hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 23:02:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,697 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.0
Commit Graph

40697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tony Torralba
7ba5a032ce Add tests and stubs for the new sources and flow steps 2022-05-04 10:53:30 +02:00
Tony Torralba
b678467e9d Move things around 2022-05-04 10:53:30 +02:00
Tony Torralba
d68311e26d Consider implicit this accesses in WebViewRef 2022-05-04 10:53:30 +02:00
Tony Torralba
51dfebf4c9 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-05-04 10:53:29 +02:00
Tony Torralba
b9859fe165 Add change note 2022-05-04 10:53:29 +02:00
Tony Torralba
91bdb4299f Improvements to UnsafeAndroidAccess 2022-05-04 10:53:29 +02:00
Tony Torralba
b876431950 Merge pull request #8706 from luchua-bc/java/unsafe-get-resource 
Java: CWE-552 Add sources and sinks to to detect unsafe getResource calls in Java EE applications
 2022-05-04 10:12:28 +02:00
Tom Hvitved
74e99302d6 Address review comments 2022-05-04 09:57:59 +02:00
Tom Hvitved
ac3bfa1788 Data flow: Mention expectsContent in dataflow.md 2022-05-04 09:57:59 +02:00
Tom Hvitved
da72ba46d4 Data flow: Add stub expectsContent for all languages 2022-05-04 09:57:59 +02:00
Tom Hvitved
6e2e8440eb Data flow: Sync files 2022-05-04 09:57:59 +02:00
Tom Hvitved
a50f18ab50 Data flow: Introduce expectsContent 2022-05-04 09:57:58 +02:00
bananabr
2e2d4c6e1f updated tests to consider document.getSelection() 2022-05-03 21:03:35 -05:00
Erik Krogh Kristensen
ead978187d adjust the source-type for remote-flow from MaD 2022-05-03 22:53:41 +02:00
Robert Marsh
de68107a0e C++: restrict global variable IR generation 2022-05-03 16:50:53 -04:00
Erik Krogh Kristensen
8ffc05c84b count both named and positional arguments in the WithArity filter 2022-05-03 21:21:57 +02:00
Daniel Santos
880e3e1885 Update javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-05-03 11:38:32 -05:00
Daniel Santos
4cd6dcc4d0 Update javascript/ql/lib/change-notes/2022-04-30-xss-selection-source.md 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-05-03 11:37:45 -05:00
Daniel Santos
d52980573a Update javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-05-03 11:37:26 -05:00
Paolo Tranquilli
b7cdc4ae1f Swift: set @github/codeql-c as owner 2022-05-03 17:41:23 +02:00
Geoffrey White
5aa862acfd C++: Fixup after merge. 2022-05-03 16:12:42 +01:00
Geoffrey White
fd5b4dfff2 Merge branch 'main' into xxe4 2022-05-03 16:08:54 +01:00
Mathias Vorreiter Pedersen
b8fd07c0ac Merge pull request #9018 from geoffw0/xxe5 
C++: Support libxml2 in the XXE query
 2022-05-03 16:00:52 +01:00
Michael Nebel
b8ec2254e8 C#: Update unit tests (looks like new NFloat operator has been introduced). 2022-05-03 16:36:32 +02:00
Michael Nebel
94b046c554 C#: Upgrade dotnet to 6.0.202. 2022-05-03 16:36:32 +02:00
Joe Farebrother
f65f833b11 Merge pull request #9020 from joefarebrother/predictable-seed 
Java: Add CWE-377 tag to java/predictable-seed
 2022-05-03 15:13:58 +01:00
Tony Torralba
02822c6284 Merge pull request #9013 from atorralba/atorralba/private-externalflow-imports 
Java: Make more ExternalFlow imports private
 2022-05-03 16:02:09 +02:00
Owen Mansel-Chan
22ccbbaae8 Run go mod tidy -e if go.mod exists 2022-05-03 14:57:13 +01:00
Tony Torralba
cf55f180c4 Add change note 2022-05-03 15:46:17 +02:00
Tony Torralba
7b3a803d19 Add flow step from startActivity to getIntent 2022-05-03 15:46:17 +02:00
Tony Torralba
9c92454fa7 Merge pull request #8872 from atorralba/atorralba/android-widget-flowstep 
Java: Add Editable.toString flow step
 2022-05-03 15:27:52 +02:00
Joe Farebrother
61f13817cf Add change note 2022-05-03 14:27:47 +01:00
Geoffrey White
d5be11bf14 C++: Address review comments. 2022-05-03 14:08:19 +01:00
Rasmus Wriedt Larsen
a7b43f7356 Ruby: Accept changes to TypeTracker tests 
Since this is not using inline-expectation-tests, I'm not entirely sure
whether these changes are OK or not, so hope to get someone else to
signoff on that.
 2022-05-03 14:59:06 +02:00
Rasmus Wriedt Larsen
6cacf7b9a6 Ruby: isLocalSourceNode needs SynthReturnNode 2022-05-03 14:43:57 +02:00
Tony Torralba
fbceb8de57 Update java/ql/lib/semmle/code/java/frameworks/OkHttp.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-05-03 14:40:40 +02:00
Rasmus Wriedt Larsen
d012eaa892 Python: Clarify getArg is about positional arguments 2022-05-03 14:26:23 +02:00
Rasmus Wriedt Larsen
89c4b6c235 Ruby: Fix isLocalSourceNode implementation 
The old code was equivalent with the code below, which seems wrong

```
not n instanceof ExprNode
or
n instanceof ExprNode and
localFlowStepTypeTracker+(..., n)
```

From running on real DB I found that this meant that the following node
types were also included as local source nodes:

- `TReturningNode`
- `TSynthReturnNode`
- `TSummaryNode`
- `TSsaDefinitionNode`

My understanding is that the first 3 should not be included.

I would guess that SsaDefinitionNode should indeed be included as a
LocalSourceNode, but I'm not 100% sure, so I'll see what the test
results say before making further changes.
 2022-05-03 14:16:19 +02:00
Joe Farebrother
f7d0884db1 Java: Add cwe-377 tag to predictable-seed 2022-05-03 12:28:14 +01:00
Geoffrey White
42a78a27e0 C++: Fixup spacing in tests. 2022-05-03 11:48:03 +01:00
Paolo Tranquilli
c2be267feb Swift: enable dynamic mode 
Providing `--dynamic_mode=fully` (for example setting it in
`local.bazelrc`) will now work.

All runfiles are now copied in the extractor pack: in dynamic mode,
those will be the executable and the dynamic libraries, while in static
mode only the executable will be part of the runfiles.

Setting the correct `LD_LIBRARY_PATH` in `qltest.sh` then allows to
run tests with this pakcage. If we need something more, we can switch to
a wrapper script in place of `extractor` in the future.

Notice that `LD_LIBRARY_PATH` is also set in static mode, but that has
no consequence.
 2022-05-03 12:33:24 +02:00
yoff
56ed68b3eb Merge pull request #9001 from RasmusWL/files-refactoring 
Python: Flask: Improve `request.files` modeing
 2022-05-03 12:19:55 +02:00
Geoffrey White
9faa825304 C++: Add support for libxml2 in the query. 2022-05-03 11:19:13 +01:00
Tom Hvitved
e9c8f979f9 Data flow: Sync files 2022-05-03 11:46:51 +02:00
Tom Hvitved
2b4fde74bb Data flow: Speedup subpaths predicate 
Before
```
[2022-05-02 15:47:16] (1280s) Tuple counts for DataFlowImpl::Subpaths::subpaths#656de156#ffff/4@c5f3dclb after 3m22s:
                      8389013    ~4%     {5} r1 = JOIN DataFlowImpl::Subpaths::subpaths#656de156#ffff#shared WITH DataFlowImpl::PathNode::getASuccessor#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg', Lhs.1, Lhs.2, Lhs.3, Lhs.4 'out'
                      6689751    ~0%     {4} r2 = JOIN r1 WITH DataFlowImpl::Subpaths::subpaths03#656de156#ffffff_034512#join_rhs ON FIRST 4 OUTPUT Rhs.4, Lhs.4 'out', Lhs.0 'arg', Rhs.5 'ret'

                      1513839768 ~1%     {5} r3 = JOIN r2 WITH DataFlowImpl::PathNodeImpl::getNodeEx#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'out', Lhs.2 'arg', Lhs.3 'ret', Rhs.1 'par', Lhs.3 'ret'
                      1513839768 ~1%     {5} r4 = r3 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
                      1513839768 ~5%     {4} r5 = SCAN r4 OUTPUT In.1 'arg', In.3 'par', In.0 'out', In.4 'ret'

                      1513839768 ~2%     {4} r6 = JOIN r2 WITH DataFlowImpl::PathNodeImpl::getNodeEx#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.3 'ret', Lhs.1 'out', Lhs.2 'arg', Rhs.1 'par'
                      0          ~0%     {5} r7 = JOIN r6 WITH boundedFastTC(DataFlowImpl::Subpaths::localStepToHidden#656de156#ff_10#higher_order_body,DataFlowImpl::Subpaths::subpaths#656de156#ffff#higher_order_body) ON FIRST 1 OUTPUT Lhs.1 'out', Lhs.2 'arg', Lhs.0, Lhs.3 'par', Rhs.1 'ret'
                      0          ~0%     {5} r8 = r7 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
                      0          ~0%     {4} r9 = SCAN r8 OUTPUT In.1 'arg', In.3 'par', In.0 'out', In.4 'ret'

                      1513839768 ~5%     {4} r10 = r5 UNION r9
                      6689751    ~0%     {4} r11 = JOIN r10 WITH DataFlowImpl::PathNode::getASuccessor#dispred#f0820431#ff ON FIRST 2 OUTPUT Lhs.0 'arg', Lhs.1 'par', Lhs.3 'ret', Lhs.2 'out'
                                         return r11
```

After
```
[2022-05-03 11:44:10] (969s) Tuple counts for DataFlowImpl::Subpaths::subpaths#656de156#ffff/4@b26b969r after 11.8s:
                      8372525 ~0%     {3} r1 = JOIN DataFlowImpl::PathNode::getASuccessor#dispred#f0820431#ff_10#join_rhs WITH DataFlowImpl::PathNodeImpl::getNodeEx#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.1 'arg', Rhs.1, Rhs.0
                      6673799 ~6%     {9} r2 = JOIN r1 WITH DataFlowImpl::Subpaths::subpaths03#656de156#fffffffff ON FIRST 2 OUTPUT Rhs.3, Rhs.4, Rhs.5, Rhs.7, Rhs.6, Rhs.8, Lhs.2 'par', Lhs.0 'arg', Rhs.2 'ret'

                      6637884 ~0%     {5} r3 = JOIN r2 WITH project#DataFlowImpl::pathNode#656de156#ffffffff_1234560#join_rhs ON FIRST 6 OUTPUT Lhs.6 'par', Lhs.7 'arg', Lhs.8 'ret', Rhs.6 'out', Lhs.8 'ret'

                      6637884 ~0%     {4} r4 = JOIN r2 WITH project#DataFlowImpl::pathNode#656de156#ffffffff_1234560#join_rhs ON FIRST 6 OUTPUT Rhs.6 'out', Lhs.6 'par', Lhs.7 'arg', Lhs.8 'ret'

                      51867   ~0%     {5} r5 = JOIN r4 WITH DataFlowImpl::PathNodeMid::projectToSink#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.1 'par', Lhs.2 'arg', Lhs.3 'ret', Rhs.1 'out', Lhs.3 'ret'

                      6689751 ~0%     {5} r6 = r3 UNION r5
                      6689751 ~0%     {5} r7 = r6 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
                      6689751 ~0%     {4} r8 = SCAN r7 OUTPUT In.1 'arg', In.0 'par', In.4 'ret', In.3 'out'

                      6637884 ~0%     {4} r9 = JOIN r2 WITH project#DataFlowImpl::pathNode#656de156#ffffffff_1234560#join_rhs ON FIRST 6 OUTPUT Lhs.8 'ret', Lhs.6 'par', Lhs.7 'arg', Rhs.6 'out'

                      51867   ~0%     {4} r10 = JOIN r4 WITH DataFlowImpl::PathNodeMid::projectToSink#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.3 'ret', Lhs.1 'par', Lhs.2 'arg', Rhs.1 'out'

                      6689751 ~0%     {4} r11 = r9 UNION r10
                      0       ~0%     {5} r12 = JOIN r11 WITH boundedFastTC(DataFlowImpl::Subpaths::localStepToHidden#656de156#ff_10#higher_order_body,DataFlowImpl::Subpaths::subpaths#656de156#ffff#higher_order_body) ON FIRST 1 OUTPUT Lhs.1 'par', Lhs.2 'arg', Lhs.0, Lhs.3 'out', Rhs.1 'ret'
                      0       ~0%     {5} r13 = r12 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
                      0       ~0%     {4} r14 = SCAN r13 OUTPUT In.1 'arg', In.0 'par', In.4 'ret', In.3 'out'

                      6689751 ~0%     {4} r15 = r8 UNION r14
                                      return r15
```
 2022-05-03 11:45:28 +02:00
Anders Schack-Mulligen
249f771fad Merge pull request #8952 from cklin/fix-ql-comments-syntax 
Fix syntax errors in QL comments
 2022-05-03 11:15:56 +02:00
Jeroen Ketema
904ff1a569 Merge pull request #8943 from jbj/remove-gvn-imports 
C++: Remove import order workarounds
 2022-05-03 11:01:02 +02:00
Nick Rolfe
00bf352b50 Ruby: fix some flow summary join orders 
The flow summaries that are implemented with an abstract base class
restricting the method name, and child classes using that method name,
had unfortunate join orders:

r1 = JOIN Call::MethodCall::getMethodName#dispred#f0820431#ff WITH Call::MethodCall::getMethodName#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.0, (Lhs.1 ++ "_arg"), Rhs.1
 2022-05-03 09:58:40 +01:00
mc
58a2677cf7 Merge pull request #8860 from github/jf205-patch-1 
Fix broken link in analyzing-databases-with-the-codeql-cli.rst
 2022-05-03 09:56:49 +01:00
Mathias Vorreiter Pedersen
73886b1040 Merge pull request #8948 from geoffw0/xxe3 
C++: Add support for SAXParser to the CWE-611 XXE query.
 2022-05-03 09:42:10 +01:00