hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-21 10:24:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,789 Commits 1,684 Branches 158 Tags
ee382bb2ea0caee3a526ef210e67e7553cc7edb0
Commit Graph

9789 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
ee382bb2ea Python: Fix typo (reques => request) 2020-01-28 13:06:48 +01:00
Rasmus Wriedt Larsen
9bc72450a0 Python: Temporarily disable falcon HttpSinks test 
I will fix this in an other PR
 2020-01-28 13:06:48 +01:00
Rasmus Wriedt Larsen
9b2ca0c9c7 Python: Update web libraries to use HttpSources and HttpSinks 2020-01-28 13:06:48 +01:00
Rasmus Wriedt Larsen
2cdbae08b6 Python: Don't make duplicate sink for Tornado handler 
`self.write(...)` would be treated as *both* TornadoConnectionWrite and
TornadoHttpRequestHandlerWrite
 2020-01-28 13:06:48 +01:00
Rasmus Wriedt Larsen
effa4548ab Python: Add toString to TurboGears HttpResponseTaintSinks 
Naming these were a bit hard, but better than generic "Taint Sink"
 2020-01-28 13:06:48 +01:00
Rasmus Wriedt Larsen
6b87458c2e Python: Add explicit tests for HttpSources and HttpSinks 
Some of the tests currently fail, since they can't reproduce the old tests
results (since the sinks/sources defined in the library code are not
HttpResponseTaintSink/HttpRequestTaintSource)
 2020-01-28 13:06:48 +01:00
Rasmus Wriedt Larsen
b36a6aa5b5 Python: Remove unused variable from exists expression 2020-01-28 13:05:25 +01:00
Rasmus Wriedt Larsen
0a1c91fbb8 Python: Autoformat web tests QL files 2020-01-28 13:05:25 +01:00
semmle-qlci
5ab6457370 Merge pull request #2699 from asger-semmle/js/callback-doc-typo 
Approved by max-schaefer
 2020-01-28 11:00:49 +00:00
Jonas Jensen
23030aa324 Merge pull request #2706 from MathiasVP/ql-tests-taint-tracking 
Ql tests for virtual dispatch taint tracking
 2020-01-28 11:56:10 +01:00
Mathias Vorreiter Pedersen
611d9553dd C++: Fix formatting 2020-01-28 10:22:33 +01:00
Mathias Vorreiter Pedersen
130911ad44 C++: Accept new output in already existing test 2020-01-28 10:00:52 +01:00
Mathias Vorreiter Pedersen
fd79e7991d C++: Add tests demonstrating differences between AST virtual dispatch analysis and IR virtual dispatch analysis 2020-01-28 10:00:21 +01:00
yo-h
8c00671f24 Merge pull request #2698 from aschackmull/java/changenote-csrf-query 
Java: Add change note for java/spring-disabled-csrf-protection.
 2020-01-27 21:09:15 -05:00
Robert Marsh
a9bcc1dcc6 Merge pull request #2667 from dbartol/dbartol/NoEscape 
C++/C#: Make escape analysis unsound by default
 2020-01-27 19:17:33 -05:00
Robert Marsh
c7975e83a7 Merge pull request #2657 from jbj/DefaultTaintTracking-models 
C++: wire up models library to DefaultTaintTracking
 2020-01-27 17:41:54 -05:00
Dave Bartolomeo
7df3cf4c23 C++: Accept more test output after merge 2020-01-27 13:48:43 -07:00
Dave Bartolomeo
3b3502060b Merge remote-tracking branch 'upstream/master' into dbartol/NoEscape 2020-01-27 13:29:18 -07:00
Robert Marsh
79a72a3496 Merge pull request #2680 from geoffw0/modelstrndup 
CPP: Model strndup.
 2020-01-27 15:19:52 -05:00
Dave Bartolomeo
40952f85a9 C++: Accept test diffs 2020-01-27 10:31:18 -07:00
Robert Marsh
4d743d2bce Merge pull request #2692 from jbj/pure-string-read 
C++: Model that string functions read their buffer
 2020-01-27 11:40:03 -05:00
Anders Schack-Mulligen
3745388069 Merge pull request #2602 from chrisgavin/suspicious-date-format 
Java: Add a query for suspicious date format patterns.
 2020-01-27 16:29:48 +01:00
Geoffrey White
4778914154 CPP: Repair flow. 2020-01-27 14:08:03 +00:00
Geoffrey White
d9f6895602 CPP: 'sometimes copying' is considered data flow. 2020-01-27 14:07:39 +00:00
Jonas Jensen
0e3ed2dfa6 C++: Remove test for unrelated issue 
The issue for that test is being tested and fixed on PR #2686. Adding a
test here will cause a semantic merge conflict.
 2020-01-27 14:25:28 +01:00
Asger Feldthaus
3d567eb889 JS: Close an unterminated code block 2020-01-27 12:03:58 +00:00
Chris Gavin
484333b192 Java: Update help and description of java/suspicious-date-format. 2020-01-27 11:57:59 +00:00
Chris Gavin
0e8d435ca1 Java: Add a test for java/suspicious-date-format. 2020-01-27 11:57:59 +00:00
Chris Gavin
708890add3 Java: Add a change note for java/suspicious-date-format. 2020-01-27 11:57:56 +00:00
Chris Gavin
88146295f9 Java: Add a query for suspicious date format patterns. 2020-01-27 11:57:18 +00:00
Anders Schack-Mulligen
efe8981129 Java: Add change note for java/spring-disabled-csrf-protection. 2020-01-27 11:33:31 +01:00
Anders Schack-Mulligen
816a8d1f9e Merge pull request #2586 from ggolawski/spring_disable_csrf 
Add check for disabled CSRF protection in Spring
 2020-01-27 11:32:39 +01:00
Geoffrey White
2c7e2c4506 CPP: Not in std namespace. 2020-01-27 10:20:56 +00:00
Rasmus Wriedt Larsen
1ce77ff600 Merge pull request #2507 from tausbn/python-fix-infinite-tuple-tostring 
Python: Fix divergence in tuple `toString`.
 2020-01-27 11:14:44 +01:00
semmle-qlci
8a6de11268 Merge pull request #2689 from erik-krogh/LastEventEmitters 
Approved by esbena
 2020-01-27 08:55:33 +00:00
semmle-qlci
7d9956e3f3 Merge pull request #2675 from erik-krogh/WebSocket 
Approved by esbena
 2020-01-27 08:40:37 +00:00
Dave Bartolomeo
6988241b09 Merge from master 2020-01-26 16:38:48 -07:00
Dave Bartolomeo
708e83546f C++: Remove acceidentally added tests 2020-01-26 16:20:27 -07:00
Jonas Jensen
fb6ad5274f C++: Accept test changes 2020-01-24 22:28:20 +01:00
Robert Marsh
0180672dc0 Merge pull request #2687 from jbj/DefaultTaintTracking-asExpr 
C++: Use asExpr, not getConvertedResultExpression
 2020-01-24 15:42:58 -05:00
Taus Brock-Nannestad
3cebffe820 Python: Fix divergence in tuple toString. 
Our definition of `toString` for the internal tuple objects we create during the
points-to analysis may have been a _tad_ too ambitious. In particular, it can
easily lead to non-termination, e.g. using the following piece of code:

```python
x = ()
while True:
    x = (x, x)
```

This commit cuts off the infinite recursion by replacing _nested_ tuples with
the string "...". In particular this means even non-recursive tuples will be cut
off at that point, so that the following tuples

```python
(1, "2")
((3, 4), [5, 6])
(1, 2, 3, 4, 5)
```

Get the following string representations.

```
"(int 1, '2', )"
"(..., List, )"
"(int 1, int 2, int 3, 2 more...)"
```
 2020-01-24 17:08:56 +01:00
Mathias Vorreiter Pedersen
d26cf12c3a Merge pull request #2688 from geoffw0/move-taint-test 
C++: Add the security taint test (previously internal).
 2020-01-24 15:58:20 +01:00
Jonas Jensen
b290c7b47a C++: Model that string functions read their buffer 2020-01-24 15:53:38 +01:00
semmle-qlci
b3eada829a Merge pull request #2690 from erik-krogh/MoreEvents2 
Approved by asgerf
 2020-01-24 14:47:04 +00:00
Taus
5a2dfd40af Merge pull request #2639 from RasmusWL/python-improve-dict-taint 
Python: Improve tests for tainted collections
 2020-01-24 15:06:01 +01:00
Erik Krogh Kristensen
8492f6031f reuse existing type-tracking for classes 2020-01-24 13:36:32 +01:00
Anders Schack-Mulligen
98d527c44c Merge pull request #2685 from esbena/java/sharpen-maven-non-ssl 
java: sharpen java/maven/non-https-url to allow localhost URLs
 2020-01-24 13:19:26 +01:00
Erik Krogh Kristensen
0b55aed626 use the EventEmitter registration methods instead of just "on" 2020-01-24 13:06:00 +01:00
Erik Krogh Kristensen
148ec9aad0 fix typos 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-01-24 12:36:03 +01:00
Geoffrey White
af903fc30c C++: Add the security taint test (previously internal). 2020-01-24 11:28:51 +00:00