hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-14 19:44:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,279 Commits 1,736 Branches 164 Tags
ee51298633a4313f52dfe65e275daa70a11464f6
Commit Graph

1279 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Harry Maclean
ee51298633 Model the Excon HTTP client 2021-09-23 16:32:15 +01:00
Harry Maclean
83705c5787 Merge pull request #306 from github/hmac-outgoing-http 
Model outgoing HTTP requests as remote flow sources
 2021-09-23 09:34:44 +01:00
Harry Maclean
5826f2c279 Move Net::HTTP modelling into http_clients module 
This seems a more convenient place to keep all the HTTP client
modelling.
 2021-09-23 09:04:20 +01:00
Harry Maclean
b658bacab3 Simplify Net::HTTP modelling 2021-09-23 09:04:01 +01:00
Harry Maclean
3000587849 Add Net::HTTP request modelling 2021-09-23 09:04:01 +01:00
Harry Maclean
2bdea01c8a Add HTTP::Client concept 2021-09-23 09:04:01 +01:00
Alex Ford
21e31a47d9 Merge pull request #283 from github/file-system-sources 
Start modelling some file system access concepts
 2021-09-22 16:45:13 +01:00
Alex Ford
b769aa67c2 test for IO.open as a way of creating an IO instance 2021-09-22 16:29:10 +01:00
Alex Ford
0092c0279b Apply suggestions from code review 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-09-22 14:28:15 +01:00
Alex Ford
70c2be8ca3 Files library tests 2021-09-21 19:08:03 +01:00
Alex Ford
05a04f4835 Files.qll library implementation 2021-09-21 19:07:55 +01:00
Alex Ford
6315621b16 use instanceof extensions for some filesystem concepts 2021-09-21 19:02:11 +01:00
Alex Ford
d1f2258d45 revamp weak file permissions query 2021-09-21 19:02:11 +01:00
Alex Ford
25300cb2b4 start modelling some file access concepts 2021-09-21 19:02:11 +01:00
Nick Rolfe
dd31473dff Merge pull request #301 from github/fix_source_archive 
Fix filenames in source archives
 2021-09-21 11:37:02 +01:00
Nick Rolfe
143256e673 Fix filenames in source archives 2021-09-20 22:17:45 +01:00
Nick Rolfe
c183e05c49 Merge pull request #300 from github/fix_tests 
Fix tests
 2021-09-20 16:19:40 +01:00
Nick Rolfe
d27f8a6d24 Add empty subpaths section to expected test output 2021-09-20 15:56:58 +01:00
Tom Hvitved
8aaabe8b1e Merge pull request #299 from github/hvitved/actions-reuse 
Add two 'composite' actions for reusing logic
 2021-09-20 15:55:28 +02:00
Nick Rolfe
6f7d4fef70 Merge pull request #287 from github/unsafe-deserialization 
rb/unsafe-deserialization query
 2021-09-20 14:23:30 +01:00
Nick Rolfe
8af12a164a Merge pull request #298 from github/trap_extension 
Fix trap extension for source files without extensions
 2021-09-20 14:23:01 +01:00
Tom Hvitved
e201dae672 Add two 'composite' actions for reusing logic 2021-09-20 14:52:02 +02:00
Nick Rolfe
c30c7b380d Replace if let with match. 2021-09-20 12:22:55 +01:00
Nick Rolfe
0936c4cd7b Fix trap extension for source files without extensions 
We were writing files with names like `Gemfile..trap.gz`. Now fixed to
`Gemfile.trap.gz`.
 2021-09-20 12:11:00 +01:00
Tom Hvitved
4bfbf62e13 Merge pull request #296 from github/hvitved/empty-location 
Extract a special empty location
 2021-09-20 13:05:27 +02:00
Tom Hvitved
1393dc9eb4 Update extractor/src/main.rs 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-09-20 12:50:24 +02:00
Harry Maclean
916b844557 Merge pull request #280 from github/hmac-cli-injection 
Add CLI Injection query
 2021-09-20 08:54:01 +01:00
Tom Hvitved
b2d0c60a02 Replace hasLocationInfo with getLocation in API::Node 2021-09-20 09:52:26 +02:00
Tom Hvitved
58d06715fc Extract a special empty location 2021-09-20 09:52:26 +02:00
Alex Ford
36289aa9d9 Merge pull request #255 from github/reflected-xss 
rb/reflected-xss query
 2021-09-17 18:32:48 +01:00
Harry Maclean
739661eb10 Test that KernelMethodCall is specific enough 
Calls to `UnknownModule.system`, where `UnknownModule` is a module that
we know nothing about, should not be identified as instances of
`KernelMethodCall`.
 2021-09-17 17:02:17 +01:00
Harry Maclean
64a8cedaa7 Generalise the concept of a Kernel method call 2021-09-17 17:02:17 +01:00
Harry Maclean
599dc28ffa Add another test for shell interpretation 2021-09-17 17:02:17 +01:00
Harry Maclean
f8359767bc Exclude non-shell interpreted args 
Update the CommandInjection query to only consider sinks where the
argument is interpreted by a shell. If the argument is passed directly
to a subprocess then it's not vulnerable to shell injection.
 2021-09-17 17:02:17 +01:00
Harry Maclean
c8e9a592f0 Update CLI injection tests 
Cover more cases, like sinks after (but not guarded by) barrier guards.
 2021-09-17 17:02:17 +01:00
Harry Maclean
d046fb0591 Separate open3 pipeline methods 
These have a slightly different structure than the other open3 methods.
 2021-09-17 17:02:17 +01:00
Harry Maclean
174ba25c66 Update SystemCommandExecution to new pattern 
The new pattern is to use the new instanceof keyword in the class
definition, instead of constraining the "superclass" via a member field.
 2021-09-17 17:02:17 +01:00
Harry Maclean
cbc14ccda9 Make KernelSystemCall more specific 
Test that calls to`system` on modules other than `Kernel` are excluded,
such as in this example:

    module Foo
      def self.system(*args); end
    end

    # This is not a call to Kernel.system
    Foo.system("bar")
 2021-09-17 17:02:17 +01:00
Harry Maclean
fb23a2e3bf Add SubshellHeredocExecution 
This is a form of command execution:

    result = <<`EOF`
    echo foo bar #{baz}
    EOF
 2021-09-17 17:02:17 +01:00
Harry Maclean
799ef4e4c9 Add barrier guards for CLI injection 2021-09-17 17:02:17 +01:00
Harry Maclean
4ecc78effc Kernel#system -> Kernel.system 2021-09-17 17:02:17 +01:00
Harry Maclean
8f65d78cb5 Add Shellwords.escape as CLI injection sanitizer 2021-09-17 17:02:17 +01:00
Harry Maclean
fe8fc0697b Add qhelp for CLI Injection query 2021-09-17 17:02:17 +01:00
Harry Maclean
4a0d7c528a Add top-level CLI injection query and tests 2021-09-17 17:02:17 +01:00
Harry Maclean
8440fe2ba9 Add CommandInjection dataflow config 2021-09-17 17:02:17 +01:00
Harry Maclean
a8f0bce1d1 Add SystemCommandExecution concept 
A SystemCommandExecution is a method call or builtin that executes a
system command, either directly or via a subshell.
 2021-09-17 17:02:17 +01:00
Nick Rolfe
3c05101961 Merge pull request #290 from github/extract_gemfile 
Automatically extract Gemfiles
 2021-09-17 16:42:30 +01:00
Nick Rolfe
3d23575a38 Merge pull request #292 from github/regexp_slash_az 
Don't parse `\A` and `\Z` as `RegExpConstant`
 2021-09-17 16:42:13 +01:00
Tom Hvitved
1fd91ab9bd Merge pull request #295 from github/hvitved/remove-numlines 
No longer create redundant `numlines` relation
 2021-09-16 13:21:20 +02:00
Tom Hvitved
464b50231b DB upgrade script 2021-09-16 12:57:32 +02:00