hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-04 22:56:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,418 Commits 1,699 Branches 161 Tags
eff94ef91f86587b46dc4ecbf9dbdfb1b4805a8f
Commit Graph

83418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
REDMOND\brodes
eff94ef91f Crypto: To allow for graph generation to have properties informed by assessments, altering a few queries weak/vuln/bad crypto to have qll files that can be accessed for other purposes, like graph generation. Also altering weak symmetric cipher to look for non-aes algorithms to be more comprehensive. 2025-10-20 15:51:07 -04:00
REDMOND\brodes
cc436e897d Merge branch 'santander-java-crypto-check' of https://github.com/bdrodes/codeql into santander-java-crypto-check 2025-10-20 15:24:40 -04:00
REDMOND\brodes
354effe829 Crypto: Missing hash algorithms for HMAC operations in jca. 2025-10-20 15:24:18 -04:00
Ben Rodes
2b683c210f Merge branch 'main' into santander-java-crypto-check 2025-10-18 17:56:43 -04:00
REDMOND\brodes
c01c060476 Crypto: more ID renaming to include "examples", fix singleton issues with ql-for-ql, use formatted test for WeakAsymmetricKeyGenSize (add post processing in the qlref), misc expected files updated (test passed locally but on rerun vscode reports failures, known bug with vscode unit tests). 2025-10-17 14:13:53 -04:00
REDMOND\brodes
540daa6df2 Crypto: weak symmetric cipher tests. 2025-10-17 13:40:15 -04:00
REDMOND\brodes
b06e05362b Crypto: altering all query IDs in examples to have "examples" in the ID, to make clear the query is not intended for production. 2025-10-17 13:39:50 -04:00
REDMOND\brodes
1b205d8673 Removing WeakRSA, this is redundant with weak asymmetric key size. 2025-10-17 13:39:05 -04:00
REDMOND\brodes
b4ecb91c83 Crypto: Add missing cipher algorithms to JCA. Update node tests to account for missing cipher algorithms. 2025-10-17 13:38:47 -04:00
REDMOND\brodes
f480d90a68 Crypto: Add missing block mode JCA Models, add block mode unit tests 2025-10-17 13:13:14 -04:00
REDMOND\brodes
e12734162f Crypto: WeakKDFKeySize tests. 2025-10-17 12:32:24 -04:00
REDMOND\brodes
628bab92fc Crypto: Modify BadMacOrderMacOnEncryptPlaintext to be a path query that traces through any intermediate encrypt or mac to the final encrypt or mac. 2025-10-17 12:06:34 -04:00
REDMOND\brodes
ff7840dc9f Crypto: removing precision tags on experimental queries. 2025-10-17 10:52:32 -04:00
Owen Mansel-Chan
66f95bcbcd Merge pull request #20603 from owen-mc/update-broken-algo-qhelp 
Many languages: Update broken algo qhelp
 2025-10-17 12:30:43 +01:00
REDMOND\brodes
ef6f0222f2 Crypto: Addressing FPs in BadMacOrderMacOnEncryptPlaintext 2025-10-16 16:11:42 -04:00
REDMOND\brodes
5923e5cbb0 Crypto: Bad expected files in last push. 2025-10-16 15:45:27 -04:00
REDMOND\brodes
700f34e53a Crypto: Bad Mac use tests, and fix for BadMacOrderMacOnEncryptPlaintext (barriers were blocking flow through an encrypt to a subsequent mac on the same plaintext) 2025-10-16 15:44:57 -04:00
REDMOND\brodes
b9b0037e07 Crypto: Comment todo for observed missing modeled case. Tests for weak and unknown KDF iteration count. 2025-10-16 14:07:45 -04:00
REDMOND\brodes
3f36b09b3c Crypto: Rename tests for weak asymmetric key gen size. 2025-10-16 11:18:36 -04:00
REDMOND\brodes
a64a24d25d Crypto: Comment in Language.qll 2025-10-16 11:03:49 -04:00
REDMOND\brodes
79ccef3a58 Crypto: Initial sketch for unknown hash, the model needs to recognize unknowns but where the algorithm category (e.g., hashing) is known. 2025-10-16 11:03:16 -04:00
REDMOND\brodes
d2598d4f5d Crypto: Updating weak hash tests 2025-10-16 10:56:08 -04:00
REDMOND\brodes
4860034d41 Crypto: Weak Hash test cases update and expected file. 2025-10-16 10:40:53 -04:00
Nora Dimitrijević
e120e5c3ba Merge pull request #20337 from d10c/d10c/python-overlay-compilation-plus-extractor 
Python: enable overlay compilation + extractor overlay support
 2025-10-16 14:49:01 +02:00
Geoffrey White
75a34a4881 Merge pull request #20631 from geoffw0/mysql 
Rust: Model mysql and mysql_async query sinks
 2025-10-16 11:42:33 +01:00
Geoffrey White
1936abaaee Merge pull request #20650 from geoffw0/mv2 
Rust: Rename stdlib model files to be consistent with others.
 2025-10-16 08:47:47 +01:00
Simon Friis Vindum
744b11e421 Merge pull request #20543 from paldepind/rust/model-actix-web 
Rust: Add models for actix-web
 2025-10-16 08:48:06 +02:00
REDMOND\brodes
25599e9b4b crypto: Update JCA model macs to take into consideration update calls (use prior pattern for signatures). Misc. bug fixes. 2025-10-15 16:25:36 -04:00
REDMOND\brodes
15e266db94 Crypto: Tweaks to bad crypto ordering queries. 2025-10-15 14:20:40 -04:00
REDMOND\brodes
9a6aac1300 Crypto: To get unreferenced parameters as general sources for Java, I've included the caveat that if a function is called, all the calls appear to be in test files. 2025-10-15 14:20:16 -04:00
REDMOND\brodes
c6174fbb93 Crypto: remove precision tag 2025-10-15 14:10:16 -04:00
Geoffrey White
072eca233d Rust: Update consistency check .expected. 2025-10-15 16:50:47 +01:00
Geoffrey White
f4a6efa9e0 Rust: Rename stdlib model files to be consistent with others. 2025-10-15 16:02:42 +01:00
REDMOND\brodes
631e482fd6 Crytpo: when key encapsulation or cipher operations have multiple modes at a node, the node name must reflect that it may be any mode. 2025-10-15 11:01:49 -04:00
Geoffrey White
48ca04bc40 Rust: Repair test annotations following format and accept .expected changes. 2025-10-15 15:00:28 +01:00
Geoffrey White
28c139abfb Rust: Format the test. 2025-10-15 14:42:12 +01:00
Geoffrey White
5544dfff6d Update rust/ql/test/query-tests/security/CWE-089/mysql.rs 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-10-15 14:31:10 +01:00
REDMOND\brodes
c7be23e1fe Crypto: Remove all precision tags from all experimental queries. Precision is largely in flux while the models are being developed. 2025-10-15 09:22:04 -04:00
REDMOND\brodes
bf9a249624 Crypto: Experimental queries for mac ordering 2025-10-15 08:06:50 -04:00
REDMOND\brodes
ee08385e31 Crytpo: Update JCA keyagreement to type conversion, XDH is a type of ECDH. 2025-10-15 08:06:19 -04:00
Jeroen Ketema
129c8bf2e0 Merge pull request #20639 from jketema/swift-trace 
Swift: Make tracer config handle resource-dirs passed to clang
 2025-10-15 13:16:15 +02:00
Joe Farebrother
f57526eedc Merge pull request #20572 from joefarebrother/java-httponly-cookie-promote 
Java: Promote Sensitive Cookie without HttpOnly query from experimental
 2025-10-15 10:28:40 +01:00
Jeroen Ketema
9fc8faa048 Swift: Address review comments 2025-10-15 10:09:13 +02:00
Napalys Klicius
7bf677d056 Merge pull request #20644 from Napalys/napalys/remove_quality_syntax_err 
JS: remove quality tag from SyntaxError query
 2025-10-15 09:45:02 +02:00
Napalys Klicius
45e8164f14 JS: remove quality tag from SyntaxError query 2025-10-15 09:07:11 +02:00
Joe Farebrother
e95e1a0386 Update integration test 2025-10-14 16:27:28 +01:00
Joe Farebrother
d8b37d0cde Review suggestions - update comments and description 2025-10-14 16:03:40 +01:00
Henry Mercer
c2309a9aca Merge pull request #20638 from github/post-release-prep/codeql-cli-2.23.3 
Post-release preparation for codeql-cli-2.23.3
 2025-10-14 13:03:22 +01:00
Jeroen Ketema
b6b3767460 Swift: Make tracer config handle resource-dirs passed to clang 2025-10-14 13:50:36 +02:00
Anders Schack-Mulligen
da0b168b2e Merge pull request #20627 from hvitved/csharp/property-descriptor-get-value-neutral 
C#: Add neutral model for `System.ComponentModel.PropertyDescriptor.GetValue`
 2025-10-14 13:31:40 +02:00