hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-09 03:31:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,691 Branches 160 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Nebel
17219eff61 Merge pull request #7530 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-01-07 13:15:49 +01:00
Michael Nebel
929f6ca578 C#: Address review comments. 2022-01-07 10:26:33 +01:00
Michael Nebel
d3368dcc23 C#: Remove the LibraryTypeDataFlow file as the remaining code is dead. 2022-01-07 10:26:32 +01:00
Michael Nebel
9b47249f6a C#: Migrate the legacy clearContent flow summaries to the new framework. 2022-01-07 10:26:32 +01:00
Michael Nebel
fd317c2e7b C#: Move RecordConstructorFlow. 2022-01-07 10:26:32 +01:00
Michael Nebel
fb950848c7 C#: Remove unused case, when converting SummaryComponent stacks. 2022-01-07 10:26:32 +01:00
Michael Nebel
5a0e6ed8e6 C#: Remove unsued predicates in CallableFlowSource and subclasses. 2022-01-07 10:26:32 +01:00
Michael Nebel
19914aba89 C#: Remove CallableFlowSink. 2022-01-07 10:26:32 +01:00
Michael Nebel
ed4d09bc8b C#: Remove unneeded imports. 2022-01-07 10:26:32 +01:00
Michael Nebel
d042c4b3e4 C#: Remove unsused type,class and module AccessPath. 2022-01-07 10:26:32 +01:00
Michael Nebel
d5768bf4ed C#: Remove more empty predicates. 2022-01-07 10:26:31 +01:00
Michael Nebel
a6b79926b2 C#: Remove unused predicate toCallableFlowSink. 2022-01-07 10:26:31 +01:00
Michael Nebel
ecc9593f00 C#: Remove the unused predicate callable flow. 2022-01-07 10:26:31 +01:00
Michael Nebel
c52787c741 C#: Move the declaration of synthetic fields to where they are needed. 2022-01-07 10:26:31 +01:00
Michael Nebel
608aba7cff C#: Delete empty predicate requiresAccessPath. 2022-01-07 10:26:31 +01:00
Felicity Chapman
ad82523b91 Apply suggestions from code review 2022-01-07 08:49:37 +00:00
Felicity Chapman
95c9f89b04 Merge branch 'main' into patch-1 2022-01-07 08:49:13 +00:00
github-actions[bot]
efb1cd4f3b Add changed framework coverage reports 2022-01-07 00:10:30 +00:00
Erik Krogh Kristensen
9afd360731 QL: recognize dependecies of the form: libraryPathDependencies: library-name 2022-01-06 23:35:28 +01:00
Chris Smowton
6b4a50567a Merge pull request #659 from smowton/smowton/fix/path-transformer-use-realpath 
Path transformer: use fully resolved path
 2022-01-06 19:11:16 +00:00
Robert Marsh
c6da1f2be0 C++: re-add comment 2022-01-06 12:43:22 -05:00
Robert Marsh
355fc0ae63 C++: Use Guards library in Overflow.qll 
Replaces the ad-hoc guard handling with the Guards library. Fixes an
observed false positive pattern, and (hopefully) means some pragmas are
no longer necessary for performance.
 2022-01-06 12:15:37 -05:00
Robert Marsh
617bdbc5ba C++: test for guard-by-return in Overflow.qll 2022-01-06 12:15:37 -05:00
Robert Marsh
d5682f157a Merge pull request #7525 from MathiasVP/remove-rank-in-ssa-internals 
C++: Remove `rank` aggregate in `SsaInternals`
 2022-01-06 12:09:57 -05:00
Andrew Eisenberg
6d62227576 Merge pull request #7431 from aeisenberg/aeisenberg/solorigate-publish 
Solorigate: Extract to separate qlpack
 2022-01-06 08:53:32 -08:00
Mathias Vorreiter Pedersen
173cefd7e4 C++: Respond to PR reviews. 2022-01-06 15:39:40 +00:00
haby0
759ec31508 Delete shutil_path_injection.py file 2022-01-06 21:38:35 +08:00
Michael Nebel
b3cb250ece Merge pull request #7516 from michaelnebel/csharp/improve-csv-validation 
C#: Introduce Csv validation on kind.
 2022-01-06 14:31:26 +01:00
Michael Nebel
9cafab1b4c Merge pull request #7465 from michaelnebel/csharp-stringvalues-csv 
C#: Introduce flow summaries for StringValues.
 2022-01-06 14:30:29 +01:00
Rasmus Wriedt Larsen
3e1dcc3d11 Merge pull request #7518 from tausbn/python-extend-unreachable-statement-test 
Python: Extend unreachable statement test
 2022-01-06 14:07:29 +01:00
Mathias Vorreiter Pedersen
671954025d C++: Fix qldoc. 2022-01-06 11:02:15 +00:00
Asger F
c9fcdb8261 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-01-06 11:51:27 +01:00
Mathias Vorreiter Pedersen
2f42054f8f C++: Rename 'hasRankInBlock' to 'hasIndexInBlock' since it's not really a rank computation anymore. 2022-01-06 10:31:05 +00:00
Mathias Vorreiter Pedersen
fdb9fb588c C++: Remove the rank aggregate from 'SsaInternals.qll'. 2022-01-06 10:30:31 +00:00
haby0
05b0daa0b7 Add the test of shutil module in FileSystemAccess.py 2022-01-06 14:14:42 +08:00
Harry Maclean
43ddc54f2b Ruby: Add Module#const_get as a code execution 
Module#const_get takes a single string argument and interprets it as the
name of a constant. It then looks up the constant and returns its value.

    Object.const_get("Math::PI")
    # => 3.141592653589793

By itself, this method is not as dangerous as e.g. eval, but if the
value returned is a class that is then instantiated, this can allow an
attacker to instantiate arbitrary Ruby classes.

As a result, I think it's safe to say that any remote input flowing into
this call is a potential vulnerability. A real-world example of this is
https://github.com/advisories/GHSA-52p9-v744-mwjj.
 2022-01-06 13:03:41 +13:00
Tom Hvitved
ac9cac78bc Ruby: Fix typo 2022-01-06 12:27:03 +13:00
Tom Hvitved
c3fd272f9b Ruby: Simplify getValueText logic for StringlikeLiterals 2022-01-06 12:27:03 +13:00
Tom Hvitved
799ec23b0d Ruby: Generalize ExprChildMapping logic to AstNodes 2022-01-06 12:27:03 +13:00
Tom Hvitved
322f8356dd Ruby: Include StringComponents in the CFG 2022-01-06 12:27:03 +13:00
Tom Hvitved
301d0bbdf8 Ruby: Restructure test to avoid dead code 2022-01-06 12:27:03 +13:00
Harry Maclean
23f1352953 Add ReDoS test that uses string interpolation 
This exercises the support for resolving string interpolations, and is
based on a real vulnerability:

https://github.com/advisories/GHSA-jxhc-q857-3j6g)
 2022-01-06 12:27:03 +13:00
Harry Maclean
32c93e70e2 Include simple interpolations in getValueText 
When calculating `StringlikeLiteral.getValueText`, include results from
interpolations where we can determine their string value. For example:

    b = "b" # local variable
    D = "d" # constant

    "a#{b}c"     # getValueText() = "abc"
    "a#{b}c{D}"  # getValueText() = "abcd"
    /#a#{b}c{D}/ # getValueText() = "abcd"
 2022-01-06 12:27:03 +13:00
Harry Maclean
3df3fb092b Make room for new test code 
This change is split over several commits so it is easier to see.
This change adds some extra lines, which will be populated in the next
commit.
 2022-01-06 12:26:51 +13:00
Harry Maclean
b4b91e84a3 Ruby: Fix ConstantAccessCfgNode.getValueText 
The superclass definition uses SSA, which doesn't track constants.
 2022-01-06 12:25:19 +13:00
Andrew Eisenberg
0a2f23f6f9 Update pack references in solorigate tests 2022-01-05 10:37:15 -08:00
Taus
ea538a1ee8 Merge pull request #7416 from github/not-that-kind-of-experimental 
Remove experimental tag from non-ATM queries
 2022-01-05 18:08:15 +01:00
Taus
5d4db3af15 Python: Extend unreachable statement test 
Adds a test demostrating the false positive observed by andersfugmann.

Note that this does not change the `.expected` file, and so the tests
will fail. This is expected.
 2022-01-05 16:45:38 +00:00
Chris Smowton
e0a3ec85f3 Path transformer: use fully resolved path 
This makes source locations consistent between databases that do and don't use the `SEMMLE_PATH_TRANSFORMER` option in the case where the original source location isn't its own realpath (i.e, some parent directory is a symbolic link).
 2022-01-05 16:31:31 +00:00
Chris Smowton
749698759a Note that the %q format directive escapes newlines, and therefore prevents log injection 2022-01-05 16:04:20 +00:00