hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,617 Commits 1,673 Branches 157 Tags
fd649c1702a11748d090321b69ff6160ed46e48c
Commit Graph

269 Commits

Author SHA1 Message Date
Geoffrey White
d7382053ca Merge branch 'main' into swifttodos 2023-05-09 10:06:45 +01:00
Geoffrey White
08b6755c55 Swift: Simplify hasActualResult. 2023-05-09 09:03:32 +01:00
Geoffrey White
e4382677c2 Merge branch 'main' into modernsec3 2023-05-05 13:07:01 +01:00
Geoffrey White
d92ecbb3cf Swift: Standardize on 'barrier' tover 'santerminology now we use ConfigSig dataflow. 2023-05-05 10:03:18 +01:00
Geoffrey White
9317174742 Swift: Improve the LibXML2 tests for XXE and remove the TODO comment. 2023-05-04 12:28:55 +01:00
Geoffrey White
a698f3fcb9 Merge branch 'main' into modernsec3 2023-05-02 17:35:08 +01:00
Geoffrey White
bb6aa11ce5 Swift: Additional test case. 2023-05-02 17:12:44 +01:00
Geoffrey White
ca50f1117e Swift: Hide locationless results in the inlineexpectations test (there's no way to make them expected). 2023-05-02 16:57:29 +01:00
Geoffrey White
664500d2e6 Swift: Fix member variable sinks in swift/hardcoded-key. 2023-05-02 11:26:21 +01:00
Geoffrey White
adbd2c467d Swift: Fix member variable sinks in swift/path-ionjection. 2023-05-02 11:26:20 +01:00
Anders Schack-Mulligen
9fe5462b1b Swift: Update more expected output. 2023-04-26 13:41:50 +02:00
Anders Schack-Mulligen
6b049cb37a Swift: Update expected output. 2023-04-26 13:15:39 +02:00
Geoffrey White
bfbd45a220 Swift: Fix CSV field sinks. 2023-04-20 18:14:34 +01:00
Geoffrey White
d317ad80e5 Swift: Convert to CSV sinks. 2023-04-20 17:53:00 +01:00
Geoffrey White
380bf21a38 Swift: Update InsecureTLSExtensions.ql sinks to not depend on AssignExpr. 2023-04-20 17:15:48 +01:00
Geoffrey White
c1a95d57bb Swift: Add some test cases. 2023-04-20 17:15:47 +01:00
Geoffrey White
a3c66b6032 Merge pull request #12833 from geoffw0/addmodels 
Swift: Add some sink models
 2023-04-19 14:18:29 +01:00
Geoffrey White
c7ea08aa73 Swift: Fix inline expectations. 2023-04-18 17:32:38 +01:00
Geoffrey White
619d572d50 Swift: Add RNCryptor hmacKey encryption-key sinks. 2023-04-14 14:58:15 +01:00
Geoffrey White
46da73cc11 Swift: Add realm path-injection sinks. 2023-04-14 14:50:50 +01:00
Geoffrey White
feccd307da Swift: Add realm encryption-key sinks. 2023-04-14 14:47:24 +01:00
Geoffrey White
bfdaf6951d Swift: Add some test cases. 2023-04-14 14:39:45 +01:00
Geoffrey White
21414089ee Swift: Test renaming and layout changes. 2023-04-14 14:39:32 +01:00
Geoffrey White
cdcee5cc75 Swift: Add high-level CryptoSwift sinks. 2023-04-11 19:59:43 +01:00
Geoffrey White
539f8f0f70 Swift: Add mid-level CryptoSwift sinks and prevent duplication that results. Overall this doesn't give us any new results in tests, but makes paths shorter, and in the real world I expect it to add reliability. 2023-04-11 19:54:55 +01:00
Geoffrey White
51a62b54ee Swift: Add low-level CryptoSwift sinks. 2023-04-11 19:54:48 +01:00
Geoffrey White
d299d92025 Swift: Prevent potentially misleading duplicate results. 2023-04-11 19:39:09 +01:00
Geoffrey White
4995f13234 Swift: Add tests for swift/weak-sensitive-data-hashing on CryptoSwift. 2023-04-11 18:46:38 +01:00
Jeroen Ketema
cb8568f6fd Swift: Rewrite PathInjection to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
a45f381ab9 Swift: Rewrite CleartextLogging to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
0ff607c930 Swift: Rewrite XXEQuery to use DataFlow::ConfigSig 2023-04-04 09:10:21 +02:00
Jeroen Ketema
70d0e987c4 Swift: Rewrite PredicateInjection to use DataFlow::ConfigSig 2023-04-03 16:19:30 +02:00
Geoffrey White
33b041242d Swift: Recognize Core Data + Realm sources via type aliases. 2023-03-31 10:44:01 +01:00
Geoffrey White
daa8141414 Swift: Add test case. 2023-03-30 16:16:40 +01:00
Geoffrey White
beb7d9d7a1 Swift: Test layout change. 2023-03-30 16:13:42 +01:00
Mathias Vorreiter Pedersen
e3e68b7753 Merge pull request #12642 from geoffw0/modernstring 
Swift: Modernize the swift/string-length-conflation query
 2023-03-29 14:55:40 +01:00
Geoffrey White
28998ccafe Merge pull request #12471 from geoffw0/dbsinks2 
Swift: Better sinks for swift/cleartext-storage-database
 2023-03-27 12:51:13 +01:00
Geoffrey White
9529bc5f09 Swift: The regressed test is not realistic, update it to be more like what really happens. 2023-03-23 10:52:58 +00:00
Geoffrey White
e266132f0a Swift: Replace sinks with (extendable) CSV. 2023-03-23 10:45:29 +00:00
Geoffrey White
879dea2984 Swift: Additional test cases. 2023-03-23 10:38:52 +00:00
Geoffrey White
a4e9d38abb Swift: Fix the test regression. 2023-03-22 16:44:29 +00:00
Geoffrey White
cbe5243c89 Swift: Accept test regressions. :( 2023-03-22 16:24:32 +00:00
Geoffrey White
1f8a165611 Swift: Add a couple of extra test cases. 2023-03-20 10:58:58 +00:00
Geoffrey White
170fde5bc0 Swift: Add some more test cases. 2023-03-16 12:53:06 +00:00
Geoffrey White
bfbd3d95f9 Swift: Clean up the result message. 2023-03-14 16:03:55 +00:00
Geoffrey White
ffa279e87b Swift: Add additional taint steps into fields. 
ed
 2023-03-09 17:17:42 +00:00
Geoffrey White
da338c26ba Swift: Add a few more test cases for sensitive data. 2023-03-09 11:39:22 +00:00
Geoffrey White
2d889304bb Swift: Some cases in the SqlInjection test are fixed by this. 2023-03-03 16:49:13 +00:00
Geoffrey White
417d175ff2 Merge branch 'main' into nsstring 2023-02-17 11:32:40 +00:00
Geoffrey White
c692a316b0 Swift: Add new results found in UncontrolledFormatString test. 2023-02-17 10:07:32 +00:00