hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
767 Commits 1,684 Branches 159 Tags
f11b95658364dfd5531357e7531cac09615dfd89
Commit Graph

554 Commits

Author SHA1 Message Date
Owen Mansel-Chan
f11b956583 Add a superclass for literals (#172) 2020-06-11 19:53:40 +01:00
Owen Mansel-Chan
c891d22f74 Make ArrayTypeExpr and so on extend TypeExpr 
To avoid a recursive definition, need to replace ArrayTypeExpr with@arraytypeexpr and so on in isTypeExprBottomUp(Expr e).
 2020-06-11 11:06:15 +01:00
Max Schaefer
24e2a294ed Merge pull request #169 from max-schaefer/rc/1.24 
Merge rc/1.24 into master
 2020-06-11 09:15:28 +01:00
Max Schaefer
d8f1873635 Merge branch 'master' into rc/1.24 2020-06-11 08:10:22 +01:00
Owen Mansel-Chan
c30893aba7 Add AST class reference (#164) 2020-06-10 15:59:48 +01:00
Max Schaefer
1342d8688e Autoformat. 2020-06-09 17:38:18 +01:00
Max Schaefer
524b11b81a Merge pull request #163 from robertbrignull/more-suites 
Add more code-scanning suites
 2020-06-04 09:53:14 +01:00
Robert Brignull
9ee57374cb add more code-scanning suites 2020-06-01 10:58:49 +01:00
Max Schaefer
b37bdec66c Merge pull request #157 from owen-mc/isresult-consistency 
Make FunctionOutput.isResult(0) and CallNode.getResult(0) match single results
 2020-05-29 17:13:21 +01:00
Max Schaefer
2f7ff6b56c Merge pull request #162 from max-schaefer/open-url-redirect-formvalue 
Consider `Request.FormValue(...)` as a source for URL redirects.
 2020-05-29 15:56:50 +01:00
Max Schaefer
8f0592a079 Consider Request.FormValue(...) as a source for URL redirects. 
Despite its name, this method doesn't just handle form values but also query parameters.
 2020-05-29 15:03:05 +01:00
Owen Mansel-Chan
36fa2c29fa Simplify more code 2020-05-28 17:40:23 +01:00
Owen Mansel-Chan
65608a2912 Address review comments 2020-05-28 17:24:37 +01:00
Max Schaefer
e3501ddb44 Introduce more post-update nodes. 
To model (taint) flow through functions, we introduce post-update nodes for arguments (including receivers), but only if that argument is mutable.

However, previously our criterion for determining whether an argument is mutable was a little too restrictive. In particular, we would not consider a struct-typed argument as mutable, since structs are passed by value. While this is reasonable for data flow, it is unnecessarily restrictive for taint, since it makes perfect sense to track deep taint through structs.

So instead we now turn things round and instead consider _all_ types to be mutable except for primitive types (booleans, numbers, and strings).
 2020-05-28 15:33:09 +01:00
Max Schaefer
0dd7676bd8 Add another function-model test. 2020-05-28 15:31:00 +01:00
Owen Mansel-Chan
bbce7d1f05 Simplify existing code 2020-05-28 13:07:08 +01:00
Owen Mansel-Chan
1c5a4605d6 Add CallNode.getAResult() 2020-05-28 12:49:05 +01:00
Owen Mansel-Chan
1580591b73 Address review comments 2020-05-28 12:49:05 +01:00
Max Schaefer
e7095baa39 Fix nonHtmlContentType. 2020-05-27 16:52:11 +01:00
Owen Mansel-Chan
f0e1147551 Make CallNode.getResult(0) match single results 2020-05-27 10:24:09 +01:00
Owen Mansel-Chan
4be805966f Make FunctionOutput.isResult(0) match single results 2020-05-27 10:24:09 +01:00
Owen Mansel-Chan
ae2ed877ee Add tests for CallNode.getResult 2020-05-27 10:24:09 +01:00
Owen Mansel-Chan
53cfbcc255 Add tests for FunctionOutput.isResult 2020-05-27 10:24:03 +01:00
Max Schaefer
a59e754403 Data flow: Remove deprecated predicates. 
cf https://github.com/github/codeql/pull/3515
 2020-05-26 11:09:35 +01:00
Max Schaefer
4206408826 Merge pull request #153 from max-schaefer/cleanup-107 
More cleanup
 2020-05-22 13:18:46 +01:00
Max Schaefer
223d0dbf0b Fix missing </p> in qhelp. 2020-05-22 11:18:27 +01:00
Max Schaefer
bccf750e2e Sort go.qll alphabetically. 2020-05-22 11:12:31 +01:00
Max Schaefer
3c8fa02356 Regularise a few comments. 2020-05-22 11:11:58 +01:00
Max Schaefer
adc3ce8274 Extend documentation for package and use it in two more places. 
The predicate now works with an empty package path.

The way this is implemented is perhaps slightly non-obvious: the `($|/)\\Q" + path + "\\E"` part of the regular expression either matches the end of the string (and `path` must then be empty), or a slash followed by `path` (which may or may not be empty).

We do allow non-canonical import paths ending in `/`, which the compiler rejects. We could disallow that by putting a `(?!$)` assertion after the `/`, but that seems overkill.
 2020-05-22 11:11:58 +01:00
Max Schaefer
31c636fa55 Standardise on capitalisation WebSocket. 2020-05-22 11:11:58 +01:00
Max Schaefer
1d910a9622 Merge pull request #148 from owen-mc/syntax-examples-for-ast-classes 
Add syntax examples to  qldoc comments for AST classes
 2020-05-22 10:48:18 +01:00
Owen Mansel-Chan
df8bfab6d6 Address review comments 2020-05-22 10:06:23 +01:00
Owen Mansel-Chan
2c8e4a2b34 Add syntax examples to qldoc comments for AST classes 2020-05-22 09:28:50 +01:00
Max Schaefer
27cab43448 Merge pull request #151 from sauyon/remove-binary 
Remove accidentally committed binary
 2020-05-20 22:24:42 +01:00
Sauyon Lee
0b7eea7852 Remove accidentally added binary 2020-05-20 09:19:42 -07:00
Sauyon Lee
581a81ca1a Add missing licenses for websocket libraries 2020-05-20 09:16:38 -07:00
Sauyon Lee
92aad7ea1e Fix dependency stubs for websocket framework 2020-05-20 09:01:46 -07:00
Sauyon Lee
a2e2e260b2 Merge branch 'master' into WebsocketXss 2020-05-20 08:57:36 -07:00
Porcupiney Hairs
d1d4c2e492 Golang : Add WebSocket Read and Write Functions. 2020-05-20 20:48:43 +05:30
Max Schaefer
4a5b29e78f Add a missing qldoc comment. 2020-05-20 14:37:38 +01:00
Max Schaefer
ed3a06ea5d Autoformat QL. 2020-05-20 14:35:01 +01:00
Max Schaefer
b871f54e4d Fix frontend error in ql/test/query-tests/Security/CWE-079. 2020-05-20 14:34:36 +01:00
Max Schaefer
7773828347 Fix frontend errors in ql/test/library-tests/semmle/go/frameworks/Websocket. 2020-05-20 14:34:22 +01:00
Max Schaefer
7e314f037a Fix frontend errors in ql/test/library-tests/semmle/go/Packages. 2020-05-20 14:27:00 +01:00
Max Schaefer
806cfc7c5e Merge pull request #149 from max-schaefer/cleanup-130 
Clean up NoSQL library
 2020-05-20 13:55:54 +01:00
Max Schaefer
267416f61f Rename a predicate to clarify that it is MongoDB specific. 2020-05-20 10:08:49 +01:00
Max Schaefer
cc24a8879f Rewrite a taint step to make more idiomatic use of the data-flow library. 2020-05-20 10:05:43 +01:00
Max Schaefer
8cc76edee4 Rephrase a comment and split up some very long lines. 2020-05-20 10:05:26 +01:00
Max Schaefer
d7b82b2355 Rename a few modules and classes to reflect the fact that NoSQL queries are not usually strings. 2020-05-20 10:04:59 +01:00
Sauyon Lee
f2bbbe30e2 Stub WebSocket dependencies 2020-05-19 19:53:03 +05:30