commit Graph

2509 Commits

Author SHA1 Message Date
Ian Lynagh
f0bec74ce3 python: Correct the ReturnValueIgnored.qhelp docs 2021-05-26 17:40:57 +01:00
Rasmus Wriedt Larsen
f807c2f52b Python: autoformat 2021-05-26 11:07:48 +02:00
Rasmus Wriedt Larsen
d5f2846394 Merge branch 'main' into jorgectf/python/ldapInjection 2021-05-26 11:01:48 +02:00
Rasmus Wriedt Larsen
35793a10bb Merge pull request #5889 from japroc/python-clickhouse-driver 
Python: Implement module ClickHouseDriver.qll
 2021-05-25 14:25:28 +02:00
jorgectf
37d6ff76a3 Update tests and .expected 2021-05-21 17:47:53 +02:00
Jorge
9e9678b3ca Apply documentation suggestions 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-05-21 16:17:39 +02:00
Rasmus Wriedt Larsen
0292ca6b67 Merge pull request #5880 from tausbn/python-limit-builtins 
Python: Limit set of globals that may be built-ins
 2021-05-20 14:47:22 +02:00
Tom Hvitved
2a7ceb2e19 Merge pull request #5928 from hvitved/python/type-tracker-split 
Python: Split up `(small)step` into intra/interprocedural predicates
 2021-05-20 14:13:44 +02:00
Tom Hvitved
1fc95a68ca Python: Add more type tracking QL doc 2021-05-20 13:47:23 +02:00
Taus
c4bb3c27e0 Python: Update python/ql/src/semmle/python/ApiGraphs.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-05-20 13:14:09 +02:00
CodeQL CI
17afbdf258 Merge pull request #5635 from RasmusWL/port-weak-crypto-algorithm 
Approved by yoff
 2021-05-20 01:22:32 -07:00
Tom Hvitved
f63c1d2383 Python: Split up (small)step into intra/interprocedural predicates 2021-05-19 19:59:25 +02:00
Rasmus Wriedt Larsen
753dca91b1 Python: weak-crypto: Make algorithm selection less brittle 
As discussed in https://github.com/github/codeql/pull/5635#discussion_r633477154
 2021-05-19 17:47:09 +02:00
Rasmus Wriedt Larsen
22d4d7956a Python: Fix typo in QLDoc 2021-05-19 17:47:05 +02:00
Rasmus Wriedt Larsen
8d1e7da851 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-05-19 17:42:46 +02:00
Taus
75a43e76e8 Python: Address review comments. 
- Removes the version check on the set of built-in names.
- Renames the predicate used to represent said set.
- Documents how these lists of names were obtained.
- Gets rid of a superfluous import.
 2021-05-19 11:54:47 +00:00
CodeQL CI
23e8092452 Merge pull request #5864 from RasmusWL/some-framework-modeling 
Approved by tausbn
 2021-05-19 02:31:06 -07:00
yoff
60da193620 Update python/ql/src/semmle/python/frameworks/Cryptodome.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-05-19 08:08:59 +02:00
Evgenii Protsenko
af75d85b2e ClickHouseSQLInjection.qll : add tests 2021-05-18 22:49:11 +03:00
Rasmus Wriedt Larsen
97fadd9970 Merge branch 'main' into port-weak-crypto-algorithm 2021-05-18 14:04:18 +02:00
Rasmus Wriedt Larsen
6c755024ac Python: Refactor code, inline some type-tracking 2021-05-18 14:03:36 +02:00
Rasmus Wriedt Larsen
770429fd68 Python: Autoformat 2021-05-18 14:02:46 +02:00
Rasmus Wriedt Larsen
9156316b14 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-05-18 11:53:11 +02:00
Rasmus Wriedt Larsen
0ade23ab2a Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-05-18 11:49:59 +02:00
CodeQL CI
12b1bbe484 Merge pull request #5897 from erik-krogh/uid 
Approved by RasmusWL, esbena
 2021-05-17 06:01:04 -07:00
Robin Neatherway
f378513ea3 Add lines-of-code tags 
This is a proposed method for advertising which queries are measuring
the lines of code in a project in a more robust manner than inspecting
the rule id.

Note that the python "LinesOfUserCode" query should _not_ have this
property, as otherwise the results of the two queries will be summed.
 2021-05-14 11:20:43 +01:00
Erik Krogh Kristensen
9d60ec035f fix casing on the uid regexp 2021-05-13 23:04:30 +02:00
Erik Krogh Kristensen
662e335424 keep python in sync 2021-05-13 22:54:39 +02:00
Taus
79cfe5aca2 Python: Limit py/use-of-input to Python 2 2021-05-12 21:23:16 +00:00
Taus
fad55b3635 Python: Reimplement py/use-of-input 2021-05-12 21:09:51 +00:00
Evgenii Protsenko
470e3eb089 [python] ClickHouseDriver.qll: add support for subclasses 2021-05-13 00:03:53 +03:00
Evgenii Protsenko
2efa0ad105 [C++] Implement module ClickHouseDriver.qll 2021-05-12 22:36:24 +03:00
Taus
ff2b6b9737 Python: Correctly locate stores to built-ins 2021-05-12 18:07:18 +00:00
Taus
3d30efed11 Python: Add exec as a shared built-in 
This is _slightly_ wrong, since `exec` isn't a built-in function in
Python 2. It should be harmless, however, since `exec` is a keyword,
and so cannot be redefined anyway.
 2021-05-12 11:07:16 +00:00
Taus
5c7e73d485 Python: Add exception types 2021-05-12 09:53:09 +00:00
Taus
07a70af344 Python: Limit set of globals that may be built-ins 
I am very tempted to leave out the constants, or at the very least
`False`, `True`, and `None`, as these have _many_ occurrences in the
average codebase, and are not terribly useful at the API-graph level.

If we really do want to capture "nodes that refer to such and such
constant", then I think a better solution would be to create classes
extending `DataFlow::Node` to facilitate this.
 2021-05-12 08:19:35 +00:00
Anders Schack-Mulligen
74ae2e0857 Merge pull request #5773 from hvitved/dataflow/aggressive-caching 
Data flow: Cache most language-dependent predicates
 2021-05-12 09:41:55 +02:00
Tom Hvitved
d66506b0a3 Data flow: Rename {Argument,Parameter}NodeExt to {Arg,Param}Node 2021-05-11 14:40:10 +02:00
yoff
0e5a2c4573 Merge pull request #5442 from jorgectf/jorgectf/python/redos 
Python: Add Regular Expression Injection query
 2021-05-11 12:11:35 +02:00
yoff
549c9eee1a Merge pull request #5739 from RasmusWL/share-sensitive-data-modeling 
Python/JS: Share sensitive data modeling
 2021-05-11 11:53:59 +02:00
Rasmus Wriedt Larsen
c2a6b811fc Python: Add modeling of ujson PyPI package 
The problem with `tainted_filelike` not having taint, is that in the call

`ujson.dump(tainted_obj, tainted_filelike)`

there is no PostUpdateNote for `tainted_filelike` :( The reason is that
points-to is not able to resolve the call, so none of the clauses in
`argumentPreUpdateNode` matches

See 08731fc6cf/python/ql/src/semmle/python/dataflow/new/internal/DataFlowPrivate.qll (L101-L111)

Let's deal with that issue in an other PR though
 2021-05-10 15:10:31 +02:00
Rasmus Wriedt Larsen
72d08f4d6e Python: Model json load/dump 2021-05-10 15:10:30 +02:00
Rasmus Wriedt Larsen
63f28d7d9b Python: Model keyword args to json loads/dumps 2021-05-10 15:10:29 +02:00
Rasmus Wriedt Larsen
3fe9a3d933 Python: Add modeling of simplejson PyPI package 
I noticed that we don't handle PostUpdateNote very well in the concept tests,
for exmaple for `json.dump(...)` there _should_ have been an `encodeOutput` as
part of the inline expectations.

I'll work on fixing that up in a separate PR, to keep things clean.
 2021-05-10 15:10:27 +02:00
yoff
78370cf63f Update python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll 2021-05-10 14:53:40 +02:00
Rasmus Wriedt Larsen
8afdf26540 Python: Add modeling of idna PyPI package 2021-05-10 11:47:11 +02:00
Rasmus Wriedt Larsen
7ed20a8b2c Python: Add reminder to update docs for new frameworks 2021-05-10 10:55:21 +02:00
jorgectf
8665747316 Update sink and sanitizer to match new naming 2021-05-08 18:08:50 +02:00
jorgectf
2ad72ad693 Add LDAP framework entry in Frameworks.qll 2021-05-07 22:16:12 +02:00
jorgectf
6159fbea2b Update functions naming 2021-05-07 22:15:51 +02:00