hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-26 03:43:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,692 Branches 161 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yoff
ae9f58489d Merge pull request #4159 from RasmusWL/python-port-dataflow-tests 
Python: port dataflow tests
 2020-09-07 09:54:12 +02:00
Tom Hvitved
14567f5314 C#: Support wild-cards in file patterns 
Implements the specification at https://wiki.semmle.com/display/SDmaster/project-layout+format
by compiling file path specifications to regular expressions.
 2020-09-07 09:03:56 +02:00
Mathias Vorreiter Pedersen
b3d18ef610 C++: Add cases for conditional and comma operator in AV RUle 82 2020-09-07 08:59:08 +02:00
Slavomir
25e3f75ddc Add taint-tracking for mime/quotedprintable package. 2020-09-06 17:45:09 +02:00
Slavomir
99b251d4f0 Add taint-tracking for mime/multipart 2020-09-06 17:42:57 +02:00
Slavomir
c44d426794 Add taint-tracking for mime package. 2020-09-06 17:39:41 +02:00
Slavomir
3b2e16e292 Move text/template classes to TextTemplate module inside stdlib. 2020-09-06 17:32:34 +02:00
Slavomir
0d5c7e3132 Add taint-tracking for text/template template. 2020-09-06 17:32:34 +02:00
Slavomir
db0b09beb4 Add taint-tracking for text/tabwriter package. 2020-09-06 17:32:34 +02:00
Slavomir
4df363d2ce Add taint-tracking for text/scanner package. 2020-09-06 17:32:34 +02:00
Mathias Vorreiter Pedersen
a5ac8ebc2f C++: Don't import internals. 2020-09-05 11:47:22 +02:00
Robert Marsh
4be138d790 C++: Improve performance of getExplicitlyConverted 2020-09-04 14:17:56 -07:00
Mathias Vorreiter Pedersen
a4890ef99c C++: Add annotations describing whether the flow is an instance of field-to-object flow 2020-09-04 18:32:28 +02:00
Mathias Vorreiter Pedersen
cfd606a4e0 Merge branch 'main' into alternative-instruction-operand-flow 2020-09-04 18:26:38 +02:00
Chris Smowton
cfba0896f0 Improve code style 
No behavioural changes
 2020-09-04 17:05:32 +01:00
Mathias Vorreiter Pedersen
208b85c7fc Merge branch 'main' into mathiasvp/read-step-without-memory-operands 2020-09-04 18:04:15 +02:00
Chris Smowton
fb85ccb2a5 Look through implicit deref operations when propagating taint down a chain of field- and element-access instructions. 
This enables us to use PostUpdateNode properly. Also introduce a test showing a case where this doesn't work, because the underlying variable doesn't have a post-update node.
 2020-09-04 17:03:52 +01:00
Chris Smowton
3635d7d007 Introduce and use writeComponent 2020-09-04 17:03:52 +01:00
Chris Smowton
2a863fbbe7 Abbreviate protobuf package names 2020-09-04 17:03:52 +01:00
Chris Smowton
18ed6bd1ee Add missing qldoc 2020-09-04 17:03:52 +01:00
Chris Smowton
90915284ba Move getUnderlyingNode into Protobuf.qll 
This is its only user for now.
 2020-09-04 17:03:52 +01:00
Chris Smowton
59f9c6073d Introduce instruction type for component access 
This is the union of a field-access and an element-access instruction
 2020-09-04 17:03:52 +01:00
Chris Smowton
455cf0c502 Add support and tests for protobuf messages with map fields 2020-09-04 17:03:52 +01:00
Chris Smowton
b2d4e2692f Taint underlying aggregates of protobuf messages when an element is written 
For example, writing to a[b].c[d] taints 'a'.
 2020-09-04 17:03:52 +01:00
Chris Smowton
3d82308e07 Introduce common base class for ElementReadNode and FieldReadNode 2020-09-04 17:03:52 +01:00
Jonas Jensen
eea893483d Merge pull request #4209 from geoffw0/taintbits 
C++: Fix a few remaining holes in taint through std::string
 2020-09-04 17:52:48 +02:00
Jonas Jensen
f92139d2b0 Merge pull request #4202 from geoffw0/localhidesparam 
C++: Improve handling of template functions in cpp/declaration-hides-parameter
 2020-09-04 17:52:35 +02:00
Mathias Vorreiter Pedersen
ed7e499b02 Merge branch 'main' into mathiasvp/read-step-without-memory-operands 2020-09-04 17:25:36 +02:00
Mathias Vorreiter Pedersen
c67951682a C++: Fix two bad join orders in readStep and storeStep. And use a min aggregate to guarentee that a FieldContent's toString has at most one result. 2020-09-04 17:12:30 +02:00
Taus Brock-Nannestad
266365d0b6 Python: Update strange-essaflow test 2020-09-04 16:38:59 +02:00
Taus Brock-Nannestad
260763a748 Python: Update consistency test results 2020-09-04 16:35:49 +02:00
Taus Brock-Nannestad
df1448cfb2 Merge branch 'main' into python-remove-spurious-global-flow 2020-09-04 16:28:03 +02:00
Chris Smowton
56f6e67671 Protobufs: improve comment and code style 
No functional changes
 2020-09-04 15:14:49 +01:00
Chris Smowton
65dc6272d1 Remove prototype tests 
I don't think we need these when we have the end-to-end taintFlows test.
 2020-09-04 15:14:49 +01:00
Chris Smowton
b639b6ec6a Remove redundant copies of the generated protoc output 2020-09-04 15:14:49 +01:00
Chris Smowton
8058d096d2 Model and test UnmarshalOptions.Unmarshal 
Support for UnmarshalOptions.UnmarshalState is dropped for now as too hard to model.
 2020-09-04 15:14:49 +01:00
Chris Smowton
c2ff2df403 Add test showing false-negative for MarshalState 2020-09-04 15:14:49 +01:00
Chris Smowton
42d6250b8d Add modern-API variants of tests 2020-09-04 15:14:49 +01:00
Chris Smowton
8682eb9dec Add tests showing imprecision of our current implementation 2020-09-04 15:14:49 +01:00
Chris Smowton
a832342ecb Add test for unmarshalling submessages 2020-09-04 15:14:49 +01:00
Chris Smowton
596204f79d Add (currently-failing) expectations for submessage tainting 2020-09-04 15:14:49 +01:00
Chris Smowton
c9296abe25 Restrict tainting from field-writes to Message types 2020-09-04 15:14:49 +01:00
Chris Smowton
95798590ce Implement MarshalState method 
Currently relies on blanket field-write propagation.
 2020-09-04 15:14:49 +01:00
Chris Smowton
c34fc3c9ad Add tests for MarshalAppend and MarshalState 
The MarshalState test doesn't work yet, because we don't know to read taint from the Message field of the input or write it to the Buf field of the output
 2020-09-04 15:14:49 +01:00
Chris Smowton
2ca6157836 Protobuf: support both legacy and modern APIs 2020-09-04 15:14:49 +01:00
Chris Smowton
df0238a352 Fix proto.Clone method 
This is top-level, not a member.
 2020-09-04 15:14:49 +01:00
Chris Smowton
e76c07d77b Temporarily taint all structs from field writes 
This should be either refined to just Message types, or else a macro taint step should be added conducting taint from field-write-of-argument to Marshal's result.

On the read-side we're currently fine: the bytes are tainted, so the object is tainted, so the field reads are tainted.
 2020-09-04 15:14:49 +01:00
Chris Smowton
19e1dacced WIP: add more (manual) protobuf models, and a test that checks various taint-flow cases 
Only some of the cases are currently working.
 2020-09-04 15:14:49 +01:00
Sauyon Lee
4ff325aa13 --wip-- [skip ci] 2020-09-04 15:14:49 +01:00
Geoffrey White
156a174cf4 C++: Add explanation. 2020-09-04 14:55:55 +01:00